IBatsios / capstone

4 stars 0 forks source link

Requests for lists should only return the users lists #150

Open mjmccull0 opened 4 years ago

mjmccull0 commented 4 years ago

Currently all lists are returned with the request for lists. The documentation and subsequent conversations about list functionality call for lists to be user-specific. Two approaches come to mind:

jwthrs commented 4 years ago

Short term fix would be to call that route with a filter where user id = author id of the list.

mjmccull0 commented 4 years ago

Another option would be to use the user's session information to return the user's lists.

jwthrs commented 4 years ago

Another option would be to use the user's session information to return the user's lists.

I think that's what I was trying to say but my language wasn't as specific. thanks for correction

mjmccull0 commented 4 years ago

Would you mind looking at it. I just did and it doesn't look like it's that simple. Since lists use a get method they request body is to be ignored. That's not a big deal to solve; but I wasn't able to create a filter anymore complicated than to get a particular id and still get results.

jwthrs commented 4 years ago

@mjmccull0 You're right.. we've been implementing GET requests wrong. Let me try to poke around with Postman and find a solution that works. Is this blocking you from work? Currently doing a chemistry lab report.

mjmccull0 commented 4 years ago

It's not blocking anything. If you get a change, take a look.

jwthrs commented 4 years ago

@mjmccull0 Figured out how to do it. Use 'GET' method on /lists/ with this request: Must switch body format to "Text" on postman to do this otherwise Postman complains this isn't JSON format.

I would agree with the sentiment that we don't want a user to be able to request for other users list. However I think in the future (and I may be wrong) we wanted users to be able to view each other's lists and comment on them. Sort of like on Pinterest, anyone (even if not logged in) can view your lists you've made.

{ "author" : { "id" : ObjectId(<INSERT_USER_SESSION_ID>) } }

Example: { "author" : { "id" : ObjectId("5e971574a9cf0a2af1421606") } }

Produces this output: [ { "author": { "id": "5e98f3a98bf173509cc33280", "username": "yanni3003" }, "_id": "5ea1185a2aa0fd38b0eaceea", "name": "Favorite Movies", "interest": "movies", "items": [ { "_id": "5ea5ddda25fc701888b6793b", "name": "Unforgiven", "url": "https://www.imdb.com/title/tt0105695/?ref_=nv_sr_srsg_0", "description": "Best movie of all time." }, { "_id": "5ea5de0225fc701888b6793e", "name": "The Thing", "url": "https://www.imdb.com/title/tt0084787/?ref_=nv_sr_srsg_0", "description": "Another masterpiece by John Carpenter" } ], "isActive": true, "createdAt": "2020-04-23T04:23:54.520Z", "updatedAt": "2020-04-26T19:16:19.008Z", "__v": 0 }, { "author": { "id": "5e98f3a98bf173509cc33280", "username": "yanni3003" }, "_id": "5ea118a92aa0fd38b0eaceeb", "name": "Favorite Albums", "interest": "music", "items": [ { "_id": "5ea5de3d25fc701888b67942", "name": "The Bends", "url": "https://en.wikipedia.org/wiki/The_Bends_(album)", "description": "A lot of people say OK Computer. They're wrong. This is their best." } ], "isActive": true, "createdAt": "2020-04-23T04:25:13.425Z", "updatedAt": "2020-04-26T19:17:17.068Z", "__v": 0 }, { "author": { "id": "5e9b33b2a289c919089318dd", "username": "Kozmocha" }, "_id": "5ea2397c652ebe296cb78e96", "name": "Test", "interest": "general", "items": [], "isActive": true, "createdAt": "2020-04-24T00:57:32.172Z", "updatedAt": "2020-04-24T00:57:32.261Z", "__v": 0 }, { "author": { "id": "5e9b33b2a289c919089318dd", "username": "Kozmocha" }, "_id": "5ea23a02922c5a289c0187b3", "name": "Test", "interest": "general", "items": [], "isActive": true, "createdAt": "2020-04-24T00:59:46.523Z", "updatedAt": "2020-04-24T00:59:46.882Z", "__v": 0 }, { "author": { "id": "5ea3957edeb118968c5e52c4", "username": "hvvo", "avatar": "avatar.png" }, "_id": "5ea39eceeecb5d49d81023a8", "name": "voviethieu1", "interest": "general", "items": [ { "_id": "5ea5cf802aa2fc181c5b8aef", "name": "newitem", "url": "https://www.cnn.com/2020/04/24/politics/white-house-briefings-coronavirus/index.html", "description": "nothing" } ], "isActive": true, "createdAt": "2020-04-25T02:22:06.390Z", "updatedAt": "2020-04-26T18:14:24.491Z", "__v": 0 }, { "author": { "id": "5ea1173698714a3cf8c3addf", "username": "hairyarms", "avatar": "avatar.png" }, "_id": "5ea4ad161a33fe3bcc0cdae1", "name": "test", "interest": "general", "items": [], "isActive": true, "createdAt": "2020-04-25T21:35:18.849Z", "updatedAt": "2020-04-25T21:35:18.955Z", "__v": 0 }, { "author": { "id": "5ea3957edeb118968c5e52c4", "username": "hvvo", "avatar": "avatar.png" }, "_id": "5ea4bde4efb7de30e8ae75e5", "name": "voviethieu2", "interest": "music", "items": [], "isActive": true, "createdAt": "2020-04-25T22:47:00.424Z", "updatedAt": "2020-04-25T22:47:00.538Z", "__v": 0 }, { "author": { "id": "5ea1173698714a3cf8c3addf", "username": "hairyarms", "avatar": "avatar.png" }, "_id": "5ea4ccf5a4ba562f88def6c9", "name": "beeeeees", "interest": "general", "items": [ { "_id": "5ea4cd3aa4ba562f88def6cb" }, { "_id": "5ea4cd82406de610606bad4c" }, { "_id": "5ea4cd999326ea17343a0995" }, { "_id": "5ea4ce4196e19239689530fa" }, { "_id": "5ea4cf3949da601a340d11de" }, { "_id": "5ea4cf79fb6ca2103cc1e51e", "name": "Job 2", "url": "https://www.imdb.com/title/tt0105695/?ref_=fn_al_tt_1", "description": "a movie about a job" } ], "isActive": true, "createdAt": "2020-04-25T23:51:17.455Z", "updatedAt": "2020-04-26T00:02:01.678Z", "__v": 0 }, { "author": { "id": "5e98f3a98bf173509cc33280", "username": "yanni3003", "avatar": "avatar3.jpeg" }, "_id": "5ea5269be1a0b156f0773a0b", "name": "Places I want to go.", "interest": "general", "items": [ { "_id": "5ea5dda325fc701888b67938", "name": "Santorini, Greece", "url": "https://en.wikipedia.org/wiki/Santorini", "description": "High on my bucket list" } ], "isActive": true, "createdAt": "2020-04-26T06:13:47.854Z", "updatedAt": "2020-04-26T19:14:43.477Z", "__v": 0 }, { "author": { "id": "5e971574a9cf0a2af1421606", "username": "jsmith", "avatar": "/avatar2.png" }, "_id": "5ea5d6edfbfcef034bafc0b9", "name": "Todo List", "interest": "general", "items": [ { "_id": "5ea5d728fbfcef034bafc0ba", "name": "Make more lists", "url": "https://www.wikihow.com/Make-a-To-Do-List", "description": "WikiHow to make lists in 10 Steps." } ], "isActive": true, "createdAt": "2020-04-26T18:46:05.271Z", "updatedAt": "2020-04-26T18:47:49.393Z", "__v": 0 } ]

mjmccull0 commented 4 years ago

Probably should add a post route too then.