On Thu, Aug 8, 2019 at 9:08 PM Malintha Amarasinghe <malint...@wso2.com>
wrote:
> When we return a 404, it implies that the URL (or the resource) does not
> exist. Here the URL/resource is */validate-role *(a controller resource)
> which always exists so it is wrong to return a 404 at any case.
>
Yes agree with this and controller resource(as query params optional
controller resource will be resource) is not ideal for this.
Using head would be good option. Like nirmal mentioned any additional
parameters related to filter criteria can be passed as query parameters.
Thanks,
sanjeewa/
>
> Thanks!
>
> On Thu, Aug 8, 2019 at 7:12 PM Menaka Jayawardena <men...@wso2.com> wrote:
>
>> Hi Naduni,
>>
>> Wh the GET request always returns 200?
>> Can't we set the status code 404 if the role is not found? So we can
>> check the response status from the UI. We do not want to read the body then.
>>
>>
>>
>> On Thu, Aug 8, 2019 at 6:05 PM Naduni Pamudika <nad...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> Thanks all for the suggestions. With the GET method @Bhathiya Jayasekara
>>> <bhath...@wso2.com> suggested, we have the following 2 options now.
>>>
>>> 1. *HEAD /roles/{roleName}*
>>> 2. *GET /validate-role?role=rolename*
>>>
>>>
>>> If we go with the option 1, it will simplify the work in the UI side
>>> while doing the role validations by using the Rest API since we can do the
>>> validation by looking at the status code (If the role exists it is a 200
>>> and if not it is a 404). If we go with the option 2, it will always return
>>> a 200 status code and we need to check the response body to validate a
>>> particular role name (We can send *isRoleExist=true* and
>>> *isRoleExist=false* in the response body depending on the existence of
>>> a role name).
>>>
>>> Since most of us are +1 with the option 2, shall we move forward with
>>> the GET method?
>>>
>>> Thanks,
>>> Naduni
>>>
>>> On Wed, Aug 7, 2019 at 7:27 PM Bhathiya Jayasekara <bhath...@wso2.com>
>>> wrote:
>>>
>>>>
>>>>
>>>> On Wed, Aug 7, 2019 at 6:24 PM Malintha Amarasinghe <malint...@wso2.com>
>>>> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Wed, Aug 7, 2019 at 3:39 PM Harsha Kumara <hars...@wso2.com> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Wed, Aug 7, 2019 at 3:37 PM Malintha Amarasinghe <
>>>>>> malint...@wso2.com> wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Aug 7, 2019 at 3:35 PM Harsha Kumara <hars...@wso2.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Let's say if someone wants to check existence of role foo in user
>>>>>>>> store TEST. He will do a call /roke/TEST/foo which isn't valid request
>>>>>>>> right?
>>>>>>>>
>>>>>>> @Harsha Kumara <hars...@wso2.com> we need to URL encode the role
>>>>>>> name. The request will become /roles/TEST%2Ffoo
>>>>>>>
>>>>>> Yes that's true. Again some customers might have different letters in
>>>>>> their role names. Might note be a good idea to include as a path
>>>>>> parameter.
>>>>>>
>>>>> Even if we add as a query param, that will go as part of the URL which
>>>>> might lead to similar issues? We may need to test this for query
>>>>> parameters
>>>>> as well.
>>>>>
>>>>> I preferred the HEAD method due to the simpleness ( only need to
>>>>> respond with 204 or 404 without any payload based on the availability of
>>>>> the role) and RESTfulness (consider a role as a resource and do a fetch on
>>>>> it in the usual way). HEAD is the usual way for checking the existence of
>>>>> a
>>>>> resource. However, we do not have the need for implementing a GET here for
>>>>> now.
>>>>>
>>>>
>>>> This is actually my worry is. I don't think we'll ever have to give a
>>>> /roles/{role} in the publisher APIs. So having a HEAD without a GET feels
>>>> strange to me. Maybe it's just me.
>>>>
>>>> Thanks,
>>>> Bhathiya
>>>>
>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, Aug 7, 2019 at 3:33 PM Mushthaq Rumy <musht...@wso2.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Adding [Architecture]
>>>>>>>>>
>>>>>>>>> On Wed, Aug 7, 2019 at 3:30 PM Mushthaq Rumy <musht...@wso2.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Since we will be UserStoreManager, this should cover the
>>>>>>>>>> secondary user stores as well.
>>>>>>>>>>
>>>>>>>>>> Thanks & Regards,
>>>>>>>>>> Mushthaq
>>>>>>>>>>
>>>>>>>>>> On Wed, Aug 7, 2019 at 3:28 PM Harsha Kumara <hars...@wso2.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> What happen if the role is from secondary user store?
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:24 PM Naduni Pamudika <nad...@wso2.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi All,
>>>>>>>>>>>>
>>>>>>>>>>>> We are planning to add a REST API endpoint to APIM 3.0
>>>>>>>>>>>> Publisher Rest APIs and the intention is to check the existence of
>>>>>>>>>>>> a
>>>>>>>>>>>> particular role name. This will be used in order to manage roles
>>>>>>>>>>>> when
>>>>>>>>>>>> enabling Publisher Access Control and Store Visibility and when
>>>>>>>>>>>> adding
>>>>>>>>>>>> Scopes.
>>>>>>>>>>>>
>>>>>>>>>>>> The swagger definition for the new endpoint would be as follows.
>>>>>>>>>>>>
>>>>>>>>>>>> ######################################################
>>>>>>>>>>>> # The Role Name Existence
>>>>>>>>>>>> ######################################################
>>>>>>>>>>>> /roles/{roleName}:
>>>>>>>>>>>> #-----------------------------------------------------
>>>>>>>>>>>> # The role name existence check resource
>>>>>>>>>>>> #-----------------------------------------------------
>>>>>>>>>>>> head:
>>>>>>>>>>>> security:
>>>>>>>>>>>> - OAuth2Security:
>>>>>>>>>>>> - apim:api_view
>>>>>>>>>>>> summary: |
>>>>>>>>>>>> Check given role name is already exist
>>>>>>>>>>>> description: |
>>>>>>>>>>>> Using this operation, you can check a given role
>>>>>>>>>>>> name is already used. You need to provide the role name you want
>>>>>>>>>>>> to check.
>>>>>>>>>>>> parameters:
>>>>>>>>>>>> - $ref : '#/parameters/roleName'
>>>>>>>>>>>> responses:
>>>>>>>>>>>> 200:
>>>>>>>>>>>> description: |
>>>>>>>>>>>> OK.
>>>>>>>>>>>> Requested role name is returned.
>>>>>>>>>>>> 404:
>>>>>>>>>>>> description: |
>>>>>>>>>>>> Not Found.
>>>>>>>>>>>> Requested role name does not exist.
>>>>>>>>>>>> ######################################################
>>>>>>>>>>>> # Role Name
>>>>>>>>>>>> roleName:
>>>>>>>>>>>> name: roleName
>>>>>>>>>>>> in: path
>>>>>>>>>>>> description: |
>>>>>>>>>>>> The role name
>>>>>>>>>>>> required: true
>>>>>>>>>>>> type: string
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> It is a HEAD method (*/roles/{roleName}*) which will return a
>>>>>>>>>>>> 200 status code if the given role name exists and a 404 status
>>>>>>>>>>>> code if the
>>>>>>>>>>>> give role name is not found. Sample requests and responses are
>>>>>>>>>>>> given below.
>>>>>>>>>>>>
>>>>>>>>>>>> Request:
>>>>>>>>>>>> HEAD
>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/valid-role
>>>>>>>>>>>> HTTP/1.1
>>>>>>>>>>>> Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8
>>>>>>>>>>>>
>>>>>>>>>>>> Response:
>>>>>>>>>>>> HTTP/1.1 200 OK
>>>>>>>>>>>> Connection: keep-alive
>>>>>>>>>>>> Content-Length: 0
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Request:
>>>>>>>>>>>> HEAD
>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/invalid-role
>>>>>>>>>>>> HTTP/1.1
>>>>>>>>>>>> Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8
>>>>>>>>>>>>
>>>>>>>>>>>> Response:
>>>>>>>>>>>> HTTP/1.1 404 Not Found
>>>>>>>>>>>> Connection: keep-alive
>>>>>>>>>>>> Content-Length: 0
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Are we good to have the endpoint definition as this? Appreciate
>>>>>>>>>>>> your inputs to proceed further.
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks,
>>>>>>>>>>>> Naduni
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc.
>>>>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e)
>>>>>>>>>>>> nad...@wso2.com
>>>>>>>>>>>> [image: http://wso2.com/signature] <http://wso2.com/signature>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>>
>>>>>>>>>>> *Harsha Kumara*
>>>>>>>>>>>
>>>>>>>>>>> Technical Lead, WSO2 Inc.
>>>>>>>>>>> Mobile: +94775505618
>>>>>>>>>>> Email: hars...@wso2.coim
>>>>>>>>>>> Blog: harshcreationz.blogspot.com
>>>>>>>>>>>
>>>>>>>>>>> GET INTEGRATION AGILE
>>>>>>>>>>> Integration Agility for Digitally Driven Business
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Mushthaq Rumy
>>>>>>>>>> *Senior Software Engineer*
>>>>>>>>>> Mobile : +94 (0) 779 492140
>>>>>>>>>> Email : musht...@wso2.com
>>>>>>>>>> WSO2, Inc.; http://wso2.com/
>>>>>>>>>> lean . enterprise . middleware.
>>>>>>>>>>
>>>>>>>>>> <http://wso2.com/signature>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Mushthaq Rumy
>>>>>>>>> *Senior Software Engineer*
>>>>>>>>> Mobile : +94 (0) 779 492140
>>>>>>>>> Email : musht...@wso2.com
>>>>>>>>> WSO2, Inc.; http://wso2.com/
>>>>>>>>> lean . enterprise . middleware.
>>>>>>>>>
>>>>>>>>> <http://wso2.com/signature>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> *Harsha Kumara*
>>>>>>>>
>>>>>>>> Technical Lead, WSO2 Inc.
>>>>>>>> Mobile: +94775505618
>>>>>>>> Email: hars...@wso2.coim
>>>>>>>> Blog: harshcreationz.blogspot.com
>>>>>>>>
>>>>>>>> GET INTEGRATION AGILE
>>>>>>>> Integration Agility for Digitally Driven Business
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Malintha Amarasinghe
>>>>>>> *WSO2, Inc. - lean | enterprise | middleware*
>>>>>>> http://wso2.com/
>>>>>>>
>>>>>>> Mobile : +94 712383306
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> *Harsha Kumara*
>>>>>>
>>>>>> Technical Lead, WSO2 Inc.
>>>>>> Mobile: +94775505618
>>>>>> Email: hars...@wso2.coim
>>>>>> Blog: harshcreationz.blogspot.com
>>>>>>
>>>>>> GET INTEGRATION AGILE
>>>>>> Integration Agility for Digitally Driven Business
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Malintha Amarasinghe
>>>>> *WSO2, Inc. - lean | enterprise | middleware*
>>>>> http://wso2.com/
>>>>>
>>>>> Mobile : +94 712383306
>>>>>
>>>>
>>>>
>>>> --
>>>> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc.
>>>> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com
>>>>
>>>>
>>>>
>>>
>>> --
>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc.
>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) nad...@wso2.com
>>> [image: http://wso2.com/signature] <http://wso2.com/signature>
>>>
>>>
>>
>> --
>>
>> *Menaka Jayawardena*
>> Senior Software Engineer | WSO2 Inc.
>> +94 71 350 5470 | +94 76 717 2511 | men...@wso2.com
>>
>> <https://wso2.com/signature>
>>
>>
>
> --
> Malintha Amarasinghe
> *WSO2, Inc. - lean | enterprise | middleware*
> http://wso2.com/
>
> Mobile : +94 712383306
>
--
*Sanjeewa Malalgoda*
Software Architect | Associate Director, Engineering - WSO2 Inc.
(m) +94 712933253 | (e) sanje...@wso2.com | (b) Blogger
<http://sanjeewamalalgoda.blogspot.com>, Medium
<https://medium.com/@sanjeewa190>
GET INTEGRATION AGILE <https://wso2.com/signature>
Integration Agility for Digitally Driven Business
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
