This commit is contained in:
@@ -15,12 +15,13 @@ todo: check attachment NOTES property is actually supported
|
||||
|
||||
todo: search tables in schema, I think there is a missing index here, need to look at the search query section again as it was changed several times from the original schema creation
|
||||
|
||||
API REFACTORING
|
||||
API REFACTORING (note: workordercontroller / biz should be following all these rules so it's the template if need reference)
|
||||
todo: all api route parameters, post object sb "newObject", put="updatedObject"
|
||||
todo: all api routes, re-arrange code in controller in this order POST (and postlike such as duplicate), GET, PUT, DELETE for consistency and logicality
|
||||
todo: all api route URI's sb lower case with dashes if necessary (use plural noun scheme)
|
||||
https://docs.microsoft.com/en-us/azure/architecture/best-practices/api-design#organize-the-api-around-resources
|
||||
|
||||
todo: Controllers should not need to know about databases
|
||||
refactor code so controller never fetches or deals with saving an object, all that is biz responsibility
|
||||
todo: Routes should check rights *BEFORE* they fetch the object, not after, all routes affected
|
||||
i.e. delete route instantiates biz object, then it fetchs object from db *then* it checks if they have rights to delete (generically, not specific to that object)
|
||||
This is out of order as it triggers a db call even if they have no rights to do it
|
||||
|
||||
Reference in New Issue
Block a user