Re: [Architecture] [APIM 3.0.0] Publisher REST APIs for mediation policies
For viewing, shall we use a single scope: apim:mediation_policy_view
But, it make sense to have the apim:api_view scope to view mediation
policies of an api IMO
If not, a user with apim:api_view scope can see the api but unable to see
the mediation policies due to missing apim:mediation_policy_view scope. Do
we need a separation here?
Also for the tag: shall we simplify as "Mediation Policies"
+1
Thanks & Regards,
Ishara Cooray
Associate Technical Lead
Mobile : +9477 262 9512
WSO2, Inc. | http://wso2.com/
Lean . Enterprise . Middleware
On Thu, Aug 15, 2019 at 2:32 PM Malintha Amarasinghe
wrote:
> Hi Ishara,
>
> +1 for the overall approach.
>
> For viewing, shall we use a single scope: apim:mediation_policy_view
>
> Also for the tag: shall we simplify as "Mediation Policies"
>
> Thanks!
>
>
> On Tue, Aug 13, 2019 at 1:18 PM Ishara Cooray wrote:
>
>> Hi,
>> I have started working on the $Subject and below is the rest api
>> definitions.
>>
>>
>>- To avoid string manipulations, Mediation policy post is done as a
>>file upload. Hence we can provide the sequence file(xml content) as an
>>input in the form of multipart/form-data
>>ex:
>>
>>curl -X POST
>> https://localhost:9443/api/am/publisher/v1.0/apis/2a3d5469-5394-4576-974a-5f8bf7e400bd/mediation-policies
>>-H "Authorization: Bearer 5cbc7d4f-d4f1-33c9-87e4-68a22ae7e602"
>>-F file=@sampleSeq2.xml
>>-H "Content-Type: multipart/form-data"
>>-F "type=in"
>>
>>- To retrieve a mediation sequence, a new REST api has been
>>introduced which will download sequence as a file. Where as in APIM 2.x
>>REST API it was returning as a string.
>>Please refer
>>/apis/{apiId}/mediation-policies/{mediationPolicyId}/content:
>>
>>
>> ##
>> # The "specific mediation policy" resource APIs
>> ##
>> '/apis/{apiId}/mediation-policies':
>>
>>
>> #-
>> # Retrieving the list of all API specific mediation sequences under a
>> given search condition
>>
>> #-
>> get:
>> security:
>> - OAuth2Security:
>> - apim:mediation_policy_view
>> x-examples:
>> $ref: docs/examples/apis/apis_id_mediationpolicies_get.yaml
>> summary: |
>> Get all mediation policies of an API
>> operationid: apisApiIdMediationPoliciesGet
>> description: |
>> This operation provides you a list of available mediation policies of
>> an API.
>> parameters:
>> - $ref: '#/parameters/apiId'
>> - $ref : '#/parameters/limit'
>> - $ref : '#/parameters/offset'
>> - name : query
>> in: query
>> description: "-Not supported yet-"
>> type: string
>> - $ref : "#/parameters/If-None-Match"
>> tags:
>> - Mediation Policies of an API
>> responses:
>> 200:
>> description: |
>> OK.
>> List of qualifying APIs is returned.
>> schema:
>> $ref: '#/definitions/MediationList'
>> headers:
>> Content-Type:
>> description: The content type of the body.
>> type: string
>> ETag:
>> description: |
>> Entity Tag of the response resource. Used by caches, or in
>> conditional requests (Will be supported in future).
>> type: string
>> 304:
>> description: |
>> Not Modified.
>> Empty body because the client has already the latest version of
>> the requested resource (Will be supported in future).
>> 406:
>> description: |
>> Not Acceptable.
>> The requested media type is not supported
>> schema:
>> $ref: '#/definitions/Error'
>>
>>
>> #
>> # Upload an API specific mediation policy
>>
>> #
>> post:
>> consumes:
>> - multipart/form-data
>> security:
>> - OAuth2Security:
>> - apim:mediation_policy_create
>> x-examples:
>> $ref: docs/examples/apis/apis_id_mediationpolicies_post.yaml
>> summary: Add an API specific mediation policy
>> operationid: apisApiIdMediationPoliciesPost
>> description: |
>> This operation can be used to add an API specifc mediation policy.
>> parameters:
>> - in: formData
>> name: file
>> description: Mediation Policy to upload
>> type: file
>> required: false
>> - in: formData
>> name: inlineContent
>> description: Inline content of the Mediation Policy
>> type: string
>> required: false
>> - in: formData
>> name: type
>> desc
Re: [Architecture] [APIM 3.0.0] Publisher REST APIs for mediation policies
Hi Ishara,
+1 for the overall approach.
For viewing, shall we use a single scope: apim:mediation_policy_view
Also for the tag: shall we simplify as "Mediation Policies"
Thanks!
On Tue, Aug 13, 2019 at 1:18 PM Ishara Cooray wrote:
> Hi,
> I have started working on the $Subject and below is the rest api
> definitions.
>
>
>- To avoid string manipulations, Mediation policy post is done as a
>file upload. Hence we can provide the sequence file(xml content) as an
>input in the form of multipart/form-data
>ex:
>
>curl -X POST
> https://localhost:9443/api/am/publisher/v1.0/apis/2a3d5469-5394-4576-974a-5f8bf7e400bd/mediation-policies
>-H "Authorization: Bearer 5cbc7d4f-d4f1-33c9-87e4-68a22ae7e602"
>-F file=@sampleSeq2.xml
>-H "Content-Type: multipart/form-data"
>-F "type=in"
>
>- To retrieve a mediation sequence, a new REST api has been introduced
>which will download sequence as a file. Where as in APIM 2.x REST API it
>was returning as a string.
>Please refer
>/apis/{apiId}/mediation-policies/{mediationPolicyId}/content:
>
>
> ##
> # The "specific mediation policy" resource APIs
> ##
> '/apis/{apiId}/mediation-policies':
>
>
> #-
> # Retrieving the list of all API specific mediation sequences under a given
> search condition
>
> #-
> get:
> security:
> - OAuth2Security:
> - apim:mediation_policy_view
> x-examples:
> $ref: docs/examples/apis/apis_id_mediationpolicies_get.yaml
> summary: |
> Get all mediation policies of an API
> operationid: apisApiIdMediationPoliciesGet
> description: |
> This operation provides you a list of available mediation policies of
> an API.
> parameters:
> - $ref: '#/parameters/apiId'
> - $ref : '#/parameters/limit'
> - $ref : '#/parameters/offset'
> - name : query
> in: query
> description: "-Not supported yet-"
> type: string
> - $ref : "#/parameters/If-None-Match"
> tags:
> - Mediation Policies of an API
> responses:
> 200:
> description: |
> OK.
> List of qualifying APIs is returned.
> schema:
> $ref: '#/definitions/MediationList'
> headers:
> Content-Type:
> description: The content type of the body.
> type: string
> ETag:
> description: |
> Entity Tag of the response resource. Used by caches, or in
> conditional requests (Will be supported in future).
> type: string
> 304:
> description: |
> Not Modified.
> Empty body because the client has already the latest version of the
> requested resource (Will be supported in future).
> 406:
> description: |
> Not Acceptable.
> The requested media type is not supported
> schema:
> $ref: '#/definitions/Error'
>
>
> #
> # Upload an API specific mediation policy
>
> #
> post:
> consumes:
> - multipart/form-data
> security:
> - OAuth2Security:
> - apim:mediation_policy_create
> x-examples:
> $ref: docs/examples/apis/apis_id_mediationpolicies_post.yaml
> summary: Add an API specific mediation policy
> operationid: apisApiIdMediationPoliciesPost
> description: |
> This operation can be used to add an API specifc mediation policy.
> parameters:
> - in: formData
> name: file
> description: Mediation Policy to upload
> type: file
> required: false
> - in: formData
> name: inlineContent
> description: Inline content of the Mediation Policy
> type: string
> required: false
> - in: formData
> name: type
> description: Type of the mediation sequence
> required: true
> type: string
> - $ref: '#/parameters/apiId'
> - $ref: '#/parameters/If-Match'
> tags:
> - Mediation Policies of an API
> responses:
> 201:
> description: |
> OK.
> mediation policy uploaded
> schema:
> $ref : '#/definitions/Mediation'
> headers:
> Location:
> description: |
> The URL of the uploaded mediation policy of the API.
> type: string
> Content-Type:
> description: |
> The content type of the body.
> type: string
> ETag:
> description: |
>
