createWidgetaction. We check to make sure the payload contains a user object and if it does, we make sure to include the user in the generated event.
WidgetCreatedevent, we store the
userIdso we can refer back to it later.
updateWidgetaction is called, we check to make sure that the caller's id matches the
userIdwe stored earlier (or if caller is an admin) and if not, we throw an