I have developed an Angular/.Net Core 6 where authorized users can insert new products.

When an authorized user creates a new product, he's the only user with the "Editor" role to be able to change it and in that case an "Edit" button is visible. For the time being, each product contains the ID of the user who created it.

First question, it is the best option or should I use claims to link Product and User?

Second question, regarding the display in Angular, I have 2 options

1. My back end is returning all the products with a flag to indicate if each product can be edited by this user
2. My back end is returning all the products and I use an *ngIf in my Angular template to display the Edit button if the user associated with each product is the same as the user currently logged

What is the best practice? I don't want to overcomplicate everything. Should it be handled backend or frontend?

Thank you

CodePudding user response：

First Question: I think is ok, in product table a column with a User foreign key seems solution you need

Second Question: I think there is no big difference in your 2 options, but personally I prefere the second one. However don't forget to add a Backend control on edit

CodePudding user response：

For first question: Link it as foreign key. If the user directly owns the products then each product should have userID as foreign key. But if the user has stores and each store has products, so each product should have StoreID as a foreign key and each store should have userID as a foreign key

For second question: The best way is to apply all filters from backend. At each change on the frontend, you should make a request to the backend to refresh the results. Don't forget to use pagination to limit the results number and select only the important columns to optimize queries and make them fast.