*Users:*
- User1 is Executive of Company1
- User2 is Manager of Company1
- User3 is Executive of Company2
- User4 is Manager of Company2
- User5 is Executive of both Company1 & Company2
- User6 is Manager & Executive of Company2
- User7 is Manager of both Company1 & Company2
*API endpoint:* https://api.example.com/users/{id}
When I authenticate, the system already knows which company / companies I
belong to and what role(s) I have. Given that I have few rules.
*Rules:*
- Every employee can access his own company's data.
- Managers can access all Executive data.
- Executives can only access personal data.
- One person can belong to multiple companies. One person can have
multiple roles.
- Only the highest authorization counts if a person has two roles in a
company.
How can I implement it using Apache.
I found few modules in https://httpd.apache.org/docs/2.4/howto/auth.html
But not understanding, will i have to implement these logics in my app or
can i use these modules to solve this problem?
If this can be done using modules then please give me some sample config so
that i can work with it.
- User1 is Executive of Company1
- User2 is Manager of Company1
- User3 is Executive of Company2
- User4 is Manager of Company2
- User5 is Executive of both Company1 & Company2
- User6 is Manager & Executive of Company2
- User7 is Manager of both Company1 & Company2
*API endpoint:* https://api.example.com/users/{id}
When I authenticate, the system already knows which company / companies I
belong to and what role(s) I have. Given that I have few rules.
*Rules:*
- Every employee can access his own company's data.
- Managers can access all Executive data.
- Executives can only access personal data.
- One person can belong to multiple companies. One person can have
multiple roles.
- Only the highest authorization counts if a person has two roles in a
company.
How can I implement it using Apache.
I found few modules in https://httpd.apache.org/docs/2.4/howto/auth.html
But not understanding, will i have to implement these logics in my app or
can i use these modules to solve this problem?
If this can be done using modules then please give me some sample config so
that i can work with it.