Provide access-based information restriction for projects home page - Githubissues

ranjithkumarravikumar52 / issue-tracker

spring boot, spring mvc, MySQL, H2 and thymeleaf issue tracker app

0 stars 0 forks source link

Provide access-based information restriction for projects home page #123

Closed ranjithkumarravikumar52 closed 5 years ago

ranjithkumarravikumar52 commented 5 years ago

Only current user's projects should be displayed
Provide tests for validation

ranjithkumarravikumar52 commented 5 years ago

Reasons

The whole point of doing this is to avoid calling all the records from the project table. Instead we should be calling only the project records where the current logged in user is working.
However, we should also plan for admin privileges too., where admin can access all the projects
Provide test-cases too with valid and invalid user using spring-security-test

Todo

Resources

baeldung get-user-in-spring-security