For example, in the following figure: permission:member_info|member_add is added to the member routing group. If a user has one of these two permissions, the entire member routing can be accessed. Do we have to write them down on specific routes one by one? That's a lot. It doesn't feel that way. If it is not written in the specific route, how should this permission and route be bound? enter image description here
I don't know what to do at the moment, but I feel that it is unscientific to write on the route one by one.
Like the previous comparison url, the permission is the url, which is checked from the data table and compared with the current request url
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire