Add additional authorization to actions #11
Description
At the moment security is through obscurity with UUIDs. Most context methods include a user field which we currently are not using. This is to be used to check against the owner of the entity.
{{ message }}