This commit is contained in:
@@ -17,7 +17,9 @@ todo: search tables in schema, I think there is a missing index here, need to lo
|
||||
|
||||
API REFACTORING (note: workordercontroller / biz should be following all these rules so it's the template if need reference)
|
||||
todo: all api route parameters, post object sb "newObject", put="updatedObject"
|
||||
IN BIZ TOO
|
||||
todo: all api routes, re-arrange code in controller in this order POST (and postlike such as duplicate), GET, PUT, DELETE for consistency and logicality
|
||||
BIZ TOO
|
||||
todo: all api route URI's sb lower case with dashes if necessary (use plural noun scheme)
|
||||
https://docs.microsoft.com/en-us/azure/architecture/best-practices/api-design#organize-the-api-around-resources
|
||||
todo: Controllers should not need to know about databases
|
||||
@@ -25,7 +27,7 @@ todo: Controllers should not need to know about databases
|
||||
todo: Routes should check rights *BEFORE* they fetch the object, not after, all routes affected
|
||||
i.e. delete route instantiates biz object, then it fetchs object from db *then* it checks if they have rights to delete (generically, not specific to that object)
|
||||
This is out of order as it triggers a db call even if they have no rights to do it
|
||||
|
||||
todo: all biz objects "ExistsAsync" is this required / necessary?
|
||||
|
||||
todo: log failed
|
||||
- Download attempts with wrong key
|
||||
|
||||
Reference in New Issue
Block a user