Common logic in nested APIs

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Common logic in nested APIs

Dieter Vekeman
Hi

I want to apply some common logic for a nested API but I have a problem with the following code which should assert a permission from my token before handling the calls.

Even though it compiles it seems that the checkPermission is only applied to the first API entry (/theory-codes) and not for the second and third... ones.

theoryCodeAdminServer :: LoginToken -> ServerT AdminTheoryCodeApi ProlixM
theoryCodeAdminServer token@LoginToken{..} pkgId = do

  -- 403 if the user doesn't have the permission
  checkPermission "manage:packages" token

  getTheoryCodes pkgId
  :<|> getTheoryCode  pkgId

Note the pkgId argument which is not part of the signature of theoryCodeAdminApiServer but it's part of the Api (see below).

My first thought was to apply braces:

( getTheoryCodes pkgId :<|> getTheoryCode pkgId )

but then it no longer typechecks because it doesn't match the API definition.

Also when trying to split it into two functions I'm struggling to get the types right.

Here are the types:

checkPermission :: Text -> LoginToken -> ProlixM ()

type ProlixM = ReaderT Handle Handler

type AdminTheoryCodeApi = "admin" :> "package" :> Capture "package_id" PackageId :>
      (
      -- GET /theory-codes
      "theory-codes" :> Get '[JSON] [ TheoryCodeEntity ]
      
      -- GET /theory-code/<theory_code_id>
      :<|> "theory-code" :> Capture "theory_code_id" TheoryCodeId :> Get '[JSON] TheoryCodeEntity
      )
      
I any info would be missing, let me know.

Thanks!

--