Open rossjones opened 8 years ago
We should have some rules about who can do what. The publishers a user belongs to should be added during authn (#12) so that we can avoid different components making the same queries. This way we can pass the conn into an Authz module for checks.
We should have some rules about who can do what. The publishers a user belongs to should be added during authn (#12) so that we can avoid different components making the same queries. This way we can pass the conn into an Authz module for checks.