Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import { Endpoint } from "../../src/lib/DiloServer";
- /**
- * Common response code
- * 401 - Request body error
- * 500 - Internal server error
- */
- const LIST_OF_PERMISSIONS = {
- "1100": true, // User management
- "2100": true, // Role management
- "3100": true, // System param management
- };
- export const adminPortalEndpoints: Endpoint[] = [
- // For login
- ["POST", "/session-id", {
- body: {
- USID: "test_user",
- PW: "1324ewrge", // Hash using saltless SHA-256
- },
- response: {
- // Login success
- 200: [
- {
- KIND: "LoginSuccess",
- SESSION_ID: "<session_id>",
- PERMISSIONS: LIST_OF_PERMISSIONS
- },
- {
- KIND: "PasswordExpired",
- SESSION_ID: "<session_id>"
- },
- {
- KIND: "FirstTimeLogin",
- SESSION_ID: "<session_id>"
- },
- {
- KIND: "PasswordWillExpireSoon",
- EXPIRY_EDT: 1544425876959,
- SESSION_ID: "<session_id>"
- },
- {
- KIND: "InvalidCredential",
- REMAINING_TRY_COUNT: 3
- },
- {
- KIND: "AccountLocked",
- REMAINING_EDT: 1544425876959
- }
- ]
- }
- }],
- // For user to view their own profile
- ["GET", "/user-profile", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- response: {
- 200: {
- USID: "Admin01",
- NAME: "Admin Name",
- EMAIL: "admin@gmail.com",
- MOBILE_NO: "012-3421343",
- PHONE_NO: "03-90123444",
- EXTRA_DETAIL: {
- // extra property
- }
- }
- }
- }],
- // For user to update their own profile
- ["PUT", "/user-profile", {
- body: {
- USID: "Admin01",
- EMAIL: "admin@gmail.com",
- MOBILE_NO: "012-3421343",
- PHONE_NO: "03-90123444",
- EXTRA_DETAIL: {
- // extra property
- }
- },
- response: {
- 200: {} // Update success
- }
- }],
- // For user to change their own password
- ["PUT", "/user-profile-pw", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- OLD_PW: "<old_pw>",
- NEW_PW: "<new_pw>"
- },
- response: {
- 200: [
- {
- KIND: "ChangePasswordSuccess"
- },
- {
- KIND: "InvalidCredential"
- },
- {
- KIND: "PasswordRepeated"
- }
- ]
- }
- }],
- /**
- * The following endpoints is for UserAdmin only
- * The users that are flagged as 0 are returned only
- */
- // For UserAdmin to view user
- ["GET", "/users", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- response: {
- 200: {
- USERS: [{
- USID: "Admin01",
- NAME: "Admin Name",
- EMAIL: "admin@gmail.com",
- MOBILE_NO: "012-3421343",
- PHONE_NO: "03-90123444",
- EXTRA_DETAIL: {
- // extra property
- },
- PW_TRYCOUNT: 0,
- LAST_PW_CHANGE_EDT: 1544425876959,
- LAST_LOGIN_EDT: 1544425876959,
- CREATED_BY: "Admin02",
- CREATED_EDT: 1544425876959,
- LAST_CHANGED_BY: "Admin03",
- LAST_CHANGED_EDT: 1544425876959
- }]
- }
- }
- }],
- // For UserAdmin to update a user
- ["PUT", "/user", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- USID: "Admin01", // For searching purpose
- NAME: "Admin Name",
- EMAIL: "admin@gmail.com",
- MOBILE_NO: "012-3421343",
- PHONE_NO: "03-90123444",
- EXTRA_DETAIL: {
- // extra property
- },
- },
- response: {
- 200: {} // Edit success
- }
- }],
- // For UserAdmin to reset the password another user
- ["PUT", "/user-admin-pw", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- USID: "<user id>",
- NEW_PW: "<new_pw>"
- },
- response: {
- 200: {} // Success
- }
- }],
- // For UserAdmin to create user
- ["POST", "/user", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- USID: "Admin01", // For searching purpose
- NAME: "Admin Name",
- PW: "<password>",
- EMAIL: "User001@gmail.com",
- MOBILE_NO: "012-3421343",
- PHONE_NO: "03-90123444",
- EXTRA_DETAIL: {
- // extra property
- },
- },
- response: {
- 200: [
- {
- KIND: "SUCCESS"
- },
- {
- KIND: "USID_DUPLICATED"
- }
- ]
- }
- }],
- /**
- * The following endpoints is for SecurityAdmin only
- */
- // For retrieving modules and permissions
- ["GET", "/modules", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- response: {
- 200: {
- MODULES: [{
- MODULE_ID: "1000",
- MODULE_NAME: "System Params",
- PERMISSIONS: [{
- PERMISSION_ID: "1100",
- PERMISSION_NAME: "View Params"
- }],
- }],
- ROLES: [{
- ROLE_NAME: "Batch operator",
- ROLE_DESC: "Operate batch process",
- PERMISSIONS: LIST_OF_PERMISSIONS
- }]
- }
- }
- }],
- // For SecurityAdmin to create role and assign permissions to it
- ["POST", "/role", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- ROLE_NAME: "Batch operator",
- ROLE_DESC: "Operate batch process",
- PERMISSIONS: LIST_OF_PERMISSIONS
- },
- response: {
- 200: [
- {
- KIND: "SUCCESS"
- },
- {
- KIND: "ROLE_NAME_DUPLICATED"
- }
- ]
- }
- }],
- // For SecurityAdmin to update role
- ["PUT", "/role", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- ROLE_NAME: "Batch operator",
- ROLE_DESC: "Operate batch process",
- PERMISSIONS: LIST_OF_PERMISSIONS
- },
- response: {
- 200: {}
- }
- }],
- // For SecurityAdmin to delete role (currently not in-used)
- ["DELETE", "/role", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- ROLE_NAME: "Batch operator"
- },
- response: {
- 200: {}
- }
- }],
- // For SecurityAdmin to get the roles of a specific user (based on USID)
- ["GET", "/user-role", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- querystring: {
- usid: "TestUser01"
- },
- response: {
- 200: {
- ROLES: ["Batch Operator", "Log Viewer"]
- }
- }
- }],
- // For SecurityAdmin to assign role to a specific user
- ["POST", "/user-role", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- USID: "TestUser01",
- ROLES: ["Batch Operator", "Log Viewer"]
- },
- response: {
- 200: {} // Success
- }
- }],
- // For SecurityAdmin to revoke role from a specific user
- ["DELETE", "/user-role", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- USID: "TestUser01",
- ROLES: ["Batch Operator", "Log Viewer"]
- },
- response: {
- 200: {} // Success
- }
- }],
- /**
- * Endpoints for checker maker
- */
- // Retrieve maker-checker histories
- ["GET", "/maker-checker", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- querystring: {
- "page-number": 0, // Starts from 0
- "page-size": 10 // How many record per page
- },
- response: {
- 200: {
- CHECKER_MAKER_HISTORIES: [{
- ID: 1,
- ACTION: "MERCHANT_TAGGING",
- MAKER_USID: "TesterUser01",
- CREATED_EDT: 1544425876959,
- REQUEST_PARAM: "{MERCHANT_ID:'123', CARD:'MasterCard'}",
- STATUS: "APPROVED|PENDING|REJECTED|CANCELLED",
- RESPONSE: "{KIND:'error', MESSAGE: 'card does not exist'}",
- CHECKER_USID: "TesterUser02",
- CHECKED_EDT: 1544425876959,
- CHECKER_COMMENT: ""
- }]
- } // Success
- }
- }],
- // Create maker-checker request
- ["POST", "/maker-checker", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- ACTION: "MERCHANT_TAGGING",
- MAKER_USID: "TesterUser01",
- REQUEST_PARAM: "{MERCHANT_ID:'123', CARD:'MasterCard'}",
- },
- response: {
- 200: {}
- }
- }],
- // Finish(approve/reject/cancel) maker-checker request
- ["PUT", "/maker-checker", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- ID: 1,
- STATUS: "REJECTED",
- CHECKER_USID: "TestUser01",
- CHECKER_COMMENT: "Too many typo"
- },
- response: {
- 200: {}
- }
- }],
- /**
- * We are not sure who will have the privileges to access the endpoints below at the moment
- */
- // For user X to view the audit log
- ["GET", "/audit-log", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- querystring: {
- "page-number": 0, // Starts from 0
- "page-size": 10, // How many record per page
- "usid": "TestUser01", // Put empty string if no need filter
- "action": "<action_name>", // Put empty string if no need filter
- "start-edt": 1544425876959, // 0 means from the beginning of time
- "end-edt": 1544425876959, // 9999999999999 means until the end of time
- },
- response: {
- 200: {
- TOTAL_PAGES: 100,
- AUDIT_LOGS: [{
- ID: "001",
- USID: "TestUser01",
- ACTION: "User(TestUser01) update name from 'Lee' to 'Lau'",
- EDT: 1544425876959
- }]
- } // Success
- }
- }],
- // For user X to view internal system params
- ["GET", "/internal-system-params", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- response: {
- 200: {
- PARAMS: [{
- PARAM_NAME: "PasswordValidDuration",
- PARAM_DESC: "The valid duration of a new password",
- PARAM_MIN: 13,
- PARAM_MAX: 20,
- PARAM_VALUE: 15,
- ENABLED: false,
- LAST_CHANGED_BY: "<USID>",
- LAST_CHANGED_EDT: 1544425876959
- }]
- }
- }
- }],
- // For user X to update internal system params
- ["PUT", "/internal-system-params", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- PARAMS: [{
- PARAM_NAME: "PasswordValidDuration",
- PARAM_VALUE: 15,
- ENABLED: false,
- }]
- },
- response: {
- 200: {}
- }
- }],
- /**
- * The following endpoint is for SuperAdmin
- */
- // To check if SuperAdmin exists (for redirecting UI)
- ["GET", "/super-admin", {
- response: {
- 200: {
- exist: true
- }
- }
- }],
- // For creating super-admin
- ["POST", "/super-admin", {
- headers: {
- Authorization: "Bearer <shared_secret>"
- },
- body: {
- ADMIN_ID: "SuperAdmin",
- ADMIN_PW: "ef;hgjhgdkfg", // = SHA256(pw1 + pw2)
- },
- response: {
- 200: {
- exist: true
- }
- }
- }],
- // For super-admin to login
- ["POST", "/super-admin-session", {
- headers: {
- Authorization: "Bearer <shared_secret>"
- },
- body: {
- ADMIN_ID: "SuperAdmin",
- ADMIN_PW: "ef;hgjhgdkfg", // = SHA256(pw1 + pw2)
- },
- response: {
- 200: [
- {
- KIND: "LoginSuccess",
- SESSION_ID: "<session_id>",
- },
- {
- KIND: "InvalidCredential",
- }
- ]
- }
- }],
- // For super-admin to view super users
- ["GET", "/super-users", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- response: {
- 200: {
- USERS: [{
- USID: "Admin01",
- FLAG: "1 or 2", // 1 means UserAdmin, 2 means SecurityAdmin
- }]
- }
- }
- }],
- // For super-admin to create super user
- ["POST", "/super-user", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- USID: "Admin01",
- PW: "23o43rhtr", // Hashed by SHA256
- FLAG: "1 or 2", // 1 means UserAdmin, 2 means SecurityAdmin
- },
- response: {
- 200: [
- {
- KIND: "SUCCESS"
- },
- {
- KIND: "ID_DUPLICATED"
- }
- ]
- }
- }],
- // For super-admin to reset the password of a super-user
- ["PUT", "/super-user-pw", {
- headers: {
- Authorization: "Bearer <session_id>"
- },
- body: {
- USID: "Admin01",
- PW: "2345385ytteg", // Hashed by SHA256
- },
- response: {
- 200: {} // Success
- }
- }]
- ];
Add Comment
Please, Sign In to add comment