authorization: access based on user id and localpart + namespace
I am working on authorization module.Basically provide access to a web service based on the user id role.
Basically what I am suggesting to my team is if a user id is trying to invoke
a webservie with namespace xyz and localpart getName then check in the database if this mapping is there .That is the table should have
user id 1 has access to name space xyz and localpart getName
user id 1 has access to name space xyz and localpart getEmpAge
if a record exist then he has access that that endpoint method.
Please let me know if you guys think this is a bad approach or the table structure doesnt make sense.