You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue: Currently, the roster app gives everyone the same permissions when viewing/editing teams. However, the goal is to differentiate between directors and board members, so they have different permissions.
Reproduction: Sign in with Username = "admin" and Password: "password," and you'll be able to view/edit any team. This should be only for board. However, if you're a director, and sign you sign in with another ID/password such as Username = "alex" and Password: "nguyen," you'll also be able to view/edit everything when you should only be able to edit your own team.
Solution: When navigating to the page with all the teams and such, we check the username against the database and see if they're a director or board member. If it's a director, we basically make the page not viewable for them. If it's a board member, then the app runs as normal.
Current issue: Permissions work but still trying to find a way to deny the right set of users.
The text was updated successfully, but these errors were encountered:
Issue: Currently, the roster app gives everyone the same permissions when viewing/editing teams. However, the goal is to differentiate between directors and board members, so they have different permissions.
Reproduction: Sign in with Username = "admin" and Password: "password," and you'll be able to view/edit any team. This should be only for board. However, if you're a director, and sign you sign in with another ID/password such as Username = "alex" and Password: "nguyen," you'll also be able to view/edit everything when you should only be able to edit your own team.
Solution: When navigating to the page with all the teams and such, we check the username against the database and see if they're a director or board member. If it's a director, we basically make the page not viewable for them. If it's a board member, then the app runs as normal.
Current issue: Permissions work but still trying to find a way to deny the right set of users.
The text was updated successfully, but these errors were encountered: