The cqrs pattern takes care of those CUD permissions from a central place. You may not find them in the request controllers but functionality already exists.
*MUGABE MAGEZI ARTHUR* Software Developer and Process Management Consultant emails: *[email protected]* <[email protected]> *[email protected] <[email protected]>* Mob: +256704901261 facebook: Magezi Arthur Skype: marthur26 The Struggle the doesn't break you will make you, if you hold a little longer under that fire you will certainly come out as Gold On Thu, 22 Feb 2024 at 06:11, Uddyan Goyal <[email protected]> wrote: > Hello everyone, > > I was exploring the code base for a task and came across a potential bug. > When a user requests to get all the charges, we check whether the user has > Read permissions or not, but in case of creating, updating or deleting a > charge there are no such checks. Is this how it is meant to be or should > the checks be added for C, U, D operations also? > > PFA relevant screenshots. > > Thanks and regards, > Uddyan Goyal >
