You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
User APIs have very limited validations in place, primarily targeted to the surface area of SlashGo extension. However, we need to add more validations around these APIs to handle invalid API payloads. Some examples include:
Required fields to be provided when creating a new user
Edit API should not allow user to edit non-admin user from editing any user other than themselves
Admin should be able to edit any non-admin user in their own org.
Edit API should not allow setting of any required field to null
Some of these are identified by TODO in the controller. Ideally, would be nice if this could be done alongside #2 to ensure we write tests for the new validations as well.
The text was updated successfully, but these errors were encountered:
User APIs have very limited validations in place, primarily targeted to the surface area of SlashGo extension. However, we need to add more validations around these APIs to handle invalid API payloads. Some examples include:
Some of these are identified by TODO in the controller. Ideally, would be nice if this could be done alongside #2 to ensure we write tests for the new validations as well.
The text was updated successfully, but these errors were encountered: