Add committee-level admin privileges (!173) · Merge requests · DSA San Francisco / membership_api

Drew requested to merge committee-admins into dev Dec 16, 2018

@DSASanFrancisco/portal-members

Add a verify_admin method to Authorization that throws an UnauthorizedException if the requester does not have sufficient access. Modify the requires_auth decorator so that if the inner method ever throws an UnauthorizedException, it will return an error response.

For the endpoints to create/update meetings, add/get/remove attendees, and and add/remove roles, disable the admin parameter on requires_auth so that the methods can define the committee on which admin access should be enforced. Add a new get_committee endpoint so we can show committee admins a list of their members.

Add committee-level admin privileges

Merge request reports