I have a UI that lists data that is dependent on your role.
Let’s say there’s a related endpoint called
If you are a “regular” user, you’ll see cars that are related to you (either you own them or you’re leasing them or something). If you are a “super user” then you’ll see all of the cars for all users.
Any “best practices” on how to achieve this level of granularity for an API service that has many api endpoints that need to make this sort of distinction?
I guess more generally - the set of data available to a user should be dependent on their role. But the operations on that set are the same (i.e. both regular users and super users can both list cars) irrespective of their role.