Closed pbastia closed 2 months ago
@BCerki I would say this is done as part of your first API card?
@BCerki I would say this is done as part of your first API card?
We have an @authorize
decorator that checks if the user role (from the withAuthorization
middleware) is in the list of roles that are allowed to access the endpoint. That doesn't really sound like this ticket's description, though
Wait until #256 is done before digging in to this. Decisions there will likely require rework of this.
cc @patriciarussellCAS @rdromey , we can close this one
Description:
The current API receives a user name from the next-auth token That user name is matched up with a role from the user table It can be queried by the frontend as well to make decisions on what to show
@DataVillage is there a particular pattern you have in mind for this?
Acceptance Criteria:
Given When Then
Development Checklist:
Definition of Ready (Note: If any of these points are not applicable, mark N/A)
·Definition of Done (Note: If any of these points are not applicable, mark N/A)
Notes:
Dependencies