Hacker News new | past | comments | ask | show | jobs | submit login

Sorry, yes, I meant authorization. So you're saying to just effectively run a filter in the business layer based on allowed role/user/whatever. Seems pretty straightforward but I wonder if I'm missing something.



> run a filter in the business layer based on allowed role/user/whatever

Yup, this is the way I've seen it implemented everywhere so far.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: