From 210e8b60bfb1c9d728ba93b41deff23f47568b2a Mon Sep 17 00:00:00 2001 From: Andrew Nicolaou Date: Fri, 30 Aug 2019 20:39:45 +0200 Subject: [PATCH] Public API: Namespace private and public APIs (#1148) * Converts import script to use public API endpoints The endpoints don't exist yet, but this is a good way to see how the implementation of the data structures differ. * Exposes public API endpoint to fetch user's sketches * Implements public API delete endpoint * Adds helper to create custom ApplicationError classes * Adds create project endpoint that understand API's data structure This transforms the nested tree of file data into a mongoose Project model * Returns '201 Created' to match API spec * Removes 'CustomError' variable assignment as it shows up in test output * transformFiles will return file validation errors * Tests API project controller * Tests toModel() * Creates default files if no root-level .html file is provided * Do not auto-generate a slug if it is provided Fixes a bug where the slug was auto-generated using the sketch name, even if a slug property had been provided. * Validates uniqueness of slugs for projects created by the public API * Adds tests for slug uniqueness * Configures node's Promise implementation for mongoose (fixes warnings) * Moves createProject tests to match controller location * Adds support for code to ApplicationErrors * deleteProject controller tests * getProjectsForUser controller tests - implements tests - update apiKey tests to use new User mocks * Ensure error objects have consistent property names `message` is used as a high-level description of the errors `detail` is optional and has an plain language explanation of the individual errors `errors` is an array of each individual problem from `detail` in a machine-readable format * Assert environment variables are provided at script start * Version public API * Expect "files" property to always be provided * Fixes linting error * Converts import script to use public API endpoints The endpoints don't exist yet, but this is a good way to see how the implementation of the data structures differ. * Exposes public API endpoint to fetch user's sketches * Implements public API delete endpoint * Adds helper to create custom ApplicationError classes * Adds create project endpoint that understand API's data structure This transforms the nested tree of file data into a mongoose Project model * Returns '201 Created' to match API spec * Removes 'CustomError' variable assignment as it shows up in test output * transformFiles will return file validation errors * Tests API project controller * Tests toModel() * Creates default files if no root-level .html file is provided * Do not auto-generate a slug if it is provided Fixes a bug where the slug was auto-generated using the sketch name, even if a slug property had been provided. * Validates uniqueness of slugs for projects created by the public API * Adds tests for slug uniqueness * Configures node's Promise implementation for mongoose (fixes warnings) * Moves createProject tests to match controller location * deleteProject controller tests * Adds support for code to ApplicationErrors * getProjectsForUser controller tests - implements tests - update apiKey tests to use new User mocks * Ensure error objects have consistent property names `message` is used as a high-level description of the errors `detail` is optional and has an plain language explanation of the individual errors `errors` is an array of each individual problem from `detail` in a machine-readable format * Assert environment variables are provided at script start * Version public API * Expect "files" property to always be provided * Fixes linting error * Checks that authenticated user has permission to create under this namespace Previously, the project was always created under the authenticated user's namespace, but this not obvious behaviour. * Splits private and public APIs The private API is under /editor and the public API under /api --- .env.example | 2 +- app.json | 2 +- server/server.js | 15 +++++++++------ 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.env.example b/.env.example index 7680fb90..0385cf26 100644 --- a/.env.example +++ b/.env.example @@ -1,4 +1,4 @@ -API_URL=/api +API_URL=/editor AWS_ACCESS_KEY= AWS_REGION= AWS_SECRET_KEY= diff --git a/app.json b/app.json index a588258e..3eff82c9 100644 --- a/app.json +++ b/app.json @@ -16,7 +16,7 @@ ], "env": { "API_URL": { - "value": "/api" + "value": "/editor" }, "AWS_ACCESS_KEY": { "description": "AWS Access Key", diff --git a/server/server.js b/server/server.js index af6ea25a..a7acc387 100644 --- a/server/server.js +++ b/server/server.js @@ -97,16 +97,19 @@ app.use(session({ app.use(passport.initialize()); app.use(passport.session()); app.use('/api/v1', requestsOfTypeJSON(), api); -app.use('/api', requestsOfTypeJSON(), users); -app.use('/api', requestsOfTypeJSON(), sessions); -app.use('/api', requestsOfTypeJSON(), files); -app.use('/api', requestsOfTypeJSON(), projects); -app.use('/api', requestsOfTypeJSON(), aws); +app.use('/editor', requestsOfTypeJSON(), users); +app.use('/editor', requestsOfTypeJSON(), sessions); +app.use('/editor', requestsOfTypeJSON(), files); +app.use('/editor', requestsOfTypeJSON(), projects); +app.use('/editor', requestsOfTypeJSON(), aws); // This is a temporary way to test access via Personal Access Tokens // Sending a valid username: combination will // return the user's information. -app.get('/api/auth/access-check', passport.authenticate('basic', { session: false }), (req, res) => res.json(req.user)); +app.get( + '/api/v1/auth/access-check', + passport.authenticate('basic', { session: false }), (req, res) => res.json(req.user) +); app.use(assetRoutes); // this is supposed to be TEMPORARY -- until i figure out