Thepub NPM | npm.io

Public API service

MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMDN~N:NDMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM:,N. MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMD=~~~ N ~~~=8MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNZZZ.NNN.ZZZNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM,NNN.MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMZIIIIIIII.NNN.IIIIIIIIZMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMNNNNNNNNNNNNNNNNNNNNNNNNMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMNNNNN...NN.N.NN---NNNNNNMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMNNNNNNN.NNN...NN|-.NNNNNNMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMDZ?,:OONNNNNN.NNN.N.NN---NNNNNOO:,?ZDMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMD$~:88OOOOOOONNNNNNNNNNNNNNNNNNNNNNNOOOOOOOO8~~$DMMMMMMMMMMMMMMMM
MMMMMMMMMMD$,=888888OOOOOOOONNNNNNNNNNNNNNNNNNNNNNNOOOOOOOOOO8888+,7DMMMMMMMMMMM
MMMMMM8?.8D8888888OOOOOOOOOOOOOOOOOZZZZZZZZZZZOOOOOOOOOOOOOOOO88888888,+8MMMMMMM
MMD+$DDDDD8888888OOOOOOOOOOOOOZ.  ZZZZZZZZZZ  .ZZZZOOOOOOOOOOOOO8888888DDD7+DMMM
MM+DDDDDDD888888OOOOOOOOOOOZZN    ZZZZZZZZZN    ZZZZ.    :OOOOOOO888888DDDDD=MMM
MM+DDDDDD888888OO.      .ZZZZN    ZZZZZZZZZN    ZZZ8.         .OO888888DDDDD=MMM
MM+DDDDDD8888             ZZZN    $$$$$$$$$N    ZZZD.            8888888DDDD=MMM
MM+DDDDDD88N       NNN.    ZZN    $$$$$$$$$N    $Z$N.   DNNNN.    .88888DDDD=MMM
MM+DDDDDD88N   OOOOOZZN.   $$N    $$$$$$$$$N    $$$N    ZZZZZONN   88888DDDD=MMM
MM+NDDDDD88N   OOOZZZZZN   $$N    $$$$$$$$$N   .$$$N    ZZZZZZON   Z8888DDDD=MMM
MM+NDDDD888N   OOOZZZZZ    $$N    $$$$$$$$$N   .$$$N.        ZZ    O8888DDDD=MMM
MM+NDDDD888N   OOZZZZ$    $$$N    $$$$$$$$$N   .$$$N              OO8888DDDD=MMM
MM+NDDDDD88N             $$$$N    $$$$$777$N   .$$$N    N         .OO888DDDD=MMM
MM+NNDDDD88N           .$$$$$N    $$$7777777    $$$N    $$$$$ZNN.   O888DDDD=MMM
MM+NNDDDD88N   7NNNNN$$$$$$$$$D    7777777D    777$N    $$$$$$ZZN   O888DDDD=MMM
MM+NNDDDD88N   ZZZ$$$$$$$$$777D     77777$    .7777N    $$$$$$$ZN   O888DDDN=MMM
MM+NNNDDD88N   ZZZ$$$$$$$$77777D              77777D                O888DDDN=MMM
MM+NNNDDDD8N   ZZ$$$$$$$77777777DN          7777777D               O888DDDNN=MMM
MM+NNNNDDD8NNMOZZ$$$$$$77777777777DD.    +N77777777DDDDDDNNNNNNNNZOO888DDDNN=MMM
MM+NNNNDDD888OOZZ$$$$$7777777777777777777777777777777777777$$$$$ZOOO88DDDNNN=MMM
MM+NNNNNDDD88OOZZ$$$$$7777777777777777777777777777777777777$$$$$ZOOO88DDDNNN=MMM
MM+NNNNNNDD888OOZ$$$$77777777777777777777777777777777777777$$$$ZZOO88DDDNNNN=MMM

Usage

npm i - install dependencies
npm run dev - run in a dev mode (will set NODE_ENV=development env var)
npm start - run in a production mode (will set NODE_ENV=production env var)

Dependencies

Public API talks to numerous other services. A malfunction of any can and will cause 5XX replies to SafetyCulture customers.

Soter, SGW, ES, Kickback, Blobqueen, Alexandria, branch.io, Kafka, amplitude, McGoo, Tollbooth, Zelda, Jarvis, Alexandria

Docs

Docs are deployed and available to API consumers.

Open the http://localhost:8084/docs to see swagger-ui generated page.

sudo access

A mechanism has been added to allow support and other SafetyCulture staff with admin accounts to obtain a token on behalf of the user, otherwise known as sudo access.

To obtain sudo access, use the following approach when specifying the username

username=admin_account@safetyculture.io..target_account@example.com

where admin_account@safetyculture.io is the account with admin access and target_account@example.com is the customer account. The password supplied should be the admin_account@safetyculture.io accounts password.

Be very careful with tokens generated via this method as they provide full access to customer accounts. Be sure to never email or transport them via insecure methods. If necessary, use SafetyCulture's internal Pastebin: https://paste.internal.safetyculture.com/

Examples

export AUTH='Authorization: Bearer 4cc0387dc9dff7a92caa654ba4f319ea006cd0da37094a41513d4fee1df5c446'

Search templates

return

count - the number of templates in the result
templates - a list of template objects which always include the template_id property
total - total number of templates found

default

templates have the default properties; template_id, created_at, modified_at, name

http :8084/templates/search "$AUTH"

specific properties

templates have the properties; template_id, modified_at, name

http :8084/templates/search field==name field==modified_at "$AUTH"

modified_before

http :8084/templates/search modified_before==2017-10-24T01:30:04.329Z "$AUTH"

modified_after

http :8084/templates/search modified_after==2017-10-24T01:30:04.329Z "$AUTH"

owner

Return templates that belong to the requesting user, templates that do not belong to the requesting user, or templates owned by any user.

http :8084/templates/search owner==me "$AUTH"
http :8084/templates/search owner==other "$AUTH"

archived

Return archived templates, non-archived templates, or both.

http :8084/templates/search archived==true "$AUTH"
http :8084/templates/search archived==false "$AUTH"
http :8084/templates/search archived==both "$AUTH"

limit

http :8084/templates/search limit==3 "$AUTH"

order (by modified_at)

http :8084/templates/search order==desc "$AUTH"

Search audits

return

count - the number of audits in the result
audits - a list of audit objects which always include the audit_id property
total - total number of audits found

default

audits have the default properties; audit_id, template_id, modified_at

http :8084/audits/search "$AUTH"

specific properties

The field param can be included to restrict results to have only template_id or modified_at (and audit_id).

http :8084/audits/search field==modified_at "$AUTH"

modified_before

http :8084/audits/search modified_before==2017-10-24T01:30:04.329Z "$AUTH"

modified_after

http :8084/audits/search modified_after==2017-10-24T01:30:04.329Z "$AUTH"

owner

Return audits that belong to the requesting user, audits that do not belong to the requesting user, or audits owned by any user.

http :8084/audits/search owner==me "$AUTH"
http :8084/audits/search owner==other "$AUTH"
http :8084/audits/search owner==all "$AUTH"

archived

Return archived audits, non-archived audits, or both.

http :8084/audits/search archived==true "$AUTH"
http :8084/audits/search archived==false "$AUTH"
http :8084/audits/search archived==both "$AUTH"

limit

http :8084/audits/search limit==3 "$AUTH"

order

Sort audits by their modified_at property. The default is asc.

http :8084/audits/search order==desc "$AUTH"

completed

Return completed audits, uncompleted audits, or both.

http :8084/audits/search completed==true "$AUTH"
http :8084/audits/search completed==false "$AUTH"
http :8084/audits/search completed==both "$AUTH"

IP Whitelisting

This is offered on special request only and can be configured internally via Consul.

Update the Consul variable IP_WHITELISTS in the service and redeploy the service. The expected format is:

{"role_9db6ba0573c041f5a114f367f2b357b6":["220.244.53.6"], role_e18cf71965304cd89e5b0375277a44dc":["220.177.12.10","220.177.12.11"]}

Notes: The Hapi plugin src/plugins/real-ip populates the remoteAddress using the x-envoy-external-address header to ensure the IP address of internal proxies and load balancers is not returned.

@infinitebrahmanuniverse/nolb-thep @everything-registry/sub-chunk-2936

1.0.0

3 years ago