I'm learning my way around Spring and I think I misunderstood if Spring Security can be used for this.
Scenario is as follows:
DB with tables items, users, user2item
guests may view all items, but not edit/delete/add
user1 has CRUD access to item_a_1, item_a_2, etc
user2 has CRUD access to item_b_1, item_b_2, etc
How may I implement granulary RBAC so that every user may only have CRUD functionality for their designated items? Is spring sec suitable? What may I use, aside from long prepared statements to fetch the entries based on db matches? It sounds clueless because i'm trying to avoid homebrew solutions here, and only sparingly used spring before.
Aucun commentaire:
Enregistrer un commentaire