Hello everybody, I could need a bit of help with a more architectural question. I'm using Cornice <https://github.com/Cornices/cornice> to build a REST server on top of Pyramid/SQLAlchemy. Now I've got two main "domains" in my endpoints, which are accessed by the two different user roles in the system:
- Normal users have endpoints like /api/user/profile, etc - Administrator users have endpoints like /api/admin/user/profile, etc. Obviously, each "domain" has its own set of endpoints; however, sometimes the endpoints overlap. For example, assume the two endpoints above. A normal user may POST her name to /api/user/profile to change the name in her own profile. An administrator, in contrast, has to specify both the user *and* the name of the user in their POST request to change the name for a given user. This is essentially duplicated functionality, where the only difference is the context. How would I best go about implementing such a scenario without duplicating code for the two requests? It would make sense to "forward" the normal user request to the view handler of the admin, unless this elevation of rights would be frowned upon. Alternatively, one could "forward" the admin request to the view function of the normal user. Either way, the context data would have to be adjusted but that is a small effort compared to the duplicated code. Or should I uses common helper functions, which would still mean to duplicate code that validates incoming request data? So what is the recommended way of going about such scenarios? Thanks! Jens -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To post to this group, send email to pylons-discuss@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/fec47c51-6f57-4608-8ec6-239eccfaedd1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.