Created
December 11, 2018 07:00
-
-
Save wongjiahau/3252840075a8243e416a770f3a2d7b08 to your computer and use it in GitHub Desktop.
aeon admin portal endpoint
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import { Endpoint } from "../../src/lib/DiloServer"; | |
/** | |
* Common response code | |
* 401 - Request body error | |
* 500 - Internal server error | |
*/ | |
const LIST_OF_PERMISSIONS = { | |
"1100": true, // User management | |
"2100": true, // Role management | |
"3100": true, // System param management | |
}; | |
export const adminPortalEndpoints: Endpoint[] = [ | |
// For login | |
["POST", "/session-id", { | |
body: { | |
USID: "test_user", | |
PW: "1324ewrge", // Hash using saltless SHA-256 | |
}, | |
response: { | |
// Login success | |
200: [ | |
{ | |
KIND: "LoginSuccess", | |
SESSION_ID: "<session_id>", | |
PERMISSIONS: LIST_OF_PERMISSIONS | |
}, | |
{ | |
KIND: "PasswordExpired", | |
SESSION_ID: "<session_id>" | |
}, | |
{ | |
KIND: "FirstTimeLogin", | |
SESSION_ID: "<session_id>" | |
}, | |
{ | |
KIND: "PasswordWillExpireSoon", | |
EXPIRY_EDT: 1544425876959, | |
SESSION_ID: "<session_id>" | |
}, | |
{ | |
KIND: "InvalidCredential", | |
REMAINING_TRY_COUNT: 3 | |
}, | |
{ | |
KIND: "AccountLocked", | |
REMAINING_EDT: 1544425876959 | |
} | |
] | |
} | |
}], | |
// For user to view their own profile | |
["GET", "/user-profile", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
response: { | |
200: { | |
USID: "Admin01", | |
NAME: "Admin Name", | |
EMAIL: "admin@gmail.com", | |
MOBILE_NO: "012-3421343", | |
PHONE_NO: "03-90123444", | |
EXTRA_DETAIL: { | |
// extra property | |
} | |
} | |
} | |
}], | |
// For user to update their own profile | |
["PUT", "/user-profile", { | |
body: { | |
USID: "Admin01", | |
EMAIL: "admin@gmail.com", | |
MOBILE_NO: "012-3421343", | |
PHONE_NO: "03-90123444", | |
EXTRA_DETAIL: { | |
// extra property | |
} | |
}, | |
response: { | |
200: {} // Update success | |
} | |
}], | |
// For user to change their own password | |
["PUT", "/user-profile-pw", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
OLD_PW: "<old_pw>", | |
NEW_PW: "<new_pw>" | |
}, | |
response: { | |
200: [ | |
{ | |
KIND: "ChangePasswordSuccess" | |
}, | |
{ | |
KIND: "InvalidCredential" | |
}, | |
{ | |
KIND: "PasswordRepeated" | |
} | |
] | |
} | |
}], | |
/** | |
* The following endpoints is for UserAdmin only | |
* The users that are flagged as 0 are returned only | |
*/ | |
// For UserAdmin to view user | |
["GET", "/users", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
response: { | |
200: { | |
USERS: [{ | |
USID: "Admin01", | |
NAME: "Admin Name", | |
EMAIL: "admin@gmail.com", | |
MOBILE_NO: "012-3421343", | |
PHONE_NO: "03-90123444", | |
EXTRA_DETAIL: { | |
// extra property | |
}, | |
PW_TRYCOUNT: 0, | |
LAST_PW_CHANGE_EDT: 1544425876959, | |
LAST_LOGIN_EDT: 1544425876959, | |
CREATED_BY: "Admin02", | |
CREATED_EDT: 1544425876959, | |
LAST_CHANGED_BY: "Admin03", | |
LAST_CHANGED_EDT: 1544425876959 | |
}] | |
} | |
} | |
}], | |
// For UserAdmin to update a user | |
["PUT", "/user", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
USID: "Admin01", // For searching purpose | |
NAME: "Admin Name", | |
EMAIL: "admin@gmail.com", | |
MOBILE_NO: "012-3421343", | |
PHONE_NO: "03-90123444", | |
EXTRA_DETAIL: { | |
// extra property | |
}, | |
}, | |
response: { | |
200: {} // Edit success | |
} | |
}], | |
// For UserAdmin to reset the password another user | |
["PUT", "/user-admin-pw", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
USID: "<user id>", | |
NEW_PW: "<new_pw>" | |
}, | |
response: { | |
200: {} // Success | |
} | |
}], | |
// For UserAdmin to create user | |
["POST", "/user", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
USID: "Admin01", // For searching purpose | |
NAME: "Admin Name", | |
PW: "<password>", | |
EMAIL: "User001@gmail.com", | |
MOBILE_NO: "012-3421343", | |
PHONE_NO: "03-90123444", | |
EXTRA_DETAIL: { | |
// extra property | |
}, | |
}, | |
response: { | |
200: [ | |
{ | |
KIND: "SUCCESS" | |
}, | |
{ | |
KIND: "USID_DUPLICATED" | |
} | |
] | |
} | |
}], | |
/** | |
* The following endpoints is for SecurityAdmin only | |
*/ | |
// For retrieving modules and permissions | |
["GET", "/modules", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
response: { | |
200: { | |
MODULES: [{ | |
MODULE_ID: "1000", | |
MODULE_NAME: "System Params", | |
PERMISSIONS: [{ | |
PERMISSION_ID: "1100", | |
PERMISSION_NAME: "View Params" | |
}], | |
}], | |
ROLES: [{ | |
ROLE_NAME: "Batch operator", | |
ROLE_DESC: "Operate batch process", | |
PERMISSIONS: LIST_OF_PERMISSIONS | |
}] | |
} | |
} | |
}], | |
// For SecurityAdmin to create role and assign permissions to it | |
["POST", "/role", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
ROLE_NAME: "Batch operator", | |
ROLE_DESC: "Operate batch process", | |
PERMISSIONS: LIST_OF_PERMISSIONS | |
}, | |
response: { | |
200: [ | |
{ | |
KIND: "SUCCESS" | |
}, | |
{ | |
KIND: "ROLE_NAME_DUPLICATED" | |
} | |
] | |
} | |
}], | |
// For SecurityAdmin to update role | |
["PUT", "/role", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
ROLE_NAME: "Batch operator", | |
ROLE_DESC: "Operate batch process", | |
PERMISSIONS: LIST_OF_PERMISSIONS | |
}, | |
response: { | |
200: {} | |
} | |
}], | |
// For SecurityAdmin to delete role (currently not in-used) | |
["DELETE", "/role", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
ROLE_NAME: "Batch operator" | |
}, | |
response: { | |
200: {} | |
} | |
}], | |
// For SecurityAdmin to get the roles of a specific user (based on USID) | |
["GET", "/user-role", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
querystring: { | |
usid: "TestUser01" | |
}, | |
response: { | |
200: { | |
ROLES: ["Batch Operator", "Log Viewer"] | |
} | |
} | |
}], | |
// For SecurityAdmin to assign role to a specific user | |
["POST", "/user-role", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
USID: "TestUser01", | |
ROLES: ["Batch Operator", "Log Viewer"] | |
}, | |
response: { | |
200: {} // Success | |
} | |
}], | |
// For SecurityAdmin to revoke role from a specific user | |
["DELETE", "/user-role", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
USID: "TestUser01", | |
ROLES: ["Batch Operator", "Log Viewer"] | |
}, | |
response: { | |
200: {} // Success | |
} | |
}], | |
/** | |
* Endpoints for checker maker | |
*/ | |
// Retrieve maker-checker histories | |
["GET", "/maker-checker", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
querystring: { | |
"page-number": 0, // Starts from 0 | |
"page-size": 10 // How many record per page | |
}, | |
response: { | |
200: { | |
CHECKER_MAKER_HISTORIES: [{ | |
ID: 1, | |
ACTION: "MERCHANT_TAGGING", | |
MAKER_USID: "TesterUser01", | |
CREATED_EDT: 1544425876959, | |
REQUEST_PARAM: "{MERCHANT_ID:'123', CARD:'MasterCard'}", | |
STATUS: "APPROVED|PENDING|REJECTED|CANCELLED", | |
RESPONSE: "{KIND:'error', MESSAGE: 'card does not exist'}", | |
CHECKER_USID: "TesterUser02", | |
CHECKED_EDT: 1544425876959, | |
CHECKER_COMMENT: "" | |
}] | |
} // Success | |
} | |
}], | |
// Create maker-checker request | |
["POST", "/maker-checker", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
ACTION: "MERCHANT_TAGGING", | |
MAKER_USID: "TesterUser01", | |
REQUEST_PARAM: "{MERCHANT_ID:'123', CARD:'MasterCard'}", | |
}, | |
response: { | |
200: {} | |
} | |
}], | |
// Finish(approve/reject/cancel) maker-checker request | |
["PUT", "/maker-checker", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
ID: 1, | |
STATUS: "REJECTED", | |
CHECKER_USID: "TestUser01", | |
CHECKER_COMMENT: "Too many typo" | |
}, | |
response: { | |
200: {} | |
} | |
}], | |
/** | |
* We are not sure who will have the privileges to access the endpoints below at the moment | |
*/ | |
// For user X to view the audit log | |
["GET", "/audit-log", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
querystring: { | |
"page-number": 0, // Starts from 0 | |
"page-size": 10, // How many record per page | |
"usid": "TestUser01", // Put empty string if no need filter | |
"action": "<action_name>", // Put empty string if no need filter | |
"start-edt": 1544425876959, // 0 means from the beginning of time | |
"end-edt": 1544425876959, // 9999999999999 means until the end of time | |
}, | |
response: { | |
200: { | |
TOTAL_PAGES: 100, | |
AUDIT_LOGS: [{ | |
ID: "001", | |
USID: "TestUser01", | |
ACTION: "User(TestUser01) update name from 'Lee' to 'Lau'", | |
EDT: 1544425876959 | |
}] | |
} // Success | |
} | |
}], | |
// For user X to view internal system params | |
["GET", "/internal-system-params", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
response: { | |
200: { | |
PARAMS: [{ | |
PARAM_NAME: "PasswordValidDuration", | |
PARAM_DESC: "The valid duration of a new password", | |
PARAM_MIN: 13, | |
PARAM_MAX: 20, | |
PARAM_VALUE: 15, | |
ENABLED: false, | |
LAST_CHANGED_BY: "<USID>", | |
LAST_CHANGED_EDT: 1544425876959 | |
}] | |
} | |
} | |
}], | |
// For user X to update internal system params | |
["PUT", "/internal-system-params", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
PARAMS: [{ | |
PARAM_NAME: "PasswordValidDuration", | |
PARAM_VALUE: 15, | |
ENABLED: false, | |
}] | |
}, | |
response: { | |
200: {} | |
} | |
}], | |
/** | |
* The following endpoint is for SuperAdmin | |
*/ | |
// To check if SuperAdmin exists (for redirecting UI) | |
["GET", "/super-admin", { | |
response: { | |
200: { | |
exist: true | |
} | |
} | |
}], | |
// For creating super-admin | |
["POST", "/super-admin", { | |
headers: { | |
Authorization: "Bearer <shared_secret>" | |
}, | |
body: { | |
ADMIN_ID: "SuperAdmin", | |
ADMIN_PW: "ef;hgjhgdkfg", // = SHA256(pw1 + pw2) | |
}, | |
response: { | |
200: { | |
exist: true | |
} | |
} | |
}], | |
// For super-admin to login | |
["POST", "/super-admin-session", { | |
headers: { | |
Authorization: "Bearer <shared_secret>" | |
}, | |
body: { | |
ADMIN_ID: "SuperAdmin", | |
ADMIN_PW: "ef;hgjhgdkfg", // = SHA256(pw1 + pw2) | |
}, | |
response: { | |
200: [ | |
{ | |
KIND: "LoginSuccess", | |
SESSION_ID: "<session_id>", | |
}, | |
{ | |
KIND: "InvalidCredential", | |
} | |
] | |
} | |
}], | |
// For super-admin to view super users | |
["GET", "/super-users", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
response: { | |
200: { | |
USERS: [{ | |
USID: "Admin01", | |
FLAG: "1 or 2", // 1 means UserAdmin, 2 means SecurityAdmin | |
}] | |
} | |
} | |
}], | |
// For super-admin to create super user | |
["POST", "/super-user", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
USID: "Admin01", | |
PW: "23o43rhtr", // Hashed by SHA256 | |
FLAG: "1 or 2", // 1 means UserAdmin, 2 means SecurityAdmin | |
}, | |
response: { | |
200: [ | |
{ | |
KIND: "SUCCESS" | |
}, | |
{ | |
KIND: "ID_DUPLICATED" | |
} | |
] | |
} | |
}], | |
// For super-admin to reset the password of a super-user | |
["PUT", "/super-user-pw", { | |
headers: { | |
Authorization: "Bearer <session_id>" | |
}, | |
body: { | |
USID: "Admin01", | |
PW: "2345385ytteg", // Hashed by SHA256 | |
}, | |
response: { | |
200: {} // Success | |
} | |
}] | |
]; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment