Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modify the backend API to reject requests for published posts from Contributors #353

Open
sidemt opened this issue Nov 22, 2023 · 3 comments
Open

Modify the backend API to reject requests for published posts from Contributors #353

sidemt opened this issue Nov 22, 2023 · 3 comments

Comments

@sidemt
Copy link
Member

sidemt commented Nov 22, 2023

As discussed in the comments on #337
@ojeytonwilliams
Copy link
Contributor

Just one quick note about implementation: I think it makes the most sense to reject bad requests, rather than modify the response.

i.e. if a request comes in from a contributor asking for published posts, we should reject it, rather than sending them drafts.

@sidemt sidemt changed the title Modify the backend API to do not return published posts to Contributors Modify the backend API to reject requests for published posts from Contributors Nov 22, 2023
@sidemt
Copy link
Member Author

sidemt commented Nov 22, 2023

I was initially thinking to filter the response, but we can go the way to reject bad requests. Thank you for the suggestion!

@ojeytonwilliams
Copy link
Contributor

To expand on it slightly: the rationale is just that it's easier to reason about if the api's response is predictable. It either does what you ask because you've made an allowed request or it rejects your request because you haven't.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ojeytonwilliams @sidemt