ksquareincmx / poc-chef-server Goto Github PK
View Code? Open in Web Editor NEWWanna order tortas? We gotcha covered fam!
License: MIT License
Wanna order tortas? We gotcha covered fam!
License: MIT License
Implement filterRoles, onlyOwner, appendUser policies for the User sub-app.
As a user I want to be able to see the list of current events.
Constraints
Scenario 1
User tries to see the list of current events
System Response: shows the list current events
Request:
GET /api/v1/events?type=current
accept: application/json
Response:
HTTP 1.1 200 Ok
{
"events": [
{
"id": "1",
"name": "Tortas para la oficina",
"start_date": 10000, // epoch
"end_date": 20000, // epoch
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
}
]
}
Scenario 2
User tries to see the list of current events, but the user is
not logged in
System Response: notifies the user that is not logged in
Request:
GET /api/v1/events?type=current
accept: application/json
Response:
HTTP 1.1 401 Unauthorized
{
"code": "401",
"message": "Unauthorized"
}
Scenario 3
User tries to see the list of current events, but the service is not available
System Response: notifies the user that the service is not available
Request:
GET /api/v1/events?type=current
accept: application/json
Response:
HTTP 1.1 500 Internal Server Error
{
"code": "500",
"message": "Internal Server Error"
}
Add typescript for static type-checking, configure scripts to start, build, run, etc the project using typescript
For the backend, we will be using mocha + chai + nyc.
We must keep the README file up to date. Please add the missing info
Some functions don't have a return type, fix it. Other returns Promise<any>
type and some variables don't have a defined type, put types
As user i want login with google account
Request
{
"idToken": "51z49fae-8b45-4gce-ba3r-fa44b72c71d4"
}
Response
HTTP 1.1 200 Ok
{
"id": "58f89fae-8b54-4cce-ba3b-fa44b72c71d4",
"email": "[email protected]",
"role": "user",
"authProviderId": "51z49fae-8b45-4gce-ba3r-fa44b72c71d4"
}
As a user I want to be able to see the list of past events.
Constraints
Scenario 1
User tries to see the list of past events
System Response: shows the list past events
Request:
GET /api/v1/events?type=past
accept: application/json
Response:
HTTP 1.1 200 Ok
{
"events": [
{
"id": "1",
"name": "Tortas para la oficina",
"start_date": 10000, // epoch
"end_date": 20000, // epoch
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
}
]
}
Scenario 2
User tries to see the list of past events, but the user is
not logged in
System Response: notifies the user that is not logged in
Request:
GET /api/v1/events?type=past
accept: application/json
Response:
HTTP 1.1 401 Unauthorized
{
"code": "401",
"message": "Unauthorized"
}
Scenario 3
User tries to see the list of current events, but the service is not available
System Response: notifies the user that the service is not available
Request:
GET /api/v1/events?type=past
accept: application/json
Response:
HTTP 1.1 500 Internal Server Error
{
"code": "500",
"message": "Internal Server Error"
}
As a user, I want to be able to mark many events as finished.
Constraints
Scenario 1
Admin tries to mark many events as finished.
System Response: notifies the user that the events were marked as finished
Request:
POST /api/v1/events/actions
accept: application/json
{
"action": "mark_as_finished",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 200 Ok
Scenario 2
User tries to mark many events as finished, but the user is not logged in
System Response: notifies the user that is not logged in
Request:
POST /api/v1/events/actions
accept: application/json
{
"action": "mark_as_finished",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 401 Unauthorized
{
"code": "401",
"message": "Unauthorized"
}
Scenario 3
User tries to mark many events as finished, but the service is not available
System Response: notifies the user that the service is not available
Request:
POST /api/v1/events/actions
accept: application/json
{
"action": "mark_as_finished",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 500 Internal Server Error
{
"code": "500",
"message": "Internal Server Error"
}
extend prettier config
As a user I want to be able to mark many orders as paid.
Constraints
Scenario 1
Admin tries to mark many orders as paid.
System Response: notifies the user that the orders were marked as paid
Request:
PATH /api/v1/orders/actions
accept: application/json
{
"action": "mark_as_paid",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 200 Ok
Scenario 2
User tries to mark many orders as paid, but the user is not logged in
System Response: notifies the user that is not logged in
Request:
PATH /api/v1/orders/actions
accept: application/json
{
"action": "mark_as_paid",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 401 Unauthorized
{
"code": "401",
"message": "Unauthorized"
}
Scenario 3
User tries to mark many orders as paid, but the service is not available
System Response: notifies the user that the service is not available
Request:
PATH /api/v1/orders/actions
accept: application/json
{
"action": "mark_as_paid",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 500 Internal Server Error
{
"code": "500",
"message": "Internal Server Error"
}
Add a new validation to check if any of the products sent in the event exist in the product data source. This validation is used when creating and updating an order.
With partner/ admin partner account I want to login with email and password.
Request
POST /v1/auth/login
{
"admin": "[email protected]",
"password": "adminpassword"
}
Response
HTTP 1.1 200 Ok
{
"id": "58f89fae-8b54-4cce-ba3b-fa44b72c71d4",
"email": "[email protected]",
"role": "admin partner"
}
Constraints:
Event Action for the Partner app will only accept one UUID instead of an array of UUID.
Add docker file for development env and production enviroment
Now Typescript is configurated, refactor code using Typescript features and change file extension from .js to .ts
As a user I want to create a new event
Input data:
Constraints:
Scenario 1
user tries to create new user with the following data
System Response: notifies the user that the event was created
Request
POST /api/v1/events
Accept: application/json
{
"event_name": "Tortastic",
"start_date": 1000, // epoch,
"end_date": 1000, // epoch
"start_hour", 1000, // epoch
"end_hour": 1000,
"poc_chuc_torta_unitary_price": 10,
"shrimp_torta_unitary_price": 12,
}
Response
HTTP 1.1 201 Created
{
"id": "1",
"event_name": "Tortastic",
"start_date": 1000, // epoch,
"end_date": 1000, // epoch
"start_hour", 1000, // epoch
"end_hour": 1000,
"poc_chuc_torta_unitary_price": 10,
"shrimp_torta_unitary_price": 12,
}
Scenario 2: user inputs wrong data
the user tries to create a new event but inputs the wrong data,
Request
GET /api/v1/events
Accept: application/json
{
"event_name": "",
"start_date": -1000, // epoch,
"end_date": -1000, // epoch
"start_hour", -1000, // epoch
"end_hour": -999
}
Response
HTTP 1.1 400 Bad Request
{
"status": 400,
"message": "Bad Request",
"errors": [
{
"field": "event_name",
"error": "Is required"
}
]
}
Error List
Scenario 3: user is not authenticated (see #2)
Scenario 4: service is not available (see #2)
Rn we don't have policies for the events. This is just a proposal, feel free to add new policies or change them
Create event
Edit a particular event:
Cancel a particular event:
As and admin I want to be able to manually mark an event as finished (past)
Constraints
Scenario 1
Admin tries to mark an event as finished (past)
System Response: notifies the user that the event was marked as finished (past)
Request:
PUT /api/v1/events/1
accept: application/json
{
"event": {
"id": "1",
"name": "Tortas para la oficina",
"start_date": 10000, // epoch
"end_date": 20000, // epoch
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
"finished": true
}
}
Response:
HTTP 1.1 200 Ok
{
"event": {
"id": "1",
"name": "Tortas para la oficina",
"start_date": 10000, // epoch
"end_date": 20000, // epoch
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
"finished": true
}
}
Scenario 2
User tries to mark an event as finished (past), but the user is not logged in
System Response: notifies the user that is not logged in
Request:
PUT /api/v1/events/1
accept: application/json
{
"event": {
"id": "1",
"name": "Tortas para la oficina",
"start_date": 10000, // epoch
"end_date": 20000, // epoch
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
"finished": true
}
}
Response:
HTTP 1.1 401 Unauthorized
{
"code": "401",
"message": "Unauthorized"
}
Scenario 3
User tries to mark an order as finished (past), but the service is not available
System Response: notifies the user that the service is not available
Request:
PUT /api/v1/events/1
accept: application/json
{
"event": {
"id": "1",
"name": "Tortas para la oficina",
"start_date": 10000, // epoch
"end_date": 20000, // epoch
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
"finished": true
}
}
Response:
HTTP 1.1 500 Internal Server Error
{
"code": "500",
"message": "Internal Server Error"
}
This is a proposal.
As partner admin, I want to add new partners
Input data:
Constraints:
Scenario 1
partner admin tries to create new partner with the following data:
Request
POST /api/v1/register?type="partner"
Accept: application/json
{
"name": "Juan Perez",
"password": "j4un"
"email": "[email protected]"
}
Response
HTTP 1.1 400 Bad Request
{
"status": 400,
"message": "Bad Request",
"errors": [
{
"field": "email",
"error": "email in use"
}
]
}
Scenario 2
partner admin tries to create new partner with the following data:
Request
POST /api/v1/register?type="partner"
Accept: application/json
{
"name": "Juan Perez",
"password": "j4un"
"email": "[email protected]"
}
Response
HTTP 1.1 201 Created
{
"name": "Juan Perez",
"email": "[email protected]",
"role": partner
}
add logger to increase errors visibility
As a user I want to edit an event
Input data:
Constraints:
Scenario 1
user tries to edit an existing event
System Response: notifies the user that the event was created
Request
POST /api/v1/events/1
Accept: application/json
{
"id": "1",
"event_name": "Tortastic",
"start_date": 1000, // epoch,
"end_date": 1000, // epoch
"start_hour", 1000, // epoch
"end_hour": 1000,
"poc_chuc_torta_unitary_price": 10,
"shrimp_torta_unitary_price": 12,
}
Response
HTTP 1.1 200 Ok
{
"id": "1",
"event_name": "Tortastic",
"start_date": 1000, // epoch,
"end_date": 1000, // epoch
"start_hour", 1000, // epoch
"end_hour": 1000,
"poc_chuc_torta_unitary_price": 10,
"shrimp_torta_unitary_price": 12,
}
Scenario 2: user inputs wrong data
the user tries to create a new event but inputs the wrong data,
Request
GET /api/v1/events/1
Accept: application/json
{
"id": "1",
"event_name": "",
"start_date": -1000, // epoch,
"end_date": -1000, // epoch
"start_hour", -1000, // epoch
"end_hour": -999
}
Response
HTTP 1.1 400 Bad Request
{
"status": 400,
"message": "Bad Request",
"errors": [
{
"field": "event_name",
"error": "Is required"
}
]
}
Error List
Scenario 3: event doesn't exist
*Response
HTTP 1.1 404 Not Found
{
"status": 404,
"message": "Not Found"
}
Scenario 4: event is already finished
*Response
HTTP 1.1 400
{
"status": 400,
"message": "Bad Request",
"reason": "Event has already finished"
}
Scenario 5: user is not authenticated (see #2)
Scenario 6: service is not available (see #2)
Adding domain errors for better handling the specifics errors
Add test cases related to the different OrderServices using Chai and Mocka.
EVENT and ORDER models.
setup for a db.
When users (partner or user) log in return jwt, the jwt must contains in the payload:
Some interfaces have the following names:
and others as the following:
pick one style and be consistent
Order Action for the Partner app will only accept one UUID instead of an array of UUID.
While auditing the frontend source code of tortas-49b2a.firebaseapp.com with @seisvelas (a new Ksquare employee I'm studying with), we noticed that we were unable to create events without the password. When attempting to authenticate with an incorrect password we received the warning:
'you need the valid password ;)',
So we searched the page's source code for that error and encountered the following snippet:
if (this.eventForm.get('password').value != '[REDACTED]') {
this.ToastCtrl.create({
message: 'you need the valid password ;)',
.....
}
(Instead of [REDACTED]
, we found the password in plain text). We haven't included the password here, however it can easily be acquired by following the above process.
This seems like a nonideal approach, so I figured I should let y'all know!
"end_date" could be interpreted as the date it was marked finished. To keep things clear we are gonna use "expiration_date" instead.
Add API docs using swagger. See https://swagger.io/
Add documentation of the endpoints. See http://apidocjs.com/
As an admin I want to see an event.
Constraints
Scenario 1
User tries to see an event by id
System Response: shows event
Request:
GET /api/v1/events/1
accept: application/json
Response:
HTTP 1.1 200 Ok
{
"event": {
"id": "1",
"name": "Tortas para la oficina",
"start_date": 10000, // epoch
"end_date": 20000, // epoch
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 2,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 2,
"total": 44,
"orders": [
{
"id": "1",
"full_name": "Juan Carlos",
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
"paid": false
},
{
"id": "1",
"full_name": "Juan Carlos",
"poc_chuc_torta_unit_price": 10,
"poc_chuc_torta_amount": 1,
"shrimp_torta_unit_price": 12
"shrimp_torta_amount": 1,
"total": 22,
"paid": true
}
]
}
}
Scenario 2
User tries to see a specific event, but the user is not logged in
System Response: notifies the user that is not logged in
Request:
GET /api/v1/events/1
accept: application/json
Response:
HTTP 1.1 401 Unauthorized
{
"code": "401",
"message": "Unauthorized"
}
Scenario 3
User tries to see a specific event, but the service is not available
System Response: notifies the user that the service is not available
Request:
GET /api/v1/events/1
accept: application/json
Response:
HTTP 1.1 500 Internal Server Error
{
"code": "500",
"message": "Internal Server Error"
}
The policy must check that
example:
ordersService
to ordersRepository
eventsService
to eventsRepository
As a user, I want to be able to mark many orders as cancelled.
Constraints
Scenario 1
Admin tries to mark many orders as cancelled.
System Response: notifies the user that the orders were marked as cancelled
Request:
POST /api/v1/orders/actions
accept: application/json
{
"action": "mark_as_cancelled",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 200 Ok
Scenario 2
User tries to mark many orders as cancelled, but the user is not logged in
System Response: notifies the user that is not logged in
Request:
POST /api/v1/orders/actions
accept: application/json
{
"action": "mark_as_cancelled",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 401 Unauthorized
{
"code": "401",
"message": "Unauthorized"
}
Scenario 3
User tries to mark many orders as cancelled, but the service is not available
System Response: notifies the user that the service is not available
Request:
POST /api/v1/orders/actions
accept: application/json
{
"action": "mark_as_cancelled",
"ids": ["1", "2"]
}
Response:
HTTP 1.1 500 Internal Server Error
{
"code": "500",
"message": "Internal Server Error"
}
Right now we don't have policies for the orders. This is just a proposal, feel free to add new policies or change them
See all orders:
Create order
Edit a particular order
Cancel an order
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.