I am attempting to add a feature implementing an admin feature.
The stories are:
As an admin I want to be able delete blogs for all users
As an admin I want to be able to update blogs for all users
My approach:
update users schema to include an isAdmin field (boolean)
1.1 this works in curl and on the front end. Yay
In app/controllers/concerns duplicate the authenticate.js and modify it to authenticate an admin
2.1 I tried this and while I have no errors, I am not sure if it actually works
In app/controllers/... set a before_action that authenticates an admin and write an adminUpdate and adminDestroy function
3.1 this doesn't work. The admin cannot destroy or update a post or page that isn't owned by that
user. The error is a 404 error. I'm not comfortable enough in Express api to trouble shoot this
and isolate where the error is.
I need guidance on if this approach is a dead end. If not, I need a little help isolating my error (sort of like console.log in the client code)
I am attempting to add a feature implementing an admin feature.
The stories are:
My approach:
app/controllers/concerns
duplicate theauthenticate.js
and modify it to authenticate an admin 2.1 I tried this and while I have no errors, I am not sure if it actually worksapp/controllers/...
set abefore_action
that authenticates an admin and write anadminUpdate
andadminDestroy
function 3.1 this doesn't work. The admin cannot destroy or update a post or page that isn't owned by that user. The error is a 404 error. I'm not comfortable enough in Express api to trouble shoot this and isolate where the error is.I need guidance on if this approach is a dead end. If not, I need a little help isolating my error (sort of like console.log in the client code)
Thanks!