|
|
|
|
|
|
by Etheryte
426 days ago
|
|
|
At the end of the day, it's still only shuffling around where you define your constraints, because you need them either way. Whether you define a rigid API endpoint for the frontend (named the problem in the article) and handle access control there, or make the API fluid with e.g. GraphQL (the first solution in the article) and define access controls there, it's still the same problem. |
|
|
You can give a back end developer SQL, because the users of your application don't also get SQL. Not true of GraphQL.