You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
root users can access everything at all times, instance-wide.
check for root needs to be wired into all voters, the root-check will need to precede any other authorization checks within these voters; essentially short-circuiting those.
exclusive capabilities of root users:
can create schools
can delete schools
can flag other users as "root"
add 'isRoot' attribute to User entity
create console commands for setting/un-setting the isRoot attribute on any given user
ensure that only root users are able to modify the isRoot attribute on any given user via the API
The text was updated successfully, but these errors were encountered:
make sure to bake an extra perms check into the user controller's POST and PUT action to ensure that the current user has rights to set/modify the 'root' flag.
The text was updated successfully, but these errors were encountered: