Open Tomislaw opened 1 month ago
We probably need to add some clarification on the ability to edit your own user. The way this reads is in conflict with #11 :
Only superusers can edit, create or remove users
As far as deletion, we should probably spin up a conversation somewhere on how we want to handle deletion and if we need to implement some sort of soft deletion mechanism for the different tables in the db.
Api endpoint authorization
Description
Implement and verify api endpoint authorization. Superusers should be able to perform all operations. Normal users should be able to edit and delete entries they created.
Checklist
Optional