Discussions
Designing Resource Owner Check
about 7 years ago by Rishabh Joshi
Hi,
I would like to create a custom/dynamic constraint where I would check if the resource is owned by the current Subject.
Currently, I am solving this by retrieving the requested resource and checking against the created_by field. If it matches, the custom constraint returns true, else false.
Now, my problem is that I want to return a 404, instead of 403 (which would be returned by default as the method would return false.), if the resource is not found.
How can I design my constraint to do that?
Regards,
Rishabh