ArkCase.Next REST Services

Get Started. It's Free
or sign up with your email address
ArkCase.Next REST Services by Mind Map: ArkCase.Next REST Services

1. Authentication

1.1. Built-in arkcase-admin user (not LDAP)

1.2. JWT to propagate ID between services

1.3. Angular: if no JWT cookie route to login

1.4. REST: if no JWT header return 403 (except for login service :-))

1.5. must not ever start any HTTP session; any info we need goes in the JWT

2. Updates (command pattern)

2.1. PUT POST PATCH puts a message on a Kafka topic, with a UUID correlation header

2.2. Validate message structure against schema

2.3. Save to database store

2.4. Save to search index

2.5. Other actions (generate PDF, send email...)

2.6. Message itself is timestamped and stored permanently (audit trail)

2.7. Object locking: prefer timestamp/version locking

3. Queries (query pattern)

3.1. GET puts a message on a topic and waits for a reply message, with some timeout

3.2. some service that knows how to fulfill the request sends a reply

3.3. Message is timestamped and stored permanently

3.4. GraphQL?

4. Helper Services

4.1. Permission: Can X do Y with Z?

4.1.1. Issue: If possible only send the access control rules that apply to the current user, or otherwise avoid sending too much information to the user

4.2. Discovery (eureka / consul)

4.3. Authentication

4.4. API gateway - route based on host name e.g. bactes.arkcase.com, ocfo.arkcase.com

5. Extensibility

5.1. Deploy "bactes-case-service" instead of "arkcase-case-service"

6. Documentation

6.1. Specification by Example

6.1.1. drive E2E tests

6.2. Spring REST Docs?

6.2.1. Can generate docs from unit tests?

6.3. Spring ? Contract - verify service producer and service consumer actually agree with each other