Closed chadwhitacre closed 8 years ago
Need to constrain the organizers listed for the user under /organizers.json
to only those they have permissions on ...
Need to constrain the organizers listed for the user under /organizers.json to only those they have permissions on ...
Are you talking rails API side @whit537?
If so, I have a use case where I am going to need the whole list of organizers as a public API. Could you put this at users/:id/organizers
or sumpin?
Are you talking rails API side @whit537?
Yes! :-)
If so, I have a use case where I am going to need the whole list of organizers as a public API. Could you put this at
users/:id/organizers
or sumpin?
Sure thing! :-)
Roughed in in f2081b654c99e4b86382a3313f3151a84591b6f9, @dmtroyer. Now to constrain it ...
Blam.
A second user + organizer, demonstrating working constraint:
Do you think this PR needs to reproduce all of the functionality currently available in the rails dashboard?
On second thought, let's keep the scope tight on this PR. Marking ready for review, @dmtroyer @MatthewVita.
Looks good to me
The list of organizers at dashboard/organizers
wasn't working for me when I was logged out of the rails-side dashboard. The organizers/for-current-user
endpoint needed to be moved within the api/v1
scope to api/v1/organizers/for-current-user
for ng-token-auth
to attach the necessary headers so that the user could be authenticated that way (and current_user
would work), instead of with the rails-side devise cookie like it was previously doing.
Eventually we should move all the routes within this scope.
@whit537 let me know if that makes sense and/or if you have any questions. To bed! :zzz:
Rebased on master. Previous head was c634a910c99abf059674a7b1533f970453442be5.
I'm gonna go ahead and squash this according to https://github.com/saxifrage/cityasacampus/issues/362#issuecomment-162029375 et seq.
Squashed. Previous head was 44098cf4c6499bb00450d2c0c1d72fb2c26e764f.
Resquashed. Previous head was 95e010b99a135d3035347fe3e17d42613ece8148.
I'm getting a 401 from organizers/for-current-user.json
for anon. That's good.
Gonna stub out the buttons on the organizers dashboard:
Resquashed. Previous was 544033790e9b38138d5335a8cf9067d9be5c596c.
Alright, we ready to merge, @dmtroyer?
Ping @dmtroyer @MatthewVita ... ready for a review and merge over here ...
Thanks @dmtroyer. :)
364 needs this for context.