Implement permissions checks on server back end.
- or -
Post a project like this947
$15/hr
- Posted:
- Proposals: 14
- Remote
- #3387329
- Awarded
Senior Developer / Solution Architect / Database Expert / System Integration specialist
Colombo
Certified Laravel Developer | PHP | VueJS | Wordpress | API | Logo | Responsive Design | Shopify
Karachi
Top rated PHP Web Development | WordPress | Magento | Drupal | OpenCart | PrestaShop | Joomla
Leicester
Mobile App Design & Development | Kotlin | Flutter | React Native | IONIC | Android | iOS | Web Dev | Angular | React | Node | UNITY 3D
Ahmedabad
PPH TOP Website & App Developer✮LOGO & Graphic Designer✮Content Writer✮Translator
Dubai
1742586260836884164105075422539532274804254911739128935214528621441063376776344939
Description
Experience Level: Entry
We have a single-page app for teaching undergraduate experimental psychology, in which there are a number of different user roles, such as student, instructor, administrator, etc. Each user can create objects, and specify who should be able to access them. Currently, this is all handled in the front-end when determining what to present to the users, but the back-end also needs to implement permission checks to ensure that a malicious user cannot obtain data that they should not have access to by constructing their own AJAX request. There are a couple of places in the back-end code where this is noted in a comment, and a warning is displayed to the console, but some additional design work is probably required to facilitate this task. Currently, every object has an owner id property, but that is all. One approach would be to create a new PermissionSpec object that would contain the sharing information for each object that has an instance as a property.
Jeff M.
100% (8)Projects Completed
4
Freelancers worked with
3
Projects awarded
80%
Last project
24 Jan 2022
United States
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies