On Wed, Aug 7, 2019 at 6:24 PM Malintha Amarasinghe <[email protected]> wrote:
> > > On Wed, Aug 7, 2019 at 3:39 PM Harsha Kumara <[email protected]> wrote: > >> >> >> On Wed, Aug 7, 2019 at 3:37 PM Malintha Amarasinghe <[email protected]> >> wrote: >> >>> >>> >>> On Wed, Aug 7, 2019 at 3:35 PM Harsha Kumara <[email protected]> wrote: >>> >>>> Let's say if someone wants to check existence of role foo in user store >>>> TEST. He will do a call /roke/TEST/foo which isn't valid request right? >>>> >>> @Harsha Kumara <[email protected]> we need to URL encode the role name. >>> The request will become /roles/TEST%2Ffoo >>> >> Yes that's true. Again some customers might have different letters in >> their role names. Might note be a good idea to include as a path parameter. >> > Even if we add as a query param, that will go as part of the URL which > might lead to similar issues? We may need to test this for query parameters > as well. > > I preferred the HEAD method due to the simpleness ( only need to respond > with 204 or 404 without any payload based on the availability of the role) > and RESTfulness (consider a role as a resource and do a fetch on it in the > usual way). HEAD is the usual way for checking the existence of a resource. > However, we do not have the need for implementing a GET here for now. > This is actually my worry is. I don't think we'll ever have to give a /roles/{role} in the publisher APIs. So having a HEAD without a GET feels strange to me. Maybe it's just me. Thanks, Bhathiya > > > >>> >>>> >>>> On Wed, Aug 7, 2019 at 3:33 PM Mushthaq Rumy <[email protected]> wrote: >>>> >>>>> Adding [Architecture] >>>>> >>>>> On Wed, Aug 7, 2019 at 3:30 PM Mushthaq Rumy <[email protected]> >>>>> wrote: >>>>> >>>>>> Since we will be UserStoreManager, this should cover the secondary >>>>>> user stores as well. >>>>>> >>>>>> Thanks & Regards, >>>>>> Mushthaq >>>>>> >>>>>> On Wed, Aug 7, 2019 at 3:28 PM Harsha Kumara <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> What happen if the role is from secondary user store? >>>>>>> >>>>>>> On Wed, Aug 7, 2019 at 3:24 PM Naduni Pamudika <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi All, >>>>>>>> >>>>>>>> We are planning to add a REST API endpoint to APIM 3.0 Publisher >>>>>>>> Rest APIs and the intention is to check the existence of a particular >>>>>>>> role >>>>>>>> name. This will be used in order to manage roles when enabling >>>>>>>> Publisher >>>>>>>> Access Control and Store Visibility and when adding Scopes. >>>>>>>> >>>>>>>> The swagger definition for the new endpoint would be as follows. >>>>>>>> >>>>>>>> ###################################################### >>>>>>>> # The Role Name Existence >>>>>>>> ###################################################### >>>>>>>> /roles/{roleName}: >>>>>>>> #----------------------------------------------------- >>>>>>>> # The role name existence check resource >>>>>>>> #----------------------------------------------------- >>>>>>>> head: >>>>>>>> security: >>>>>>>> - OAuth2Security: >>>>>>>> - apim:api_view >>>>>>>> summary: | >>>>>>>> Check given role name is already exist >>>>>>>> description: | >>>>>>>> Using this operation, you can check a given role name >>>>>>>> is already used. You need to provide the role name you want to check. >>>>>>>> parameters: >>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>> responses: >>>>>>>> 200: >>>>>>>> description: | >>>>>>>> OK. >>>>>>>> Requested role name is returned. >>>>>>>> 404: >>>>>>>> description: | >>>>>>>> Not Found. >>>>>>>> Requested role name does not exist. >>>>>>>> ###################################################### >>>>>>>> # Role Name >>>>>>>> roleName: >>>>>>>> name: roleName >>>>>>>> in: path >>>>>>>> description: | >>>>>>>> The role name >>>>>>>> required: true >>>>>>>> type: string >>>>>>>> >>>>>>>> >>>>>>>> It is a HEAD method (*/roles/{roleName}*) which will return a 200 >>>>>>>> status code if the given role name exists and a 404 status code if the >>>>>>>> give >>>>>>>> role name is not found. Sample requests and responses are given below. >>>>>>>> >>>>>>>> Request: >>>>>>>> HEAD https://localhost:9443/api/am/publisher/v1.0/roles/valid-role >>>>>>>> HTTP/1.1 >>>>>>>> Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>> >>>>>>>> Response: >>>>>>>> HTTP/1.1 200 OK >>>>>>>> Connection: keep-alive >>>>>>>> Content-Length: 0 >>>>>>>> >>>>>>>> >>>>>>>> Request: >>>>>>>> HEAD >>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/invalid-role >>>>>>>> HTTP/1.1 >>>>>>>> Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>> >>>>>>>> Response: >>>>>>>> HTTP/1.1 404 Not Found >>>>>>>> Connection: keep-alive >>>>>>>> Content-Length: 0 >>>>>>>> >>>>>>>> >>>>>>>> Are we good to have the endpoint definition as this? Appreciate >>>>>>>> your inputs to proceed further. >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Naduni >>>>>>>> >>>>>>>> -- >>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. >>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) [email protected] >>>>>>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> *Harsha Kumara* >>>>>>> >>>>>>> Technical Lead, WSO2 Inc. >>>>>>> Mobile: +94775505618 >>>>>>> Email: [email protected] >>>>>>> Blog: harshcreationz.blogspot.com >>>>>>> >>>>>>> GET INTEGRATION AGILE >>>>>>> Integration Agility for Digitally Driven Business >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Mushthaq Rumy >>>>>> *Senior Software Engineer* >>>>>> Mobile : +94 (0) 779 492140 >>>>>> Email : [email protected] >>>>>> WSO2, Inc.; http://wso2.com/ >>>>>> lean . enterprise . middleware. >>>>>> >>>>>> <http://wso2.com/signature> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Mushthaq Rumy >>>>> *Senior Software Engineer* >>>>> Mobile : +94 (0) 779 492140 >>>>> Email : [email protected] >>>>> WSO2, Inc.; http://wso2.com/ >>>>> lean . enterprise . middleware. >>>>> >>>>> <http://wso2.com/signature> >>>>> >>>> >>>> >>>> -- >>>> >>>> *Harsha Kumara* >>>> >>>> Technical Lead, WSO2 Inc. >>>> Mobile: +94775505618 >>>> Email: [email protected] >>>> Blog: harshcreationz.blogspot.com >>>> >>>> GET INTEGRATION AGILE >>>> Integration Agility for Digitally Driven Business >>>> >>> >>> >>> -- >>> Malintha Amarasinghe >>> *WSO2, Inc. - lean | enterprise | middleware* >>> http://wso2.com/ >>> >>> Mobile : +94 712383306 >>> >> >> >> -- >> >> *Harsha Kumara* >> >> Technical Lead, WSO2 Inc. >> Mobile: +94775505618 >> Email: [email protected] >> Blog: harshcreationz.blogspot.com >> >> GET INTEGRATION AGILE >> Integration Agility for Digitally Driven Business >> > > > -- > Malintha Amarasinghe > *WSO2, Inc. - lean | enterprise | middleware* > http://wso2.com/ > > Mobile : +94 712383306 > -- *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
