pvarki / python-rasenmaeher-api

1 stars 0 forks source link

Make API more RESTful #74

Open rambo opened 1 year ago

rambo commented 1 year ago
restful

See notes from @3zk1m0 above.

In addition to those: Everything that acceps invitecode or callsign as parameter MUST also accept the primary-key of the object.

PKs are UUIDs are the route must accept both the classic string form of "20994228-d379-4acd-bdd8-4de88435381b" and base64 encoded form "yUb5X1onSSCPzAFmeeyzJg==" (see helpers for encoding/decoding this form)

Anything that outputs UUIDs SHOULD output the b64 form.

rambo commented 1 year ago

A side note: "invite-codes" are actually EnrollmentPool objects. Also, users do not have lock/unlock functionality. Revoking a user could be thought of the "lock" but once the certificate is revoked it's revoked and will not work ever again. In theory we could generate a new cert but the user has no way of getting it, their authentication cert was already revoked...

Thus instead of the lock/unlock I'd just have a DELETE /user/:callsign for generic revoke or if we want to specify a reason for the revoke POST /user/:callsign/revoke (the reason MUST be a valid value for validate_reason )