This repository has been archived by the owner on Mar 9, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
SnapFile Development Notes
Johan Henkens edited this page May 10, 2014
·
6 revisions
- ACL is currently determined through rolify+cancancan
- Only available actions should be PUT, GET and UPDATE/PATCH
- PUT can be manually performed/tested with:
$.ajax({ url: 'http://localhost:3000/student_portal/snap/saves/snap_files', type: 'POST', dataType: "text", data: {snap_file: {xml: '<?xml version="1.0" encoding="UTF-8"?><note></note>'}}, success: function(data, status, xhr){console.log(xhr.getResponseHeader('Location'))}}); - PATCH/UPDATE still to be tested
- Interfaces for PUT/PATCH will not be generated, as it makes no sense. This only supposed to be for automated usage
- Example of opening a file in the snap application:
http://localhost:3000/student_portal/snap/#open:http://localhost:3000/student_portal/snap/saves/snapsave/1012576698.xml- This is non-ideal, it would be better to be able to do snap/1012576698.xml or simply have it handled in the controller, setting a cookie before redirecting and then having the snap target do the loading.
- Currently ID's for files are being 1-to-1 mapped from their actual database ID to something else.
- This is a false sense of security, it doesn't actually prevent malicious users because it is a reverseable mathematical function but it does prevent honest users from poking around too much.