Merton
commented
6 years ago Suggestion: Test Driven development to identify any areas in the Model that need further validation.
Open georgemillard opened 7 years ago
Merton
commented
6 years ago Suggestion: Test Driven development to identify any areas in the Model that need further validation.
georgemillard
commented
6 years ago Sounds like a good idea. Keep in mind that while the API has been built to allow POST requests, it is currently only expected to serve GET requests for the foreseeable future. This gives us time to get the validation in place to ensure that POST requests to the API won't break the models.
asimonw
commented
6 years ago I'd also suggest to turn POST request off in production, especially while authorisations aren't fully in place. Helps with security if there is no POST endpoint at all.
georgemillard
commented
6 years ago Authorisations are in place so they can't currently be used, but we could discuss turning them off for now as a precaution.
georgemillard
commented
6 years ago Agreed to turn off POST requests for now.
Validation needs to be added at the level of the REST Api to ensure that POSTS do not break the model.
Some validation is currently implemented within the Models.
More advanced validation is implemented with the ModelForms.