Use openapi-backend to provide the express routing middleware based on the openapi doc. The openapi-backend middleware validates all requests and delegates the request to a handler matching the operationId property from the openapi doc.
Implement basic CRUD-based access permissions for users. Use middleware to ensure that the user associated with the session token has permission to perform the operation.
Do you have any concerns with this PR?
Implementing the company-based access rules turned out to be a lot of overhead. I ended up scrapping all company-related code. This target of this PR is a new v2 branch. I'll keep merging issues into v2, until it's ready to merge into master. This is that fastest way to get to v2, and since no demands are being made right now of v1, I decided faster would be better.
How can the reviewer verify this PR?
View. The v2 branch won't be operational until companies are removed from the rest of the code base and from the tests.
Any background context you want to provide?
CI/CD tests won't be passing for the v2 branch until companies are removed completely.
Screenshots or logs (if appropriate)
Questions:
Have you connected this PR to the issue it resolves? #331 #328
Does the documentation need an update? Will update docs prior to v2 release
Does this add new dependencies? openapi-backend, js-yaml
Have you added unit or functional tests for this PR? No
What does this PR do?
openapi-backend
to provide theexpress
routing middleware based on the openapi doc. Theopenapi-backend
middleware validates all requests and delegates the request to a handler matching theoperationId
property from the openapi doc.Do you have any concerns with this PR?
Implementing the company-based access rules turned out to be a lot of overhead. I ended up scrapping all company-related code. This target of this PR is a new
v2
branch. I'll keep merging issues intov2
, until it's ready to merge into master. This is that fastest way to get to v2, and since no demands are being made right now of v1, I decided faster would be better.How can the reviewer verify this PR?
View. The v2 branch won't be operational until companies are removed from the rest of the code base and from the tests.
Any background context you want to provide?
CI/CD tests won't be passing for the v2 branch until companies are removed completely.
Screenshots or logs (if appropriate)
Questions:
openapi-backend
,js-yaml