GlennCavarle
commented
6 years ago Right now, an exception is thrown when a role does not exist. Maybe, we can be more "flexible" and just ignore undefined roles. What do you think ?
Closed GlennCavarle closed 6 years ago
GlennCavarle
commented
6 years ago Right now, an exception is thrown when a role does not exist. Maybe, we can be more "flexible" and just ignore undefined roles. What do you think ?
PapsOu
commented
6 years ago I think we must throw an exception if using an undefined role can produce an unexpected behavior. If dealing with a fake role does not expose sensitive features, we probably don't need to throw exception and failing silently (may be displaying a flash message, but the message itself won't be very clear for users)
Summary
The Front has to be compliant with the permission management provided by the backend. First, missing roles (user, super admin) have to be added in the role list. Finally, the permissions of each role have to be merged to provide multi-role management.