Skip to content

Implement basic backend endpoint permissions #163

New issue
New issue
Open
#221
Open
Implement basic backend endpoint permissions#163
#221
Assignees
tommyjqliu
Labels
backendTask must have a back end issuedifficulty:hard
@dct0

Description

@dct0
dct0
opened on Jan 6, 2024

Basic Information

Implement basic "yes" or "no" permissions to all our backend endpoint. See the blurb at the top of the spreadsheet for how this can be implemented. Ignore all references to organisations

Modify the API handler to also include permissions. Currently we have:

export default apiHandler({
  get: getItemTypes
});

Our proposed implemention will change it to something like:

ts
export default apiHandler({
  get: {
    controller: getItemTypes,
    permissions: permissionsMatrix.getItemTypes
  }
});

Then in a separate file, we have the giant permissions matrix, which will look like the spreadsheet.

const permissionsMatrix = {
  getItemTypes: { client: true, repairer: true, ... }
}

Other Information

Permissions spreadsheet (WIP)
https://docs.google.com/spreadsheets/d/18AxrBPgUUgtK0lcNLxSUmxFfxQERglB_L3c7OL6s9DE/edit?usp=sharing
Ignore all references to organisations

Metadata

Metadata

Assignees

Labels

backendTask must have a back end issuedifficulty:hard

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions