Closed riyazathali closed 3 years ago
@malinthaprasan can you verify the suggestions please?
Hi @riyazathali,
We have gone through the pointed issues.
Description:
POST /throttling/policies/application
When we are adding an Application Throttling Policy, in the payload policyId is there which is not needed because, after the creation in the response we will get a different policyId. So, this policyId can be removed from that request Payload window in the documentation[1].
POST /labels [5] POST /api-categories [6]
Regarding the above 2, The id is not needed to add the label and API categories through the REST call.
PUT /labels/{labelId} The second thing the id is not required to be sent in the request body and it does not make sense with the labelId already existing, and it is in the path parameter. Additionally, the request example specifically states this: "id": "This is not mandatory.Auto generate by code" as well. 'id' is not required, can be omitted, and if it is sent, it is ignored. Therefore, it does not need to be documented in the request parameters.[7]
Yes, the ID fields are auto-generated internally and the parameter passed in the request will not be honored when creating/editing the policies/labels/api-categories.
We can mark these parameters are read only by adding readOnly: true
in API definition, similar to [1].
Also, in the Curl window, the URL has v1 instead of v0.16. That also should be changed as follows.
https://127.0.0.1:9443/api/am/admin/v0.16/throttling/policies/application
Rest API version should be changed to v0.16
Further, when we are adding a policy with a name which is already added, we are getting the following response.
{ "code": 409, "message": "Resource Already Exists", "description": "Application Policy with name 201PerMin already exists", "moreInfo": "", "error": [] }
Seems the resource definition - POST /throttling/policies/application
is missing the description of response code 409 and 500 response codes. We need to verify it for the other resources as well and add the relevant response definitions.
PUT /throttling/policies/application/{policyId}
Regarding the Description of the policy, it can be null even if we try to update or create a policy via UI too. Adding Description as nullable would be better in the documentation[2].
The application policy can be created with or without specifying the description field. It is not marked as required true in API definition. However, the support to add nullable attributes is introduced in OAS 3.x version (Refer [2] and [3]). Since the 3.1.0 Rest APIs are based on Swagger 2.0 and it doesn't affect the functionality we can have it as it is for now. Please create an issue in product-apim to resolve it in future release. Please note that REST APIs are not used in UIs in 3.1.0. It uses the Jaggery APIs for Admin portal.
1. customAttributes which is to be added to the Subscription Throttling Policy is an array type, where it should be an object/hashtable. There was no example like below is not provided.
Custom Attributes are correctly defined in Request Body schema - [4]. We need to add the same in Sample payload as well.
1. rateLimitTimeUnit was not described with its allowed values whether we can use null or NA or any other allowed values. 2. Allowed values of the timeUnit are mentioned as "sec", "min", "hour", "day". But, sec is not allowed via UI. Therefore, we can remove it from the documentation. And other Allowed values like a week, month and year through UI is not mentioned here. Please update the proper values of them in the Allowed values section.
We would need to test and verify the allowed values and add it under the description of each field. It would be better if we can have enums
for this. Since we cannot introduce such changes to the existing definitions, we can change these fields as enums
in future release. Please create a git issue for this too to track it for future releases.
3. Condition value can be more descriptive similar in the UI as below.
Format : ${userName} Eg: admin
1. The provided example of IP condition is invalid, and not even proper JSON as below. `"conditionValue": "{\"fixedIp\":\"192.168.1.1\":\"invert\":false}"`
We need to provide examples for each conditionType
similar to [5].
GET /applications Here the statement says "If no user is provided then the application for the user associated with the provided access token will be returned" But, we can change it with more information as below.
If no user query is provided, the application(s) for the user associated with the Authorization Header will be returned
We will update the description more clear.
[1] https://github.com/wso2/docs-apim/blob/3.1.0/en/docs/develop/product-apis/devportal-apis/devportal-v1/devportal-v1.yaml#L3613 [2] https://stackoverflow.com/questions/48111459/how-to-define-a-property-that-can-be-string-or-null-in-openapi-swagger [3] https://swagger.io/docs/specification/data-models/data-types/ [4] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Subscription-Policy-(Collection)/paths/~1throttling~1policies~1subscription/post [5] https://github.com/wso2/docs-apim/blob/3.1.0/en/docs/develop/product-apis/publisher-apis/publisher-v1/publisher-v1.yaml#L6974
Assignees @Chamindu36 , is working on this task.
Description:
POST /throttling/policies/application
When we are adding an Application Throttling Policy, in the payload policyId is there which is not needed because, after the creation in the response we will get a different policyId. So, this policyId can be removed from that request Payload window in the documentation[1]. Also, in the Curl window, the URL has v1 instead of v0.16. That also should be changed as follows.
https://127.0.0.1:9443/api/am/admin/v0.16/throttling/policies/application
Further, when we are adding a policy with a name which is already added, we are getting the following response.
This regarding the above 409 response code there is no explanation in the Responses section. It would be great if it is considered.
PUT /throttling/policies/application/{policyId}
Regarding the Description of the policy, it can be null even if we try to update or create a policy via UI too. Adding Description as nullable would be better in the documentation[2].
POST /throttling/policies/subscription
PUT /throttling/policies/subscription Regarding the Description of the policy, it can be null even if we try to update or create a policy via UI too. Adding Description as nullable would be better in the documentation[4].
POST /throttling/blacklist
"conditionValue": "{\"fixedIp\":\"192.168.1.1\":\"invert\":false}"
POST /labels [5] POST /api-categories [6]
Regarding the above 2, The id is not needed to add the label and API categories through the REST call.
PUT /labels/{labelId} The second thing the id is not required to be sent in the request body and it does not make sense with the labelId already existing, and it is in the path parameter. Additionally, the request example specifically states this: "id": "This is not mandatory.Auto generate by code" as well. 'id' is not required, can be omitted, and if it is sent, it is ignored. Therefore, it does not need to be documented in the request parameters.[7]
GET /applications Here the statement says "If no user is provided then the application for the user associated with the provided access token will be returned" But, we can change it with more information as below.
If no user query is provided, the application(s) for the user associated with the Authorization Header will be returned
PUT /api-categories/{apiCategoryId} Regarding the id, since that is already in the path param, it is no need to be mentioned in the request template. [9][1] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Application-Policy-(Collection)/paths/~1throttling~1policies~1application/post [2] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Application-Policy-(Individual)/paths/~1throttling~1policies~1application~1{policyId}/put [3] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Subscription-Policy-(Collection)/paths/~1throttling~1policies~1subscription/post [4] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Subscription-Policy-(Individual)/paths/~1throttling~1policies~1subscription~1{policyId}/put [5] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Label/paths/~1labels/post [6] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/API-Category-(Individual)/paths/~1api-categories/post [7] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Label/paths/~1labels~1{labelId}/put [8] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/Application-(Collection)/paths/~1applications/get [9] https://apim.docs.wso2.com/en/3.1.0/develop/product-apis/admin-apis/admin-v0.16/admin-v0.16/#tag/API-Category-(Individual)/paths/~1api-categories~1{apiCategoryId}/put
Affected Product Version: APIM 3.1.0