Closed Karyum closed 6 years ago
@Karyum @des-des why would verification not happen with a PUT
request to /resourceType/:id
?
Then you would just need to add the field permissions here: https://github.com/foundersandcoders/open-tourism-platform/blob/master/src/constants/apiPermissions.js
my mistake it's not a GET
reuqest it is a PUT
:sweat_smile: , but @mattlub the /resourceType/:id
PUT
request is also accessible to the owner of the resource, so it wouldn't be problem for a BASIC
user to go and verify his own resource if im correct ?
i also didn't quite get your second comment about the field premissions?
yeah nice idea, will do that instead :+1:
@mattlub now thinking about it, let's say and ADMIN
or a SUPERUSER
is adding an event through the data entry, now you don't want them after adding the data to go to their email and verify it ( that would be ridiculous :laughing: ), you want them when they added something to the data entry it would be automatically verified cause they are not BASIC
users, how would we go about this ?
hmm that was a dumb question :up: , i could just check through the req
what is the role of the user, and toggle verified to true in the object that we are updating with.
cool, sorry for only noticing after you'd written all those tests 😅
add a GET
/verified/:id
route that will check if the user is logged in ( the user needs to beADMIN
orSUPERUSER
andOWNER
only )then will find the data and update it so verified would be true.