New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Roadmap for REST-API features #1037

Open
mayjs opened this Issue May 11, 2017 · 20 comments

Comments

@mayjs
Copy link
Contributor

mayjs commented May 11, 2017

@huneau Do you have a roadmap/list of features you plan to add to the REST-API?
I would really like to use this API for multiple projects, but it is still missing some important features to accomplish my goals in these projects.
To be able to start working on them, I would like to help to implement missing endpoints, which is why I was looking for a roadmap.

@huneau

This comment has been minimized.

Copy link
Contributor

huneau commented May 11, 2017

@mayjs I work for an employer, I have no roadmap no lists of features.
I will maintain bugfix my own code but I don't spend the time to add a feature which is not decided by my product owner.

Up to you to contribute :)

@mayjs

This comment has been minimized.

Copy link
Contributor Author

mayjs commented May 13, 2017

Okay, I will start to add to the API once I have the time to do it. Here is a list of endpoints and features I'm planning to add to the existing API:

  • The current authorization is fine to protect a wekan instance, but to restrictive for my uses. Every user should be allowed to use the API, but an authorization system must be used to restrict the access to certain objects.
  • Add GET /api/user/boards, this endpoint should return all boards the user is part of. (Instead of /api/user/boards we could also extend the functionality of GET /api/boards)
  • Change GET /api/boards/:id to be usable by users who are able to access it
  • Change GET /api/boards/:boardId/lists to be usable by anyone who has access to the board
  • Change GET /api/boards/:boardId/lists/:listId/cards to be usable by users who can access the board
  • PUT /api/boards/:boardId/lists/:listId/cards/:cardId to update existing cards
  • We could create an endpoint to return cards using a filter. (E.g. get all cards that are in the leftmost list or have a certain tag etc.) This feature could allow a client to get all cards to be done by the logged in user without requesting all cards on all boards first. This would require some specification before implementation, to see how the query format should look etc.
  • Maybe create special admin endpoints, e.g. to get every board. Some of these endpoints already exist, like POST /api/users.
  • Maybe change POST /api/boards and DELETE /api/boards/:id
  • Managing labels
  • Assigning labels to cards (by extending POST /api/boards/:boardId/lists/:listId/cards)
  • Change the remaining admin-only endpoints
  • Better error output. Currently HTML gets returned if some parameter was wrong

NOTICE: The checkmarks in this list checkmarks do not necessarily indicate that the feature was already merged into this repository. The features are developed in my fork and will be merged in bigger sets.

If anyone would like to discuss these features or add new ideas to this list, feel free to comment.

@dyindude

This comment has been minimized.

Copy link

dyindude commented May 16, 2017

It would be useful to also be able to manage labels for a board via the API, as well as assigning said labels to cards (either on creation or updating existing cards).

@mayjs

This comment has been minimized.

Copy link
Contributor Author

mayjs commented May 16, 2017

I added label management to the todo list. The assignment to existing cards can be handled in the card updating endpoint.

@huneau

This comment has been minimized.

Copy link
Contributor

huneau commented May 18, 2017

POST /api/boards/:boardId/lists/:listId/cards could be extended to be able to update existing cards by giving an ID in the posted object. (Or to stay restful, add POST /api/boards/:boardId/lists/:listId/cards/:cardId)

Update = PUT

POST /api/user/cards could be used to return cards using a filter. (E.g. get all cards that are in the leftmost list or have a certain tag etc.) This feature could allow a client to get all cards to be done by the logged in user without requesting all cards on all boards first.

this is GET with parameter /api/users/cards?name=awesomecard

Maybe create special admin endpoints, e.g. to get every board. Some of these endpoints already exist, like POST /api/users

Actually, I have hard coded the filter to get board, just remove my hard coded filter and use parameter filter.

And keep in mind best pratice:
https://blog.mwaysolutions.com/2014/06/05/10-best-practices-for-better-restful-api/

@mayjs

This comment has been minimized.

Copy link
Contributor Author

mayjs commented May 18, 2017

I changed the Update endpoint to PUT.
For the filtering endpoint I was actually planning on some type of JSON query format, which is why I chose POST for it. I also was thinking about more than just simply searching for a name, which is why I did not want to use GET-parameters. But I get your point, we should use a GET-request because this endpoint does not add data to the database. On the other hand I am also not fond of passing JSON via GET.

I will change the text of the filtering feature to a more general description of the feature, I think a specification of what exactly should be possible with this feature is needed before deciding how to implement it.

xet7 added a commit that referenced this issue Jun 29, 2017

Merge branch 'zarnifoulette-devel' into devel
REST API: Add PUT method to update a card.
Thanks to zarnifoulette ! Related to #1037

xet7 added a commit that referenced this issue Jun 29, 2017

Merge branch 'zarnifoulette-devel' into devel
Fix: REST API: Add PUT method to update a card.
Thanks to zarnifoulette ! Related to #1037
@mass3y

This comment has been minimized.

Copy link

mass3y commented Jul 6, 2017

How is auth working now? Can't get anything but "Unauthorized" response. Tried basic auth, URL args, Cookies.....nothing appears to work. I am running a local instance, zero changes to Wekan config.

wekan_1    |   Error: Unauthorized [Unauthorized]
wekan_1    |     at Object.Authentication.checkUserId (server/authentication.js:6:21)
wekan_1    |     at models/users.js:541:20
wekan_1    |     at packages/simple_json-routes.js:98:9

API looks great, docs http://fusion.github.io/wekanapi/ are sufficient but need to get past this auth problem.
Thanks!

@mayjs

This comment has been minimized.

Copy link
Contributor Author

mayjs commented Jul 7, 2017

@mass3y first of all, the page you linked is of a different project which has readonly access. The integrated Wekan API does currently not have documentation like that.
For authentication and authorization, please see #1033. That PR contains a description on how to get tokens to use the API.

@PaulJe

This comment has been minimized.

Copy link

PaulJe commented Jul 8, 2017

Thanks for providing the wekan internal API! Great work!!!

A few hints for the others...
I had issues during authentication (does not accept e-mail address passing as username) during login.
(Instead of "username" we can use "email" also for /api/login)

Just in case someone else needs it ...
GET /api/boards -> returns public boards only
GET /api/users/:userid/boards -> returns private boards of a specific user
GET /api/boards/:boardid/lists -> returns the lists from a specific public or private board.

However, it seems "/api/users/:userid/boards" is currently not fully implemented...
In my case... I can pass any string as userid and it returns all my private boards ?!

@mayjs

This comment has been minimized.

Copy link
Contributor Author

mayjs commented Jul 8, 2017

Thanks for the information about the bug in GET /api/users/:userid/boards. It is an error in the current implementation, where the wrong parameter is used for getting the boards. Issue #1118 will be used for tracking this issue.
The authentication part we currently use was implemented by @huneau, as far as I know he intended login only via username and not with email address.

@xet7

This comment has been minimized.

Copy link
Member

xet7 commented Aug 25, 2017

Moved to here from #1183

From @Krantz-Man

REST-API: Add card to list using POST request

I noticed that there is an endpoint for what looks to be adding a new card (/api/users/:userid/boards/:boardid/lists/:listid/cards), but I could not find anything for what was required to be sent in the request body. Every time I send the post request, I just get back Internal Server Error.

@mayjs @huneau

Can you duplicate this, is there a bug ? Or is something missing from API ?

@mayjs

This comment has been minimized.

Copy link
Contributor Author

mayjs commented Aug 25, 2017

I cannot test this right now, but in theory the endpoint should work. @Krantz-Man you have to be authenticated with an admin account. This is the structure to be used for the post data:

{
  title: "your card title",
  description: "your description",
  authorId: "userid of the author"
}

If one of these parameters is missing, an internal server error will occur.
I will soon have time to modify data modifying endpoints like this one to be usable by non-admin users.

@xet7 xet7 referenced this issue Aug 25, 2017

Closed

Wekan Admin access #14

@xet7

This comment has been minimized.

Copy link
Member

xet7 commented Sep 14, 2017

Example:

curl http://localhost:3000/users/login -d "username=myloginname&password=mypassword"
@MaZderMind

This comment has been minimized.

Copy link

MaZderMind commented May 13, 2018

Another missing bit: POST /api/boards always creates a public board and there's not way to make it private via the api.
It's not possible to invite people to Boards.

@TNick

This comment has been minimized.

Copy link
Contributor

TNick commented Jun 28, 2018

I will be using this and there might be some pull requests.
Please aggregate the wish list for APIs. What's missing right now, what is badly needed?

I will probably start with a test suite.

@Worren

This comment has been minimized.

Copy link

Worren commented Jul 13, 2018

Unfortunately I am not able to add a new card by using the API.
I get the authorization, i can get the boardlist via GET /api/boards/:ID/lists, but whenever i try to add a new card, an internal server error returns. The user does have admin rights. Is there something missing in my call?
curl -H "Authorization: Bearer TOKEN" -H "Content-type:application/json" -X POST http://localhost:8066/api/boards/ID/lists/ID/cards -d '{ "title": "Card title text", "description": "Card description text", "authorId": "ID" }'

Is the problem the missing swimlane id? How do I get a list of the swimlane ids?

xet7 added a commit that referenced this issue Sep 6, 2018

- REST API: Create board options to be modifiable, like
  permissions, public/private board - now private by default,
  and board background color.
  Docs at https://github.com/wekan/wekan/wiki/REST-API-Boards

Thanks to xet7 !

Related #1037

xet7 added a commit that referenced this issue Sep 6, 2018

- REST API: [Create board options to be modifiable](9cea76e),
  like permissions, public/private board - now private by default,
  and board background color.
  Docs at https://github.com/wekan/wekan/wiki/REST-API-Boards

Thanks to xet7 !

Related #1037
@akuckartz

This comment has been minimized.

Copy link

akuckartz commented Nov 7, 2018

I would like to see support for JSON-LD. Should I create a separate issue?

@xet7

This comment has been minimized.

Copy link
Member

xet7 commented Nov 8, 2018

@akuckartz

You can keep it here. What is JSON-LD ?

@arradoq

This comment has been minimized.

Copy link

arradoq commented Dec 14, 2018

Unfortunately I am not able to add a new card by using the API.
I get the authorization, i can get the boardlist via GET /api/boards/:ID/lists, but whenever i try to add a new card, an internal server error returns. The user does have admin rights. Is there something missing in my call?
curl -H "Authorization: Bearer TOKEN" -H "Content-type:application/json" -X POST http://localhost:8066/api/boards/ID/lists/ID/cards -d '{ "title": "Card title text", "description": "Card description text", "authorId": "ID" }'

Is the problem the missing swimlane id? How do I get a list of the swimlane ids?

I get the same problem, on mine, there are no notification on what i did wrong, I am using windows installation and curl-ing by using git bash. Anyone using windows and get the same problem?

@akuckartz

This comment has been minimized.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment