Tips for writing permission based apps/components?
I am using React and Redux to build a component, let's call it <Document />
. This component is displayed to two different kinds of user: manager
and client
.
Manager can fully edit any information, add comments, fork the document.
Client can edit the document and then propose changes to the manager.
I won't list all features. I would like to know:
- Have ever had to write a permission based component, which hides/changes parts of it based on role permissions?
- Did the component get too big/complicated?
- Have you ever forked a component and had two slightly different ones (but also the same) in the same projects?
- Did you spell out the permissions explicitly in the state or did you inline it
{if user->hasSomeRole() ? <div /> : null}
- What's a convenient way to represent roles or permissions in the state tree?
- When do you think a component has too many
if
s and deserves to be a unique component? - How do you find balance between keeping more code inside a single component and splitting stuff up into smaller components?
- Do you have any tips how to manage such components/apps?
Thank you!