This is early work on a CRM/business monitoring webapp. For now all it does it simple CRUD on a mongoDB.
Below are the routes that are already implemented. Login is not secure yet, and error handling is messy at best for now.
Register a new user
- /register
- POST
username
: usernamepassword
: password- Returns :
- 201 : success
- 500 : error
Login
- /login
- POST
username
: usernamepassword
: password- Returns :
- 200 : success
- String : token to use with all further reqs
- 401 : wrong credentials
- 200 : success
Any request to one of the subsequent routes MUST contain this header. Without it, you will be returned 401 Unauthorized
to each and every request.
Authorization
bearer **token**
: the token that was issued at login
Content-Type
application/json
for all routes that make use of POST/PUT data
Create new org
- /orgs
- PUT
name
: name of the org to create- Returns
- 201 : success
- Newly created org object
- 400 : lacks name argument
- 401 : unauthorized token
- 500 : error
- 201 : success
List all orgs user has access to
- /orgs
- GET
- Returns
- 200 : success
- Array of orgs objects
- 204 : user has no orgs
- 500 : error
- 200 : success
Get all info on an org
- /orgs/:id
- GET
- Requires member status
- Returns
- 200 : success
- Org object with populated fields
- 401 : Unauthorized
- 404 : no org with this _id
- 500 : error
- 200 : success
Get an org's messages
- /orgs/:id/messages
- GET
- Optional argument :
pagination
might be a number that paginates responses by 20. If it is not supplied, assumed to be 1. - Requires member status
- Returns
- 200 : success
- Paginated array of messages
- 204 : req doesn't match any message
- 401 : Unauthorized
- 404 : no org with this _id
- 500 : error
- 200 : success
Update a given org
- /orgs/:id
- POST
JSON Object with same keys as what API returns. _id cannot be changed this way
- Requires admin status
- Returns
- 200 : success
- Updated org object
- 204 : Missing post data
- 401 : Unauthorized
- 404 : no org with this _id
- 500 : error
- 200 : success
Delete a given org
- /orgs/:id
- DELETE
- Requires admin status
- Returns
- 200 : success
- 401 : Unauthorized
- 404 : no org with this _id
- 500 : error
Create new receiver
- /receivers
- PUT
name
: name of receiver to createparentOrg
: org under which to create it- Returns
- 200 : success
- Newly created receiver object
- 400 : no name or parent org doesn't exist
- 401 : user lacks admin rights on org, or orgs doesn't exist
- 500 : error
- 200 : success
List all receivers user has access to
- /receivers
- GET
- Returns
- 200 : success
- Array of receiver objects
- 500 : error
- 200 : success
Gel all info on a receiver
- /receivers/:id
- GET
- Requires member status
- Returns
- 200 : success
- Receiver object with populated fields
- 401 : Unauthorized
- 404 : no receiver with this _id
- 500 : error
- 200 : success
Get a receiver's messages
- /receivers/:id/messages
- GET
- Optional argument :
pagination
might be a number that paginates responses by 20. If it is not supplied, assumed to be 1. - Requires member status
- Returns
- 200 : success
- Paginated array of messages
- 204 : req doesn't match any message
- 401 : Unauthorized
- 404 : no receiver with this _id
- 500 : error
- 200 : success
Update a given receiver
- /receivers/:id
- POST
JSON Object with same keys as what API returns. _id cannot be changed this way
- Requires admin status
- Returns
- 200 : success
- Updated receiver object
- 204 : Missing post data
- 401 : Unauthorized
- 404 : no receiver with this _id
- 500 : error
- 200 : success
Delete a given receiver
- /receivers/:id
- DELETE
- Requires admin status
- Returns
- 200 : success
- 401 : Unauthorized
- 404 : no receiver with this _id
- 500 : error
Create new Message
- /receivers/:id
- Placed under this URL scheme for expressiveness
- PUT
- Requires member status
- JSON Object with fields
content
: String, text messagefields
: Optional array of objects for special fields, each containing the following :masterkey
: lowercase string, codename of the field used for templating and scripts. If this is not a lowercase string, write will not succeed.name
: Human readable name of the fieldcontent
: String, Array, Object. The semantic content of the field that is to be used for special templating and scripts.
- Returns
- 200 : success
- Newly created message object
- 204 : no content or malformed JSON
- 400 :
masterkey
is not a lowercase string - 401 : Unauthorized
- 500 : error
- 200 : success
List all messages a user has access to
- /messages
- GET
- Optional argument :
pagination
might be a number that paginates responses by 20. If it is not supplied, assumed to be 1. - Requires member status
- Returns
- 200 : success
- Paginated array of messages
- 204 : user can't access any message
- 401 : Unauthorized
- 500 : error
- 200 : success