I'm working on a single page enterprise application with a pretty complex logic. There are several entity classes on the server side:
class User {
Long id;
}
class Node {
Long id;
String name;
Status status;
Node parent;
List<User> admins;
}
enum Status {
STATUS_1, STATUS_2
}
Entities are converted to JSON and send to client where are displayed in a tree-like structure, like this:
There are several restrictions:
-
Simple user that works with application can see tree of nodes, but can't change anything.
-
User can change node name if he is among
admins
of node or any of its parent nodes. -
Admins can also change status of node, from
STATUS_1
toSTATUS_2
, but only if all child nodes hasSTATUS_2
status. -
There is a list of super adminstrators that can do whatever they want: change properties of any node, change status as they want.
So somehow, during rendering of the tree on the client, I need to know what application user can or cannot do with each of the node on the page. I can't just assign user a role within a whole application because user rights vary from one node to another. Also I can't see whole picture on the client side because child nodes may be not loaded. How can I manage user rights and restrictions in situation like this? What's the proper way or pattern to use?
Aucun commentaire:
Enregistrer un commentaire