Private/public message Edit messages

[ajohnsson95]

1. Should we not have an option for Private/Public messages

2. Who is supposed to Edit messages, Titles etc... Is it just the User that created the message or do we want Admin to have the option aswell

[Ebyrdeu]

I didn't watch this week's Martins lectures, so I'm not sure if he covered OAuth2 server. I only tested Spring Security, and it's a lot of work just for simple authentication and authorization with jwt. But for now, I want to finish just with simple CRUD without any admin/user/guest permission, essentially no security at all, and only then start to add it. But know about you guys, what do you think ?

[ajohnsson95]

Sounds good lets get everthing running and implement the improvements later :)

[ValentinaSukonina]

Idea of implementing Private/Public sounds very reasonable. OAuth2 itself does not inherently enforce public or private access to data upon login. There are however should be possibility to grant public access to certain resources or data upon successful authentication and authorization. I'm not sure how straightforward it would be to implement OAuth2. It's possible that creating extra field in MessageEntity (boolean messagePrivate) would be an easier solution.. I'll create a pull request tomorrow with a new field, and we can discuss later whether or not we want to proceed with it.