TODO: some more inconsistencies.
This commit is contained in:
parent
0621d21ce0
commit
f9ad5e1d93
6
TODO.md
6
TODO.md
@ -12,6 +12,12 @@ In the same time, some exceptions (such as **AdminAuthenticationException**) are
|
||||
Currently, some operations are restricted to an admin, defined explicitely by the user *admin* boolean.
|
||||
These operations could be delegated to simple users with some specific fine-grained authorizations.
|
||||
|
||||
Requests work mostly on current user, but some take a *UserID* to identify another user.
|
||||
Requests should either always work on current user (which implies to create new requests working on another user) or always take an optional *UserID* parameter.
|
||||
|
||||
Some requests require to be authenticated without either accessing confidential data or modifying any entry in the database.
|
||||
**Check for inconsistencies**.
|
||||
|
||||
### Structures, not classes
|
||||
|
||||
Maybe in some cases, it could be great to use structures instead of classes.
|
||||
|
Loading…
Reference in New Issue
Block a user