Challenge Overview
In this challenge, we are looking for you to develop part of APIs that is going to support for Hestia Control Center web application.
This is a followup challenge from Hestia Control Center Backend API Dev Challenge Part 1.
Background
Hestia is a wholesale distributor of a variety of plumbing and building-related products. Hestia Control Center will be an internal application that will help Hestia modernize their current spreadsheet process and allow their employees better access to data for reporting and analysis.
The application frontend interface will be built based on the previous designs and Angular styling package. It will integrate with backend APIs, which providing data for rendering. The API Definition is already created, you are expected to implement based on API Definition.
Technology Stack
- Java 11 (OpenJDK)
- Spring Framework 5.x https://spring.io/projects/spring-framework
- Spring REST
- Spring Boot
- Spring Data / Hibernate
- Azure SQL Database (not SQL Server)
- Maven
- JSON
- Log4j
Codebase Access
The project should be a Java project using maven for dependency management. the codebase is located at Gitlab (Please get access in forum).
Application Design and API Definition
- The Marvelapp prototype is provided in the Forum
- API Swagger Spec are provided in forum
General Requirements
For each API, it should properly validate the requests, and return properly response for validation error, or success.
Authentication and Authorization is out of scope. Will be implemented in later challenge. But described following for implementation consideration. Make sure your code can be easily changed to support it.
Each API is authentication with a token, generated by Active directory to denote the current user, there should be general logic for parsing and validating the token, and properly authorize access.
There are three different roles for each API call, the API should properly handle that.
-
Associates
-
Approvers
-
Admins
APIs to be implement
Ideally, the database will be determined by authorization token, but for this challenge, it will be fixed, since authentication and authorization is out of scope.
Dashboard
-
GET���/dashboardStats
Table Management
-
POST���/schemas���/:schemaName���/tables���/:tableName���/approve
-
POST���/schemas���/:schemaName���/tables���/:tableName���/import
- GET���/approvers
- POST���/approvers
- GET���/approvers���/:approverId
- PATCH���/approvers���/:approverId
- DELETE���/approvers���/:approverId
- GET���/approverCandidate
Final Submission Guidelines
Git patch file for changes including
- Code changes
- Deployment and verification guide
- Updated Swagger file & a postman collection for the api
- ���Updated database scripts for validation