Suppose we have an entity named Comments. And there's regular CRUD for interacting with API requests through below URLs:
My problem begins when we need to add a new endpoint to either reject or accept by some administrator working with the application.
Here are some available scenarios to achieve this functionality:
PUT method and /moderate URLPUT methods and /accept or /reject URL/:postId/comments/:commentId URL to tell the controller we're moderatingWhat's the best practice to develop this kind of endpoints?
We did an entire (we feel most complete list) of articles and resources on best practices for API:
I don't know if there is a best practice, however, I would be pragmatic, because there are many good ways to solve the problem. For example:
add a new endpoint to either reject or accept
I don't know the data structures, so let me assume that whatever data structures you use include the comment plus any metadata. Let's say, it looks like this:
interface Author { /* ... */ }
enum Status {
PENDING,
APPROVED,
REJECTED,
}
interface Comment {
author: Author
content: string
status: Status
}
So, what you may do is use a POST call to modify the resource and update the status.
POST /:postId/comments/:commentId
Content-Length: 17
Content-Type: application/json
Cookie: user-token: xxxxxxxyxxxxxxx000
X-XSRF-TOKEN: abc123
{
"status": 1
}
Anyone who is authorized to modify can now change the status. You may, though, add some extra logic to the field, so it can only be set by users with special privileges.
user := get_user_from_token(user-token)
if (is_admin(user))
update_status(body.status)
send_to_client(200)
else
send_to_client(403)
Vijay Thirugnanam
Inference Service @ Cerebras
It does not matter as long as your team understands. Use tools like Swagger to document the API. Of your 4 options, I will avoid 3, technically, it doesn't matter.