Improve API usability by simplification of some endpoints
CrsiX opened this issue · comments
- Remove the
active
field forPOST /refunds
(they should always be enabled) - Remove the
active
andparticipants
fields forPOST /communisms
(they should always be enabled; the creator of a communism should automatically join it with the quantity1
) - Add a field to
POST /polls/abort
containing the user alias of the user that issued the command to enforce user permission checking on the API server - Add a field to
POST /refunds/abort
containing the user alias of the user that issued the command to enforce user permission checking on the API server - Add a field to
POST /communisms/{close,abort}
containing the user alias of the user that issued the command to enforce user permission checking on the API server - Remove the endpoint
POST /communisms/setParticipants
- Add two new endpoints
POST /communisms/increaseParticipation
andPOST /communisms/decreaseParticipation
, both with the body of the communism ID and the user ID or user alias that should be increased/decreased (to finally replace thePOST /communisms/setParticipants
call above) - Remove the
GET /ballots
endpoint, if no specific usage is found - Remove the
GET /multitransactions
endpoint, if no specific usage is found -
Remove the(this endpoint is necessary)GET /votes
endpoint, if no specific usage is found - Change the
DELETE /aliases
endpoint to only require the ID of the alias in the body - Change the
DELETE /callbacks
endpoint to only require the ID of the callback in the body - Replace the
PUT /aliases
endpoint with aPOST /aliases/confirm
endpoint - Replace the
DELETE /aliases
endpoint with aPOST /aliases/delete
endpoint - Drop the
PUT /callbacks
endpoint - Move the functionality of the
POST /transactions
endpoint to accept consumption requests into its own new endpointPOST /consume
(or similar name) - Remove the
POST /users/setName
endpoint after #105 is done - Rename the
POST /users/disable
endpoint to something likePOST /users/delete
or similar (note that this is a soft delete on the server, therefore the HTTP methodDELETE
isn't used) - Add a new field to the
POST /users/disable
endpoint (or similar name, see above) containing the user alias of the user that requested to disable the mentioned user (the user ID should not be replaced) as a way to enforce permission checking in the server instead of the application code - Remove the fields
voucher_id
,external
(use default) andpermission
(use default) from thePOST /users
endpoint, so that this endpoint has literally no required body at all