Open drjazz2099 opened 10 years ago
On the edit content page. We can currently see all content for all users.
We should restrict this so a user can only edit or delete his own content.
we will need to change the mongo db query from:
all.customGET('', {"q": {"section": $routeParams.tag }}).then(function (data) {
To something like:
all.customGET('', {"q": {"owner": loggedinUser.username}}).then(function (data) {
We may how ever need to keep one or two administrator users who are able to edit all content. So they can monitor the quality of the websites image catalog.
On the edit content page. We can currently see all content for all users.
We should restrict this so a user can only edit or delete his own content.
we will need to change the mongo db query from:
To something like:
We may how ever need to keep one or two administrator users who are able to edit all content. So they can monitor the quality of the websites image catalog.