Hi,
UPDATED_BY is an Audit column which is included every resource table
regardless of their business logic. Comments are one type of resource.
CREATED_TIME, CREATED_BY, LAST_UPDATED_TIME and UPDATED_BY are those
columns we use for audit purpose which we include in every resource table
like APIs, Application, Policy and etc.
Regarding Fazlan's comment, I think we need to discuss and fix. We have the
same situation in POST /apis/{apiId}/thumbnail as well where we use POST
for both first-time addition and update thereafter. However keeping a POST
which can be executed only once is also not a very good solution IMO which
makes an additional complexity for the client (who need to make sure he
should do the first call using a POST and thereafter do PUT for the same
resource).
Thanks!
On Mon, Apr 3, 2017 at 5:09 PM, Anuruddha Liyanarachchi <[email protected]
> wrote:
> Hi Chamalee,
>
> Why do we have UPDATED_BY column? Do we allow users to update other users
> comments?
> IMO this should not be allowed.
>
> Allowing admin users to delete comments/ratings is ok, but we shouldn't
> allow them to edit.
>
> WDYT?
>
> On Mon, Apr 3, 2017 at 3:08 PM, Fazlan Nazeem <[email protected]> wrote:
>
>> Hi,
>>
>> On Mon, Apr 3, 2017 at 2:08 PM, Chamalee De Silva <[email protected]>
>> wrote:
>>
>>> hi all,
>>> Ratings and Comments impact on the impression of the API Store users of
>>> the APIs published in the API Store.
>>> The popularity, importance of the API, the pros and cons of the API can
>>> be evaluated through the Ratings and Comments given to the APIs.
>>>
>>> To achieve that in APIM 3.0.0, following REST APIs are identified to be
>>> implemented.
>>>
>>>
>>> *Ratings :*
>>>
>>> 1. Retrieve the average rating of the API, rating given by the logged in
>>> user and the rating list. (A composite list will be retrieved as the
>>> response.)
>>> 3. Adding a new rating to an API (Updating the existing rating will also
>>> be handled through this.)
>>>
>>> Does this mean we handle both operations using same API operation? If
>> so we have to send a POST request to an update operation. That doesn't
>> sound right. We have to have two operations for adding(POST) and
>> update(PUT) the rating. Any explanation?
>>
>> *Comments :*
>>>
>>> 1. Retrieve the list of Comments of an API
>>> 2. Retrieve an individual Comment of an API
>>> 3. Add a new Comment to an API
>>> 4. Update an existing Comment of an API
>>> 5. Delete a particular Comment
>>>
>>> Database schema is updated with adding two tables as follows.
>>>
>>> AM_API_RATINGS
>>>
>>> RATING_ID
>>>
>>> API_ID
>>>
>>> RATING
>>>
>>> USER_IDENTIFIER
>>>
>>> CREATED_BY
>>>
>>> CREATED_TIME
>>>
>>> UPDATED_BY
>>>
>>> LAST_UPDATED_TIME
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> AM_API_COMMENTS
>>>
>>> COMMENT_ID
>>>
>>> API_ID
>>>
>>> COMMENT_TEXT
>>>
>>> USER_IDENTIFIER
>>>
>>> CREATED_BY
>>>
>>> CREATED_TIME
>>>
>>> UPDATED_BY
>>>
>>> LAST_UPDATED_TIME
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> The COMMENT_ID and API_ID are UUIDs which are primary keys.
>>>
>>>
>>> These are further described as user stories in redmine [1] under Epic
>>> #5963 <https://redmine.wso2.com/issues/5963>
>>> and the public JIRA can be found at -[2].
>>>
>>> We have done a design review for this and please find the design review
>>> comments in [3].
>>>
>>> The REST API definition and schema level implementation is complemented
>>> and following are left to be completed in this feature.
>>>
>>> 1. DAO level implementation for retrieving and storing values.
>>> 2. Permission model considerations
>>> - As we discussed within the team, to rate an API or to
>>> Comment an API, the user should have* at least* the permission to view
>>> the API. He should have the API_ID in hand to manipulate all REST APIs
>>> which goes under Ratings and Comments.
>>> Assuming that permission check for API is happening prior to
>>> every operation we are safe in that side.
>>>
>>> 3. Other than that, as discussed in the design review we should
>>> calculate the average rating of each of the API using a separate
>>> Database operation and set the rating to the APIInfo object where we do
>>> the listAllAPIs call as well.
>>> (For per API scenario, We are going to use a separate REST call as per
>>> in discussion [4])
>>>
>>>
>>>
>>> [1] https://redmine.wso2.com/issues/5963
>>> [2] <https://github.com/wso2/carbon-apimgt/pull/3879>
>>> https://wso2.org/jira/browse/APIMANAGER-5684
>>> <https://www.google.com/url?q=https%3A%2F%2Fwso2.org%2Fjira%2Fbrowse%2FAPIMANAGER-5684&sa=D&sntz=1&usg=AFQjCNEKLLoVtUwWONla9d_Gw8FD6iVdlQ>
>>> [3] Updated Invitation: [APIM][C5][Design Review] REST APIs for Rating
>>> and Commen... @ Tue Mar 28, 2017 12pm - 12:45pm (IST) (WSO2 Engineering
>>> Group)
>>> [4] Retrieving Rating value of API in the GET_API resource API
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>> Thanks & Regards,
>>>
>>> *Chamalee De Silva*
>>> Software Engineer
>>> *WS**O2* Inc. :http://wso2.com/
>>>
>>> Office :- *+94 11 2145345 <%2B94%2011%202145345>*
>>> mobile :- *+94 7 <%2B94%2077%202782039>1 4315942*
>>>
>>>
>>>
>>>
>>> --
>>> Thanks & Regards,
>>>
>>> *Chamalee De Silva*
>>> Software Engineer
>>> *WS**O2* Inc. :http://wso2.com/
>>>
>>> Office :- *+94 11 2145345 <%2B94%2011%202145345>*
>>> mobile :- *+94 7 <%2B94%2077%202782039>1 4315942*
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> Fazlan Nazeem
>>
>> *Senior Software Engineer*
>>
>> *WSO2 Inc*
>> Mobile : +94772338839
>> <%2B94%20%280%29%20773%20451194>
>> [email protected]
>>
>> _______________________________________________
>> Architecture mailing list
>> [email protected]
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> *Thanks and Regards,*
> Anuruddha Lanka Liyanarachchi
> Software Engineer - WSO2
> Mobile : +94 (0) 712762611
> Tel : +94 112 145 345
> a <[email protected]>[email protected]
>
> _______________________________________________
> Architecture mailing list
> [email protected]
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>
--
Malintha Amarasinghe
Software Engineer
*WSO2, Inc. - lean | enterprise | middleware*
http://wso2.com/
Mobile : +94 712383306 <+94%2071%20238%203306>
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
