Skip to content

Latest commit

 

History

History
146 lines (129 loc) · 9.56 KB

index.md

File metadata and controls

146 lines (129 loc) · 9.56 KB

Adventure API

Basic information

URL and TOKEN variables in documentation

In entrypoints list, every entrypoint is described with sample cURL request. This request will contain "URL" variable, which corresponds to full URL to Adventure backend. In case of production environment used by Divante, while frontend is located in https://adventure.divante.pl, backend is located in https://adventure.divante.pl:8181. The other common variable is "TOKEN", which contains Bearer token aquired during login.

Sample cURL in documentation:

curl --request GET \
  --url URL/api/leaveRequest \
  --header 'authorization: Bearer TOKEN'

for production environment and access token equal to "ABC12345" cURL above will correspond to this:

curl --request GET \
  --url https://adventure.divante.pl:8181/api/leaveRequest \
  --header 'authorization: Bearer ABC12345'

JWT token

Currently the only way to acquire JWT token is during login. After clicking "Login" on frontend user is redirected to backend URL URL/connect/google. This entrypoint checks parameters for connection with Google and uses it to access user data from Google. Google redirects back to URL/login/check-google, which then redirects back to frontend with generated JWT token. The user is created now if wasn't existing before.

JWT is generated and encrypted with RS256 algorithm, so header of this JWT is:

{
  "typ": "JWT",
  "alg": "RS256"
}

Body is made of following fields:

{
  "iat": 1580709294,
  "exp": 1580795694,
  "roles": {
    "0": "ROLE_USER",
    "2": "ROLE_SUPER_ADMIN",
    "3": "ROLE_HELPDESK",
    "5": "ROLE_TRIBE_MASTER",
    "6": "ROLE_MANAGER",
    "8": "ROLE_HR"
  },
  "username": "jkowalski@example.com",
  "ip": "312.353.123.15",
  "employeeId": 123
}
  • iat - timestamp when token was issued
  • exp - timestamp when token will expire
  • roles - contains list user's roles. Can be either array of strings or, as in sample above, object. If roles is an object, keys don't have any importance and can be safely ignored.
  • username - e-mail used for logging in to Google
  • ip - user's IP address
  • employeeId - user's ID in Adventure

Roles

Following roles currently exist:

  • ROLE_USER (default role, which every logged in user has)
  • ROLE_MANAGER (extends USER)
  • ROLE_HR (extends USER)
  • ROLE_HELPDESK (extends USER)
  • ROLE_TRIBE_MASTER (extends MANAGER and HR)
  • ROLE_SUPER_ADMIN (extends TRIBE_MASTER and HELPDESK)

List of entrypoints

Entrypoints, sorted alphabetically by URL, then by methods in order: GET, POST, PATCH, PUT, DELETE

Method URL Documentation
GET /api/config Link
POST /api/config Link
GET /api/config/{entry} Link
GET /api/employees Link
PATCH /api/employees/{id} Link
DELETE /api/employees/{id} Link
GET /api/employees/{id}/checklists Link
POST /api/employees/assign/tribe/{id} Link
GET /api/employees/details Link
GET /api/employees/endedWork Link
POST /api/employees/endedWork Link
PATCH /api/employees/endedWork/{id} Link
DELETE /api/employees/endedWork/{id} Link
GET /api/employees/firstHiredDate Link
GET /api/employees/hardware/{id} Link
POST /api/employees/hideSlack Link
GET /api/employees/id/{id} Link
GET /api/employees/isPinSet Link
POST /api/employees/unassign/tribe/{id} Link
POST /api/employees/unlock/{id} Link
POST /api/employees/verifyPin Link
GET /api/employees/workLocation Link
POST /api/employees/workLocation Link
DELETE /api/employees/workLocation/{id} Link
GET /api/employees/workLocation/all Link
GET /api/news Link
POST /api/news Link
PATCH /api/news/{id} Link
DELETE /api/news/{id} Link
GET /api/period Link
POST /api/period Link
GET /api/period/{id} Link
PATCH /api/period/{id} Link
DELETE /api/period/{id} Link
GET /api/period/report Link
GET /api/potential_employee Link
POST /api/potential_employee Link
PATCH /api/potential_employee/{id} Link
DELETE /api/potential_employee/{id} Link
GET /api/projects Link
POST /api/projects Link
PATCH /api/projects/{id} Link
DELETE /api/projects/{id} Link
POST /api/projects/{id}/criterium Link
DELETE /api/projects/{id}/criterium/{critId} Link
POST /api/projects/{id}/disconnectSlack Link
GET /api/projects/details Link
PATCH /api/projects/hide/{id} Link
GET /api/projects/sendEmail/{id} Link
GET /api/tribe Link
POST /api/tribe Link
PATCH /api/tribe/{id} Link
DELETE /api/tribe/{id} Link
POST /api/tribe/{id}/disconnectSlack Link
POST /api/tribe/{id}/position/{posId} Link
DELETE /api/tribe/{id}/position/{posId} Link