[ColdBox 3.5.1] Security Interceptor for multi-user personal page


I should start building an app that is similar to a forum: I sould create an admin area where only logged in customer can access. Every customer should register, create his profile and add his own article.

I have read more question about security interceptor but I’m not sure about this: if an user edit an article, how can I be sure that he do not edit an article of different user?

For example:

User1 has write article 1,5,8

User2 has write article 3,9,12

User1 want edit article 5 and go to editArticle?id=5 and made his change. But he could also go to editArticle?id=9 that is owned by User2. How could I be sure that two user that have admin access do not edit article that are owned by other users?

Many thanks