On all non-auth operations: Ensure all requests to resources which *do not* belong to the authorised user: - [ ] Return a HTTP 404 error - [ ] Do not return any content See auth-related `API_OPERATION REST API` tests in `spec/api/40-api-operation-spec.js` for test cases for desired functionality.
On all non-auth operations:
Ensure all requests to resources which do not belong to the authorised user:
See auth-related
API_OPERATION REST APItests inspec/api/40-api-operation-spec.jsfor test cases for desired functionality.