/
Discussions - API Design

Discussions - API Design

Owned by Rayulu Villa
Last updated: Oct 26, 2020
6 min read

Request & Response Envelopes

All API should follow the standard request and response structures:

Request Structure:

{ "params": { "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" -- optional, random uuid }, "request": { <RequestData of the API> } }

Response Structure:

{ "id": "API Id, e.g. api.forum.create", "ver": "API version, e.g. 1.0", "ets": "response timestamp in epoch format", "params": { "resmsgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" -- random uuid, "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" -- the msgid sent in request "status": "successful or failed", "err": "error code if any", "errmsg": "error message if there is any error", }, "responseCode": "OK, CLIENT_ERROR, RESOURCE_NOT_FOUND, SERVER_ERROR", "result": { <ResponseData of the API> } }

NodeBB APIs

NodeBB provides the following APIs:

In addition to the above APIs, we need a few additional APIs to use NodeBB discussions in different Sunbird use cases.

Sunbird APIs

Sunbird Discussion APIs will use the following terminology:

Forum

A forum contains one or more discussion threads with one or more users participating in the discussions. Internally, forum is also a NodeBB category but there are some differences between a Sunbird forum and a NodeBB category:

  • Every forum is linked to a Sunbird context (e.g.: a Course batch).

  • A forum can have one or more NodeBB categories. E.g.: A course may have two categories - Announcements and General Discussions.

  • A forum can have a list of groups (with a set of permissions) associated with it & its sub-categories.

Hierarchy

Forum are organised into a hierarchy for easy discovery, navigation and access. For example, all forums belonging to an organisation can grouped under a parent forum. Example hierarchy:

  • CBSE

    • Course

      • Classroom Management

        • Announcements

        • General Discussions

    • Textbook

      • Science Textbook for Class X

      • Maths Textbook for Class IX

    • Contribution Projects

      • KVS 6-8 Hindi & Science Textbooks

Permissions

Permissions are the list of privileges that user or group has in a forum. Instead of using NodeBB privileges, Sunbird APIs will support the following permissions:

  • read - nodebb privileges: 'topics:read', 'read', 'find'

  • vote - nodebb privileges: 'posts:upvote', 'posts:downvote'

  • post - nodebb privileges: 'topics:reply', 'posts:edit', 'posts:delete'

  • topic - nodebb privileges: 'topics:create', 'topics:tag'

  • moderate - nodebb privileges: 'topics:delete', 'posts:view_deleted', 'purge', 'moderate', 'posts:history'

    • In addition to the above nodebb privileges, a user with โ€œmoderateโ€ permission should be able to edit the current forum (using Update Forum API).

The permissions read, vote, post, topic and moderate are hierarchical. I.e., if a higher permission (e.g. topic) is given, all the below permissions (e.g. read, vote, and post) are automatically granted.

Create User API

Request Path: โ€œ/api/user/v1/createโ€

Method: โ€œPOSTโ€

Request Structure

{ "params": { "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" -- random uuid }, "request": { โ€œidentifierโ€: โ€œsunbird user idโ€, โ€œusernameโ€: โ€œsunbird user nameโ€ } }

Response Structure

{ "id": "api.discussions.user.create", "ver": "1.0", "ets": "1600883199000", "params": { "resmsgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341", "status": "successful", }, "responseCode": "OK", "result": { โ€œidentifierโ€: โ€œsunbird oidc user idโ€ } }

Create User API will create a nodebb user for the given sunbird user id and username.

  • This API will be exposed by nodebb-plugin-sunbird-oidc plugin.

  • This API will throw an error if a user already exists with the given sunbird user id.

  • This API will create an email using the username and the configured email domain.

Create Forum API

Request Path: โ€œ/api/forum/v1/createโ€

Method:โ€œPOSTโ€

Request Structure

{ "params": { "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" -- random uuid }, "request": { "name": "name of the forum", โ€œcontextโ€: { โ€œtypeโ€: โ€œbatch / organisation / sb-group / content-collaboration / etcโ€, โ€œidentifierโ€: โ€œbatch id or org id or sb-group id or content id, e.g: 012232323223232โ€ }, โ€œparentโ€: "parent forum id under which the forum has to be created. optional, if not provided, this forum is created under the root", โ€œgroupsโ€ : [ // list of groups to be created and associated with the forum. group id will be auto-generated using a combination of the forum id and a random string/number { โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€], "applyToChildren": "true/false" }, // permissions to be given for each associated group { โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€], "applyToChildren": "true/false" } ], โ€œprivilegesโ€: [ // set of permissions to be given for existing users or groups can also be provided { โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€], โ€œusersโ€: [โ€œlist of sunbird user oidc idsโ€], โ€œgroupsโ€: [โ€œlist of nodebb group idsโ€], "applyToChildren": "true/false, if these users/groups should be given same set of privileges in all the sub-forums" }, { โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€], โ€œusersโ€: [โ€œlist of sunbird user oidc idsโ€], โ€œgroupsโ€: [โ€œlist of nodebb group idsโ€], "applyToChildren": "true/false" } ], "children": [ // list of sub-forums to be created { "name": "Name of the sub-forum", "groups": [], // permissions for the sub-forum can be configured by associating groups or "privileges": [] // giving privileges to existing users or groups } ] } }

Response Structure

{ "id": "api.discussions.forum.create", "ver": "1.0", "ets": "1600883199000", "params": { "resmsgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341", "status": "successful", }, "responseCode": "OK", "result": { โ€œidentifierโ€: โ€œnewly created forum idโ€ } }

Update Forum API

Request Path: โ€œ/api/forum/v1/update/<forum_id>โ€

Method:โ€œPATCHโ€

Request Structure

{ "params": { "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" -- random uuid }, "request": { "name": "updated name of the forum", โ€œgroupsโ€ : [ // list of groups to be additionally created and associated with the forum. group id will be auto-generated using a combination of the forum id and a random string/number { โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€], "applyToChildren": "true/false" }, // permissions to be given for each associated group { โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€], "applyToChildren": "true/false" } ], โ€œprivilegesโ€: [ // set of permissions to be given/updated for existing users or groups can also be provided { โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€], โ€œusersโ€: [โ€œlist of sunbird user oidc idsโ€], โ€œgroupsโ€: [โ€œlist of nodebb group idsโ€], "applyToChildren": "true/false, if these users/groups should be given same set of privileges in all the sub-forums" }, { โ€œpermissionsโ€: null, // if permissions is set as null, access to the given list of users/groups should be removed โ€œusersโ€: [โ€œlist of sunbird user oidc idsโ€], โ€œgroupsโ€: [โ€œlist of nodebb group idsโ€], "applyToChildren": "true/false" } ], "children": [ // list of new sub-forums to be created { "name": "Name of the sub-forum", "groups": [], // permissions for the sub-forum can be configured by associating groups or "privileges": [] // giving privileges to existing users or groups } ] } }

Response Structure

{ "id": "api.discussions.forum.update", "ver": "1.0", "ets": "1600883199000", "params": { "resmsgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341", "status": "successful", }, "responseCode": "OK", "result": { โ€œidentifierโ€: โ€œforum idโ€ } }

Fetch Forum API

API to get details of a forum for a given context.

Request Path: โ€œ/api/forum/v1/fetchโ€

Method:โ€œPOSTโ€

Request Structure

{ "params": { "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" -- random uuid }, "request": { โ€œcontextโ€: { โ€œtypeโ€: โ€œbatchโ€, โ€œidentifierโ€: โ€œbatch id, e.g: 012232323223232โ€ } } }

Response Structure

{ "id": "api.discussions.forum.fetch", "ver": "1.0", "ets": "1600883199000", "params": { "resmsgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341", "status": "successful", }, "responseCode": "OK", "result": { โ€œforumsโ€: [ { โ€œidentifierโ€: โ€œforum idโ€, โ€œnameโ€: โ€œname of the forumโ€, โ€œgroupsโ€: [ // list of groups which have access to the forum { โ€œidentifierโ€: โ€œidentifier of the nodebb groupโ€, โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€] } ], โ€œusersโ€: [ // list of users who have access to the forum { โ€œidentifierโ€: โ€œsunbird user oidc idโ€, โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€] } ], "children": [ // list of sub-forums { "identifier": "sub-forum id", "name": "name of the sub-forum", "groups": [], // list of groups which have access to the sub-forum "users": [] // list of users who have access to the sub-forum } ] } ] }

Read Forum API

API to get details of a forum by forum id.

Request Path: โ€œ/api/forum/v1/read/<forum_id>โ€

Method:โ€œGETโ€

Response Structure

{ "id": "api.discussions.forum.read", "ver": "1.0", "ets": "1600883199000", "params": { "resmsgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341" "msgid": "4f04da60-1e24-4d31-aa7b-1daf91c46341", "status": "successful", }, "responseCode": "OK", "result": { โ€œforumsโ€: [ { โ€œidentifierโ€: โ€œforum idโ€, โ€œnameโ€: โ€œname of the forumโ€, โ€œgroupsโ€: [ // list of groups which have access to the forum { โ€œidentifierโ€: โ€œidentifier of the nodebb groupโ€, โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€] } ], โ€œusersโ€: [ // list of users who have access to the forum { โ€œidentifierโ€: โ€œsunbird user oidc idโ€, โ€œpermissionsโ€: [โ€œreadโ€, โ€œvoteโ€, โ€œpostโ€, โ€œtopicโ€, โ€œmoderateโ€] } ], "children": [ // list of sub-forums { "identifier": "sub-forum id", "name": "name of the sub-forum", "groups": [], // list of groups which have access to the sub-forum "users": [] // list of users who have access to the sub-forum } ] } ] }

API Security

API Token

All APIs (including NodeBB APIs) should be onboarded on to Sunbird API manager and appropriate ACLs should be configured for all the APIs. No API should be directly accessible.

All API requests should have a request header โ€œauthorizationโ€œ in which the API token should be passed:

-H 'authorization: Bearer {{api_token}}'

TODO: List the ACL - API mapping for all the APIs

User Auth Token

All Sunbird discussion APIs should have an additional security layer that validates the userโ€™s access using the user token generated by keycloak. Keycloak token should be passed to the API using โ€œx-authenticated-user-tokenโ€œ header.

-H 'x-authenticated-user-token: {{keycloak_access_token}}'

  • API should check if the passed user token is valid

  • API should check if the user whose token is passed in the request has access to perform the required operation (e.g.: in Update Forum API, check if user has access to update the specific forum)

Related content