ubclaunchpad / starport Goto Github PK
View Code? Open in Web Editor NEWService to Support all Launch Pad tooling
License: MIT License
Service to Support all Launch Pad tooling
License: MIT License
new LambdaBuilder(router)
.use(new ScopeController(db))
.build();
A layer to authorize incoming API requests. The middleware should allow arguments to retrieve the scopes of access.
This will be used by all api endpoints and should be flexible enough to adapt to new changes.
Create a scope
table to store all available scopes. initial setup should be added as migration script
Current version of Scopes: Update as needed
Convention: [area]:[permission]:[domain]:[limits]
scope_id | Scope_name | Scope_description |
---|---|---|
profile:read:self |
can read their own profile. When/if user is blocked/restricted the access can be revoked. | |
profile:read:others |
can read other users' profiles. | |
profile:write:self |
can update current authenticated user or delete | |
profile:write:self:limited |
can update current authenticated user | |
profile:write:others |
can update any user and delete any user | |
profile:write:others:limited |
can update any user | |
admin:write |
can update any internal information | |
admin:read |
can update any internal information |
Note: admin:write is a special role we will use to authorize api calls that modify our system such as adding more roles, more scopes and etc. Later on we can assign domains to admins levels such as "members" or "posting"
Create a role_scope
table that has keys to a role's id (from role table) and scope's id (from scope table)
Middleware should allow to use cases:
pass user id and authorization and return all scopes of user
pass user id and authorization with a list of scopes to determine if user has those
For the Users API:
new LambdaBuilder(router)
.use(new ScopeController(db))
.build();
/specializations/
Related to #11
new LambdaBuilder(router)
.use(new ScopeController(db))
.build();
new LambdaBuilder(router)
.use(new Authorizer())
.build();
The users API already is capable of creating, deleting, updating, and getting a user. (Albeit not bug-free)
However, as an effort to make the hub a general offering for other teams apart from Launch Pad, they need to accommodate that. This is a research/POC concept that requires some knowledge of how APIs are/should be configured + able to conduct some research on what an organization wants in their member attributes.
ADMIN_READ: 'read:admin',
READ_ALL_PROFILE_DATA: 'read:profile:all',
READ_OWN_PROFILE: 'read:profile:personal',
READ_RESTRICTED_PROFILE_DATA: 'read:profile:restricted',
ADMIN_WRITE: 'write:admin',
WRITE_PROFILE: 'write:profile',
ADMIN_UPDATE: 'update:admin',
UPDATE_ALL_PROFILE: 'update:profile:all',
UPDATE_OWN_PROFILE: 'update:profile:personal',
ADMIN_DELETE: 'delete:admin',
DELETE_ALL_PROFILE: 'delete:profile:all',
DELETE_OWN_PROFILE: 'delete:profile:personal'
/roles/
Related to #11
/roles/id/scopes
POST to addTHe User's api is already a developed endpoint. with changes coming to the scope of the project in the coming week, we want to go over all anticipated cases we need and create an api contract that we can use for our development and teams that work in parallel to us.
THis is a foundational task and requires more than one person to work on it and at least one developer with api development experience
CRUD API features for users
new LambdaBuilder(router)
.use(new InputValidator())
.build();
Unit tests for users api
getUser
getUsers
Retrieve all info for all users from the database (array of JSON objects)
Make a Postman request for both and get the correct info
When a new migration script runs, if one of the queries is flawed previous queries are not rolled back.
CRUD API features for Postings
/standings/
Related to #11
new LambdaBuilder(router)
.use(new PaginationHelper({ limit: DEFAULT_LIMIT, offset: DEFAULT_OFFSET}))
.build();
CRUD API features for Projects
The USER API's GET endpoints retrieve everything for a user. We do want to have those information but we should split certain information to speed up fetch times.
currently GET USER
will have the following example response:
{
"id": 1111,
"username": "jake",
"email": "[email protected]",
"firstName": "jake",
"prefName": "jaketheman",
"lastName": "jakeson",
"resumeLink": "jake.com",
"createdAt": "2023-06-20T07:27:19.000Z",
"updatedAt": "2023-06-21T06:14:46.000Z",
"memberSince": null,
"faculty": {
"id": 3,
"name": "Education"
},
"standing": {
"id": 4,
"name": "Fourth Year and up"
},
"specialization": {
"id": 3,
"name": "American Studies"
},
"roles": [
{
"id": 1,
"name": "Explorer"
}
]
}
Augment the GET users/{id}
to accept query parameters to select only relevant information:
{
"id": 1111,
"username": "jake",
"email": "[email protected]",
"prefName": "jaketheman",
"memberSince": null
}
users/{id}
: to accept query string parameters to determine what to fetch.
meta
: information related to account:{
"id": 1111,
"username": "jake",
"email": "[email protected]",
"firstName": "jake",
"prefName": "jaketheman",
"lastName": "jakeson",
"resumeLink": "jake.com",
"createdAt": "2023-06-20T07:27:19.000Z",
"updatedAt": "2023-06-21T06:14:46.000Z",
"memberSince": null
}
users/{id}/roles
GET to fetch user roles/faculties/
Related to #11
Object key should accept either area or doc and both.
Extra layer for github id is needed before the object key.
This task is based around research of potential users' needs. As an example LP needs basic information from its new members, resumes, etc; this might vary between different teams/clubs. For this task you should brainstorm on your own, from your own experience, inspo, asking around, etc to see what other scenarios would require different type of information and how we can offer that.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.