Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: api endpoints for project boards #28209

Open
wants to merge 26 commits into
base: main
Choose a base branch
from
Open

feat: api endpoints for project boards #28209

wants to merge 26 commits into from

Conversation

dineshsalunke
Copy link

@dineshsalunke dineshsalunke commented Nov 25, 2023
edited
Loading

Fixes #14299

This PR is the continuation of the #28111

Adding endpoints for the boards

  • POST /projects/{projectId}/boards
  • GET /projects/{projectId}/boards
  • GET /projects/boards/{boardId}
  • PATCH /projects/boards/{boardId}
  • DELETE /projects/boards/{boardId}

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Nov 25, 2023
@pull-request-size pull-request-size bot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Nov 25, 2023
@github-actions github-actions bot added the modifies/api This PR adds API routes or modifies them label Nov 25, 2023
@KN4CK3R
Copy link
Member

KN4CK3R commented Dec 5, 2023

Just had a quick look but it looks like there is no is-user-able-to-see-project check at all.

@dineshsalunke
Copy link
Author

Just had a quick look but it looks like there is no is-user-able-to-see-project check at all.

yes there is none right now, coz there are below mentioned hurdles which I wasn't sure how to tackle so wanted to discuss this out with someone responsible amongst the maintainers so that I take the right approach.
I asked this on the develop channel on discord but haven't received any response yet, so waiting for it

Hurdles:

  1. Since projects and boards can be be related to either User, Organization and Repository the Permission's logic will differ based on the owner ship of the project.
  2. Projects and Boards api are sort of root api example /user/{userId}/projects or /org/{orgname}/projects, so there is no ownership related contextual information available to do permission's check at the Route level.
  3. Due to the above point we will have to perform all the permission's check in the Handler, which I am not sure if is the right idea since I have not seen this being done anywhere.

If someone can confirm, if its ok to do the manual permission's check in the Handler then I will go ahead and do the remaining implementations and finish this PR

dineshsalunke and others added 15 commits January 16, 2024 21:01
@bilogic
Copy link
Contributor

bilogic commented Apr 6, 2024

  1. Projects and Boards api are sort of root api example /user/{userId}/projects or /org/{orgname}/projects, so there is no ownership related contextual information available to do permission's check at the Route level.

What is the use case for these URLs? They seem to be GET the available projects for the current user which I think can be fulfilled by GET /api/v1/projects/search.

One can then further filter down by userId or orgname, much like /api/v1/repos/issues/search

@kristianmandrup kristianmandrup mentioned this pull request Apr 30, 2024
Closed
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. modifies/api This PR adds API routes or modifies them size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE] API for projects
5 participants
@dineshsalunke @KN4CK3R @bilogic @GiteaBot @denyskon