Bids Resource API

Question

Bids Resource API

Closed this issue 9 years ago · 3 comments

groovecoder commented 12 years ago

GET /bids{?params}: A list of bids. Possible params to filter bids: user={github-username}, project={codesy-id}
GET /bids/new{?params}: A form to create a new bid. Possible params to pre-populate fields: url={url}, offer={offer}, ask={ask}
POST /bids: Create a new bid
GET /bids/{id}: A bid
GET /bids/{id};edit: A form to edit a bid.
PUT /bids/{id}: Change a bid
DELETE /bids/{id}: Delete a bid

Note: {id} could be either a url or system-generated identifier

Answer 1 · 2013-12-28T14:50:15.000Z

@zerokarmaleft - how does this look?

Answer 2 · 2013-12-28T16:32:13.000Z

liberator provides automatic near-full-compliance with HTTP RFC 2616, so the API will follow those conventions. I'd like to constrain the methods allowed to idempotent queries (all get requests, posts for create), forbid updates in preference of append-only updates (another post), and forbid deletes entirely. Another possibility suggested by @jgmize is allowing updates, but only for a specific field e.g. "cancelled". The motivation here is to save and analyze bids as they mutate over time.

@groovecoder I don't think mixing HTML and JSON makes sense here. The extensions can provide the form interfaces and just make the appropriate API calls, yes?

Here are the endpoints you can expect for bids, at least:

GET /bids: a list of all bids
^ automatically filtered by authenticated user
^ and with form-encoded parameters for querying
POST /bids: create a bid, with a data payload e.g.: {"url": "https://github.com/githubber/gitproject/issues/1", "offer": 5.0, "ask": 50.0}
GET /bids/{id}: get a bid by id
PUT /bids/{id}: update a bid by id, limiting mutation, with a data payload e.g.: {"cancelled": true}

Answer 3 · 2014-01-09T14:03:08.000Z

Pseudo-code for the extensions:

var existing_bid_ask, existing_bid_offer, csrf_token = null;
var pre_authorized = False;
// Fetch existing
var existingBidRequest = $.ajax({type: "get", url: "https://codesy-dev.herokuapp.com/api/v1/bids.json?url=https://github.com/codesy/patronage/issues/1"});
existingBidRequest.fail(function(jqXHR, status, error){
  if (error == "Unauthorized") {
    console.warn("Not signed in to codesy.io");
  }
});
existingBidRequest.done(function(data, status, jqXHR){
  pre_authorized = True;
  existing_bid_ask = data.ask;
  existing_bid_offer = data.offer;
});

if (pre_authorized) {
  var csrfTokenRequest = $.ajax({type: "get", url: "https://codesy-dev.herokuapp.com/api/v1/csrf_token", dataType: "text"});
  csrfTokenRequest.fail(function(jqXHR, status, error){
    console.warn("Unable to fetch codesy.io CSRF token.");
  });
  csrfTokenRequest.done(function(data, status, jqXHR){
    csrf_token = data;
  });
}
// Inject the HTML widget form into the page
// 1. if existing_bid is available, pre-populate the values in the form
// 2a. if csrf_token is available
//       method="POST" action="/bids"
// 2b. if csrf_token is not available
//       method="GET" action="/bids/new?{params}" target="_new"