Fork me on GitHub
#yada
<
2016-01-11
>
joshg00:01:05

@nha: thanks, I ended up with something very similar. I included the POST output coercion as well.

mccraigmccraig17:01:19

hey @malcolmsparks how stable dyu think the 1.1 api is now ? is it worth me porting all my 1.0 resources (about 30 of 'em) now, or should i wait a bit (i don't want to get too far behind, but i do want to minimise churn right now) ?

malcolmsparks17:01:38

the only unstable part right now is security authentication and authorization, I'm still tinkering with the resource-model there - but that's not going to affect you. The overall resource-model is stable now

malcolmsparks17:01:35

I'm preparing a release that has basic, digest, bearer (oauth2) and cookie authentication - and an optional RBAC authorization scheme

malcolmsparks17:01:11

A bit more docs on the upload stuff is coming, but the phonebook example is a good reference in the absence of docs

malcolmsparks17:01:47

do you need security?

mccraigmccraig17:01:59

authentication is no prob - i ended up using JWS tokens and a ring middleware... and my authorization is ad-hoc atm, so also no prob... RBAC probably won't cut it for me anyway, at least not on it's own, since many decisions revolve around group memberships

malcolmsparks17:01:35

are your authorization decisions based on resource properties or purely request info?

mccraigmccraig17:01:47

resource properties

malcolmsparks17:01:52

I'm thinking about abac too - yada currently supports both because the authorization interceptor is after the resource property load, so they're in the context - just a matter of desiging the right API around it

malcolmsparks17:01:34

you can, of course, mess with the interceptor chain prior to making a handler

mccraigmccraig17:01:40

i.e. things like what is a user's role in their membership of some group

malcolmsparks17:01:01

I recommend trying the new yada (on a branch!)

malcolmsparks17:01:07

It's pretty much done now

mccraigmccraig17:01:19

cool, i'll do that simple_smile thanks @malcolmsparks

malcolmsparks17:01:40

let me know how it goes and how to best support you

malcolmsparks17:01:46

plus any questions

mccraigmccraig17:01:26

always 😉