I'm exposing some internal capabilities via REST API and am looking for options for sensitive/subscription information that is contained in subobjects.
A good example would be PII; let's say there is a resource called "Order" which has a customer as a subobject. Only certain users should have permission to see the customer PII. Product/UX wants a simplified external interface. The Order resource would expose a customer object as a child of the order object.
A few options are
- Expose a customer object nested within the order object, but the customer PII would not be included in that object; a separate CustPII resource would be exposed that would 401 if user didn't have permission
- Include the the PII object inside the order.customer object, but return empty if user is not authorized.
Choice 1 seems obvious for PII, but my actual use case is far broader. Our top-level entity is filled with subobjects that are governed by user permissions and subscriptions. I would follow pattern 1 if I could, but that would violate the requirements as it would require a dozen API calls to actually retrieve a fully hydrated top level entity. Product is clear that this is not the desired behavior per our customer base.
from Software Development – methodologies, techniques, and tools. Covering Agile, RUP, Waterfall + more! https://ift.tt/2FdFGt1