Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Expose List GET API creation
See original GitHub issueI want to make the logic used to create the new GET List endpoint (#1544) available to be used in custom routes, similar to the way getUpdateHandler works.
For security, we’d need the ability to white or blacklist fields, and the fields should be used not just for generating JSON but also limit search / filtering functionality as well (so that nobody can query your data on fields they shouldn’t be able to).
I haven’t finalised the API for it yet, suggestions are welcome. I’ll write up the final API here when I’m about to start coding it. If anyone else wants to take this on, please let me know.
It would look something like this:
List.getAPI(type, options)
Type is for use later, so we can add more endpoint types:
listreturns itemsgetreturns a single item by IDupdateupdates a single item by IDdeletedeletes a single item by ID
Example:
List.getAPI('list', {
fields: 'name, email', // only name and email fields are available
excludeFields: 'password', // alternatively, include all fields except password
filters: 'name, email', // available fields to filter, defaults to the fields option
excludeFilters: 'password', // as above, allow filtering on all fields except password
filterValues: { isAdmin: false }, // always includes these filters
defaultLimit: 500, // alternatively, overrides default limit of 100
limit: 50, // sets limit to this value (otherwise can be specified in query)
defaultSort: 'name', // overrides List defaultSort
sort: 'email' // alternatively, hard-code the sort path
});
Returns a function that can be bound to an Express route:
function (req, res, next) {
// similar to admin/api/list/get.js
}
Issue Analytics
- State:
- Created 8 years ago
- Comments:12 (9 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
For Level 0,
exposeAPI()would be more clear.On Fri, Oct 9, 2015 at 12:23 AM, creynders notifications@github.com wrote:
So, after some input from other people I’m now leaning towards this API:
Level 0
expose: starts of route configuration, for a specific collection. I like it better thancreateAPI, since it communicates better what you’re doing. Maybe it should beexposeAPI?Level 1
see above
Level 2
preandpostas abovenew:
query, accepts a function withmquery, req, ressignature.With
mquerybeing the mongoose query relevant to the method (in this caseretrieve, e.g.Article.findById(articleId)) This allows you to leverage mongoose’s powerful and versatile query language.Some food for thought: In
allyou can declare stuff that needs to be applied to all methods (except when overridden) exposing the mongoose query will make this pretty hard, since the mongoose query system has an incremental API, with no means to decrement. E.g. if you declare apopulate: 'author'inallyou can’t unpopulate this in a specific method. I think?sort,filterandpopulatebecome wrappers to the mongoose query methods.Not too fond about
showthe more I think of it. Need to come up with something better.In general:
all methods accept functions as input, which will be called at the appropriate time to configure the query, e.g.
If you prefer to use a configuration object instead of the fluent API, that’s possible too:
Some more food for thought: error handling and data massaging. Maybe it’s a good idea to allow the use of a promise-like API to handle both e.g.: