[KnackSteem API] - More features added

in #utopian-io7 years ago

Repository & Pull Request

https://github.com/knacksteem/knacksteem-api
https://github.com/knacksteem/knacksteem-api/pull/5

What is KnackSteem?

"Do you have any talent? If yes! then KnackSteem is for you."
"Rewards people with talents, it can be any talent, anything you know how to do best is highly welcome on the platform. "
Source: Discord Channel :D


Changes Made


Middleware to check if a user is a moderator

Since some endpoints will be exclusively for moderators, a middleware to check if the current user is a moderator is needed to avoid unauthorized access. Basically, this middleware will check the username saved from the last middleware in the chain and will ask the database if this user is a moderator. If so, it will move to the next middleware. Otherwise, will tell the client that this user is not authorized to perform such action.

Related code:

https://github.com/knacksteem/knacksteem-api/blob/master/src/api/middlewares/is_moderator.js

Middleware to check if a user is a supervisor

Same as the middleware mentioned above but in this case, for supervisors. The process is exactly the same but, of course, for supervisors.

Related code:

https://github.com/knacksteem/knacksteem-api/blob/master/src/api/middlewares/is_supervisor.js

Fetch all posts from Steem API using the permlinks from the database

As discussed with other developers in this project, we had to somehow query only our posts from the blockchain but having all the data updated. Also, we wanted to add custom filters like not-moderated posts, moderated posts, and so on. To achieve this, we've decided to only store author, permlink, and category of the post in the database. First, we grab all the permlinks and authors from the query and we make calls to the Steem API to complete the missing data of the posts. Thanks to libraries like async.js, we were able to make concurrent HTTP calls and join the results at the end.

Related code:

https://github.com/knacksteem/knacksteem-api/blob/master/src/api/controllers/posts.controller.js#L35

Query posts by author

The method above allowed us to re-use this same code to perform a query by author in the database and complete the data using the same process mentioned above.

Related code:

https://github.com/knacksteem/knacksteem-api/blob/master/src/api/controllers/posts.controller.js#L117

Documentation for endpoints

One of the things I really like about apidocs is that you can generate a documentation based on the comments of the routes in the API. For instance, look at the following:

/**
 * @api {post} v1/posts/create Create Post
 * @apiDescription Insert a post into the database
 * @apiVersion 1.0.0
 * @apiName createPost
 * @apiGroup Posts
 * @apiPermission user
 *
 * @apiHeader {String}   Authorization     SC2 User's access token
 *
 * @apiParam  {String}   permlink          Permlink of the post
 * TODO: Add validation to the parameters.
 *
 * @apiSuccess {Number}  status            http status response
 * @apiSuccess {String}  message           http return message
 *
 * @apiError (Unauthorized 401) Unauthorized Only authenticated users can create a post
 */
router.route('/create').post(sc2Middleware, checkUserMiddleware, controller.createPost);

Will generate the following page:

Screen Shot 2018-06-22 at 9.26.23 PM.png

Function to moderate a post

This is a moderation tool. Basically, it allows moderators and supervisors to edit the moderation object of any post. So, they can decide if the post is approved or not.

Related Code:

https://github.com/knacksteem/knacksteem-api/blob/master/src/api/controllers/moderator.controller.js#L4


Commits Overview

Sort:  

Congratulations @jaysermendez! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the total payout received

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

Do not miss the last post from @steemitboard!


Participate in the SteemitBoard World Cup Contest!
Collect World Cup badges and win free SBD
Support the Gold Sponsors of the contest: @good-karma and @lukestokes


Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

Thanks for the contribution, @jaysermendez! Since the isModerator and isSupervisor functions are identical apart from one line, wouldn't it be better to combine them into one function?

Your contribution has been evaluated according to Utopian policies and guidelines, as well as a predefined set of questions pertaining to the category.

To view those questions and the relevant answers related to your post, click here.


Need help? Write a ticket on https://support.utopian.io/.
Chat with us on Discord.
[utopian-moderator]

Even they are identical, if I combine them, mods will have supervisors rights and it is something we don't want :D. While supervisors can do everyrhing, mods cannot. So, if I combine them, mods will have access to supervisors endpoints as well

Yes I know, but surely there is a better way of checking a user's role instead of duplicating all the code?

Now that you mentioned, it can be done with a function that takes the role as the parameter :D i will do that.

Hey @jaysermendez
Thanks for contributing on Utopian.
We’re already looking forward to your next contribution!

Contributing on Utopian
Learn how to contribute on our website or by watching this tutorial on Youtube.

Want to chat? Join us on Discord https://discord.gg/h52nFrV.

Vote for Utopian Witness!