Open MadTiger2409 opened 1 year ago
Most logical move is to create a roles/access table/matrix in the database and use it to determinate if given user can perform certain actions. It will be also most flexible in term of future updates/modifications in this part of the system.
Roles can be marked as true/false in database with last field holding binary number calculated based on values from other fields. So every option will be 1/0.
Role name | Create | Read | Update | Delete | Sum |
---|---|---|---|---|---|
Admin | True | True | True | True | 1111 |
Member | True | True | False | False | 1100 |
Viewer | False | True | False | False | 0100 |
This way we can use Sum
in the Authorize
attribute (create a custom one). Sum
can be stored within JWT instead or alongside Role name
.
Please create roles in the system. The expected roles are administrator - full access to the system (before performing an analysis whether we need such an administrator) budget owner member of the budget
In the future, the given roles will differ in terms of the possibility of performing actions within the budget