For example, a port services company has several offices around the world. What is the best schema to represent both company and offices?
Should I use Organization for both and relate the offices to the company through parentOrganization?
Yes, I think the parentOrganization (or for the other direction: subOrganization) property should be used here.
Each office should probably be a LocalBusiness, which allows you to provide opening hours (e.g., with openingHoursSpecification); something which Organization doesn’t allow.
Related
Basing on the naming conventions found here : https://restfulapi.net/resource-naming/ , I have a particular question to which I can not find an answer.
Taking the example of customers and accounts where sub-collection resource “accounts” of a particular “customer” can be identified using the URN “/customers/{customerId}/accounts” , how do I find accounts for multiple customer IDs? What are the naming conventions for such a case?
Is the only option to use filters? eg: customers/accounts?customerId=12,22
I tend to avoid filters and keep everything as a urn and keep the implementation of the backend system hidden. e.g. this
customers/accounts?customerId=12,22
means the client needs to know that customers are represented in the system by a variable called customerId. Clients shouldn't need to know that. They just need to know that customers have numbers, IMHO anyway.
This answer shows a solution for your situation, which would look like:
customers/accounts/12,22
although to keep it in line with the domain, where customers have ids and associated accounts, it would look like:
customers/12,22/accounts
and your backend framework would give you the list of customer 'numbers' from the url and at that point they become customerIds.
Not all frameworks may support arrays in paths but pick the right tool for the job and you can design your API to be elegant and a good match for your domain.
This is a more of an architectural question. And I am rather new two Rest.
Let's assume these resources /offers and /offers/:id.
And the offer does have a single connection to an organization.
My first thought was creating a resource: /offers/:id/organization
This would be singular, because it feels unnatural to call the resource in plural, when there is always only one element returned.
First question: Would you always use plural no matter what?
This /offers/:id/organization/:id seems to be useless, because there is only one organization linked to the offer.
To make things complicated. The organizations need to be a separate resource as well: /organizations and /organizations/:id.
So basically I have to ways to achieve my goal.
I could get the /offers. And then with the retrieved organizationId get /organization/:id. Or I could nest the organization into the offer that I get everything in one request either /offers or /offers/:id.
The second option would potentially get rid of /offers/:id/organization(s).
Except I wanted to get the organization by the offerId and not be the organizationId. (One organization has cn offers).
Second question: When there is a standalone resource, i.e /organization, should I bother of implementing a nested resource as well /offer/:id/organization(s).
There is also the issue of how to implement the services (i am using jersey) if the organization is available at /offers/:id/organization(s) but that is probably a Question on its own.
Any thoughts?
As usually, it depends.
If your offer has only a single organization
/offers/:id/organization
is fine, because that is how your domain-model works.
This is different at
/organizations/:id/offers/:id
because, so I suspect, an organization could have multiple offers. So the id makes sense, also the resource /organizations/:id/offers, what are all offers for this organization.
You could implement
/offers/organization/:id
what could redirect to /organizations/:id/offers because it is semantically the same.
Let's suppose I'm creating a sales management tool for company FooBar.
FooBar has a list of customers that are divided into four different regions. North, South, East, and West.
The sales managers for each region should be able to access the customers for their own particular region, but not other regions. There is also a national sales manager that has access to all the customers.
What is the best way to expose the customers resource? Is it appropriate to have a single access point of /api/customers that only returns the customers which that manager has access to? Is it normal for a URI to return completely different data sets depending on who is requesting?
The /api/region/customers approach seems wrong because the regions are subject to change, tje customers can move between regions, and it would require multiple requests to get the master list for the national director.
Is there a pattern name for what I'm describing? I've tried searching but I must not be using the correct names.
Since the request for /api/customers will be different for different users (Cookie header will be different, if you use cookies for session handling), it is perfectly fine to return different data.
Most of the examples I see implement REST URL patterns like http://www.app.com/books/1 to access a book with ID 1 or http://www.app.com/books to access all the books.
That's great, but commonly I work on applications that support multiple companies. For example, Company ABC has 2 users and Company DEF has 2 users. A user from company ABC creates a book with id 100. Now when a RESTful call comes in from a user at company DEF:
http://www.app.com/books/100
there would need to be an Access exception, or
http://www.app.com/books
would only list all books belonging to DEF (not the new book with id 100). For many entities, like Book, the company ID is part of the table, but for other entities that may not be the case. For example, if there was a REST operation for one chapter in a book, http://www.app.com/chapter/333 the chapter table would have a foreign key reference to the book but not the company.
What would best practices be for managing access to this resource? If somebody from DEF tried to access a chapter from ABC I would have to construct a query to join the chapter to the book to verify the company id was valid.
I'm using Grails 3.x where most of this logic is abstracted and thinks happen "automagically". So a URL that comes in for a specific book ID is returned automatically and the request to list all returns every book in the database. It seems that to proceed I would have to override most of this automatic functionality and implement my own security, perhaps in the service layer where the company id would be a required parameter for every operation. Does that sound reasonable?
Is there an established best practice for this sort of thing?
Don't know if it fits your needs but it's interesting to know there is an ACL plugin written by Burt Beckwith :
Spring Security ACL Plugin
I am creating a multi-tenant (shared-schema) database for a SaaS application. The application will allow the subscribing company (the tenant) to collaborate with other companies (accounts – such as vendors, business partners, customers, etc.). Users will be associated with both the tenant and the accounts.
Here is my question: from a design perspective, is it okay to put the tenants and accounts in one table? I’m thinking “yes” because a company is a company regardless of whether they are a tenant or an account. Further, I was thinking of deciphering a tenant with a field such as is_tenant (Boolean) and perhaps put tenant specific information in a separate table. Here is a proposed schema:
companies (company_id, is_tenant, name, address, etc.)
users (user_id, name, email, username, password, etc.)
company_users (company_id, user_id)
tenant_information (company_id, billing_address, billing_state, etc.)
tenant_accounts (tenant_id, account_id) – associates tenants with accounts [where tenant_id and account_id would be f_keys to the companies table]
I read through the MS article, Multi-Tenant Data Architecture and, while helpful, it was short on providing an answer.
Any additional thoughts/comments/pitfalls regarding this schema would be greatly appreciated.
Thanks in advance.
I would also agree with that... if all the properties are same, then there is no need to create another table (data contract) for that.
We are also using something of that sort. In a SAAS framework you always need to be careful in creating tables otherwise it will take a huge effort to refactor & migrate.
I have a question though! Cant see any "Company_Information" table which will have company specific info (which are not your tenants)