Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleValue Comparer Requirement Metadata
Property NameValueDescription

expectedValue

stringThe value we expect to have to satisfy the requirement
actualValuestringThe value we check against the exepectedValue to see if the requirement passes.

The example metadata on this page metadata below is for a requirement that only passes if the authenticated user is a particular person.  It uses Input Context Objects for some values.

Code Block
languagejs
titleValue Comparer Metadata Example
{
  "endpoints": {
    "ExamplesGetSingleProduct": {
      "route": {
        "httpMethod": "GET",
        "segments": {
          "examples": {
            "isLiteral": true,
            "type": "string"
          },
          "products": {
            "isLiteral": true,
            "type": "string"
          },
          "productId": {
            "isLiteral": false,
            "type": "long"
            "security": {
              "CurrentPersonIsAiesha": {
                "type": "ValueComparer",
                "parameters": {
                  "expectedValue": "1",
                  "actualValue": "@AuthenticatedAttributes.AuthenticatedPrincipalRecordId"
                }
              }
            }            
          }
        }
      }     
    }
    //remaining metadata omitted
  }
}
Why did we add this security block to a route segment instead of the endpoint or an input entity field?  

If we had put it at the endpoint level it would have had no effect.  Remember, only one requirement in a collection needs to pass for the entire collection to pass.  By default, the framework always adds an authentication requirement to the endpoint collection.  If this requirement was also at the endpoint level we would have and the authenticated person was not person id 1, we would have:

Collection NameRequirementsResult
EndpointRequire Authentication, CurrentPersonIsAieshaCurrentPersonIsAiesha fails but Requires Authentication passes, so this entire collection passes.
RouteNonePass
Input FieldsNonePass

When we move it to the route segment level we have:

Collection NameRequirementsResult
EndpointRequire AuthenticationPass
RouteCurrentPersonIsAieshaFail
Input FieldsNonePass

And the request fails if the person is not Aiesha.  This requirement could have also been added at the input entity field level to achieve the same result.