Add roles and authorization to the app. This includes restructuring the schema for paths. Any content associated with a course starts with /course/:courseID and that id is used to check if the user has the correct permission in that course.
Self permissions, where users can only access a resource that they own, is still a work in progress.
Resolves: #23
Types of changes
What types of changes does your code introduce?
Put an x in the boxes that apply
[ ] Bugfix (non-breaking change which fixes an issue)
[ x ] New feature (non-breaking change which adds functionality)
[ x ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
[ x ] Documentation Update (if none of the other choices apply)
Checklist
Put an x in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of
them, don't hesitate to ask. This is simply a reminder of what we are going to look for before merging your code.
[ x ] My changeset covers only what is described above (no extraneous changes)
[ ] Lint and unit tests pass locally with my changes
[ ] I have added tests that prove my fix is effective or that my feature works
[ x ] I have added necessary documentation (if appropriate)
Proposed changes
Add roles and authorization to the app. This includes restructuring the schema for paths. Any content associated with a course starts with /course/:courseID and that id is used to check if the user has the correct permission in that course.
Self permissions, where users can only access a resource that they own, is still a work in progress.
Resolves: #23
Types of changes
What types of changes does your code introduce? Put an
xin the boxes that applyChecklist
Put an
xin the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. This is simply a reminder of what we are going to look for before merging your code.