TODO.md: document some inconsistencies to fix.

This commit is contained in:
Philippe Pittoli 2023-06-11 21:27:18 +02:00
parent cf97fab773
commit 52ee731921

View File

@ -8,6 +8,10 @@ A combinaison of both is fine as long as the logic is comprehensively documented
A simple error message is given instead of specific messages for each recurring error.
In the same time, some exceptions (such as **AdminAuthenticationException**) are used a few times for the same kind of errors.
**Authorization rules** should be clear and documented.
Currently, some operations are restricted to an admin, defined explicitely by the user *admin* boolean.
These operations could be delegated to simple users with some specific fine-grained authorizations.
### Structures, not classes
Maybe in some cases, it could be great to use structures instead of classes.