Closed ianmcorvidae closed 2 years ago
I hit enter too soon on my last comment. I think that if you create a version of that endpoint that can be called by service accounts with the cyverse-subscription-updater
role, then that will be all that we need.
One thing that I didn't think to check for was the ability to check for a specific role. It would be helpful to have middleware that checks for the presence of a specific role and returns a 403 if it's not present.
Ah, that makes sense. It shouldn't be hard to add a middleware like that, and creating that extra endpoint sounds easy enough as well.
I'll probably do a second PR just to isolate things that you've already reviewed, maybe try to get it up later today since you're going on vacation soon.
Sounds good 👍
I think this is the basic stuff that's needed. It's not used anywhere yet, and I could use some recommendations if there's some endpoint I should add for testing or such.
Still, I think this is ready enough to be reviewed for the structure of the thing!