pbastia
commented
3 months ago @BCerki I would say this is done as part of your first API card?
Closed pbastia closed 2 months ago
pbastia
commented
3 months ago @BCerki I would say this is done as part of your first API card?
BCerki
commented
3 months ago @BCerki I would say this is done as part of your first API card?
We have an @authorize decorator that checks if the user role (from the withAuthorization middleware) is in the list of roles that are allowed to access the endpoint. That doesn't really sound like this ticket's description, though
mikevespi
commented
2 months ago Wait until #256 is done before digging in to this. Decisions there will likely require rework of this.
Sepehr-Sobhani
commented
2 months ago pbastia
commented
2 months ago cc @patriciarussellCAS @rdromey , we can close this one
Description:
The current API receives a user name from the next-auth token That user name is matched up with a role from the user table It can be queried by the frontend as well to make decisions on what to show
@DataVillage is there a particular pattern you have in mind for this?
Acceptance Criteria:
Given When Then
Development Checklist:
Definition of Ready (Note: If any of these points are not applicable, mark N/A)
·Definition of Done (Note: If any of these points are not applicable, mark N/A)
Notes:
Dependencies