API: test also for refusal conditions

The API must not allow people to update requests that they shouldn’t,
i.e. only requests that were created by the same public body, using
the API, can be added to using the API.

0 files changed, 0 insertions, 0 deletions