thepub v1.0.0
Public API service
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMDN~N:NDMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM:,N. MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMD=~~~ N ~~~=8MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNZZZ.NNN.ZZZNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM,NNN.MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMZIIIIIIII.NNN.IIIIIIIIZMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMNNNNNNNNNNNNNNNNNNNNNNNNMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMNNNNN...NN.N.NN---NNNNNNMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMNNNNNNN.NNN...NN|-.NNNNNNMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMDZ?,:OONNNNNN.NNN.N.NN---NNNNNOO:,?ZDMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMD$~:88OOOOOOONNNNNNNNNNNNNNNNNNNNNNNOOOOOOOO8~~$DMMMMMMMMMMMMMMMM
MMMMMMMMMMD$,=888888OOOOOOOONNNNNNNNNNNNNNNNNNNNNNNOOOOOOOOOO8888+,7DMMMMMMMMMMM
MMMMMM8?.8D8888888OOOOOOOOOOOOOOOOOZZZZZZZZZZZOOOOOOOOOOOOOOOO88888888,+8MMMMMMM
MMD+$DDDDD8888888OOOOOOOOOOOOOZ. ZZZZZZZZZZ .ZZZZOOOOOOOOOOOOO8888888DDD7+DMMM
MM+DDDDDDD888888OOOOOOOOOOOZZN ZZZZZZZZZN ZZZZ. :OOOOOOO888888DDDDD=MMM
MM+DDDDDD888888OO. .ZZZZN ZZZZZZZZZN ZZZ8. .OO888888DDDDD=MMM
MM+DDDDDD8888 ZZZN $$$$$$$$$N ZZZD. 8888888DDDD=MMM
MM+DDDDDD88N NNN. ZZN $$$$$$$$$N $Z$N. DNNNN. .88888DDDD=MMM
MM+DDDDDD88N OOOOOZZN. $$N $$$$$$$$$N $$$N ZZZZZONN 88888DDDD=MMM
MM+NDDDDD88N OOOZZZZZN $$N $$$$$$$$$N .$$$N ZZZZZZON Z8888DDDD=MMM
MM+NDDDD888N OOOZZZZZ $$N $$$$$$$$$N .$$$N. ZZ O8888DDDD=MMM
MM+NDDDD888N OOZZZZ$ $$$N $$$$$$$$$N .$$$N OO8888DDDD=MMM
MM+NDDDDD88N $$$$N $$$$$777$N .$$$N N .OO888DDDD=MMM
MM+NNDDDD88N .$$$$$N $$$7777777 $$$N $$$$$ZNN. O888DDDD=MMM
MM+NNDDDD88N 7NNNNN$$$$$$$$$D 7777777D 777$N $$$$$$ZZN O888DDDD=MMM
MM+NNDDDD88N ZZZ$$$$$$$$$777D 77777$ .7777N $$$$$$$ZN O888DDDN=MMM
MM+NNNDDD88N ZZZ$$$$$$$$77777D 77777D O888DDDN=MMM
MM+NNNDDDD8N ZZ$$$$$$$77777777DN 7777777D O888DDDNN=MMM
MM+NNNNDDD8NNMOZZ$$$$$$77777777777DD. +N77777777DDDDDDNNNNNNNNZOO888DDDNN=MMM
MM+NNNNDDD888OOZZ$$$$$7777777777777777777777777777777777777$$$$$ZOOO88DDDNNN=MMM
MM+NNNNNDDD88OOZZ$$$$$7777777777777777777777777777777777777$$$$$ZOOO88DDDNNN=MMM
MM+NNNNNNDD888OOZ$$$$77777777777777777777777777777777777777$$$$ZZOO88DDDNNNN=MMM
Usage
npm i
- install dependenciesnpm run dev
- run in a dev mode (will setNODE_ENV=development
env var)npm start
- run in a production mode (will setNODE_ENV=production
env var)
Dependencies
Public API talks to numerous other services. A malfunction of any can and will cause 5XX replies to SafetyCulture customers.
Soter, SGW, ES, Kickback, Blobqueen, Alexandria, branch.io, Kafka, amplitude, McGoo, Tollbooth, Zelda, Jarvis, Alexandria
Docs
Docs are deployed and available to API consumers.
Open the http://localhost:8084/docs to see swagger-ui generated page.
sudo access
A mechanism has been added to allow support and other SafetyCulture staff with admin accounts to obtain a token on behalf of the user, otherwise known as sudo access.
To obtain sudo access, use the following approach when specifying the username
username=admin_account@safetyculture.io..target_account@example.com
where admin_account@safetyculture.io
is the account with admin access and target_account@example.com
is the customer account. The password supplied should be the admin_account@safetyculture.io
accounts password.
Be very careful with tokens generated via this method as they provide full access to customer accounts. Be sure to never email or transport them via insecure methods. If necessary, use SafetyCulture's internal Pastebin: https://paste.internal.safetyculture.com/
Examples
export AUTH='Authorization: Bearer 4cc0387dc9dff7a92caa654ba4f319ea006cd0da37094a41513d4fee1df5c446'
Search templates
return
- count - the number of templates in the result
- templates - a list of template objects which always include the template_id property
- total - total number of templates found
default
templates have the default properties; template_id
, created_at
, modified_at
, name
http :8084/templates/search "$AUTH"
specific properties
templates have the properties; template_id
, modified_at
, name
http :8084/templates/search field==name field==modified_at "$AUTH"
modified_before
http :8084/templates/search modified_before==2017-10-24T01:30:04.329Z "$AUTH"
modified_after
http :8084/templates/search modified_after==2017-10-24T01:30:04.329Z "$AUTH"
owner
Return templates that belong to the requesting user, templates that do not belong to the requesting user, or templates owned by any user.
http :8084/templates/search owner==me "$AUTH"
http :8084/templates/search owner==other "$AUTH"
archived
Return archived templates, non-archived templates, or both.
http :8084/templates/search archived==true "$AUTH"
http :8084/templates/search archived==false "$AUTH"
http :8084/templates/search archived==both "$AUTH"
limit
http :8084/templates/search limit==3 "$AUTH"
order (by modified_at)
http :8084/templates/search order==desc "$AUTH"
Search audits
return
- count - the number of audits in the result
- audits - a list of audit objects which always include the audit_id property
- total - total number of audits found
default
audits have the default properties; audit_id
, template_id
, modified_at
http :8084/audits/search "$AUTH"
specific properties
The field
param can be included to restrict results to have only template_id
or modified_at
(and audit_id
).
http :8084/audits/search field==modified_at "$AUTH"
modified_before
http :8084/audits/search modified_before==2017-10-24T01:30:04.329Z "$AUTH"
modified_after
http :8084/audits/search modified_after==2017-10-24T01:30:04.329Z "$AUTH"
owner
Return audits that belong to the requesting user, audits that do not belong to the requesting user, or audits owned by any user.
http :8084/audits/search owner==me "$AUTH"
http :8084/audits/search owner==other "$AUTH"
http :8084/audits/search owner==all "$AUTH"
archived
Return archived audits, non-archived audits, or both.
http :8084/audits/search archived==true "$AUTH"
http :8084/audits/search archived==false "$AUTH"
http :8084/audits/search archived==both "$AUTH"
limit
http :8084/audits/search limit==3 "$AUTH"
order
Sort audits by their modified_at
property.
The default is asc
.
http :8084/audits/search order==desc "$AUTH"
completed
Return completed audits, uncompleted audits, or both.
http :8084/audits/search completed==true "$AUTH"
http :8084/audits/search completed==false "$AUTH"
http :8084/audits/search completed==both "$AUTH"
IP Whitelisting
This is offered on special request only and can be configured internally via Consul.
Update the Consul variable IP_WHITELISTS
in the service and redeploy the service. The expected format is:
{"role_9db6ba0573c041f5a114f367f2b357b6":["220.244.53.6"],
role_e18cf71965304cd89e5b0375277a44dc":["220.177.12.10","220.177.12.11"]}
Notes: The Hapi plugin src/plugins/real-ip
populates the remoteAddress using the x-envoy-external-address
header to ensure the IP address of internal proxies and load balancers is not returned.
3 years ago