Police-Data-Accessibility-Project / data-sources-app

An API and UI for using and maintaining the Data Sources database
MIT License
3 stars 5 forks source link

Determine standard for subqueries and linked data #472

Open maxachis opened 3 weeks ago

maxachis commented 3 weeks ago

Context

Now that we've introduced subqueries to our endpoints -- where calling one endpoint can return linked data typically associated with another endpoint (data sources linked to data requests, etc.), as well as endpoints explicitly returning data linked to particular ids, we need to take into account how subquery logic interacts with other components of our logic, including:

  1. Our primary GET endpoints have variable column permissions depending on whether the user is an admin or a standard user. Do such variable permissions apply also to subqueried data, or do we only get the standard set of columns?
  2. Same as above, but what about when we're getting data linked to another id? e.g., for /data-requests/{data_request_id}/related-sources, do we have variable column permissions for those related sources depending on the permission level of the admin, or do we keep them standard for simplicity?
  3. Our standard GET requests now include (or are being updated to include) subqueries, such as data sources associated with each data request. What about when we're getting related data through a /related-etc endpoint? Do those also return subquery data, or not?

Requirements

Tests

Docs

Open questions

josh-chamberlain commented 3 weeks ago
  1. If we're subquerying, let's just return a standard set of columns. We have made positive decisions about when to return extra columns, and we can assume they will appear when needed.

  2. I think standard is OK for the same reason.

  3. I don't think they need to. We just want to know that there exists a related thing, and that it can be found by an ID or listed by name, but we likely won't need all the related info. We can circle back for it if needed, but it need not be the default.