Hello, In my app I have a role SpecificUser. I have an entity A with an association to the entity Account. In a process a user with the role SpecificUser have to link the entity A to another Account. I noticed in the security of my project, in the user management (of the user role “SpecificUser”) that I need to check that this user role “SpecificUser” can manage other user to make my process work (when I display the account). When I do that, does it create a security issue? does that mean that an user with a user role “SpecificUser” can create modify etc… other user ? Thanks
↧