aglinxinyuan commented on code in PR #4138:
URL: https://github.com/apache/texera/pull/4138#discussion_r2650035127
##########
amber/src/main/scala/org/apache/texera/web/resource/dashboard/user/workflow/WorkflowResource.scala:
##########
@@ -712,18 +712,31 @@ class WorkflowResource extends LazyLogging {
}
@GET
- @Path("/owner_user")
- def getOwnerUser(@QueryParam("wid") wid: Integer): User = {
+ @Path("/owner_info")
+ @Produces(Array(MediaType.APPLICATION_JSON))
+ def getOwnerInfo(
+ @QueryParam("wid") wid: Integer,
+ @QueryParam("fields") fields: java.util.List[String] // e.g.
&fields=name&fields=...
Review Comment:
Please avoid over-engineering unplanned features in a single PR. We do not
plan to allow this endpoint to return different fields based on user selection.
Introducing a dynamic endpoint increases complexity and the risk of injection
attacks. Each endpoint should have a single, well-defined responsibility.
For example, this endpoint should always return the username. If we also
need the email, we can either introduce a separate endpoint for email or update
this endpoint to always return both username and email. We should not use
options or flags to control endpoint behavior unless there is a strong reason.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
