Currently, Role Based Access Control is on our APIs using pycasbin, and on one of our UI’s using CASL and CASL React. It works very smoothly for an individual UI repo.
Our overall goal is to have Role Based Access Control (RBAC) on all of our UI Repositories. Instead of manually configuring RBAC on each and every one of the repo's, the idea came up of putting the logic on our FE Library that all of our UI Repo's utilize.
CASL works by utilizing a React State Management (React Context), to store the roles of the current user logged in. The roles are defined in our user records in our DB.
I guess the overall question is, Is it good practice to give our Front End Library RBAC logic? Or should we individually keep our UI repo's with it's own RBAC configuration (would be the same code being reused)
