Transform api operations based upon middleware wrappers #269
Conversation
|
BTW, would not the roles required on endpoint better managed with Apiv2Security derive? In regards to back compatibility - we are doing 2 phase initialization of actix-web, first is for all services which we exclude from schema, then doing wrap_api and all schema based initializations. I guess this can be adviced as a migration approach if your PR would be accepted. |
|
Yes I think it might be a nice solution to have a security parameter which contained type information about the roles that are allowed access and to implement the schema documentation there. But for now that seems to big of a change for this project. The role information is already there in the middleware and available at runtime, it seems reasonable that middleware could alter the spec as it could change anything about the handling of resources. I have only worked on this one actix web project so I don't know anything about how they generally look, but I feel that more extensibility would be helpful to paperclip. |
platy
force-pushed
the
wrap-api-transform
branch
from
5f3964d to
9d91db9
Compare
|
There is a different way to pass data from middleware now |
|
@dunnock Thank's for the info - I'll keep that in mind if we update to actix-web 3 at some point |
tiagolobocastro
force-pushed
the
master
branch
from
04a5510 to
33cd55f
Compare
I came across the need to modify the api spec based on properties of middleware transformers. In our case it was RBAC middleware which specified different roles for different endpoints.
This change adds another trait to the parameter on the
Resourcewrapper,TransformApi. In this use case it allowed the roles required on the endpoints to be automatically added tooperation.tagsand intooperation.description, which seems like it will be very useful.I have a couple of concerns about it though:
wrapso it is a breaking change for users of that function - it could be given a new nameRouteWrapperpublic - maybe it should use a different type?