I am building an API that will serve users with different administration levels (roles)
I have the following model (redacted for brevity)
public class Job
{
public Guid JobId { get; set; }
public string Name{ get; set; }
public string CommentsAdmins { get; set; }
}
When an admin user calls the API controller, I want the API to return the entire model above. But when a regular user calls the API, I want the model to return the same model, minus CommentsAdmins
public class Job
{
public Guid JobId { get; set; }
public string Name{ get; set; }
}
I'm not comfortable to use a nullable string? because I believe that's a dirty way to do it. Also I don't want the field to be visible in my mobile app code, which may be publicly visible if somebody tries to decompile the mobile app binaries.
Additionally, creating multiple models for multiple user levels doesn't feel intuitive as well.
Having Multiple model means there will duplicates of the same code, which makes it a lot more cumbersome to debug and in case of any change, the possibility of forgetting to change one of the model's redacted copies will be higher. Additionally, this method requires copying object values to the redacted models for every organizational role level.
What's the best way to go about this?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)