Is it ok to send roles and permissions data to the browser in a RBAC system?
I have a backend with a simple RBAC implementation. We have a list of permissions, each permission is associated with a list of roles, each user is given one or more roles.
Is it ok to send this permissions/roles mapping to the browser, so… Continue reading Is it ok to send roles and permissions data to the browser in a RBAC system?