Closed dxps closed 1 year ago
AS-IS Currently, the authorization is all or nothing: any authenticated user can update or delete any article (besides creating one, of course).
TO-BE Only the user that is the author of (aka own) an article can update or delete it.
AS-IS Currently, the authorization is all or nothing: any authenticated user can update or delete any article (besides creating one, of course).
TO-BE Only the user that is the author of (aka own) an article can update or delete it.