Frankly that there isn’t a specific field signalling authorized/not-authorized
The instance I was bitching about was this: There’s a lot of region-specific data coming from the backend. But the user is only authorized for certain regions. So for instance the North-American guy gets this object: { “CA”: [/* list of stuff */], “US”: [/* list of stuff */], “MX”: [ /* list of stuff */ ]}, while the US-only guy only gets {“US”: [ /* list of stuff */] }. Are you suggesting that the response should also include flags isCaPresent, isUsPresent, isMxPresent for every country?
The issue with null vs not present surfaced because I, the frontend, checked if the returned object contained the key “CA” and then tried to iterate over the list of stuff, which happened to be null, which is hard to iterate over. I agree that I could’ve checked if the key was present and not null.
The meme, however, was lamenting that the backend developer, refuses to acknowledge that these two JSONs are different,since they only see their POJOs, where both map to CA: null, US: [], MX: null.