fix(data-ingestion): Update default public API role settings in bootstrap script #336
Description
- The function createPublicApiPermissions runs in bootstrap currently.
- This function resets the public API role to have CRUD permissions every time the dev server restarts.
- When this happens and @ll-zerr tests data ingestion scripts without an API key, Strapi accepts the request.
- We need to ensure our scripts handle responses properly, so this function requires us to reset the public API role permissions manually before each run/session.
Considerations
- @ll-zerr and I are not aware of the context around this function - it could be for dev convenience, unit testing, or API testing.
- If it is for unit testing, it could be set to run in test mode with an environment flag (NODE_ENV or a custom parameter) or passing a flag to the command line within package.json.
- We may want to create a test or admin user in the bootstrap script with full CRUD permissions.
P.S. thank you @jtfairbank for guidance here.
- Determine how the Public API role is used by devs for unit testing and API testing.
- Update bootstrap script and createPublicApiPermissions function to limit its scope.