You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the Authorizator component is stateful and is created from user information. This is not needed as the authorizator functions are pure (given an input their return always the same output and do not depend on state).
The best implementation would be one of the 2:
Singleton:
Instantiate a singleton authorizator that is passed around. This component accepts a logger or any other component needed to perform its actions. This authorizator singleton then has a function CheckPermission taking userInfo and operation as params. Do the same for CheckAccess.
Functions of the UserInfo struct:
Add functions to the userInfo struct directly such as HasAccess (checks tenant vs list of allowed_tenants) or HasPermission (checks list of permission vs an operation).
Option 2 seems more intuitive and removes the need for one more struct in the codebase but the logging will need to happen on every use case using it.
Option 1 encapsulates the logging.
The text was updated successfully, but these errors were encountered:
Currently the
Authorizator
component is stateful and is created from user information. This is not needed as the authorizator functions are pure (given an input their return always the same output and do not depend on state).The best implementation would be one of the 2:
Singleton:
CheckPermission
takinguserInfo
andoperation
as params. Do the same forCheckAccess
.Functions of the UserInfo struct:
HasAccess
(checks tenant vs list of allowed_tenants) orHasPermission
(checks list of permission vs an operation).Option 2 seems more intuitive and removes the need for one more struct in the codebase but the logging will need to happen on every use case using it.
Option 1 encapsulates the logging.
The text was updated successfully, but these errors were encountered: