This is due to this question , which seems to have asked some time ago. Implementing security in a project that adheres to the basic principles of domain-driven design. let me give an example
Banking system:
Use case: a new bank deposit is made and requires approval, as this is the first deposit
a. Clerk can authorize if deposit amount is <5000
b. A manager can be of two types: bank manager / account manager. ONLY Account Manager can allow any accounts with a deposit> 5000
My problems are as follows (true, if the care itself is correct)
- I donโt know where I should build this next logic - it will take care of checking whether the registered user has authorization to do certain things in order to take into account his heading - (in this case, Account manager). Authorization is a precedent, but the level of security seems to have close knowledge of the domain object.
- In general, authorization (not authentication). I know that role-based authentication will help, but the question of "where" is in which layer and call flow. Should the user interface layer cause any level of security, or will the domain level be checked for all possible combinations?
Please, help. This is very confusing.
Strike to find out if this expert notification
Greetings
Vjvrr source share