Following the work to set up user roles in #135, we want to ensure that general Admins only have access to drawings uploaded within their organisation, and any additional conditional business rules outlined here for all roles: https://github.com/empowerhack/DrawMyLife-Service/wiki/2.1-Org-structure-and-roles. Currently, Admins have access to all drawings, no matter who uploaded them.
This is a priority now that we have users from multiple organisations.
What
Following the work to set up user roles in #135, we want to ensure that general Admins only have access to drawings uploaded within their organisation, and any additional conditional business rules outlined here for all roles: https://github.com/empowerhack/DrawMyLife-Service/wiki/2.1-Org-structure-and-roles. Currently, Admins have access to all drawings, no matter who uploaded them.
This is a priority now that we have users from multiple organisations.