API 3.3 Read all trackers - Trainee

[kenny95h]

Summary of Defect: Trainees should not be able to view all of the trackers, but they can.

Expected Result: Sending a GET request for all the trackers should give a 403 error (access to the requested resource is forbidden)

Actual Result: Sending a GET request returns all the trackers with status 200 OK, as if the trainee was an admin

Defect Description: (Hint: Steps to Reproduce)

Make a GET Tracker request:

• with an empty endpoint ""
• with Trainee authorisation

Further Comment: No further comment

[yusufkabir]

DEFECT - Confirmed that (https://localhost:7234/api/trackers) RETURNED 200 OK