Skip to content

Check Admin Level Privileges #1010

Description

@danielfang97

Non-admin users will have access to pages such as Theme and Registries because we have to expose these 2 for the system to run.

However, we should remove the update button on the frontend and make these pages not editable. the endpoints such as /updateTheme or /saveRegistry should check for admin level privileges.

For all other admin pages, they should not be able to access those other pages.

Test this with a created user without admin privileges as well as what happens to these pages when you're not logged in, especially theme and registries pages.

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions