I have seen that the roles need to be 'locked down' at compile time. So I am wondering if this can be done.
Right now, we have controllers, that we can lock down controllers/methods based on roles like "AllBranches", And the blanket [Authorization] to allow customers to post/put data. But If I only want a specific Branch, say "Branch-001" to only see "Branch-001" data, can I do that through the authorization? Same goes for a customer who puts/posts his information, only pulls back his data?
Basically to be allowed to change the branch number on the fly for authorization, and the customerid, only seeing his own information? Or do I need to add code to the beginning of each of my methods?