Currently it is up to the client to create webhooks and form relationships between users, teams and webhooks. I have an uneasy that this can and will go wrong.
The current flow is:
client -- createTeam --> server -- 200, teamId --> client -- createWebhook -- teamId, user --> server (creates relationships between supplied user and team to new. webhooks) -- 200, webhook --> client
Another issue is security, the serve has no context other than the clients request and doesn't know for certain that this user should be related to this team.
I will patch to have all relationships created at the same time as the team.
Bouncey
commented
6 years ago
Currently it is up to the client to create webhooks and form relationships between users, teams and webhooks. I have an uneasy that this can and will go wrong.
The current flow is:
client-- createTeam -->server-- 200, teamId -->client-- createWebhook -- teamId, user -->server(creates relationships between supplied user and team to new. webhooks) -- 200, webhook -->clientAnother issue is security, the serve has no context other than the clients request and doesn't know for certain that this
usershould be related to thisteam.I will patch to have all relationships created at the same time as the team.