You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, the only way a user can be given particular roles, such as admin, appears to be through database manipulation. If we want to ensure that all actions are driven through the api, the endpoint functionality may need modified to enable the adding of user roles.
If that's not considered viable, we should consider how we intend to add admins or other users with special privileges.
We may also want to ensure that we have roles in a separate table from users, for a few reasons:
Separation of concerns, always good
Users in the future may have more than one role
We may want security permissions for users to be separate from security permissions for their roles.
The text was updated successfully, but these errors were encountered:
Currently, the only way a user can be given particular roles, such as admin, appears to be through database manipulation. If we want to ensure that all actions are driven through the api, the endpoint functionality may need modified to enable the adding of user roles.
If that's not considered viable, we should consider how we intend to add admins or other users with special privileges.
We may also want to ensure that we have roles in a separate table from users, for a few reasons:
The text was updated successfully, but these errors were encountered: