Another option could be :
- no change or addition of any endpoint
-no change on the angular side
Since the result is the same : we want a list of applications (for admin there is just no restriction on developer that owns it)
But in the service layer when retrieving the applications we check the role (do we have a method hasRole(string) ? ) to see if we add the criteria of developer.
Envoyé de mon iPhone
> Le 9 oct. 2014 à 17:45, Bruno Oliveira <bruno@abstractj.org> a écrit :
>
> Good morning, moving forward with
> https://issues.jboss.org/browse/AGPUSH-1036. What is the most
> recommended approach for admin-ui.
>
> Have separated endpoints for the admin like:
>
> 1.
>
> @RolesAllowed("admin")
> @Path("/admin/applications")
> public class AdminApplicationEndpoint extends AbstractBaseEndpoint {
>
> @GET
> @Produces(MediaType.APPLICATION_JSON)
> public Response listAllPushApplications(){
> //queries
> }
> }
>
> Or introduce a new method inside the current PushApplicationEndpoint:
>
> 2.
>
> @GET
> @Produces(MediaType.APPLICATION_JSON)
> @RolesAllowed("admin")
> public Response listAllPushApplications(){
> //queries
> }
> // READ
> @GET
> @Produces(MediaType.APPLICATION_JSON)
> public Response listAllPushApplicationsByUsername(@Context HttpServletRequest request) {
> return Response.ok(pushAppService.findAllPushApplicationsForDeveloper(extractUsername(request))).build();
> }
>
>
> If the option 2 is the correct. How the Angular.js service would look
> like? Once the username is not informed as argument on
> pushApplicationService.js, because for obvious reasons it can be
> retrieved with HttpServletRequest.
>
> One of my poor ideas due to my "amazing" Angular skills would be to do
> something like:
>
> @GET
> @Produces(MediaType.APPLICATION_JSON)
> @RolesAllowed("admin")
> @Path("/all")
> public Response listAllPushApplications(){
> //queries
> }
>
> And:
>
> backendMod.factory('pushApplication', function ($resource) {
> return $resource('rest/applications/all/:verb', {
> .....
>
>
> Help?
>
>
>
>
>
>
> --
>
> abstractj
> PGP: 0x84DC9914
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev