unknown Interview Question for Software Engineers
- 0of 0 votes
AnswerI have applied for Software Engineer at a startup company in India, I have asked the following question.
- s.lokesh1729 December 04, 2017 in India for Engineering
You are building an application with ORM model say django, you have set of models, urls. Let's say an user is hitting api /user/account/profile/xxx/yyy like this. You have to check whether user has permission to access or not. If user has access to /user/ then he has access to the whole URL, like wise if he has access to /user/account/ he has access to whole URL. User table looks like below and it has a field called prefix which contains URL prefix of that particular user.
Users
userid | prefix | username | firstname | lastname
1 /user/ lokesh1729 lokesh sanapalli
2 /user/account lokesh1729 lokesh sanapalli
What is the most efficient way to check if a particular user has access to an API or not???
I gave a brute-force approach that first we will check if he has access to /user/ then /user/account then /user/account/profile and so on, if he has access to a prefix and we will process the request.
He is not satisfied with the answer. Can anyone tell me what might be the answer for this???| Report Duplicate | Flag | PURGE
unknown Software Engineer design
Country: India
Interview Type: In-Person
It's hard to tell what his intentions were, but certainly questions are needed such as:
- Chris December 04, 2017- multiple "directories" per user?
- multiple users per directory?
- if prefix matches, does it mean he has access to all sub. dirs.?
- can there be a revoke in a sub. Dir?
- how many grants / user typically, outliers?
- how many users, how many directories.
- how deep are those paths typically, where is the grant in this hirarchy
One approach can be, have an entity for a user, and a list of directory prefixes, load the user with grants and check if path-prefix is in there, maybe cache user. If there are thousands of grants per user but only few grants per directory, you may do the opposite on the directory, load per prefix the number of users.
Etc...