DiSARM api V2
Pull request Compare This branch is 1 commit ahead of disarm-dev:master.
Latest commit 6709c2f Aug 27, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
.nyc_output V7 Migration with untested configs Mar 14, 2018
docs Copy of API repo Jan 31, 2018
log ignore Jun 29, 2018
src Allow user to read current on irs_monitor Aug 3, 2018
test Formating Jul 6, 2018
.gitignore Merge branch 'develop' Jul 4, 2018
API.md Examples of the path with config_id Apr 24, 2018
Dockerfile docker Aug 27, 2018
LICENSE Update LICENSE Aug 6, 2018
README.md Copy of API repo Jan 31, 2018
foci-api.md Endpoints refatoring Feb 19, 2018
package-lock.json 7.0.3 Jul 4, 2018
package.json Avoiding race conditions Jul 6, 2018
plans-api.md Tests May 1, 2018
records-api.md API documentation for date filtered records Mar 27, 2018
test.csv Passing tests Jul 3, 2018
users.csv Seems to be working Jun 26, 2018



coverage report


Please create a new issue if you encounter any bugs.


This is the server for DiSARM. Users will require access to a configured and deployed client application.

Required software

  1. Download and install nodejs (https://nodejs.org/en/download/)
  2. Download and install mongodb (https://docs.mongodb.com/manual/installation/)
  3. Start mongodb server process
  4. Clone this repository (git clone https://gitlab.com/disarm/douma.api douma-api)

Required domain

The client application is served over HTTPS, so any requests made (e.g. to this API) must also be served from a domain using HTTPS. For core instance servers, DiSARM can make a proxy server available.

The domain name needs to be provided to the client application.

It's possible to automatically configure it via a URL parameter, something like https://zwe-mats.api.disarm.io#api_url=https://zwe.api.disarm.io. This assumes the API server is available through https://zwe.api.disarm.io


  1. Go to douma-api directory and install node packages:
npm install
  1. Set SECRET environment variable to any string. It will be used for user API keys generation.

  2. Set MONGODB_URI environment variable to URI of your mongodb installation. For local installation that could be:

  1. Set SHEETS_URL environment variable to URI of your users CSV file if you store it remotely. Alternatively use SHEETS_PATH environment variable to point to CSV file in your local filesystem.

Starting the server

  1. Start the server:
npm run start

Managing users

You will need to create users.csv file with all your users. Make sure to set either SHEETS_URL or SHEETS_PATH environment variable.

Updating the server after editing users

Make a call to the /v4/refresh_users route. You should get a success message back.

Required columns and types

The following are required:

  • _id {String} can be anything (e.g. same as username), but must be unique
  • name {String} - used for display
  • password {String} - no minimum requirements
  • username {String} - should be unique, can be the same as _id
  • read - {String} - comma-separated list of applets the user has read permissions for (see below for list)
  • write {String} - comma-separated list of applets the user has write permissions for (see below for list)
  • instance_slug - {String} - provided by maintainers of DOUMA app

List of applets

  • irs_monitor (dashboard)
  • irs_plan (planning tool)
  • irs_tasker (tasking and team assignment)
  • irs_record_point (data collection)
  • debug (debugging features)

Database admin and backups

Please ensure sound practices are in place for backing up data.


Need the same configuration as for production (see above).

Install rerun Gem, using gem install rerun, or pick another way to reload server.

Public paths

Need to

  1. Include in openPaths array
  2. Ensure the path is referenced in an addPermissions call, with a wildcard permission: e.g. addPermission('get', v(''), ['*'])