my question is about the design of an API.
We are about to rebuild our entire API backend infrastructure from Meteor.JS to NodeJS/Express.
Although we found one problem concerning our API. We used to have Method.Call on Meteor and could define whatever we want using that.
Now we would like to follow some REST principles and therefor we would like to use only GET/POST/PUT/DELETE and PATCH
While using PATCH, we were wondering if it was possible to authorize certain user roles to be able of only editing certain fields. And how we could do this in a clear and easy to understand manner.
Any help would be really great. If you ahve any questions feel free to ask me.
via mitchken
No comments:
Post a Comment