I have noticed one common pattern in object oriented course where all actors are identified and classes are created for each of these actors. I have a basic doubt here. In the real system, won’t access to an API be restricted by role and access token?. By just putting all things which an actor has access to inside the actor class doesn’t serve any purpose, right?. We could just expose all APIs in controllers…not able to understand the reason behind mapping each actor to a separate class.
(2) Other doubt is why are we making Search interface…and then making an object of it inside all actors who are allowed to do the search. In similar line to above question, all these search APIs can be exposed to the controller class and restricted by access token/role.