Move authorization to auth service
Add a filter that splits a request handling room updates to also be send to the auth service. The auth service can then keep track of all room access rights without the need to sync.
Relevant requests that manipulate room access
- POST /room
- DELETE /room/{roomId}
- PUT /room/{roomId}/moderator/{userId} (Current room owner only)
- DELETE /room/{roomId}/moderator/{userId} (Current room owner only)
- POST /room/{roomId}/transfer?newOwnerId={userId} (Admin only)
- POST /room/{roomId}/transfer?newOwnerToken={newOwnerToken} (Current room owner only)
Edited by Tom Käsler