Answer the question
In order to leave comments, you need to log in
N
N
Nightmare0582021-09-16 00:09:22
Nightmare058, 2021-09-16 00:09:22
How to limit the rights to edit posts?
In general, the question is this: I want to restrict access to editing records in the database. Allow editing only to those users who created them and the admin.
I myself thought of only asking for the name of the current user and checking whether this is his entry or is it an admin.
Maybe there are some more correct solutions?
1 answer(s)
@azerphoenix
O
Orkhan Hasanli, 2021-09-16 @azerphoenix
Good afternoon!
You need to add entities like Role & Privilege.
Roles - ADMIN, USER, etc.
Privileges - READ_PRIVILEGE, WRITE_PRIVILEGE, etc.
Link - https://www.baeldung.com/role-and-privilege-for-sp...
And then the logic of the work is as follows:
If the user is an administrator, then most likely he should have all the necessary privileges. If it is a user and if the entry was created by him and if, for example, he has EDIT_PRIVILEGE, then he can edit the entry. If, for example, you have the role - moderator, then he will have the EDIT_PRIVILEGE privilege even if he is not the owner of the post, etc. Further logic is built based on your needs
Similar questions
P
A
E
A
D
DDwrt1002019-09-02 11:56:26
Who uses what to create reports in Doc, pdf, etc.. format in Spring?
1Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question