This commit is contained in:
@@ -15,6 +15,9 @@ todo: check attachment NOTES property is actually supported
|
||||
|
||||
todo: search tables in schema, I think there is a missing index here, need to look at the search query section again as it was changed several times from the original schema creation
|
||||
|
||||
todo: all api route URI's sb lower case with dashes if necessary (use plural noun scheme)
|
||||
https://docs.microsoft.com/en-us/azure/architecture/best-practices/api-design#organize-the-api-around-resources
|
||||
|
||||
todo: Routes should check rights *BEFORE* they fetch the object, not after, all routes affected
|
||||
i.e. delete route instantiates biz object, then it fetchs object from db *then* it checks if they have rights to delete (generically, not specific to that object)
|
||||
This is out of order as it triggers a db call even if they have no rights to do it
|
||||
|
||||
Reference in New Issue
Block a user