Challenge Overview
Challenge Objectives
-
Update the existing Topcoder Groups API with new endpoints to map role of the user with the group the user belongs to
-
Update the existing Topcoder Groups API to support additional roles
-
Update the existing Topcoder Groups API with new endpoints to allow adding or removing sub groups from a group.
Project Background
-
Groups API is a Topcoder API where we map members to groups
-
It is a Nodejs based api that interfaces with a Neo4j database
Technology Stack
-
Nodejs version 8
-
Neo4j database (3.5)
Code access
You can access the codebase here. Kindly ensure that you use the “develop” branch as your base branch.
Individual requirements
Update the existing Topcoder Groups API with new endpoints (Major Requirement)
-
We will have a new resource named “group role” in the group api. The structure of the data for this resource will be:
-
userId (the user associated with the group role_)
-
groupId (the group associated with the user)
-
role (the role associated with the user for the associated group)
-
-
For example, a user with id 123 will be part of a group with id 789 where the user’s role in that group is “groupAdmin”. The same user will also be part of another group with id 456 and for this group, the user will have the role “groupManager”.
-
To work with this, create the following endpoints in the Groups API:
-
GET /groupRoles/users/:userId
-
Returns the groups and roles of the user identified by userId.
-
This will return an array of objects, where the object has two properties: the groupId and the role.
-
This endpoint needs to support pagination.
-
-
POST /groupRoles/users/:userId
-
Adds a new combination of role and group to the group roles for the user identified by userId
-
The request body will contain an object with two properties: the groupId and the role.
-
The response body will be empty. Use the http status code to signify success or failure.
-
You do need to check if there already exists the combination of groupId and role for that user and reject the request if the combination exists.
-
-
DELETE /groupRoles/users/:userId
-
Deletes / removes the role and the groupId combination for the user identified by userId
-
This request will have a body - an object with two properties: the groupId and the role.
-
You need to remove that combination for that user.
-
-
-
Only allow administrators access to the new endpoints
-
The endpoint paths assume a prefix (api version - example, /v5/groupRoles instead of just /groupRoles)
-
After processing the data in the database, you need to also pass the data to the bus api (see existing endpoint implementations, on the details that are passed to the bus api)
Update the existing Topcoder Groups API to support additional roles (Major Requirement)
-
Currently, we allow only the administrator access to the existing endpoints.
-
We would like to change this and allow two additional types of users access: The Group Manager and the Group Admin
-
The group manager user allows the user to add and remove another user from a group
-
The group admin user can perform the same tasks as group manager, but they can also add and remove subgroups from a group
-
-
For the following endpoints, if the user is not an administrator, you need to use services that you create for the new endpoints in Requirement 1 above to get the role of the user and based on the role, allow access
-
POST /groups/:groupId/members. This endpoint allows adding a member to a group. Check if the user making the request is having the role of groupManager or groupAdmin (if they are not an administrator) against the group identified by groupId. You will use the userId from the auth token (when determining the role of the user).
-
DELETE /groups/:groupId/members. This endpoint allows removing a member from a group. Check if the user making the request is having the role of groupManager or groupAdmin (if they are not an administrator) against the group identified by groupId. You will use the userId from the auth token (when determining the role of the user).
-
Update the existing Topcoder Groups API with new endpoints to allow adding or removing sub groups from a group (Major Requirement)
-
Provided the following new endpoints:
-
POST /groups/:groupId/subGroup. This allows creation of a new sub group, within an existing group. The request body will be identical to the one that is needed for POST /groups. Once the sub group is created, you need to add the created sub group as a member of the group (See POST /groups/:groupId/members) where the membershipType is “group” and memberId is the sub group id.
-
DELETE /groups/:groupId/subGroup/:subGroupId - This will first remove the sub group from the group (Check out DELETE /groups/:groupId/members to remove members from a group. In this case, the member is the sub group). After this, you will proceed to delete the sub group itself
-
-
Both new endpoints are accessible to administrators. For non-admins, fetch the role of the user making the request and verify if they have a “groupAdmin” role for that group. Only then allow access
-
The endpoint paths assume a prefix (api version - example, /v5/groupRoles instead of just /groupRoles)
-
After processing the data in the database, you need to also pass the data to the bus api (see existing endpoint implementations, on the details that are passed to the bus api)
Deployment guide and validation document
No updates expected to the existing deployment guide.
Important Notes
-
Follow existing conventions used in the code base
-
Update swagger specification for the endpoints created or updated in this contest
-
Tests are NOT in scope
Final Submission Guidelines
It is preferred that you submit a git patch only for your changes. In the event that you are facing an issue with this, you can submit the entire code base too, but kindly try to submit a git patch