Add roles and authorization to the app. This includes restructuring the schema for paths. Any content associated with a course starts with /course/:courseID and that id is used to check if the user has the correct permission in that course.
Self permissions, where users can only access a resource that they own, is still a work in progress.
Resolves: #23
Types of changes
What types of changes does your code introduce?
Put an x in the boxes that apply
[ ] Bugfix (non-breaking change which fixes an issue)
[ x ] New feature (non-breaking change which adds functionality)
[ x ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
[ x ] Documentation Update (if none of the other choices apply)
Checklist
Put an x in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of
them, don't hesitate to ask. This is simply a reminder of what we are going to look for before merging your code.
[ x ] My changeset covers only what is described above (no extraneous changes)
[ ] Lint and unit tests pass locally with my changes
[ ] I have added tests that prove my fix is effective or that my feature works
[ x ] I have added necessary documentation (if appropriate)
Proposed changes
Add roles and authorization to the app. This includes restructuring the schema for paths. Any content associated with a course starts with /course/:courseID and that id is used to check if the user has the correct permission in that course.
Self permissions, where users can only access a resource that they own, is still a work in progress.
Resolves: #23
Types of changes
What types of changes does your code introduce? Put an
x
in the boxes that applyChecklist
Put an
x
in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. This is simply a reminder of what we are going to look for before merging your code.