[aerogear-dev] Admin endpoints

Matthias Wessendorf matzew at apache.org
Thu Oct 9 12:37:33 EDT 2014 

On Thu, Oct 9, 2014 at 6:04 PM, Sébastien Blanc <scm.blanc at gmail.com> wrote:

> Another option could be :
> - no change or addition of any endpoint
> -no change on the angular side
>
> Since the result is the same : we want a list of applications (for admin
> there is just no restriction on developer that owns it)
> But in the service layer when retrieving the applications we check the
> role (do we have a method hasRole(string) ? ) to see if we add the criteria
> of developer.
>

yeah, that;s what I had in my email from last night as well. the service
returns a list of applications.
Inside we handle the different cases:
- admin
   Select all (e.g. "select pa from PushApplication pa")
-developer
   select 'my apps' (e.g. "select pa from PushApplication pa where
pa.developer = :loginName")


-Matthias





>
> Envoyé de mon iPhone
>
> > Le 9 oct. 2014 à 17:45, Bruno Oliveira <bruno at abstractj.org> a écrit :
> >
> > Good morning, moving forward with
> > https://issues.jboss.org/browse/AGPUSH-1036. What is the most
> > recommended approach for admin-ui.
> >
> > Have separated endpoints for the admin like:
> >
> > 1.
> >
> > @RolesAllowed("admin")
> > @Path("/admin/applications")
> > public class AdminApplicationEndpoint extends AbstractBaseEndpoint {
> >
> >    @GET
> >    @Produces(MediaType.APPLICATION_JSON)
> >    public Response listAllPushApplications(){
> >        //queries
> >    }
> > }
> >
> > Or introduce a new method inside the current PushApplicationEndpoint:
> >
> > 2.
> >
> >    @GET
> >    @Produces(MediaType.APPLICATION_JSON)
> >    @RolesAllowed("admin")
> >    public Response listAllPushApplications(){
> >      //queries
> >    }
> >    // READ
> >    @GET
> >    @Produces(MediaType.APPLICATION_JSON)
> >    public Response listAllPushApplicationsByUsername(@Context
> HttpServletRequest request) {
> >        return
> Response.ok(pushAppService.findAllPushApplicationsForDeveloper(extractUsername(request))).build();
> >    }
> >
> >
> > If the option 2 is the correct. How the Angular.js service would look
> > like? Once the username is not informed as argument on
> > pushApplicationService.js, because for obvious reasons it can be
> > retrieved with HttpServletRequest.
> >
> > One of my poor ideas due to my "amazing" Angular skills would be to do
> > something like:
> >
> >    @GET
> >    @Produces(MediaType.APPLICATION_JSON)
> >    @RolesAllowed("admin")
> >    @Path("/all")
> >    public Response listAllPushApplications(){
> >      //queries
> >    }
> >
> > And:
> >
> > backendMod.factory('pushApplication', function ($resource) {
> >  return $resource('rest/applications/all/:verb', {
> > .....
> >
> >
> > Help?
> >
> >
> >
> >
> >
> >
> > --
> >
> > abstractj
> > PGP: 0x84DC9914
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>



-- 
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20141009/aa44364d/attachment.html

More information about the aerogear-dev mailing list