On authorization, I suggest thinking about admins and support people being NOT authorized to change data or transactions posted by regular users.
In some situations, that level of permission may be appropriate but it's worth thinking about.
I have worked in financial services (as lead user, primary on-site support person, and liaison with software techs) where internally changing data is a serious business. Therefore, the system/s we worked with deliberately precluded making data changes other than via the normal user-facing software.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Good, clear distinction - well said.
On authorization, I suggest thinking about admins and support people being NOT authorized to change data or transactions posted by regular users.
In some situations, that level of permission may be appropriate but it's worth thinking about.
I have worked in financial services (as lead user, primary on-site support person, and liaison with software techs) where internally changing data is a serious business. Therefore, the system/s we worked with deliberately precluded making data changes other than via the normal user-facing software.