Open OmarIthawi opened 4 months ago
API to get and update basic tenant information such as logo, colors and name, ID and other non-confidential informations.
GET should return a big JSON with white listed list of information only for permitted users.
GET
POST should allow updating the values but prevent concurrent edits using something like the following:
POST
key
header_options.color
previous_value
#ff00ff
new_value
#ff0000
API to get and update basic tenant information such as logo, colors and name, ID and other non-confidential informations.
GETshould return a big JSON with white listed list of information only for permitted users.POSTshould allow updating the values but prevent concurrent edits using something like the following:key:header_options.colorThe json key for the object (this should be checked against object path traversal security issues)previous_value:#ff00ffThe previous value to avoid overriding team-mates work.new_value:#ff0000The new desired value to save.