#160057897 A user should only delete his question

[krmroland]

What does this PR do?

Currently, any authenticated user can delete a question irrespective of who created it. This PR ensures that a question can only be deleted by a user who created it

Description of Task to be completed?

• Deny access to end point DELETE /questions/id for users who doint own the question

How should this be manually tested?

• Refer to the README.md for setup instructions
• While the app is running, create two users using post man by hitting the endpoint POST auth/signup .
• Login in using the first user by hitting the endpoint POST auth/login
• Add the returned token to headers with key:Authorization and value: BEARER {token_generated}
• Create A question by hitting the route POST /questions with title and description fields
• Using the same methods a bove create a second user and add the Authorization header respectively
• Making a post request questions/id where id is the id of the question that was created above should return Access Denied for deleting question
• You can also trigger the related test by running pytest -k pytest -k test_returns_a_401_response_when_deleting_others_question

What are the relevant pivotal tracker stories?

#160057897

[coveralls]

Pull Request Test Coverage Report for Build 86

• 15 of 15 (100.0%) changed or added relevant lines in 4 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 100.0%

---

Totals
Change from base Build 84:	0.0%
Covered Lines:	174
Relevant Lines:	174

---

💛 - Coveralls