Skip to content

Instantly share code, notes, and snippets.

@wongjiahau

wongjiahau/hi.ts

Created December 11, 2018 07:00
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wongjiahau/3252840075a8243e416a770f3a2d7b08 to your computer and use it in GitHub Desktop.
Save wongjiahau/3252840075a8243e416a770f3a2d7b08 to your computer and use it in GitHub Desktop.
Download ZIP
aeon admin portal endpoint
Raw
hi.ts
import { Endpoint } from "../../src/lib/DiloServer";
/**
* Common response code
* 401 - Request body error
* 500 - Internal server error
*/
const LIST_OF_PERMISSIONS = {
"1100": true, // User management
"2100": true, // Role management
"3100": true, // System param management
};
export const adminPortalEndpoints: Endpoint[] = [
// For login
["POST", "/session-id", {
body: {
USID: "test_user",
PW: "1324ewrge", // Hash using saltless SHA-256
},
response: {
// Login success
200: [
{
KIND: "LoginSuccess",
SESSION_ID: "<session_id>",
PERMISSIONS: LIST_OF_PERMISSIONS
},
{
KIND: "PasswordExpired",
SESSION_ID: "<session_id>"
},
{
KIND: "FirstTimeLogin",
SESSION_ID: "<session_id>"
},
{
KIND: "PasswordWillExpireSoon",
EXPIRY_EDT: 1544425876959,
SESSION_ID: "<session_id>"
},
{
KIND: "InvalidCredential",
REMAINING_TRY_COUNT: 3
},
{
KIND: "AccountLocked",
REMAINING_EDT: 1544425876959
}
]
}
}],
// For user to view their own profile
["GET", "/user-profile", {
headers: {
Authorization: "Bearer <session_id>"
},
response: {
200: {
USID: "Admin01",
NAME: "Admin Name",
EMAIL: "admin@gmail.com",
MOBILE_NO: "012-3421343",
PHONE_NO: "03-90123444",
EXTRA_DETAIL: {
// extra property
}
}
}
}],
// For user to update their own profile
["PUT", "/user-profile", {
body: {
USID: "Admin01",
EMAIL: "admin@gmail.com",
MOBILE_NO: "012-3421343",
PHONE_NO: "03-90123444",
EXTRA_DETAIL: {
// extra property
}
},
response: {
200: {} // Update success
}
}],
// For user to change their own password
["PUT", "/user-profile-pw", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
OLD_PW: "<old_pw>",
NEW_PW: "<new_pw>"
},
response: {
200: [
{
KIND: "ChangePasswordSuccess"
},
{
KIND: "InvalidCredential"
},
{
KIND: "PasswordRepeated"
}
]
}
}],
/**
* The following endpoints is for UserAdmin only
* The users that are flagged as 0 are returned only
*/
// For UserAdmin to view user
["GET", "/users", {
headers: {
Authorization: "Bearer <session_id>"
},
response: {
200: {
USERS: [{
USID: "Admin01",
NAME: "Admin Name",
EMAIL: "admin@gmail.com",
MOBILE_NO: "012-3421343",
PHONE_NO: "03-90123444",
EXTRA_DETAIL: {
// extra property
},
PW_TRYCOUNT: 0,
LAST_PW_CHANGE_EDT: 1544425876959,
LAST_LOGIN_EDT: 1544425876959,
CREATED_BY: "Admin02",
CREATED_EDT: 1544425876959,
LAST_CHANGED_BY: "Admin03",
LAST_CHANGED_EDT: 1544425876959
}]
}
}
}],
// For UserAdmin to update a user
["PUT", "/user", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
USID: "Admin01", // For searching purpose
NAME: "Admin Name",
EMAIL: "admin@gmail.com",
MOBILE_NO: "012-3421343",
PHONE_NO: "03-90123444",
EXTRA_DETAIL: {
// extra property
},
},
response: {
200: {} // Edit success
}
}],
// For UserAdmin to reset the password another user
["PUT", "/user-admin-pw", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
USID: "<user id>",
NEW_PW: "<new_pw>"
},
response: {
200: {} // Success
}
}],
// For UserAdmin to create user
["POST", "/user", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
USID: "Admin01", // For searching purpose
NAME: "Admin Name",
PW: "<password>",
EMAIL: "User001@gmail.com",
MOBILE_NO: "012-3421343",
PHONE_NO: "03-90123444",
EXTRA_DETAIL: {
// extra property
},
},
response: {
200: [
{
KIND: "SUCCESS"
},
{
KIND: "USID_DUPLICATED"
}
]
}
}],
/**
* The following endpoints is for SecurityAdmin only
*/
// For retrieving modules and permissions
["GET", "/modules", {
headers: {
Authorization: "Bearer <session_id>"
},
response: {
200: {
MODULES: [{
MODULE_ID: "1000",
MODULE_NAME: "System Params",
PERMISSIONS: [{
PERMISSION_ID: "1100",
PERMISSION_NAME: "View Params"
}],
}],
ROLES: [{
ROLE_NAME: "Batch operator",
ROLE_DESC: "Operate batch process",
PERMISSIONS: LIST_OF_PERMISSIONS
}]
}
}
}],
// For SecurityAdmin to create role and assign permissions to it
["POST", "/role", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
ROLE_NAME: "Batch operator",
ROLE_DESC: "Operate batch process",
PERMISSIONS: LIST_OF_PERMISSIONS
},
response: {
200: [
{
KIND: "SUCCESS"
},
{
KIND: "ROLE_NAME_DUPLICATED"
}
]
}
}],
// For SecurityAdmin to update role
["PUT", "/role", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
ROLE_NAME: "Batch operator",
ROLE_DESC: "Operate batch process",
PERMISSIONS: LIST_OF_PERMISSIONS
},
response: {
200: {}
}
}],
// For SecurityAdmin to delete role (currently not in-used)
["DELETE", "/role", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
ROLE_NAME: "Batch operator"
},
response: {
200: {}
}
}],
// For SecurityAdmin to get the roles of a specific user (based on USID)
["GET", "/user-role", {
headers: {
Authorization: "Bearer <session_id>"
},
querystring: {
usid: "TestUser01"
},
response: {
200: {
ROLES: ["Batch Operator", "Log Viewer"]
}
}
}],
// For SecurityAdmin to assign role to a specific user
["POST", "/user-role", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
USID: "TestUser01",
ROLES: ["Batch Operator", "Log Viewer"]
},
response: {
200: {} // Success
}
}],
// For SecurityAdmin to revoke role from a specific user
["DELETE", "/user-role", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
USID: "TestUser01",
ROLES: ["Batch Operator", "Log Viewer"]
},
response: {
200: {} // Success
}
}],
/**
* Endpoints for checker maker
*/
// Retrieve maker-checker histories
["GET", "/maker-checker", {
headers: {
Authorization: "Bearer <session_id>"
},
querystring: {
"page-number": 0, // Starts from 0
"page-size": 10 // How many record per page
},
response: {
200: {
CHECKER_MAKER_HISTORIES: [{
ID: 1,
ACTION: "MERCHANT_TAGGING",
MAKER_USID: "TesterUser01",
CREATED_EDT: 1544425876959,
REQUEST_PARAM: "{MERCHANT_ID:'123', CARD:'MasterCard'}",
STATUS: "APPROVED|PENDING|REJECTED|CANCELLED",
RESPONSE: "{KIND:'error', MESSAGE: 'card does not exist'}",
CHECKER_USID: "TesterUser02",
CHECKED_EDT: 1544425876959,
CHECKER_COMMENT: ""
}]
} // Success
}
}],
// Create maker-checker request
["POST", "/maker-checker", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
ACTION: "MERCHANT_TAGGING",
MAKER_USID: "TesterUser01",
REQUEST_PARAM: "{MERCHANT_ID:'123', CARD:'MasterCard'}",
},
response: {
200: {}
}
}],
// Finish(approve/reject/cancel) maker-checker request
["PUT", "/maker-checker", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
ID: 1,
STATUS: "REJECTED",
CHECKER_USID: "TestUser01",
CHECKER_COMMENT: "Too many typo"
},
response: {
200: {}
}
}],
/**
* We are not sure who will have the privileges to access the endpoints below at the moment
*/
// For user X to view the audit log
["GET", "/audit-log", {
headers: {
Authorization: "Bearer <session_id>"
},
querystring: {
"page-number": 0, // Starts from 0
"page-size": 10, // How many record per page
"usid": "TestUser01", // Put empty string if no need filter
"action": "<action_name>", // Put empty string if no need filter
"start-edt": 1544425876959, // 0 means from the beginning of time
"end-edt": 1544425876959, // 9999999999999 means until the end of time
},
response: {
200: {
TOTAL_PAGES: 100,
AUDIT_LOGS: [{
ID: "001",
USID: "TestUser01",
ACTION: "User(TestUser01) update name from 'Lee' to 'Lau'",
EDT: 1544425876959
}]
} // Success
}
}],
// For user X to view internal system params
["GET", "/internal-system-params", {
headers: {
Authorization: "Bearer <session_id>"
},
response: {
200: {
PARAMS: [{
PARAM_NAME: "PasswordValidDuration",
PARAM_DESC: "The valid duration of a new password",
PARAM_MIN: 13,
PARAM_MAX: 20,
PARAM_VALUE: 15,
ENABLED: false,
LAST_CHANGED_BY: "<USID>",
LAST_CHANGED_EDT: 1544425876959
}]
}
}
}],
// For user X to update internal system params
["PUT", "/internal-system-params", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
PARAMS: [{
PARAM_NAME: "PasswordValidDuration",
PARAM_VALUE: 15,
ENABLED: false,
}]
},
response: {
200: {}
}
}],
/**
* The following endpoint is for SuperAdmin
*/
// To check if SuperAdmin exists (for redirecting UI)
["GET", "/super-admin", {
response: {
200: {
exist: true
}
}
}],
// For creating super-admin
["POST", "/super-admin", {
headers: {
Authorization: "Bearer <shared_secret>"
},
body: {
ADMIN_ID: "SuperAdmin",
ADMIN_PW: "ef;hgjhgdkfg", // = SHA256(pw1 + pw2)
},
response: {
200: {
exist: true
}
}
}],
// For super-admin to login
["POST", "/super-admin-session", {
headers: {
Authorization: "Bearer <shared_secret>"
},
body: {
ADMIN_ID: "SuperAdmin",
ADMIN_PW: "ef;hgjhgdkfg", // = SHA256(pw1 + pw2)
},
response: {
200: [
{
KIND: "LoginSuccess",
SESSION_ID: "<session_id>",
},
{
KIND: "InvalidCredential",
}
]
}
}],
// For super-admin to view super users
["GET", "/super-users", {
headers: {
Authorization: "Bearer <session_id>"
},
response: {
200: {
USERS: [{
USID: "Admin01",
FLAG: "1 or 2", // 1 means UserAdmin, 2 means SecurityAdmin
}]
}
}
}],
// For super-admin to create super user
["POST", "/super-user", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
USID: "Admin01",
PW: "23o43rhtr", // Hashed by SHA256
FLAG: "1 or 2", // 1 means UserAdmin, 2 means SecurityAdmin
},
response: {
200: [
{
KIND: "SUCCESS"
},
{
KIND: "ID_DUPLICATED"
}
]
}
}],
// For super-admin to reset the password of a super-user
["PUT", "/super-user-pw", {
headers: {
Authorization: "Bearer <session_id>"
},
body: {
USID: "Admin01",
PW: "2345385ytteg", // Hashed by SHA256
},
response: {
200: {} // Success
}
}]
];
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment