(in process of selecting a "today's" stack technology for learning them) (I do not know well today's technology)
In Breeze.js (MongoDB and MariaDB),
1) Can we define security granularity so the user can not see records that are not related to them? (such as THEIR orders,THEIR profile, etc.) (I suppose we can do a test on the query, but I mean really impossible to bypass?)
2) For production business proof security, are these tests enough, or better have another layer on the stack to handle login and security? (such as Dreamfactory, or other you may suggest)
Thanks, Marc