add some cursor rules
This commit is contained in:
parent
820c01097c
commit
eccad00513
GPG key ID:
883EDBAA726BD96C
3 changed files with 31 additions and 0 deletions
14
.cursor/rules/security_authorization.mdc
Normal file
14
.cursor/rules/security_authorization.mdc
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
description: Instructions on ensuring that authorization gets respected in the app.
|
||||
alwaysApply: false
|
||||
---
|
||||
|
||||
The app has users with roles and permissions. These should be respected.
|
||||
|
||||
When working on the frontend, make sure that the users can only access the pages and contents they are expected to due to their role in the app.
|
||||
|
||||
When working on the backend, ensure that endpoints are only accessible by those who need them.
|
||||
|
||||
When building new features, reflect on whether there is the need to create new permissions or modify existing ones, as well as changing roles.
|
||||
|
||||
Add tests that try "sneaky" approaches to overcoming authorization limits and verify that the app is properly protected against them.
|
||||
Loading…
Add table
Add a link
Reference in a new issue