Solution: Enforce Role-Based Access on Service Methods

Solution explanation

• Lines 2–10: We define the UserService class, which exposes two methods: getUser() for general data access, and deleteUser() for administrative actions.

  • This represents a real backend service with both safe and restricted operations.

  • Our goal is to protect certain methods without editing this class.

• Lines 13–33: The createSecureService() function creates a Proxy that enforces method-level access control.

  • The variable restrictedMethods defines which methods require admin privileges. ...