Open OmarIthawi opened 4 months ago
API to get and update basic tenant information such as logo, colors and name, ID and other non-confidential informations.
GET should return a big JSON with white listed list of information only for permitted users.
GET
POST should allow updating the values but prevent concurrent edits using something like the following:
POST
key
header_options.color
previous_value
#ff00ff
new_value
#ff0000
API to get and update basic tenant information such as logo, colors and name, ID and other non-confidential informations.
GET
should return a big JSON with white listed list of information only for permitted users.POST
should allow updating the values but prevent concurrent edits using something like the following:key
:header_options.color
The json key for the object (this should be checked against object path traversal security issues)previous_value
:#ff00ff
The previous value to avoid overriding team-mates work.new_value
:#ff0000
The new desired value to save.