Move /models /routes to explorer middleware #1134
Comments
|
Note: loopback-explorer does not use this routes, it has it's own routes for ages. If there was not a backwards-compatibility concern, I would say the routes can be immediately deleted. I am proposing to add a flag that will control whether these routes are added or not. This new flag should be:
|
|
Thanks guys for looking into this. I can take a stab at the first two items @bajtos has suggested. Depending on time, I might be able to look into the loopback-workspace one as well. I'll be sure to include a few tests as good measure. |
Trying to think through a config option that is meaningful and concise for this one, two options
Thoughts? |
|
Work completed to resolve this in PR. Though I wonder if we should improve the middleware to limit only |
|
+1 for
This part is easy, just add a new entry to templates/components/api-server/component.js and a new unit-test to test/end-to-end.js. |
|
@bajtos, no problem. I can make the update to the loopback-workspace project |
Add option to generated config file for the new legacyExplorer option introduced as a fix to strongloop/loopback#1134. This will ensure that the /routes and /models routes are disabled by default.
|
Does this require any doc updates or additions? Currently, to disable API Explorer, docs just say to delete How is the |
|
The instructions for disabling the API Explorer remain valid. This issue was to address two routes remaining exposed which have not been used by the API Explorer for some time. The |
Heh, that would be my job ;-) |
|
Ha! Sorry, I did not know :-) Thanks for all of the great work documenting, I imagine it's a decent challenge keeping up with all StrongLoop has going on! Your addition to the docs looks good, two small changes though:
Thanks! |
You're welcome... and, yes, it does keep me quite busy :-) Thanks for catching the typo! Fixed... |
Add option to generated config file for the new legacyExplorer option introduced as a fix to strongloop/loopback#1134. This will ensure that the /routes and /models routes are disabled by default.
* Remove deprecation warnings (Miroslav Bajtoš) * Add unit-test verifying top-level CORS setup (Miroslav Bajtoš) * Setup a single top-level CORS middleware (claylo) * Disable legacy explorer routes by default. Add option to generated config file for the new legacyExplorer option introduced as a fix to strongloop/loopback#1134. This will ensure that the /routes and /models routes are disabled by default. (Ron Edgecomb)
- Removed afterSave() model hook because: 1. it was depreciated in favor of Operation hooks (http://docs.strongloop.com/display/public/LB/Operation+hooks) 2. it was creating cyclic calls since calling identity() would trigger the afterSave() ==> so it's the job of the client to call the remote identity() method - Removed dummy-data creation in bootscript. Insertion of such data can be done via the API explorer - legacyExplorer : false (see strongloop/loopback#1134)
|
It would be good to be able to hit a model endpoint with the OPTIONS verb and get the equivalent of its entry in /models. |
Add option to generated config file for the new legacyExplorer option introduced as a fix to strongloop/loopback#1134. This will ensure that the /routes and /models routes are disabled by default.
* Remove deprecation warnings (Miroslav Bajtoš) * Add unit-test verifying top-level CORS setup (Miroslav Bajtoš) * Setup a single top-level CORS middleware (claylo) * Disable legacy explorer routes by default. Add option to generated config file for the new legacyExplorer option introduced as a fix to strongloop/loopback#1134. This will ensure that the /routes and /models routes are disabled by default. (Ron Edgecomb)
This issue raises the concern for these routes always being available. They should not be available from a vanilla use of
loopback.rest(). Instead whatever is using them (I'm assuming explorer) should add them or turn them on.The text was updated successfully, but these errors were encountered: