Move basic permission checking out of each method
Closed this issue · 0 comments
UndefinedOffset commented
We should move the api's basic permission checking (permission check on CODE_BANK_ACCESS) outside of each method call and into CodeBank_ClientAPI around where it handles the request or into CodeBankAMFServer. Checks for admin permissions should remain where they however is there some other way we can also improve this? Maybe a per-class basis, if that is the case then we should move or adjust how user's change their passwords from the client.