The complete changelog for the Costs to Expect REST API, our changelog follows the format defined at https://keepachangelog.com/en/1.0.0/
- Added
NOKas a new currency.
- Added
transfersupport to thebudget-proitem type.
- Added additional authentication tests.
- Corrected the options response for /update-profile.
- Updating user profile clears the permitted users collection for a resource type.
- Minor token tweaks.
- Added a command to prune partial users (bots) from the database.
- Added a
registered_viafield to register to optionally allow recording the App the user registered via.
- Updated the Budget Pro image on the landing page and added a launching soon badge.
- Updated our dependencies.
- Updated the content of all the notifications.
- Added the method to the URIs in the authentication responses.
- Corrected the docs URL in the registered notification.
- Corrected the namespace for some tests.
- Added a deleted field to Budget pro items, this field means we can reduce what we pull down for the Budget.
- Added an 'include-deleted' parameter for the Budget Pro collection, default collection will now not include deleted budget items.
- Added two new tests for the new parameter.
- Updated the API to run on PHP8.2.
- Split the item tests by item type to allow for more granular testing.
- Switched to the new email for Costs to Expect.
- Renamed the model utility class and refactored the delete jobs to use the utility class.
- Updated the copyright dates.
- Adjusted the structure of the collection for permitted users, user should be an object.
- User id not included in the permitted users responses.
- Moved some authentication OPTIONS responses from behind the authentication guard.
- Continued expanding our test suite.
- Added another site to the landing page.
- Corrections and updates to the README.
- Added resource tests, action and view, also add category view tests.
- Added the OPTIONS schema for the resource collection, categories collection, resource show and category show.
- Added two buttons to the landing page, one to access the API, one to view the docs.
- Added additional helper methods for testing.
- Reviewed and updated the resource type tests, added tests for each 'item-type' and updated the tests to exclude pulling public resource types.
- Reduced throttle limit to 300 requests per minute.
- Removed throttle limit for tests.
- Added a message to the README to explain the 'exclude-public' URI parameter.
- Minor fixes to the budget-pro migrate job.
- Fix for data parameter validation.
- Clear resource cache after successful migration.
- Added a route for budget to budget-pro migrations, copies over all the budget item and resource (accounts) data.
- Added an OPTIONS request test for the new migrate route.
- The account deleting jobs are now all aware of the 'budget-pro' item type.
- Added missing "not supported" responses for the 'budget-pro' item type.
- Added support for the 'budget-pro' item type. For now the 'budget-pro' item type is a duplicate of the 'budget' item type but that will change in the future.
- Added additional tests for the resource controllers.
- Added tests for the item action controller.
- Added tests for the item view controller.
- Added a second phpunit.xml file, this file allows you to run tests in your IDE without Docker setup, the default phpunit.xml file is for the command line.
- Added a test helper to create a new user.
- Reviewed the existing test, updated the test to match the App structure.
- Renamed the "Manage" controllers, now "Action".
- Updated the tests section of the README, simpler layout to separate action and view tests.
- Updated the resource type tests, they create data rather then assuming it already exists.
- Removed anything related to Bootstrap, we are now using Tailwind.
- Invalid field check missing in 'game' item update.
- The 'game' schema file was incorrect, two fields can be null.
- Referenced lang file incorrect for item type 'game' patch fields.
- New landing page, switched to Tailwind
- Split all route files based on 'entity' rather than 'visibility'.
- Split the authentication controller into view and manage.
- Split controllers based on function, view, manage and summary.
- Updated the back-end and front-end dependencies.
- Fixed all authentication actions, validation message format updated to match the rest of the API.
- Added a
/statusendpoint to return the environment and cache status for the API.
- The forgot-password endpoint will return an encrypted token, not the actual token.
- Fixed the config file for the forgot password options response.
- Corrected the error message when forgot password can't find the account.
- Content correction for landing page.
- Minor test fixes.
- Query incorrect for fetching permitted user.
- Minor cache tweaks.
- Switch from using request->all in validation.
- Corrected config files.
- I have added four more currencies to the API, CAD, AUD, NZD & INR.
- Minor content updates to the landing page.
- I have added cache clear requests to the "delete" jobs added in v3.06.0. Data was being deleted but the cache was remaining.
- Item data and item log do not support the
budgetitem type yet.
- Adjusted cache invalidation, switched to synchronous cache clear
- I have added multiple routes unto
/auth/to list permitted resource types and the corresponding permitted resources, these are to enable delete requests. - I have added a
DeleteResourcejob, this job attempts to delete the requested resource and all associated data. - I have added a
DeleteResourceTypejob, this job attempts to delete the requested resource type and all associated data. - I have added a
DeleteAccountjob, this job attempts to delete your account and all associated data. - I have added a
v3/auth/user/request-deletePOST endpoint, you can request the full deletion of your account. - I have added a
v3/auth/user/permitted-resource-types/{permitted_resource_type_id}/request-deletePOST endpoint, you can request the full deletion of a resource type. - I have added a
v3/auth/user/permitted-resource-types/{permitted_resource_type_id}/resources/{resource_id}/request-deletePOST endpoint, you can request the full deletion of a resource.
- Adjusted cache invalidation for create resource type and switch to synchronous cache clear, permitted resource types need to be cleared immediately.
- I have reviewed the cache system and attempted to simplify it.
- I have reviewed and refactored the authentication controller.
- Updated the route descriptions for multiple routes, spelling issues.
- Removed duplicated routes in the
authroutes file. - Corrected OPTIONS response for multiple auth routes, not returning authentication status.
- Config file referencing the incorrect language file.
target_accountis not a required field for the "budget" item type.amountandnameshould be sorting options for the "budget" item type collection.descriptionandend_dateare nullable fields for the "budget" item type.nameshould be a sortable field for the "budget" item type.
- Added full support for the
budgetitem type, all endpoints.
- Updated the landing page image for the 'Budget' App.
- Updated the descriptions for all
itemOPTIONS endpoint responses, the descriptions are now specific to the item type`. - Updated the README, added additional Apps and improved the content in general.
- Corrected PATCH and POST validation for
items, execution will stop and return immediately. - Corrected an indentation issue in the CHANGELOG.
- Added the "Yatzy" item subtype to support the new Yatzy game scorer.
- Updated the landing page, added "Expense" and "Yatzy".
- Corrected a return type in a model, possible to be NULL.
- Corrections to the landing page
- Added a new landing page, mirrors the new "Budget" and "Yahtzee" landing pages.
- Added "Logging" for items - new route
v3/resource-types/{resource_type_id}/resources/{resource_id}/items/{item_id}/log. Log entries can only be added and will be deleted along with the relevant item.
- Switched to Bootstrap 5.
- We have updated the README to detail other Apps which use the API.
- Added a missing PATCH route to the README.
- Corrected the description in an OPTIONS request.
- JQuery removed from dependencies.
- Corrected the route prefix for cache invalidation, JSON schema files and the README.
- We have added the "budget"
item-type, required for the Budging app.
- Updated out tests to be aware of the new
item-type. - Updated all out back-end dependencies.
- Updated the README to document the
X-Skip-Cacheheader.
- Corrected the case for the
X-Skip-Cacheheader.
- Updated the limit for category assignments.
- The
completefilter parameter for games can return in progress games, was limited to be a positive option only.
- The
player_idshould be thecategory_id, not theitem_category_id
- Corrected the route prefix for cache invalidation, JSON schema files and the README.
- We have added a keyed data endpoint, allows us to store arbitrary data for games, later, we will add support for keyed data below the
allocated-expenseitem-type. - We have added an
include-playersparameter for the items collection and show requests when fetching games.
- The validation error for a non distinct category is not based on the resource type/item type combination. For expenses the message refers to categories, for the game item type the message refers to players.
- The fallback route returns a 404 status code along with the existing message.
- Added a lang file for
parameters-showfor allocated expenses. - We have updated model calls in the manage controllers, using
$viewable_resource_typeswhen they should be using$permitted_resource_types. - Minor refactoring and clean-up.
- We have removed the
simple-expenseandsimple-itemitem types. Simple expense are covered by Allocated expenses and Simple items don't have a place inside the service at the present time.
- We have added an
item-typefilter to the resource type collection, you can limit what resource types to return. - We have added an
item-subtypefilter to the resource collection, you can limit what resources to return. - We have added the 'Yahtzee' item subtype.
- Lots of refactoring.
- We have updated our backend dependencies.
- Renamed a lang file, the parameters-show config file should be using the parameters-show lang file.
- We allow the
collectionparameter forsimple-itemitem-type collections. - We have added tests for subcategory management, found another bug, whoopee!
- We have added tests for item type responses.
- We have added an option response tests for the resource types collection and a resource type.
- We have added additional resource type tests and created/updated the json-schema files as necessary.
- We have added a catch-all route for non-matching routes.
- We have renamed the tests directory and corrected the namespaces.
- We are continuing to update out routes to named routes.
- We have moved additional responses to the response class.
- We have updated more response, if a collection is included in a response a
urifield will contain the relative URI to the relevant collection. - We have adjusted the layout of the test section in the README and added a note explaining the meaning of 'Non yet'.
- We have updated the response when attempting to delete an item with category assignments, rather than return a generic foreign key error, we specifically mention that there are category assignments that need to be removed first.
- We have cleaned up the response description lang file.
- Removed an output in a test.
- Updated the route middleware, invalid decodes should return a 403 for the route.
- Added a unique validation rule for emails, don't leave the check to the database.
- Corrected the descriptions in the OPTIONS requests for
itemsummaries. - The allowed values for
winner_idshould be a category assigned to the item, not all the categories assigned to the resource type.
- We have added our first schema files for OPTIONS responses and started working on the tests.
- We have added tests for category management, found one bug when creating the tests.
- We have updated our response class for OPTIONS responses, we now allow parameters to be defined for POST requests. One example of where we need this is the create password POST request,
passwordandpassword_confirmationare required fields, however,tokenandemailare required parameters. Before this update, you had to parse the returned error of read the OPTIONS request description. - We have started splitting config files, a config file should be for one purpose.
- We have spent quite a bit of time reviewing the API structure and refactoring. We have removed unnecessary complexity, renamed classes and methods to describe intent more clearly and removed pointless base classes.
- We have reworked how allowed values are generated for the different item types, allowed values for fields and parameters have been split, and we have removed all abstraction.
- We have removed some route validation files which didn't do anything useful after all the item type work.
- We have reworked the responses class, removed exception parameters when not necessary, pass in an exception if thrown and now delegated responsibility to the responses class to decide if the exception should be returned in the response.
- We have upgraded the API to Laravel 9 and PHP 8.1.
###Fixed
- Options request incorrect for the
auth.registerendpoint (Test added). - Options requests returning response twice.
- Type corrected in OPTIONS response, authentication status/requirements now a boolean, not a string.
- Minor correction to the description of two POST endpoints.
- Corrected a type in the OPTIONS response for the month parameter.
- Corrected the
partial-transferJSON schema file. - Allowed values not showing for
categoryon GET endpoints. - Inconsistent usage of the responses helper.
- Category validator allowed duplicate names due to incorrect params, caught by model.
- We have removed the
ItemTypebase class and all the child classes. - We have removed a redundant validation class and moved the response method into the main response class.
- We have updated the partial transfers collection and show route, the partial transfer object includes the URI to the relevant entity.
- We have switched additional routes in our routes files to named routes.
- We have updated the json schema file for partial transfers.
- We have updated the
/auth/userroute, the route will now show any active created tokens. - We have added
device_nameas an optional field on sign-in, if set, the generated token will be prefixed with the device name. - We have added an
include-permitted-usersparameter when requesting a resource type, you will be able to see all the permitted users without having to go down the tree. - If an API response includes a related object, the first field should be the URI to the relevant collection or resource, we have started updating responses.
- We have added a
auth/user/tokensroute to show the active tokens, you can view an individual token as well as delete a token. - We have added a notification for failed jobs, if the
ClearCachejob fails we will get an email, luckily, it doesn't ever fail :) - We have added the ability to assign permitted users, if you have access to a resource type you can assign a known user to the resource type.
- We have added a view permitted user endpoint.
- We have added the ability to delete a permitted user, you can delete any permitted user with access to the resource type, including yourself.
- We have added initial tests for the permitted user routes.
- We have updated sign-in to clear tokens that have not been used for a year.
- We have added additional validation to
/auth/loginto match the create password routes. - We have removed additional references to our
item-typeentity class, keep code in the individual item type namespaces. - We have converted out
MailablestoNotificationsand they get send via the queue. - We have updated the
partial-transfersroute to use methods per item types, this way we can correctly return a 405 when an item doesn't support partial transfers. - We have updated the
transfersroute to use methods per item types, this was we can correctly return a 405 when an item doesn't support transfers. - We have localised all response messages in the Authentication controller to match the rest of the API.
- We have fixed our Authentication tests, we no longer overwrite the initial user, additionally, we have updated three tests to return success on a 422, not a 401.
- We have corrected a couple of parameter conversions, two parameters not correctly being converted to Booleans.
- Unable to delete an
allocated-expense, need to clear the partial transfers table.
After being away from the code for a while I've made some changes. I've reduced the complexity around different items types because things had started to get a little complex and I know what is coming next so want to clear out as much unnecessary code as possible. This is just a first pass, I'm sure there will be more but I have many other planned tickets to get on with.
- We have added additional tests for the
ResourceManagecontroller. - We have added tests for the
ResourceTypeViewcontroller. - We have added a logout route.
- We have added an OPTIONS request for
/auth/create-new-password. - We have added an OPTIONS request for
/auth/create-password. - We have added an OPTIONS request for
/auth/forgot-password. - We have added an OPTIONS request for
/auth/login. - We have added an OPTIONS request for
/auth/register. - We have added an OPTIONS request for
/auth/update-password. - We have added an OPTIONS request for
/auth/update-profile. - We have added an OPTIONS request for
/auth/user. - We have added an OPTIONS request for
/auth/check.
- We have made a couple of minor changes to the Docker setup.
- We have updated the README because of minor Docker changes and corrected the table layouts in the README file.
- We have updated all front-end and back-end dependencies.
- We have updated the copyright, we are now in 2022.
- We have added additional feature tests and removed some duplication in the tests, the README details the current test status.
- General refactoring, switched to method injection and logging exception messages.
- We are switching to named routes and have updated some route files, more will be updated as additional tests are created.
- We have done a quick review of each of the model classes and fixed a few tiny issues.
- We have reviewed all the
ItemTypeclasses, improved organisation with additional namespaces, renamed classes and methods, all with the goal being to try and make everything clearer. - We have reviewed all item based controllers and switched to methods per item type rather than hiding all the logic in larger item classes. There is slightly more duplication but this will allow us to more easily customise each item type as new ones are added, I'm looking at you forecasting.
- We have updated the item/categories routes and will return a 405 when a category is not supported for the item type.
- We have updated the item/subcategories routes and will return a 405 when a subcategory is not supported for the item type.
- The Authentication controller no longer extends from the base app controller, it was doing some unnecessary work.
- We have fixed the
delete_resource_type_successtest, wrong route. - The
notFoundOrNotAccessibleresponse will optionally return a 403 if not accessible and not a 404.
- We have removed a few files not used by the API.
- We have updated our password requirements; the minimum length must now be 12 characters.
- We have updated our back-end dependencies.
- Cache clear jobs are dispatched immediately; we no longer delay items in the queue.
- We have added a JSON
datafield to resource types. Thedatafield can be used to store any optional data specific to your resource type. - We have added a JSON
datafield to resources. Thedatafield can be used to store any optional data specific to your resource. - We have added additional tests.
- We have updated our dev dependencies and switched to a new faker library.
- We have moved the
Headerclass to theApp\Responsenamespace. - We have tweaked our
Optionclasses; we no longer use the same data array to generate Post and Get responses.
- We have corrected our resource-type and resources schemas; the required properties nesting is correct.
- We have removed the
effective_datefield from resources; the newdatafield will take over responsibility for storing this data as necessary. - We have removed the
Response\Header\Headersclass; the class is mostly duplicated code and serves no purpose.
- We have added additional
resource-typetests. - We have started work on
resourcetests.
- The cache setting for the API can now be set in
.env. - We have updated phpunit.xml; the local cache will be disabled for tests.
- We have updated our Docker setup; we have switched from MySQL 5.7 to 8.0 and PHP 7.4 to PHP 8.0.
- We have moved our Cache classes into
App\Cache. - We have updated our
ConvertRouteParametersmiddleware; our middleware now returns a 404 for invalid route parameters.
- We have updated some of our responses; the response no longer call
exit()and are therefore testable. - We have fixed our
ResourceTypeNamevalidator; our validator will no longer allow duplicate names.
- We have started transferring our Postman response tests to local feature tests.
- We have added tests for the
Authenticationcontroller. - We have started writing tests for the
ResourceTypeManagecontroller. - We have updated
/auth/forgot-passwordand/auth/register, both now support asendGET parameter, if defined, no email will be issued.
- We are tweaking the first install; we have squashed all the migrations and tweaked the Docker setup. We have added an
initial-install.sqlfile, this includes the required data for the API. - We have made minor changes to how we return validation errors; we were calling
exitand stalling our tests. - We have updated the responses for
/auth/forgot-passwordand/auth/register; responses include the required follow-on URIs and parameters. - We have updated the README, we have added a
Testssection and updated the setup steps.
- We have opened up registration on the API; you can register, login, and use all the expected authentication features.
- We have added notification emails for registration and forgot password requests.
- We have switched to Laravel Sanctum and removed all references to Laravel Passport, Sanctum makes more sense for our API.
- We have updated to Laravel version 8.
- We have tweaked our Docker setup and removed composer and phpunit.
- Content updates
- We have added the
X-Last-Updatedheader to theresource-types,resources,categories,subcategories,itemsandresource itemscollection routes. - We have added the
X-Last-Updatedheader to additional summary routes; the header was missing, and we are going to use it. - We have increased the coverage of our request test suite.
- We have relocated our
Transformerclasses; we have moved them out of theModelsnamespace.
- We have updated the way we calculated the value for
X-Last-Updated. We are using the max of thecreated atandupdated at, not just looking at thecreated attime.
- We have added a
completeparameter for thegameitem-type; when the parameter is included and set to true, only complete games will be returned in collections and summaries.
- We have added item-type based response classes for all item collections and summaries. Item and resource type items are unique; there are no shared dependencies. The shared dependencies were a result of the first two item-types being similar, with the addition of the game item-type, we have learnt our lesson.
- We have tweaked the TTL for permitted, and viewable resource types. The TTL for public viewable resource types is higher than for private users.
- With the addition of more item-type classes, we have tweaked our collection TTLs for public and private users.
- We have moved our 'Method' classes; it doesn't make sense for them to sit inside the 'Option' namespace.
- We have moved our 'AllowedValue' classes; it doesn't make sense for them to sit inside the 'Option' namespace.
- We have reorganised all the item-type classes; we are keeping all the classes for each item-type together.
- We have tweaked our response classes; we will do slightly less work when reading from the cache.
- We have removed all our interfaces; the interfaces were not useful, and we are going a slightly different way with the item-type classes, interfaces will return.
- We are now locally caching the permitted and viewable resource types; this change means we can skip a more expensive query per API request whilst the response is cached, we are experimenting with the TTL.
- We have added item
nameanddescriptionfields to the partial-transfers collection. - We have updated the schema for partial-transfers.
- We have updated the game item-type; the
winnerfield will now be null or an object, the object will have anidand aname. - We have updated the OPTIONS request for the
gameitem-type; the allowed values for the winner field will display if necessary. - We have tweaked our middleware; we use our Hash class rather than duplicating the effort.
- We have created several new classes to generate the allowed values data; these new classes are specific to each of our supported item-type. This change will speed up the OPTIONS requests for the non
allocated-expenseitem type as we will no longer query the database when we know there will be no results. - We have added a check to limit access to the partial-transfers route. The 'allocated-expense' item-type supports the partial-transfers feature, partial-transfers don't make sense for the other item-types.
- We have drastically simplified route validation. The API controls access to
resourcesat the resource type level; we have updated all route checks to validate the requested resource type rather than validate specific access to the request entity.
- We have corrected several configuration file calls; our calls were looking at transfers, not partial transfers.
- We have added localisation files for the
simple-itemandgameitem-type, several were missing.
- We have updated the
friendly_namefor item types; the updated names provide more information and make customising the App simpler. - We have updated the
item-typeobject included within theresource typeobject; theitem-typeobject will include thefriendly_namefield. - We have updated the description for our
gameitem type; we are going to support dice games. - We have removed the duplicated
includeUnpublishedfunctions and added a reusable method to ourClauseclass. - We have disabled sessions for our web routes.
- We have corrected an issue with our cache; we were incorrectly creating public cache entries rather than private cache entries. No data is leaking because the cache for resource types controls access and the resource type cache is correct.
- We have renamed the method which adds the clause to include unpublished costs. By default, the method excludes unpublished expenses, so we renamed the method to make the intention clear.
- We have added a migration to create the
gameitem-type table. - We have added the configuration for the
gameitem-types. - We have added a schema for the
gameitem-type. - We have added a schema for the
gameresource type item-type. - We have updated the item and resource type item collections; the collections are aware of the new
gameitem-type. - We have updated the summary routes; the item and resource type item summaries are aware of the new
gameitem-type.
- We are upgrading summaries; the new
gamesummaries include much more information than other summaries. We will upgrade all the summaries a little bit at a time.
- We have removed a rogue validation rule present in the POST request for the
allocated-expenseitem type. - We have updated the item category and subcategory assignment routes. Category and subcategory assignment routes can show more than one item in the collection if the item-type configuration allows.
- We have added an
item-subtypetable; the subtypes will allow us to customise individualitem-typeswithin the Costs to Expect App. - We have added a migration for the new
item-typeand the subtypes supported by theitem-type. - We have updated all resource collection and item response, we will include the selected
item-subtypein the response. - We have added an
item-subtypeschema. - We have added an
assigned-categoryschema for category assignments. - We have added an
assigned-subcategoryschema for subcategory assignments.
- We have modified the unique indexes on the
item_categoryanditem_sub_categorytable; we need to remove the unique index to allow multiple category assignments peritem. - We have updated create resource; we need you to define the
item-subtypewhen creating a resource. - We have added comments to the
allocated-expenseandsimple-expensemodels. We left join to the category and subcategory tables knowing there will only ever be at most one category. For lateritem-typesmultiple categories will get assigned to an item, we will need to come up with an alternative solution. - We have updated the clear cache calls for delete requests; we no longer add a job to the queue, we clear the cache synchronously.
- We have updated create resource type; we didn't start a transaction.
- We have updated the returned response after creating a resource type; the chosen item type will now show in the response.
- We have updated the API to support multiple currencies, we are starting with GBP, USD and EUR.
- We have added a
/currenciesroute to detail the supported currencies. - We have increased the scope of our development test suite, specifically with regards to summaries.
- We have added a
/queueroute to show the number of jobs in the queue.
- We have updated our item collections. If the
item typeincludes a monetary value, a currency object will be part of the response. - We have updated the relevant item POSTs,
currency_idis now required. - We have updated the relevant item PATCHes, `currency_id is an allowable field.
- We have updated our item summaries, the format of the response summary objects supports multiple currencies if necessary.
- We have updated our resource type item summaries, the format of the response summary objects supports multiple currencies if necessary.
- We have changed the cache which gets cleared when we create or delete a resource.
- We have added a delay for the job which clears the cache on creation or deletion of a resource type and resource.
- We have corrected a type error; the permitted user check fails because of a type error.
- We have added support for queues; we clear all cache via queues.
- We have updated all our management controllers, we add a job to the queue rather than clearing the necessary cache synchronously.
- We have added the Postman collection link to the menu and renamed the documentation button.
- We have updated our README and included details on how to start the queue.
- We have corrected a couple of minor coding issues, unused parameters etc.
- We have updated our changelog, small spelling error.
- We have updated our controllers and added missing return statements.
- We have added additional tests to our POSTMAN test collection to ensure allowed values exist where expected.
- We have updated our OPTIONS responses for summary controllers; where relevant, and we show the allowed values for a parameter or field.
- We have updated our back-end dependencies.
- We have updated our OPTIONS requests; in some cases, we were not showing allowed values for POST fields and GET parameters.
- We have tweaked our cache query; we use UNIX_TIMESTAMP() for comparison.
- We have removed a unique index from the
resource_typetable. - We have updated the OPTIONS response for the
resource-typescollection; we show the allowed values for theitem_type_id.
- We have reworked our item configuration; we are moving away from multiple item type classes and moving towards a configuration based setup.
- We have updated the web.config; our server will not serve static JSON files.
- We have updated our back-end dependencies.
- We will no longer send request error mails for 404s; the number of emails is getting out of hand.
- We have updated our cache manager; some endpoints will only ever have a public cache, never a private cache.
- We have fixed a small bug when creating items of type 'simple-item' and 'simple-expense'; we are not setting a date for 'created_at`.
- We have tweaked our cache management system; our system will not create a private cache for authenticated users when they are looking at public endpoints for which they have no permissions.
- We have updated the allowed values for some OPTIONS requests; the allowed values are sometimes not displaying.
- We have made a minor tweak to the query for selecting cache keys.
- We have added the ability to exclude public resource types; to exclude public resource types include
exclude-public=1in your request URIs. - We have added support for database transactions; if we are modifying more than one table, we use database transactions.
- We have added a route to show the number of cached keys for the authenticated user and then optionally delete.
- We have included the schema files for the API. The schema files are accessible at
/api/schema/[type].
- We have reworked our Option responses; we have moved the code from the controllers ready for the creation of a new package/library.
- We have removed some duplication in our controllers, fetching dynamic data for Options requests and validation responses is simpler.
- We have updated all manage controllers; we make use of the existing
user_idproperty if we need auser_id. - We have reworked how we are clearing cache; we clear the cache for all permitted users when any user makes a cache clearing change.
- We have fixed a couple of instances where we are not passing ids through our hashers.
- We have fixed the included category and subcategory objects in the resource type items collection.
- We have fixed a couple of transformers; we were not correctly formatting totals.
- We have corrected not found calls; in some cases, we were showing error messages on our live environment that we don't want to show.
- We have fixed the allowed values subcategories array; when we show the allowed values array with a validation error, the collection will have values.
- We have reworked all our deletes; in some cases, we were possibly creating null references.
- We have moved a call to fetch a config value; the function call is inside a loop which is a performance issue.
- We have updated the item type models': the
updated_atandcreated_atcome from the relevant item type model.
- We have removed all API request logging; the request logging isn't adding any value data that we can't get via other means.
- We have added support for an
X-Skip-Cacherequest header; If you include the header with your request we will skip response caching and fetch live values, please use this with care.
- We have added separate links for the documentation and example page and the postman collection.
- We have simplified our
\Model\Transformerclasses and made it possible to alter the returned data format. - We have added
publicas a sorting option for resource types. - We have reworked our pagination class; we have moved it to a new workspace and also improved how it works.
- We have moved our
Hashclass; theHashclass now lives in theRequestnamespace. - We have moved our
ModelUtilityclass: theModelUtilityclass now lives in theModelsnamespace. - We have updated the indexes in our
Hashrequest class; the indexes are consistent with the rest of the app.
- We have updated our pagination helper to include any defined filtering parameters.
- We have corrected pagination calls in all our controllers; we now include all possible request parameters.
- We have corrected calls to clear public caches; we were comparing different types.
- We have added a documentation page; the documentation page links to the API documentation and includes a couple of examples.
- We have updated the example ENV file.
- We have renamed a couple of our helper conversion/validation classes and moved them to a new namespace.
- We have made a minor content tweak on the landing page; the documentation button is in another section.
- We have updated and relocated our validation classes; the validation classes are now part of the
App\Request\Validatenamespace. - We have reworked our summary controllers; we have removed some code duplication and added additional error checking.
- Incorrectly assuming the result will be an array with at least one value.
- We have fixed an error in the changelog; we jump a couple of minor versions.
- We have switched to Redis for our cache.
- We have added an application cache for summaries; we include the ETag header however we are not yet returning a 304.
- We have updated the caching system to respect the
cacheconfig setting.
- We have split calls to clear public and private cache keys.
- We only clear public cache keys when modifying a public resource type.
- We have updated the web.config; the web.config file was referring to PHP7.3.
- Added removed class type hints now that we are running PHP7.4.
- We have added an application cache for collections; we include the ETag header however we are not yet returning a 304.
- We have moved our route validators; the route validators sit inside the
App\Requestnamespace. - We have moved our
Headerutility class; theHeaderclass sits inside theApp\Responsenamespace. - We have moved our
RoutePermissionutility class; thePermissionclass sits inside theApp\Requestnamespace. - We have moved and simplified our
Parameterclasses; theParameterclasses sit inside theApp\Requestnamespace. - We have moved and renamed the
RequestUtilityclass; theBodyValidationclass sits in theApp\Requestnamespace.
- We have added search to the categories summary endpoint.
- We have added search to the subcategories summary endpoint.
- We have added search to the resources summary endpoint.
- We have added search to the resource-types summary endpoint.
- We have updated the transfers collection; you can filter the results by an
itemID. - We have updated the partial transfers collection; you can filter the results by an
itemID. - We have added additional filtering options for collections. We have added
totalandactualised_totalrange filtering for theallocated-expenseitem type andtotalrange filtering for thesimple-expenseitem type.
- We have added the documentation URI to the README and API; the documentation for the API is work in progress; it is almost complete.
- We have added a version query parameter to the CSS include.
- We have removed a unique index on the
item_transfertable; the index was limiting the ability to transfer an item multiple times. - We have altered the format of the category and subcategory object for item relationships; the returned object is now a closer match to a category object.
- We have updated the URIs for item category and subcategory assignments; the URI was singular for a collection.
- We have updated the item delete endpoint; we did not return a conflict error before removing relationships.
- We have tweaked the
typefor expense fields; we highlight that the supplied value should be a decimal string.
- The
namefield now displays as a required field in the items collection OPTIONS request. - The
filterablearray shows in the OPTIONS response for resource type items. - We have updated the namespace in a model.
- We have corrected the case of a model name.
- We have added the migrations for the original item-types, missing from the import.
- We have added a database migration to update the
friendly_nameandexamplesdata foritem-types. - We have updated the delete item request; we delete the transfer log entries for the item.
- We have updated two
item-typesummary endpoints to show they are sortable byname.
- We have removed the category and subcategory item assigned URIs and replaced them with correctly named URIs for collections.
- We have adjusted the lottery value to reduce session clears.
- We have updated to v3.5.1 of Jquery, v3.5.0 was bugged.
- We have updated the delete resource type action; we have added additional checks before we attempt to delete, it was possible to remove relationship values which made the resource type inaccessible.
- We have updated all item endpoints to return
updated; this is the date and time an item was updated, not its category assignments. - We have updated item collection and show endpoints; we are going to allow the possibility of items not having categories and subcategories. When you add the
include-categoriesandinclude-subcategoriesparameters to a request, we will not exclude items without category assignments. - We have updated the API to the latest release of Laravel 7.
- We have updated the front end dependencies for the welcome page.
- We have updated the
item-typesroute to show additional information on each tracking method. - We have updated all decimal fields to 13,2 rather than 10,2.
- We have updated all description fields; we have switched all the description fields from varchar(255) to text.
- We have corrected a bad link on the landing page.
- We have corrected a typo on the landing page.
- We have switched the table we look at to return created at for an item; we should be using the sub table, not the base item table.
- We have corrected the
/resource-types/OPTIONS request;publicis not a required field.
- We have tweaked our Docker setup to allow a local API and App/Website; the ports have been changed and a network has been created.
- We have added a new route,
/resource_types/[id]/resources/[id]/items/[id]/partial-transfer; A partial transfer allows you to transfer a percentage of thetotalfor an item from one resource to another. - We have added an
item_transfertable; the table will log which items were transferred and by whom. - We have added a partial transfers collection; the route is
/resource_types/[id]/partial-transfers. - We have added a partial transfers item view; the route is
/resource_types/[id]/partial-transfers/[id]. - We have added a transfers collection; the route is
/resource_types/[id]/transfers. - We have added a transfers item view; the route is
/resource_types/[id]/transfers/[id]. - We have added a delete endpoint for partial transfers.
- We have reformatted the validation rules in the configuration files; easier to read and simpler to add additional rules.
- We have switched the HTTP status code for a "Constraint error" from 500 to 409.
- We have tweaked the description for the resource field in the
/resource_types/[id]/resources/[id]/items/[id]/transferOPTIONS request. - We have renamed the third parameter of the route validation methods; we changed the name from
$manageto$write. - We have renamed a response helper method; it was not clear from the name that the method is used for updates and delete.
- It is possible to set the quantity for a
simple-itemitem as zero. - It is possible to clear optional values in a PATCH request.
- When a response includes additional data via the include parameters, we include the URI fragment for that data.
- We have updated the
resource-types/[id]/resources/[id]/items/[id]GET endpoint; theinclude-categoriesandinclude-subcategoriescan be included in the request for 'allocated-expense' and 'simple-expense' type items.
- We have switched to a new font; the font is more legible at small screen sizes, and, it looks cool.
- We have reviewed our HTTP headers; Content-Language missing along with other expected headers.
- We log the id of the user that added a user to the 'permitted_user' table; this is to help later with permitted user management.
- We have updated the API to the most recent version of Laravel 6.
- The
descriptionfield for thesimple-itemtype should be nullable. - Card data missing from head.
- Google analytics missing.
- We have renamed the existing Interfaces, more straightforward names.
- We have added additional Interfaces interfaces for the summary models.
- We have refactored several model classes to again, simplify the naming.
- We have corrected multiple summary config files, unnecessary structure.
- We have unified the parameters for related item methods.
- We have added range filtering to the
itemscollection; initially, we have added support for filtering for theeffective_dateofallocated expenseitems. - We have added range filtering to the resource type
itemscollection; as above, we have addedeffective_datefiltering. - We have added support for range filtering to the
itemsandresource type itemsummary routes. - We have added an X-Filter header to show the valid filters applied to a collection.
- We have added a link to Costs to Expect blog; the blog is a central repository for all product updates and somewhere to talk about our products.
- We have added a
FilterParametersclass to fetch any filter parameters from the URI and validate the format and values.
- We have refreshed the landing page, we have added updated text for each of the products within the service.
- We have tweaked the stying for the landing page.
- We have renamed the data methods in the
Optionsubclasses, the conditional prefix is confusing. - We have added an
interfacefor the item model classes. - We have added an
interfacefor the resource type item model classes.
- We have updated the
Option/Getclass, thesort,searchandfilterparameters will only display if there are viable parameters.
- We have removed the layout file, not used as there is only one view file for the API.
- Select the correct year when validating the min and max year for year validation.
- The logo on the welcome page will redirect you to the API, not the app dashboard.
- We have added a new item type,
simple item. We intend that the 'simple item' type is useful for managing collections. The API will now allow you to list, add, edit and delete them. - We have updated the summary routes to calculate the correct summaries for the
simple itemtype.
- We have removed the effective date from simple expenses. Our intention is simple expenses are bucket based, not time-based.
- We have updated the copyright for the API.
- We have moved additional methods in the base
itemclasses to reduce configuration code duplication. - We have simplified the validation classes for
itemcreate and update requests. - We have renamed some of the methods on the
itemclass to make the intent of the method names more clear. - We have renamed the item interface class.
- We have moved the
resource type itemclasses; they are below theitemclass; there is no need for them to be so low in the structure. - We have moved the factory class for
resource typeitems. - We have moved the validation classes.
- We have moved the
itemmodel classes; we have grouped all classes of the same type.
- We have added a GET 'auth/check' endpoint; faster check for the Costs to Expect App.
- We have updated the dependencies for the API.
- We have enabled URL compression.
- We now return the user id on sign-in, saves a second request for the Costs to Expect App.
- We have updated the README, adding links to the App
readmeandchangelog. - We have tweaked two middleware classes to improve performance slightly.
- The HTTP verb was incorrect for the 'auth/user' endpoint.
- We have added a configuration option to control API registrations.
- We have made adjustments to the registration process; we return status code 204. Please sign-in to get your Bearer.
- We have updated the maintenance message to include a link to the status page for the Costs to Expect service.
- Dependencies updated.
- We have added a new landing page; the design matches the rest of the service.
- Correction to a migration,
updated_byfield nullable. - Correction to a migration file, a data type was incorrect.
- We have added an X-Last-Updated header to the item summaries. It is only relevant and applied to the summaries which return a single item. Summaries that return a collection do not include the header.
- We have updated the X-Total-Count header for summaries which return a single item; the header is now the total number of 'items' in the result.
- We have tweaked the server config and no longer return some default server headers.
- We have added links to the Costs to Expect app.
- We have added 'app' as a source for the request log and error log.
- We have removed three traits from the base controller.
- We have removed the exception code for the failed request entry.
- We have switched to database session driver.
- Removed routes we aren't using.
- Switched composer autoloader optimisation.
- We have switched to database caching.
- We have updated the parameters helper, it now throws away more invalid requests.
- Dependencies updated.
- We have updated the landing page content.
- We have corrected the response for login, 201 (Bearer created) rather than 200.
- We have added a GitHub callout to the top right corner of the API landing page, courtesy of https://github.com/tholman/github-corners.
- We have updated the code to ensure the data arrays in the config files get used whenever possible; minor data arrays for parameters defined in two locations.
- We have added additional summary models.
- We have moved the item and resource type item models, now organised by namespace, not the class filename.
- We have moved the item and resource type item transformers, now organised by namespace, not the class filename.
- We have moved all the
existsToUsermethods out of theitemmodels and into aPermittedUsermodel. - We have updated the
itemandresource type itemsummary routes; they respect the chosen resource type (Allocated expenses and Simple expenses) and provide the relevant summary.
- We have corrected several more class names, incorrect capitalisation.
- We have added a new route,
item-types, the route shows the item types supported by the API.
- We have updated the landing page; the focus was previously on the website; the API is the backbone of the entire service; the site is ancillary.
- We have moved the summary controllers; we should use namespaces to organise the code, not filenames.
- We have moved the summary transformers; we should use namespaces to organise the code, not filenames.
- We have started to move the summary models; we should use namespaces to organise the code, not filenames.
- We have merged the authorised and general API routes section, the README details the API routes and the API summary routes in two tables.
- We have moved some configuration files. We thought it was odd how some were outside of folders; additionally, config files should only be in folders if there can be multiple files for the 'section'.
- We have moved localisation files to match their config partners.
- We have updated the allowed values for the
yearGET parameter; we derive the values from the data; the limit for Jack should be 2013 to 2019, for Niall te limit should be 2019. - We have updated the GET parameter validator; supplied values validated against values defined in the OPTIONS request.
- We have corrected the category summary routes in the README.
- We have corrected the name of a few transformers, incorrect capitalisation.
- We have corrected the name of a few controllers, incorrect capitalisation.
- We have set the salt for the item type hasher.
- For uncaught exceptions, we return the trace when the API is in development mode.
- We have updated the code to generate conditional GET parameters; the item type defines which parameters exist.
- We have updated the create resource type route. It is now possible to set the item type that you want to use. There are two expense types, "allocated expense" and "simple expense". An allocated expense allows you to allocated a percentage of the total cost; a simple expense only has a total, no allocation rate.
- The supported item types exposed in the resource types OPTIONS request, additional item types will be added over time.
- We have added an item type hasher to hash the ids for item types.
- We have added support for simple expenses, create a simple expense resource type and off you go, "simple expenses" instead of "allocated expenses".
- We have added an interface to use when interacting with items; it works out the item type by looking at the resource and then returns the relevant models and configuration data.
- We have updated numerous sections of the API to dynamically expose the relevant fields, sort parameters and search parameters etc. based on the current item type.
- We have moved several
itembased configuration files into the relevant item type folder.
- Localisation missing for allocated expense name.
- We have added an
X-Parametersheader; it contains the validated parameters for the request.
- We have updated the README; we have added a Headers section detailing the purpose of each Header.
- Requests are now only logged when the app is not in development mode.
- The
requiredvalue is incorrectly set totruefor fields in the PATCH section of the options request. - We have corrected the queries for the total counts.
- The
descriptionfield in theitem_typetables is now nullable. - We have updated the
item_typetables; all descriptions are now null. - We have upgraded to version 5.8 of the Laravel framework.
- The subcategory parameter is only passed through to the relevant controller if the category parameter is also valid.
- We have added a
Headerutility class that can be used to generate the expected headers for collection and item requests. - We have added a
RoutePermissionclass which returns the view and manage permission for each route.
- We have updated all routes to use the new
Header, utility class. - We have updated all the
Optionsrequests to use the newRoutePermissionsclass.
- We have fixed the item subcategory route; the field name for POST was incorrect, still had the underscore.
- We have corrected the query for the request/access-log, rather than return the entire collection and count the results, probably easier to let MySQL count the results, doh!
- Unable to delete a subcategory because an instance was not being returned from the model.
- We have removed the category routes; they are now available below resource types.
- We have removed the category summary routes; they are now available below the resource types summary.
- We have removed the subcategory routes; they are now available below resource types.
- We have removed the subcategory summary routes; they are now available below the resource types summary.
- Links on welcome page incorrect.
- We have added
updated_byto theitemtable, records the user who was last to update a record. - We have added a
permitted_userstable; this is used to link users and resource types. - A permitted user record created/removed on addition/removal of a resource type.
- We have added a custom validator
ResourceTypeName; it checks the given name is unique for the user based on the resource types they are permitted to modify. - We have added two useful properties to the base controller,
permitted_resource_typesandinclude_public. - There are now two item types, allocated expense and simple expense. We have split the item table; there is the base item data and then the data for the specific item type.
- We have updated the
itemtable,user_idfield has been changed tocreated_by. - We have updated the validation rules for resource types; now aware of permitted users.
- We have renamed the
privatefield in theresource_typetable; it is nowpublic, the flag is no longer used to hide the data so it should be named based on the goal. - We have modified all requests to fetch resource types; the queries now take into account the public setting the resource types you are permitted to manage.
- We have reworked the
resource type,resource,item,category,subcategory,item categoryanditem subcategoryroute validators. The validators check your permitted resource types, your intended action and the existence of theitembased on your permissions. - We have added additional messages into the language files; API is multi-lingual friendly.
- We have renamed the route validation helper methods, the class is called
Route, we don't also needroutein the name. - We have renamed any incorrectly spelt subcategory variables, the space between
subandcategoryneeded to go; models, classes and controllers, later. - We have updated the authentication field in the OPTIONS requests; we now show if authentications required for the HTTP verb and what your current authentication status is.
- We have added a base class for the
Optionclasses to remove code duplication. - We have updated the
Optionclasses; they now return the current authentication status for the current request. - We have renamed the
sub_categoryfield for theGET/resource-types/[resource-type]/resources/[resource]/items/[item]/category[category]/subcategorycollection and item. - We have recreated the migration files for new installs. NOTE: you cannot upgrade from v1 to v2 with the included migrations. I have an upgrade SQL file if you need help converting to the new schema.
- We now return a more friendly error message for unauthenticated requests.
- We have removed
include_privateandresource_type_privatefrom the code, replaced byinclude_publicandpermitted_resources_types.
- We have added a new summary route,
/summary/categories. - We have added a new summary route,
/summary/categories/{category_id}/subcategories.
- We have added
X-Countheaders to several endpoints from which they were missing. - Content corrections in the README.
- Minor corrections after the creation of additional Postman monitors.
- We have added an error log database table, initially, for capturing 500 errors.
- We have added an
InternalErrorevent and listener. After writing the error to the database, we send an email with the error.
- We have added string length validation for hashed id values; all should be ten characters.
- We have reduced the
request/access-loglimit to 25, from 50. - We have renamed the
CaptureAndSendlistener; it is specific to request errors so the name should beCaptureAndSendRequestError.
- We have updated the domain for Mailgun, now mail.costs-to-expect.com rather than the temp domain.
- We have updated the OPTIONS requests, they now show additional validation data if necessary.
- We have continued to unify information names in the OPTIONS requests; we use dashes instead of underscores.
- We have updated the from setting for emails so 'on behalf of' doesn't show for sent emails.
PATCHmissing from web.config, we have also corrected the PHP version number.- String length validation rules missing from validation checks.
- We have added PATCH support for categories; if authenticated, you can update the selected category.
- We have added PATCH support for subcategories; if authenticated, you can update the selected subcategory.
- We have added PATCH support for resource types; if authenticated, you can update the selected resource type.
- We have added PATCH support for resources; if authenticated, you can update the selected resource.
- We have added a Request utility class with helper methods for POST and PATCH request validation.
- Updated the copyright, should be G3D Development Limited, not me personally.
- We have removed the protected
areThereInvalidFieldsInRequestmethod from the base controller. - We have removed the protected
isThereAnythingToPatchInRequestmethod from the base controller. - We have removed the protected
returnValidationErrorsmethod from the base controller. - We have updated the README and added Mailgun.
- We have corrected some data; the assigned categories and subcategories were missing for six expenses.
- We have added a
debugfield to the request error log; you can optionally provide information that may be useful in tracking down the error.
- We have added an
OptionPatchclass to help generate the PATCH data array for the OPTIONS requests. - We have added an
OptionDeleteclass to help generate the DELETE data array for the OPTIONS requests. - We have added an
Eventon request error log entries. - We have added a
Listenerto capture the request error log event; the Listener sends a mail.
- We have updated all controllers to use the new
Optionclasses to generate the OPTIONS requests for collections. - We have updated the
ItemYearTransformerclass. - We have updated the
ItemCategoryTransformerclass. - We have updated the
ItemSubCategoryTransformerclass.
- Removed the
generateOptionsForIndex()method from the base controller. - Removed the
generateOptionsForShow()method from the base controller.
- We have corrected a call to the subcategory entity when a not found error is returned.
- We have added
X-SortandX-Searchheaders to the/v1/resource-types/[resource-type]/itemscollection. - We have added
sourceto the/v1/request/error-logcollection. - We have added listeners to revoke and prune old/unnecessary access tokens.
- We have added an
OptionGetclass to help generate the GET data array for the OPTIONS requests. - We have added an
OptionPostclass to help generate the POST data array for the OPTIONS requests.
- The
/v1/categoriesOPTIONS request is generated using the new Option classes.
- Sorting the
/v1/resource-type/[resource-type]/itemscollection bydescriptiongenerates an error, table name missing from sort field causing ambiguity.
- We have added a
collectionparameter which is available to some collections. When thecollectionparameter is defined andtrue, it overrides the pagination limits, and we return the entire collection.
- We have updated the pagination helper class to check to ensure that the
collectionparameter is allowable for the request.
- We have added an
X-Sortheader to responses, displays the valid sort options, the applied sort options may differ to the requested sort options. - We have added an
X-Searchheader to responses, displays the valid search options, the applied search options may differ to the requested search options.
- We have eliminated some code duplication around allowable search and sort options.
- We have eliminated some code duplication in the models relating to the way search parameters get added to the queries.
- Sorting the
/v1/resource-type/[resource-type]/resources/[resource]/itemscollection bydescriptiongenerates an error, table name missing from sort field causing ambiguity.
- We have added sorting to the
/v1/resource-typescollection; you can sort onname,descriptionand date created. - We have added sorting to the
/v1/resource-types/[resource-type]/resourcescollection; you can sort onname,description,effective dateand date created. - We have added sorting to the
/v1/categoriescollection; you can sort onname,descriptionand date created. - We have added sorting to the
/v1/categories/[category]/subcategoriescollection; you can sort onname,descriptionand date created.
- We have been busy refactoring again, mainly in the models this time.
- We have increased the Postman test coverage; we are not yet at full coverage; however, we are approaching full coverage with every release.
- We have removed a redundant query after the create category request.
- The
v1/summary/resource-types/itemssummary supports all the same features as the mainitemssummary; you can make a filtered request and even include a search term. - We have added pagination to the
/v1/categoriesGET endpoint. - We have added pagination to the
/v1/categories/[category]/subcategoriesGET endpoint. - We have added pagination to the
/v1/resource-tyesGET endpoint. - We have added pagination to the
/v1/resource-types/[resource-type]/resourcesGET endpoint. - We have added search to the
/v1/categoriesGET endpoint; you can search onnameanddescription. - We have added search to the
/v1/resource-typesGET endpoint; you can search onnameanddescription. - We have added search to the
/v1/categories/[category]/subcategoriesGET endpoint; you can search onnameanddescription. - We have added search to the
/v1/resource-types/[resource-type]/resourcesGET endpoint; you can search onnameanddescription.
- We have modified the year GET parameter to include "next" year, we may have unpublished items for next year and don't want to prohibit summarising the data. (The
yearvalidation should limit based on the existing data, an issue has been created to find a better solution). - We have removed unnecessary clauses in the base validation switch statement.
- We have altered the format of the included resources and subcategories when the
include-resourcesorinclude-subcategoriesparameters exist in the request.
- The resource type items summaries are not using the
include-unpublishedparameter. - The response for a summary request that returns no results returns a 200, not a 404, the endpoint is correct it just no longer returns results because of the GET parameters.
- Transformers should not call models, only transform data, corrected the ResourceType transformer.
- Removed the
include-resourcesparameter from the resource type collection, not useful at the collection level and causes unnecessary SQL requests, remains an option when requesting a single resource type. - Removed the
include-subcategoriesparameter from the categories collection, not useful at the collection level and causes unnecessary SQL requests, remains an option when requesting a single category.
- Validation added to validators, check to ensure the required indexes set.
- The filtered summary (
v1/summary/resource-types/[resource-type]/resources/[resource]/items) includes search terms; previously, the request silently dropped them. - Minor rework of the validator classes, I added abstract methods to the base class.
- There is no need to pass
$requestaround. - Removed a query that is executed after
create item, unnecessary DB request. - Refactored the
ItemControllerandItemmodel, attempting to get it into shape before the system grows.
- I have reworked the
/summary/resource-types/[resource-type]/resources/[resource]/itemssummary. Previously if you defined a time-based filter parameter, category and subcategory parameters are ignored.
- Corrected dates in the CHANGELOG, the last two releases were not two years ago.
- Search terms generate invalid SQL.
- Tweak to the Docker setup, read values from the .env file. At this time, Docker is for development, that may change in the future; obviously, the passwords in the .env file were not real passwords.
- Moved Xdebug into Docker.
/summary/request/access-logsummary route to replace/summary/request/access-log/monthly.v1/resource-types/{resource_type_id}/resources/{resource_id}/items/{item_id}/transferroute to replacev1/resource-types/{resource_type_id}/resources/{resource_id}/items/{item_id}/movesourceis a required field for the error log.
- Tweaks to Passport/OAuth.
- Tweaks to the Docker setup.
- Moved composer into Docker.
- Upgraded to PHP 7.3.
- The
/summary/request/access-log/monthlyroute removed; there isn't a corresponding API route, the route shouldn't havemonthlyat the end. - The
v1/resource-types/{resource_type_id}/resources/{resource_id}/items/{item_id}/moveroute, transfer matches the process better than move and also makes sense for future endpoints, in this case partial-transfer.
- Heading in the CHANGELOG.
- Split the
request/error-logandrequest/access-logconfiguration and localisation files.
- The landing page for the API is no longer affected by maintenance mode.
- We have customised the API response when in maintenance mode.
- Added an alert to the landing page when the API is in maintenance mode.
- The resource type items collection supports sorting via the
sortparameter. - The resource type items collection supports searching via the
searchparameter. - Added an
include-unpublishedparameter to the items collection and the items summary. - Added an
include-unpublishedparameter to the resource type items collection and summary. - Added the ability to move items to another resource within the resource type.
- The
sortableandsearchableparameters for the OPTIONS request are automatically assigned if they are relevant. - The
sortableandsearchableparameters are set tofalseif not relevant for the endpoint. - Tweaked the exception handler, throw more friendly error messages in production.
- All item collection and summary queries need to apply the
publish_afterclause via a closure otherwise the braces don't get added correctly in the query. - Delete item endpoint,
delete()is called on an array, not a model instance. - Corrected references to localisation file.
- Fixed a spelling error in the responses localisation file.
- Database error when
include-categoriesandcategoryparameters both set for an item collection.
- Hasher decode call unable to decode subcategory id.
- Override defaults in number_format.
publish_afterfield added to item, POST and PATCH updated.- Tests for POSTMAN, now up to 280 tests.
- /resource-types/[resource-type]/resources/[resource]/items collection updated to not include unpublished items.
- /resource-types/[resource-type]/items collection updated to not include unpublished items.
- /summary/resource-types/[resource-type]/resources/[resource]/items updated to not include unpublished items.
- /summary/resource-types/[resource-type]/items updated to not include unpublished items.
- search support added to /summary/resource-types/[resource-type]/resources/[resource]/items
descriptionadded to /summary/resource-types/[resource-type]/resources/[resource]/items?categories=true summarydescriptionadded to /summary/resource-types/[resource-type]/items?categories=true summarydescriptionadded to /summary/resource-types/[resource-type]/resources/[resource]/items?category=[category]&subcategories=truedescriptionadded to /summary/resource-types/[resource-type]/items?category=[category]&subcategories=true- Category, ItemCategorySummary and ItemSubCategorySummary transformers updated to new setup.
- Up the throttle limit.
- Don't format numbers in output, leave that to the apps.
- Moved fields validators.
- Moved route validators.
- Moved the class used to fetch GET parameters.
- Refactored the sort parameters code, added validation and the code now resides in its own class, now reusable.
- General refactoring, never happy with the design.
- Collection parameters not being passed through to the category transformer.
- Header indents incorrect for the v1.14.3 changelog entry.
- Description missing from /categories collection.
- Pagination helper not hashing subcategory value before adding to URI.
- Sort and search conditions added to pagination URIs.
- Section value cleared in changelog parser when new release found.
- Added Twitter social card summary to the landing page.
- Added
include-categoriesandinclude-subcategoriesparameters to /resource-types/[resource-type]/resources/[resource]/items collection.
postmanis now a supported value for thesourceparameter.
- Offset and Limit X headers added to collections.
- If X-Source exists in request header it is saved with the request so we can start tracking sources.
- Capture the id of the user that created an item.
sourcefilter added to /request/access-log.sourcefilter added to /summary/request/access-log/monthly.
- Upgraded
RequestLogTransformer, switching to a new system.
- Item subcategory collection and single item returning incorrect results.
- New route /summary/resource-types.
- New route /summary/resource-types/[resource-type]/resources.
- Sorting options added to /resource-types/[resource-type]/resources/[resource]/items collection.
- Content updates to the README, CHANGELOG and the landing page.
- GET parameter changed to include-resources for the resource-types route.
- GET parameter changed to include-subcategories for the categories routes.
- Item category and Item subcategory collections were not returning a collection.
- Content update, there are now multiple children.
- New route /resource-types/[resource-type]/items.
- Added
include-categoriesandinclude-subcategoriesparameters to /resource-types/[resource-type]/items route. - Added
year,month,categoryandsubcategoryparameters to /resource-types/[resource-type]/items route. - New route /summary/resource-types/[resource-type]/items.
- Added
resources,years,year,months,month,categories,category,subcategoriesandsubcategoryparameters to /summary/resource-types/[resource-type]/items route. - Added favicons for landing page.
- Updated the API landing page to point to the new website.
- Updated the README to include the new website URL.
- Private routes not updated correctly.
- Changelog endpoint not showing changes after format change.
- Renamed the route files, filenames relate to access, not the middleware that runs.
- Added flag to allow turning pagination on and off for collection OPTIONS requests.
- /request/log route now /request/access-log.
- /request/log/monthly-requests route now summary/request/access-log/monthly.
- /resource_types/[resource-type]/resources/[resource]/summary/tco now /summary/resource_types/[resource-type]/resources/[resource]/items.
- /resource_types/[resource-type]/resources/[resource]/summary/categories now /summary/resource_types/[resource-type]/resources/[resource]/items?category=all.
- /resource_types/[resource-type]/resources/[resource]/summary/categories/[category] now /summary/resource_types/[resource-type]/resources/[resource]/items?category=[category].
- /resource_types/[resource-type]/resources/[resource]/summary/categories/[category]/sub_categories now /summary/resource_types/[resource-type]/resources/[resource]/items?category=[category]&subcategory=all.
- /resource_types/[resource-type]/resources/[resource]/summary/categories/[category]/sub_categories/[sub-category] now /summary/resource_types/[resource-type]/resources/items?category=[category]&subcategory=[subcategory].
- /resource_types/[resource_type]/resources/[resource]/items/[item]/category/[item-category]/sub_category now /resource_types/[resource-type]/resources/[resource]/items/[item]/category/[item-category]/subcategory.
- /resource_types/[resource_type]/resources/[resource]/items/[item]/category/[item-category]/sub_category/[sub-category] now /resource_types/[resource-type]/resources/[resource]/items/[item]/category/[item-category]/sub_category/[subcategory].
- /categories/[category]/sub_categories now /categories/[category]/subcategories.
- /categories/[category]/sub_categories/[subcategory] now /categories/[category]/subcategories/[subcategory].
- resource_type switched to resource-types in all URIs
- OPTIONS request failure when collections do not support POST.
- OPTIONS request showing DELETE when not always valid.
- OPTIONS request methods now all use the same helper methods.
- Validation incorrect for categories, wrong rule being used.
- Unique index incorrect in category table.
- Removed /request/log, see changed.
- Removed /request/log/monthly-requests, see changed.
- Removed /resource_types/[resource-type]/resources/[resource]/summary/categories, see changed.
- Removed /resource_types/[resource-type]/resources/[resource]/summary/categories/[category], see changed.
- Removed /resource_types/[resource-type]/resources/[resource]/summary/categories/[category]/sub_categories, see changed.
- Removed /resource_types/[resource_type]/resources/[resource]/items/[item]/category/[item-category]/sub_category/[subcategory], see changed
- Removed /categories/[category]/sub_categories now /categories/[category]/subcategories, see changed.
- Removed /categories/[category]/sub_categories, see changed.
- Removed /categories/[category]/sub_categories/[subcategory], see changed.
- Removed /resource_types/[resource-type]/resources/[resource]/summary/tco, see changed.
- Removed /resource_types/[resource-type]/resources/{[resource]/expanded_summary/categories.
- All messages and strings (route descriptions, fields in OPTIONS requests, error messages) localised.
- Added additional helper methods to the Utilities\Response class.
- Non 200/201 responses returned via the Utilities\Response class.
- Upgraded to the latest version of Laravel 5.7.
- Not found responses not consistent with their error messages.
- Removed route descriptions config file, no longer necessary.
- Updated format of changelog, follows the format defined at https://keepachangelog.com/en/1.0.0/
- Utilities\Response class name incorrect.
- Categories linked to private resource types don't display if not authenticated.
- Moved some configuration values into
.env, no need for them to exist in config directly. - Removed some rogue
usestatements.
- Updated copyright, now 2018-2019.
- Added
declare(strict_types=1)to all non framework files. - Added missing return types and method param hints.
- Reviewed PATCH support for items, made a few minor changes to catch more errors.
- Moved helper redirects from base controller to utility class.
- Moved transformer classes, now sit below the models.
- Updated how OPTIONS are generated for show requests, easier to define all route options.
- Updated README, setup and planned development.
- Correction to query, not using the params passed into the method.
- Altered the query for the expanded summary, now begins at subcategories and shows categories without items.
- OPTIONS request not showing PATCH options.
- Added an expanded-summary categories route.
- Initial support for PATCHing, to start /resource_types/{resource_type_id}/resources/{resource_id}/items/{item_id}.
- Added initial support for private resource types, if a valid bearer exists private resource types are shown.
- Updates to README around expected responses.
- Renamed route validation helper methods, now clearer when shown in context.
- New route, request/log/monthly-requests number of logged requests per month.
- Category name needs to be unique for the resource type.
- Route corrections, some routes using unnecessary middleware.
- Total count missing from HEAD for changelog.
- Validation errors nesting fields property twice.
- Allowed values methods renamed without updating calls in create methods, throwing an error.
- Validator base class not set correctly.
- Added resource_type GET parameter to /categories route to filter results.
- Two options for changelog, markdown on GitHub and via API.
- Added Google Analytics to the landing page.
- Corrected CHANGELOG dates, I'm not from the future.
- Split routes up based on the middleware they require.
- Reworked how OPTIONS are generated, can now set
authenticated, new method is more expandable as new verbs are supported. - Moved request validators classes, no sit alongside route validators.
- POST to categories was not setting the selected resource type, using the default value.
- Updated database, a category is now a child of a resource type, not global.
- Updated categories collection and category, shows the resource type that category is assigned to.
- POST/resource_types/.../item/[item_id]/category updated to look at resource type.
- POST/categories now requires the resource_type_id to be set.
- Request log and Request error log now show created times.
- Minor updates to models.
- Added the ability to POST a request error to the API.
- Added request/error-log route.
- Added request/log route.
- Reworked pagination utility class.
- Modified HEADER links for pagination.
- Removed all code referencing PATCH and update, not ready to implement yet and may modify the design.
- Minor refactoring, the order of method params etc.
- Catch routing error, incorrectly return a 200.
- Corrected link to API from landing page.
- Added link to CHANGELOG on the landing page.
- Added latest release and version number to the landing page.
- Minor change to README.
- Added a /changlog route, parses and displays CHANGELOG.md.
- Added a landing page, links to the root of the API and GitHub.
- Simplify generating a basic OPTIONS request.
- Added Utility\Request helper class.
- Added Utility\Pagination helper class.
- Added Utility\General helper class.
- Corrected routes displayed in the root of the API.
- Booleans not being checked correctly.
- Split Hashids middleware, now ConvertGetParameters and ConvertRouteParameters.
- Added App\Http\Parameters\Get class to validate GET parameters, moved code from base controller.
- Added App\Http\Parameters\Route\Validate and child classes to validator route parameters.
- Updated controllers to use new App\Http\Parameters* classes.
- Added sub category parameter to /resource_types/{resource_type_id}/resources/{resource_id}/items.
- GET parameters are now validated, invalid values are silently removed.
- Minor refactoring.
- Added a helper method to the base controller to easily set usable GET parameters for collections.
- Updated the methods/logic for setting allowed values for GET parameters, it is capable of setting more than just the allowed values so all references have been updated to reflect intended usage.
- Updated the methods/logic for setting allowed values for POST parameters, it is capable of setting more than just the allowed values so all references have been updated to reflect intended usage.
- Added ability to set GET parameters in OPTIONS requests.
- Added year parameter to /resource_types/{resource_type_id}/resources/{resource_id}/items.
- Added month parameter to /resource_types/{resource_type_id}/resources/{resource_id}/items.
- Added category parameter to /resource_types/{resource_type_id}/resources/{resource_id}/items.
- ConvertHashIds middleware now automatically converts query params.
- /resource_types/{resource_type_id}/resources/{resource_id}/items route total count not using resource type and resources ids.
- Parameters not being passed through to pagination links.
- Pagination links incorrect URIs.
- Added a summary/years route for a resource.
- Added a summary/years/{year} route for a resource.
- Added a summary/years/{year}/month route for a resource.
- Added a summary/years/{year}/month/{month} route for a resource.
- Override exceptions, always return json.
- Correct sub category queries, joins incorrect.
- Added four summary routes for a resource, categories collection, category, subcategories collection and subcategory.
- Minor updates to config files.
- Categories and subcategories endpoints now returns results in alphabetical order.
- Code style updates.
- Added summary/tco route for a resource.
- Added planned development section to README.
- Added summary route section to README.
- Added URL for the live site to README.
- Modified the prefix for routes, simplify to v1, will be hosted on an API subdomain.
- Set default values in env.example.
- Added web.config for Azure.
- Added include_sub_categories GET param for categories collection and single show.
- Collections return data showing newest first.
- OPTIONS requests no longer shows PATCH request fields, not yet implemented.
- Show action/Options show action will return resource not found for invalid final ids.
- GET Parameters can now be set for collections and items.
- Other minor fixes and updates.
- Log requests to the API, GET and OPTIONS only.
- Disable register route.
- Updated README, routes layout.
- API feature complete for release, not being released yet, real life in the way.
- Added initial pagination to item controller.
- Added Hash utility class to centralise all the encoding and decoding.
- Added Http/Route/Validator classes to validate route params in controllers.
- Reworked relationship for item subcategory and relevant controller updates.
- Added delete endpoints.
- All route params are validated for each request.
- Updated ConvertHashIds middleware, returns 'nill' for values which can't be decoded, useful for later checks.
- Updated OPTIONS requests, added required Yes/No flags.
- Added ability to define allowed values for fields.
- Updated validation errors, now the same format as OPTIONS requests and shows allowed values if defined.
- Removed response envelopes.
- Non-2xx responses are more consistent.
- Added a responses section to the README that details the expected responses and formats.
- Reworked the id hashing, added middleware and slightly improved encoding although I need to DRY the code, looking at you, transformers, validators and base controller.
- Moved API config files into a subfolder to separate them from Laravel.
- Added a version config, for post-release, includes the API prefix.
- Redirect client if they request /.
- Reworked the validation helpers.
- Added initial get parameters code.
- Added validation helpers.
- Added model transformers.
- Added migrations and models.
- Added initial pagination HEADERS.
- Moved definition of fields, validation rules, validation message etc. into config/routes.
- Added generic code to create OPTIONS requests
- Mocked the Category, Sub Category, Resource type, Resource and Item controllers.
- Added Passport.
- Initial setup, git housekeeping etc.