-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
new API option: Can I create/edit/delete this resource please? #293
Comments
So it would be OK to have a response to an "OPTIONS /v1/dataset" request which said e.g. "Allow: HEAD GET POST" (as a header) and had a JSON body detailing which publishing organization keys the dataset would need to be in. |
I imagine that the UI will wrap all create/edit/delete buttons in a condition like
So using the OPTIONS request to decide what UI components to show. This doesn't solve everything of course, but it would go a long way. It would not tell the client what constraints applies when creating/editing. E.g. that the user in case is only allowed to create datasets with a specific publisherKey. Or isn't allowed to create identifiers using the Making it even better
I would be happy if we
|
Finally using the checkPermissionsOnly param. Deployed to prod. |
The registry is constantly being expanded with roles and scoped editor access.
The UI is currently trying to follow along and duplicate this logic in the browser.
It would be really useful to have a way to query what actions were allowed for a given resource+user. It is less error prone, and the UI would always be in sync with the API.
It could be an OPTIONS request or it could be a separate endpoint.
The text was updated successfully, but these errors were encountered: