Check for logged in user on editTrack, deleteTrack and createTrack methods

Description

Currently in the API, for the track-related methods, we check to see if a user can edit the related event, but we don't check first of all if they are logged in.

This isn't a problem from a security point of view, however it does mean we have to perform some additional DB reads to fetch the event etc, whereas we could quit immediately for anyone who isn't logged in - this is what happens for other methods, such as deleteTalk etc,

Activity

Show:

Liam October 1, 2016 at 8:23 AM

Claimed on GitHub - Michele Orselli

Resize issue view side panel

Fixed

Details
Assignee
Unassigned
Reporter
Liam
Labels
Components
Priority
Minor

Created September 11, 2016 at 9:13 PM

Updated October 8, 2016 at 5:33 PM

Resolved October 8, 2016 at 5:33 PM

Check for logged in user on editTrack, deleteTrack and createTrack methods

Description

Activity

Liam October 1, 2016 at 8:23 AM

DetailsAssigneeUnassignedUnassignedReporterLiamLiamLabelshackathonComponentsPriorityMinor

Details

Assignee

Reporter

Labels

Components

Priority

Details
Assignee
Unassigned
Reporter
Liam
Labels
Components
Priority
Minor