Restrict API endpoints for non-admin user #4

dikyarga · 2019-04-06T17:34:07Z

Here endpoints we need to restrict :

EventTypes - non-admin only can get
ListOfAttendees - admin only can access
Organizations - non-admin only can do POST (for register their organzation) and GET (to retrive existing organization, in case they have been register their organization)
Participants - only admin can access
Profiles - only admin can access
RoomTypes - non-admin only can GET
User - only admin can access
RoleMappings - only admin can access
RoleTypes - only admin can access

tips : go to /explorer/ path to see all current available endpoints and test it directly

The text was updated successfully, but these errors were encountered:

fadlifajrin · 2019-04-07T09:56:55Z

saya ngerjain issue ini ya

fadlifajrin · 2019-04-07T10:14:42Z

RoleMappings dan RoleTypes tidak bisa diset pakai generator lb acl ya

dikyarga · 2019-04-19T08:30:42Z

RoleMappings dan RoleTypes tidak bisa diset pakai generator lb acl ya

Iya, Mas. Dia bawaan soalnya, bagian ini saya lanjutkan ya, Mas. Yang PR kemarin biar merge dulu aja.

Terima kasih yak @fadlifajrin

dikyarga added the help wanted Extra attention is needed label Apr 6, 2019

dikyarga pinned this issue Apr 6, 2019

fadlifajrin mentioned this issue Apr 7, 2019

Restrict API endpoints for non-admin user #12

Merged

dikyarga closed this as completed May 2, 2019

Provide feedback