Handle validated_password flag to restrict certain accounts to data collection only

magicznyleszek commented 1 year ago

All accounts start with validated_password: true (or just without the flag; whatever makes more sense to build) - superuser will manually set them to false in kpi
Account with validated_password: false should not be able to access anything sensitive like /api/v1/data
Account with validated_password: false should be able to access OpenRosa submission-related endpoints like /formList and /submission
kpi will have a mechanism that will update an account in kobocat whenever validated_password flag changes for an account in kpi

Requires kobotoolbox/kpi#4473

magicznyleszek commented 1 year ago

@noliveleger just wanted to confirm: this is done, right?

noliveleger commented 1 year ago

It is

kobotoolbox / kobocat