Public API: Namespace private and public APIs (#1148)

* Converts import script to use public API endpoints

The endpoints don't exist yet, but this is a good way to see how
the implementation of the data structures differ.

* Exposes public API endpoint to fetch user's sketches

* Implements public API delete endpoint

* Adds helper to create custom ApplicationError classes

* Adds create project endpoint that understand API's data structure

This transforms the nested tree of file data into a mongoose
Project model

* Returns '201 Created' to match API spec

* Removes 'CustomError' variable assignment as it shows up in test output

* transformFiles will return file validation errors

* Tests API project controller

* Tests toModel()

* Creates default files if no root-level .html file is provided

* Do not auto-generate a slug if it is provided

Fixes a bug where the slug was auto-generated using the sketch name,
even if a slug property had been provided.

* Validates uniqueness of slugs for projects created by the public API

* Adds tests for slug uniqueness

* Configures node's Promise implementation for mongoose (fixes warnings)

* Moves createProject tests to match controller location

* Adds support for code to ApplicationErrors

* deleteProject controller tests

* getProjectsForUser controller tests

- implements tests
- update apiKey tests to use new User mocks

* Ensure error objects have consistent property names

`message` is used as a high-level description of the errors
`detail` is optional and has an plain language explanation of the
individual errors
`errors` is an array of each individual problem from `detail` in a
machine-readable format

* Assert environment variables are provided at script start

* Version public API

* Expect "files" property to always be provided

* Fixes linting error

* Converts import script to use public API endpoints

The endpoints don't exist yet, but this is a good way to see how
the implementation of the data structures differ.

* Exposes public API endpoint to fetch user's sketches

* Implements public API delete endpoint

* Adds helper to create custom ApplicationError classes

* Adds create project endpoint that understand API's data structure

This transforms the nested tree of file data into a mongoose
Project model

* Returns '201 Created' to match API spec

* Removes 'CustomError' variable assignment as it shows up in test output

* transformFiles will return file validation errors

* Tests API project controller

* Tests toModel()

* Creates default files if no root-level .html file is provided

* Do not auto-generate a slug if it is provided

Fixes a bug where the slug was auto-generated using the sketch name,
even if a slug property had been provided.

* Validates uniqueness of slugs for projects created by the public API

* Adds tests for slug uniqueness

* Configures node's Promise implementation for mongoose (fixes warnings)

* Moves createProject tests to match controller location

* deleteProject controller tests

* Adds support for code to ApplicationErrors

* getProjectsForUser controller tests

- implements tests
- update apiKey tests to use new User mocks

* Ensure error objects have consistent property names

`message` is used as a high-level description of the errors
`detail` is optional and has an plain language explanation of the
individual errors
`errors` is an array of each individual problem from `detail` in a
machine-readable format

* Assert environment variables are provided at script start

* Version public API

* Expect "files" property to always be provided

* Fixes linting error

* Checks that authenticated user has permission to create under this namespace

Previously, the project was always created under the authenticated user's
namespace, but this not obvious behaviour.

* Splits private and public APIs

The private API is under /editor and the public API under /api
This commit is contained in:
Andrew Nicolaou 2019-08-30 20:39:45 +02:00 committed by Cassie Tarakajian
parent d44a058fd8
commit 1f4bd581a8
3 changed files with 11 additions and 8 deletions

View file

@ -1,4 +1,4 @@
API_URL=/api API_URL=/editor
AWS_ACCESS_KEY=<your-aws-access-key> AWS_ACCESS_KEY=<your-aws-access-key>
AWS_REGION=<your-aws-region> AWS_REGION=<your-aws-region>
AWS_SECRET_KEY=<your-aws-secret-key> AWS_SECRET_KEY=<your-aws-secret-key>

View file

@ -16,7 +16,7 @@
], ],
"env": { "env": {
"API_URL": { "API_URL": {
"value": "/api" "value": "/editor"
}, },
"AWS_ACCESS_KEY": { "AWS_ACCESS_KEY": {
"description": "AWS Access Key", "description": "AWS Access Key",

View file

@ -97,16 +97,19 @@ app.use(session({
app.use(passport.initialize()); app.use(passport.initialize());
app.use(passport.session()); app.use(passport.session());
app.use('/api/v1', requestsOfTypeJSON(), api); app.use('/api/v1', requestsOfTypeJSON(), api);
app.use('/api', requestsOfTypeJSON(), users); app.use('/editor', requestsOfTypeJSON(), users);
app.use('/api', requestsOfTypeJSON(), sessions); app.use('/editor', requestsOfTypeJSON(), sessions);
app.use('/api', requestsOfTypeJSON(), files); app.use('/editor', requestsOfTypeJSON(), files);
app.use('/api', requestsOfTypeJSON(), projects); app.use('/editor', requestsOfTypeJSON(), projects);
app.use('/api', requestsOfTypeJSON(), aws); app.use('/editor', requestsOfTypeJSON(), aws);
// This is a temporary way to test access via Personal Access Tokens // This is a temporary way to test access via Personal Access Tokens
// Sending a valid username:<personal-access-token> combination will // Sending a valid username:<personal-access-token> combination will
// return the user's information. // return the user's information.
app.get('/api/auth/access-check', passport.authenticate('basic', { session: false }), (req, res) => res.json(req.user)); app.get(
'/api/v1/auth/access-check',
passport.authenticate('basic', { session: false }), (req, res) => res.json(req.user)
);
app.use(assetRoutes); app.use(assetRoutes);
// this is supposed to be TEMPORARY -- until i figure out // this is supposed to be TEMPORARY -- until i figure out