slyapustin
commented
8 years ago There no permission checks and no tests here.
Also Groups should be editable by staff only.
User should only make unsafe operations for their own Items.
Closed slyapustin closed 6 years ago
slyapustin
commented
8 years ago There no permission checks and no tests here.
Also Groups should be editable by staff only.
User should only make unsafe operations for their own Items.
slyapustin
commented
6 years ago We decide not to do any API work at that moment.
Currently app API is limited to only display items, it will be nice if user can access to full CRUD operations via RESTful API.