Similar to archiving trip principle, maybe also restrict UI based on role, further preventing stray requests from non-trip-linked users with the wrong role (readOnly trip-linked, not trip-linked).
This may also be redundant/trivial after authentication changes from browser - determining whether user can send through proper auth token from their browser.
Server: any additional check? from trips object? would not make sense to accept what's passed from front end as-is.
Is back and forth inevitable for each req (no sessions persisted between serverless function call)
initial req action -> check user role and trip assoc from db -> proceed or forbid
Just separate out the auth check function and call within serverless functions?
UI:
Server: any additional check? from trips object? would not make sense to accept what's passed from front end as-is.