Hi Sam, This overall looks good to me. Added few inline comments.
On Sun, Dec 17, 2017 at 6:26 AM, Sam Sivayogam <[email protected]> wrote: > Hi All, > > As discussed in mail thread[1] we had a requirement to add an API which > allows to change the owner of a created application. During the initial > discussions we decided to add this api to the existing admin REST APIs. > After going through the APIs I thought to add below 2 resources. > > > 1. The following GET resource will list all the apis created by the given > user. This will be same as the store application listing API but lists > application for the given username rather than listing the applications > created user associated with the provided access token. > > This will return the > GET /applications > > Parameters > query username > As a usual practice it is better not to mandate username as it is a query parameter. One option is, if it is not provided, we get the user from the access token. Even if it is sligtly bad that it make not sometimes make sense to get store applications of an admin user, I think it is better than fully mandating the query param and giving an error if user does not provide it. > > > Sample Response : > { > "count": 2, > "next": "", > "previous": "", > "list": [ > { > "applicationId": "b16ce8d0-5e0b-4259-96e2-68151cc92489", > "name": "AppX", > "subscriber": "admin", > "throttlingTier": "Unlimited", > "description": "", > "status": "APPROVED", > "groupId": "" > }, > { > "applicationId": "aac0df98-8e26-4dda-b0ba-d794c98249c2", > "name": "AppY", > "subscriber": "admin", > "throttlingTier": "Unlimited", > "description": null, > "status": "APPROVED", > "groupId": "" > } > ] > } > > > 2. Following POST Resource is similar to the one we have for lifecycle > change. This will change the owner of the given application > In 3.0.0, we have slighly change the format of similar queries. For ex: '/applications/{applicationId}/map-keys': instead of using '/applications/map-keys?applicationId=<id>': Since this is a new API in admin, I think first approach is better as that is the approach we will be following most of the time for 3.0.0 and there will be less amount of API changes for a user migrating from 2.x to 3.0.0 On Sun, Dec 17, 2017 at 1:12 PM, Godwin Shrimal <[email protected]> wrote: > Hi Sam, > > Who can change the owner of the application? > *@Godwin*, I think we will be defining a new scope for the API which can only be retrieved from an admin user. *@Sam* will we do that? > > Thanks > Godwin > Thanks! Malintha POST /applications/change-owner > > Parameters > query application UUID > query newOwner > > Sample Response : > > { > "applicationId": "6edcac5e-4df3-42fe-8a21-07c114085bcb", > "name": "AppY", > "subscriber": "newOwner", > "throttlingTier": "Unlimited", > "callbackUrl": null, > "description": "", > "status": "APPROVED", > "groupId": "" > } > > Please let me know your thoughts on this. > > [1] Application Sharing support for Multiple Groups > > Thanks, > Sam > > > -- > *Sam Sivayogam* > > Senior Software Engineer > Mobile : +94 772 906 439 > Office : +94 112 145 345 > *WSO2, Inc. :** wso2.com <http://wso2.com/>* > lean.enterprise.middleware. > -- Malintha Amarasinghe *WSO2, Inc. - lean | enterprise | middleware* http://wso2.com/ Mobile : +94 712383306 <+94%2071%20238%203306>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
