You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It seems currently there is no authorization and I can't figure out how to add authorization cleanly to the SlackRubyBotServer::Api:Endpoints::TeamsEndpoint. So any user, even if I add authentication, can see all the registered teams and post to any of them i.e. update any of them. Is there any recommendation in the community about the best way to do this? Normally I'd add authorization using something like Pundit to replace a call like this: teams = Team.all
but the only way I can figure out to do that is to replace that endpoint entirely with my own which I would rather not do.
Thanks!
The text was updated successfully, but these errors were encountered:
It seems currently there is no authorization and I can't figure out how to add authorization cleanly to the SlackRubyBotServer::Api:Endpoints::TeamsEndpoint. So any user, even if I add authentication, can see all the registered teams and post to any of them i.e. update any of them. Is there any recommendation in the community about the best way to do this? Normally I'd add authorization using something like Pundit to replace a call like this:
teams = Team.all
but the only way I can figure out to do that is to replace that endpoint entirely with my own which I would rather not do.
Thanks!
The text was updated successfully, but these errors were encountered: