Description
As a user, I want to delete an event, but only if I am the creator, so that unauthorized users cannot delete events they do not own.
Story Points: 5
Priority: high
Risk: med
Child Tasks:
Acceptance Criteria:
- Only the event creator can see the delete button.
- Attempting to delete an event as a non-creator returns an authorization error.
- A confirmation prompt appears before event deletion.
- The event is removed from the system upon successful deletion.
- Users receive success/failure feedback after deletion.
Task Breakdown:
- Modify API endpoint to validate the event creator.
- Restrict delete button visibility on the frontend based on user ID.
- Implement confirmation prompt on delete action.
- Handle API response and show appropriate messages.
Implementation Breakdown:
Blackbox Testing:
Regression Testing:
Demo Steps:
- Login as an event creator.
- Navigate to the event page.
- Verify the delete button is visible.
- Click the delete button and confirm deletion.
- Ensure the event is removed and success feedback is displayed.
- Login as a different user and confirm the delete button is not visible.
- Attempt API request as a non-creator and verify authorization error.
Description
As a user, I want to delete an event, but only if I am the creator, so that unauthorized users cannot delete events they do not own.
Story Points: 5
Priority: high
Risk: med
Child Tasks:
Acceptance Criteria:
Task Breakdown:
Implementation Breakdown:
Blackbox Testing:
Regression Testing:
Demo Steps: