Implement "hidden" collection filtering for access control

For endpoints:

- GET /collections
- GET /collections/{collectionId}
- GET /collections/{collectionId}/items

Add a "hidden" query parameter `_ids` that is a csv of collection IDs. This should filter the collections returned from the endpoint. The parameter should not be included in pagination parameters. The intention of this parameter is to allow an auth proxy (e.g., only implemented using the pre-hook lambda) to add an extra hidden parameter that restricts a user's visible collections.

## GET /collections

Should return the same collection object, just with only the allowed collections included.

## GET /collections/{collectionId}

Should return a 404 if the requested {collectionId} is not in the list

## GET /collections/{collectionId}/items

Should return a 404 if the requested {collectionId} is not in the list



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Implement "hidden" collection filtering for access control #862

GET /collections

GET /collections/{collectionId}

GET /collections/{collectionId}/items

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Implement "hidden" collection filtering for access control #862

Description

GET /collections

GET /collections/{collectionId}

GET /collections/{collectionId}/items

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions