Describe the solution you'd like
After the user logs in, we need to implement role-based access control. Specifically:
Admin users: Should have full access to all actions in the menu (adding, updating, deleting, querying data, etc.).
Employee users: Should have limited access, only able to query people data, but not perform any modification actions (like adding, updating, or deleting).
Additional context
Admin Role: This user should have access to the full menu, including all functionalities such as adding, updating, deleting, and querying people.
Employee Role: This user should only have access to the functionality that allows them to view (query) people data, without the ability to add, update, or delete records.
- Login and Role Assignment:
During the login process, after validating the user’s credentials, determine the user's role (e.g., Admin or Employee).
Store the user's role in the session or context to control access throughout the app.
- Menu Changes Based on Role:
If the user is an Admin, show all menu options for managing people (add, edit, delete, view).
If the user is an Employee, disable the options for adding, editing, and deleting people. Only the "Read" or "Read All" option should be enabled.
If an employee tries to access restricted actions (like adding, editing, or deleting), display a message such as "You do not have permission to perform this action."
Describe the solution you'd like
After the user logs in, we need to implement role-based access control. Specifically:
Admin users: Should have full access to all actions in the menu (adding, updating, deleting, querying data, etc.).
Employee users: Should have limited access, only able to query people data, but not perform any modification actions (like adding, updating, or deleting).
Additional context
Admin Role: This user should have access to the full menu, including all functionalities such as adding, updating, deleting, and querying people.
Employee Role: This user should only have access to the functionality that allows them to view (query) people data, without the ability to add, update, or delete records.
During the login process, after validating the user’s credentials, determine the user's role (e.g., Admin or Employee).
Store the user's role in the session or context to control access throughout the app.
If the user is an Admin, show all menu options for managing people (add, edit, delete, view).
If the user is an Employee, disable the options for adding, editing, and deleting people. Only the "Read" or "Read All" option should be enabled.
If an employee tries to access restricted actions (like adding, editing, or deleting), display a message such as "You do not have permission to perform this action."