Prevent non-admin users from inserting a question" (!20) · Merge requests · COM3014-Coursework / Daily Thought App · GitLab

D'Abrantes, Felipe (UG - Comp Sci & Elec Eng) requested to merge 35-prevent-non-admins-inserting-questions into main Apr 18, 2023

What does this MR do?

Adds an admin field to the generated JWT.
Checks user is an admin to insert a question.

Relevant screenshots

(Add any relevant screenshots of MR's functionality)

Testing

After login/registering, check generated JWT contains admin field.
Attempt to insert a question with admin field set to false. Should return Forbidden.
Attempt to insert a question with admin field set to true. Should return OK.

Relevant issues

Closes #35 (closed)