-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Endpoints for Apis collection #2545
Conversation
Add query parameters as limit, skip, lifecycle, q Update logic for "organization" query parameter Make CRUD methods with authentication
apis/server/api.js
Outdated
|
||
// Collection imports | ||
import Apis from '/apis/collection'; | ||
import Organizations from '/organizations/collection'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Request to order imports and a comment on the rest api path.
apis/server/api.js
Outdated
|
||
// Collection imports | ||
import Apis from '/apis/collection'; | ||
import Organizations from '/organizations/collection'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sort the imports. Organizations would go after ApiV1
core/server/api.js
Outdated
@@ -10,7 +10,7 @@ import { Meteor } from 'meteor/meteor'; | |||
import { Restivus } from 'meteor/nimble:restivus'; | |||
|
|||
const ApiV1 = new Restivus({ | |||
apiPath: 'api', | |||
apiPath: 'apinf-rest', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if this path should be a Branding configuration. This way we whitelabel also the rest-api.
@kyyberi will we need to have a configurable API path? GET /apinf-rest/v1/users/:id
for APInf installation, and GET /my-org-rest/v1/users/:id
for a my-org customer, for instance.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@marla-singer I talked to @kyyberi and I think it's fine, and this path can be hardcoded... Anyways, we can change later :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, just remove the 'apinf' part of the path.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if this path should be a Branding configuration.
Also, as a general guideline less is more. When possible, we should find simple, generic solutions, without adding more options to the user interface. This impacts both maintainability and usability.
Describe tags, parameters, securityDefinition, definitions for Apis collection endpoints swagger Set the related swagger meta-data for paths
a246214
to
96a928c
Compare
apis/server/api.js
Outdated
responses: { | ||
200: { | ||
description: 'List of APIs.', | ||
description: 'Returns list of APIs', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this say 'Returns list of public APIs'?
apis/server/api.js
Outdated
tags: [ | ||
ApiV1.swagger.tags.api, | ||
], | ||
description: 'Returns result is one or zero (no match found) APIs', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This description is confusing. The code comment is easier to understand. Could you explain a bit more here?
apis/server/api.js
Outdated
tags: [ | ||
ApiV1.swagger.tags.api, | ||
], | ||
description: 'Adds an API to catalog. On success methods return added object with details.', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider describing as:
Adds an API to catalog. On success, returns newly added API object.
apis/server/api.js
Outdated
], | ||
responses: { | ||
200: { | ||
description: 'API was successful added', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change to:
API successfully added
apis/server/api.js
Outdated
put: { | ||
authRequired: true, | ||
// manager role is required. If a user already has an API then the user has manager role | ||
roleRequired: ['manager', 'admin'], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the reason to include 'manager' role here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Look comment above
If a user already has an API then the user has manager role
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, but what do we achieve from using the manager
role here?
apis/server/api.js
Outdated
parameters: [ | ||
ApiV1.swagger.params.apiId, | ||
], | ||
responses: { | ||
200: { | ||
description: 'One API.', | ||
description: 'API was successful removed.', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Successful -> successfully
core/server/api.js
Outdated
@@ -10,7 +10,7 @@ import { Meteor } from 'meteor/meteor'; | |||
import { Restivus } from 'meteor/nimble:restivus'; | |||
|
|||
const ApiV1 = new Restivus({ | |||
apiPath: 'api', | |||
apiPath: 'apinf-rest', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, just remove the 'apinf' part of the path.
core/server/api.js
Outdated
}, | ||
params: { | ||
apiId: { | ||
name: 'id', | ||
in: 'path', | ||
description: 'Api ID', | ||
description: 'Pass ID of the API', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change to
ID of API
No verb ('pass') is necessary.
core/server/api.js
Outdated
optionalSearch: { | ||
name: 'q', | ||
in: 'query', | ||
description: 'Pass an optional search string for looking up inventory.', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change to:
optional search string for finding APIs.
core/server/api.js
Outdated
routeOptions: { | ||
authRequired: true, | ||
}, | ||
endpoints: { | ||
// GET /apinf-rest/v1/users/:id |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remember to update all of these comments if changing base path (removing apinf
from base path).
apis/server/api.js
Outdated
// Make sure API exists | ||
if (api) { | ||
// Make sure API exists & user can manage | ||
if (api && api.managerIds.indexOf(userId) > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we use the api.currentUserCanManage()
helper here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@brylie Not, we can not
Error: Meteor.userId can only be invoked in method calls. Use this.userId in publish functions.
at AccountsServer.userId (packages/accounts-base/accounts_server.js:82:13)
at Object.Meteor.userId (packages/accounts-base/accounts_common.js:252:19)
at Document.Apis.helpers.currentUserCanManage (apis/collection/helpers.js:33:27)
at Object.ApiV1.addCollection.endpoints.put.action (apis/server/api.js:193:24)
at Route.share.Route.Route._callEndpoint (packages/nimble_restivus/lib/route.coffee:149:25)
at packages/nimble_restivus/lib/route.coffee:59:33
at packages/simple_json-routes.js:98:9
apis/server/api.js
Outdated
], | ||
responses: { | ||
200: { | ||
description: 'Returns API entity', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we don't need to say 'entity' here.
}, | ||
security: [ | ||
{ | ||
userSecurityToken: [], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do these do?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do authorization. Read docs about creation Swagger specification
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, I thought they were related to Restivus. Also, it is helpful to provide links to related documentation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const api = Apis.findOne(apiId); | ||
|
||
// Make sure API exists & user can manage | ||
if (api && api.managerIds.indexOf(userId) > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above. Lets re-use the api.currentUserCanManage()
helper, since it does this same thing in a re-usable and self-describing manner.
Improve comments in Swagger file Add condition for permissions
5682951
to
3e0cf7c
Compare
@brylie Ready |
Closes #2441
Endpoints for Apis collection
Known issues
/login
and/logout
path