Object level permissions with Hibernate Reactive and Vertx

In the 5th part of the Hibernate Reactive with Eclipse Vertx tutorial we observe the topic of object level permissions. It is our duty as software engineers to implement strong protection of applications. We need to verify that secured APIs are accessed by authenticated users and also that they could modify only those records that are owned by such users. In order to this we make use of the concept of object level permissions. Object level permissions are used to verify if a user should be allowed to act on a particular object, which will typically be a model instance. This type of protection could be accessed in many popular web frameworks, such as #django , #laravel , #springsecurity etc. #vertx does not provide such tool, and in this tutorial we research how to build such functionality.

#java #javaprogramming #tutorial #coding #hibernate #programming #webdevelopment #softwarearchitecture #softwaredevelopment #cloudcomputing

00:00 - Start
00:03 - Why to use object level permissions
00:59 - Adding authentication components
01:36 - Creating a Principal class
02:23 - Creating a NotOwnerException class
03:00 - Building the service layer
03:20 - Create the ProjectService interface
04:50 - Implementing the ProjectService interface
05:50 - Implementing the updateProject() method
08:42 - Testing the updateProject() method
10:12 - Testing when the principal is the owner of the project
13:15 - Testing when the principal is not the owner of the project
14:50 - Implementing the removeProject() method
15:39 - Testing the removeProject() method
15:51 - Testing when the principal is the owner of the project
17:49 - Testing when the principal is not the owner of the project
20:00 - Thanks for watching