Hey reddit! I was hoping if someone could help me with this.So, I’ve been working with a personal project, and, it seems like, I’ve hit a roadblock with regards to security. Here’s a little background; it’s a mean stack-based application that is designed to have registered users. The users are associated with, say, a group and there are multiple levels of users (super user, admin & normal users). I used a hybrid of RBAC and restful rules to determine who gets to access what. Now, I’m stuck with a new problem.So, I’ve been working with a personal project, and, it seems like, I’ve hit a roadblock with regards to security. Here’s a little background; it’s a mean stack-based application that is designed to have registered users. The users are associated with, say, a group and there are multiple levels of users (super user, admin & normal users). I used a hybrid of RBAC and restful rules to determine who gets to access what. Now, I’m stuck with a new problem.Hey, Reddit! I was hoping if someone could help me with this. is that a user of group A cannot access the data of group B, and vice versa. How can I solve this? One possible solution would be to include am authenticator in each of the controller functions, but this is going to be too tedious. Is there an alternative to this?
Submitted December 16, 2019 at 08:04PM by the-ML-noob
No comments:
Post a Comment