Ensure space supporter receives proper error code for specific manifest endpoints #2398
Labels
space-application-supporter
https://github.com/cloudfoundry/cfar-proposals/issues/22
Projects
Milestone
Context
We are introducing a new role and we want to make sure it has the right access.
Expected result
A space should get a 403 unauthorized error when trying to curl the following endpoints:
POST /v3/spaces/:guid/actions/apply_manifest
GET /v3/apps/:guid/manifest
POST /v3/spaces/:guid/manifest_diff
Acceptance
As a space supporter, if I curl the any of the above endpoints for an app and space that exist, providing a valid manifest, I receive a 403 error telling me I am not authorized to perform this action.
Documentation
No changes required. We are just aligning with our style guide.
The text was updated successfully, but these errors were encountered: