Challenge Overview
CHALLENGE OBJECTIVES
The purpose of this challenge is to implement part 1 of the REST API.
PROJECT BACKGROUND
Anabel is planning to build an MVP for a web service that utilizes IoT technology, that will help their clients (hotel owners) with monitoring both assets in their properties and their employees’ locations, and safety within the properties for different purposes.
AUTHORIZATION REQUIREMENTS
The app supports multiple different roles, which are listed below:
-
Anabel Super Admin (SA)
-
Full access to all data and user interface of the web app
-
-
Anabel Account Manager (AM)
-
Same as SA, but with access to specific clients only
-
-
Client Sssssuper Admin (CSA)
-
Full access to all the data specific to one client
-
-
Client Group Admin (GA)
-
Access to the actual individual user credentials only
-
Full access to multiple sites, but only the sites in their named group
-
-
Client Property / Site Manager (SM)
-
No client-level data access
-
No site address and site physical attributes
-
Full access to a single site operational data
-
-
Property / Site User (SU)
-
Read access to site data
-
Mainly an operator of the system with no write access except for their specific credentials
-
-
No access users
-
These are users added to the system but will not have a login or access
-
Client Contact (CC) - Accounting, Operations, etc.
-
Site Staff (SS) - Staff wearing badges, or retrieving assets and not wearing a badge
-
Please carefully check the user entitlement document, it’s a major requirement to properly implement that down to the field level.
CODE REQUIREMENTS
-
Please use the provided seed project as the base for this challenge. The seed project provides a skeleton for the API but you are supposed to follow the API design to implement the endpoints in the scope of this challenge.
-
Make sure you use Golang 1.14 and go modules.
-
Please follow the folder structure in the seed project. Specifically, we’d like the APIs to be grouped by module. For example, all the security-related endpoints (including the related models) should all be in the rest/security folder. Also you should create a controller and a server per module.
-
Please properly implement logging in the app:
-
Use the logrus library for logging
-
The main.go file contains two TODOs to be addressed in the development
-
Address the following logging requirements
-
Any significant changes in configuration should be logged. This includes user creation and deletion, and all major changes to client or site configuration.
-
Log any errors in API and data pulled.
-
-
Make sure these are logged at appropriate levels.
-
API REQUIREMENTS
The following groups of endpoints from swagger design must be implemented in this challenge:
-
Security
-
POST /login
-
POST /logout
-
POST /initiate-forgot-password
-
POST /change-password
-
PUT /user-confirmation
-
-
User
-
GET /me
-
POST /users
-
GET /users
-
PUT /users/{id}
-
DELETE /users/{id}
-
GET /users/{id}
-
-
Client
-
POST /clients
-
GET /clients
-
GET /clients/{clientId}
-
PUT /clients/{clientId}
-
DELETE /clients/{clientId}
-
PUT /clients/{clientId}/archive
-
GET /clients/{clientId}/site-groups
-
-
File
-
POST /files
-
TECHNOLOGY STACK
-
Golang 1.14
-
REST
-
MongoDB
-
AWS S3
Final Submission Guidelines
-
Full code that covers all the requirements mentioned above.
-
Detailed readme describing how to configure, run, and verify your submission.
-
Postman collection used to test the API.
-
Updated Swagger documentation in case changes are needed to keep it up to date with the code.