Instructor Solution Studio Part 2: Explore Authorization With the Deployed API

Join Event

prompt: try to join an existing coding event

Planning

What is the current state?

  • 2 authenticated users (Owner & Member)
  • no coding events

What should the initial state be for this task?

  1. 1 coding event with an Owner
  2. 1 authenticated user (Member) that is not currently a member of the coding event

What requests were fired, in what order, and who issued them to achieve the initial state?

  1. owner: POST /api/events/

State

Prompt: try to join an existing coding event

  • what request is used to completed the task?
  1. authenticated user (Member): POST /api/events/{CodingEventsId}/members
  2. Owner: POST /api/events/{CodingEventsId}/members
  • what is the final state after completing the task?
  1. 1 coding event with 2 members (Owner & Member)

Authorization

what happened when the authenticated user (Member) tried to join the coding event?

  • status code: 204 No Content
  • body: empty

what happened when the Owner tried to join the coding event?

  • status code: 400
  • body: JSON object describing the error
body of Owner request
{
   "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
   "title": "Bad Request",
   "status": 400,
   "traceId": "|239addd7-409244e32d9104cb."
}

Add a Tag to a Coding Event

prompt: try to add a tag to an existing coding event

Planning

What is the current state?

  • 1 Coding Event with 2 members (Owner, Member)
  • No tags

What should the initial state be for this task?

  1. 1 coding event with 2 members
  2. 1 unattached tag

Steps to achieve initial state:

  1. owner: POST /api/tags

State

Prompt: try to add a tag to an existing coding event

What requests were fired, and by who, after achieving the initial state?

  1. Member: PUT /api/events/{CodingEventsId}/tags/{tagId}
  2. Owner: PUT /api/events/{CodingEventsId}/tags/{tagId}

What is the final state after firing these new requests?

  1. 1 coding event with 2 members and 1 attached tag

Authorization

What happened when the Member tried to add a tag?

  • status code: 403 Forbidden
  • body: Not an owner of the Coding Event

What happened when the Owner tried to add a tag?

  • status code: 204
  • body: No content success

Remove a Tag from a Coding Event

prompt: remove a tag from an existing coding event

Planning

What is the current state?

  • 1 Coding Event with 2 members (Owner, Member) and 1 attached tag

What should the initial state be for this task?

  1. 1 coding event with 2 members and 1 attached tag

Steps to achieve initial state:

  1. None

State

Prompt: remove a tag from an existing coding event

What requests were fired, and by who, after achieving the initial state?

  1. Member: DELETE /api/events/{CodingEventsId}/tags/{tagId}
  2. Owner: DELETE /api/events/{CodingEventsId}/tags/{tagId}

What is the final state after firing these new requests?

  1. 1 coding event with 2 members and 0 attached tags

Authorization

What happened when the Member tried to remove a tag?

  • status code: 403 Forbidden
  • body: Not an owner of the Coding Event

What happened when the Owner tried to remove a tag?

  • status code: 204
  • body: No content success

Remove a Member from a Coding Event

prompt: try to remove a member from an existing coding event

Planning

What is the current state?

  • 1 Coding Event with 2 members (Owner, Member)

What should the initial state be for this task?

  1. 1 coding event with 2 members (Owner, Member)

Steps to achieve initial state:

  1. None

State

Prompt: try to remove a member from an existing coding event

What requests were fired, and by who, after achieving the initial state?

  1. Member: DELETE /api/events/{CodingEventsId}/members/{memberId}
  2. Owner: DELETE /api/events/{CodingEventsId}/members/{memberId}

What is the final state after firing these new requests?

  1. 1 coding event with 1 member (Owner)

Authorization

What happened when the Member tried to remove a member?

  • status code: 403 Forbidden
  • body: Not an owner of the Coding Event

What happened when the Owner tried to remove a member?

  • status code: 204 No content
  • body: empty

Leave a Coding Event

prompt: try to leave an existing coding event

Planning

What is the current state?

  • 1 Coding Event with 1 member (Owner)

What should the initial state be for this task?

  1. 1 coding event with 2 members (Owner & Member)

Steps to achieve initial state:

  1. Member: POST /api/events/{CodingEventsId}/members

State

Prompt: try to leave an existing coding event

What requests were fired, and by who, after achieving the initial state?

  1. Member: DELETE /api/events/{CodingEventsId}/members
  2. Owner: DELETE /api/events/{CodingEventsId}/members

What is the final state after firing these new requests?

  1. 1 coding event with 1 member (Owner)

Note

What happens if the Owner issues the request before the Member?

Authorization

What happened when the Member tried to leave the event?

  • status code: 204 No Contnet
  • body: empty

What happened when the Owner tried to leave the event?

  • status code: 400
  • body: JSON object describing the error

Cancel a Coding Event

prompt: try to cancel an existing coding event

Planning

What is the current state?

  • 1 Coding Event with 1 member (Owner)

What should the initial state be for this task?

  1. 1 coding event with 2 members (Owner & Member)

Steps to achieve initial state:

  1. Member: POST /api/events/{CodingEventsId}/members

State

Prompt: try to cancel an existing coding event

What requests were fired, and by who, after achieving the initial state?

  1. Member: DELETE /api/events/{CodingEventsId}
  2. Owner: DELETE /api/events/{CodingEventsId}

What is the final state after firing these new requests?

  1. 0 coding events

Authorization

What happened when the Member tried to cancel the event?

  • status code: 403 Forbidden
  • body: JSON object describing the error

What happened when the Owner tried to cancel the event?

  • status code: 204 No content
  • body: empty