openbankproject / api-manager Goto Github PK
View Code? Open in Web Editor NEWA Django project to manage the Open Bank Project API via API Calls
License: GNU Affero General Public License v3.0
A Django project to manage the Open Bank Project API via API Calls
License: GNU Affero General Public License v3.0
To access the KPI Dashboard of the API Manager, the roles CanGetConsumers and CanGetAnyUser are required. Error handling does not work for this: If these roles are not given, "Internal Server Error (500)" is displayed and Gunicorn will throw an error in the logs.
it should accept a username in a field
API Manager currently uses a database to check if the user is logged and for general session management. Maybe this can be accomplished completely by cookies and no database is required at all?
to_date takes the time at which the server was started and does not update the time when the KPI Dashboard date is loaded.
We need to check the user has create role and delete entitlmement request before doing the action.
Else we end up in inconsistant state.
Is this due to recent change in consumers json?
(filter by UserId seems to work ok)
Know your developers
Know your APIs
List of all existing partial function + count (how many time they have been called)
Know Your Consumers
Distribution of
Monthly (or weekly) Growth rate
This tab will allow a user to see details about him/her self
Will allow a super admin to easily give them selves other roles.
Should be based on the Users tab.
It might be advantageous to use Django's model layer to handle the data retrieved from the API. Using that, common packages like django-filters
could be used.
The filters and the table are not really responsive.
@simonredfern requested: The API has a call to get connector metrics (https://apiexplorer.openbankproject.com/#2_2_0-getConnectorMetrics). Add this to the API Manager, make the current navigation item 'Metrics' a menu with two items: 'API Metrics' (current functionality) and 'Connector Metrics' (new functionality, but might share query possibilities with API Metrics).
Similar to API Tester, API Manager should also support DirectLogin and GatewayLogin
listing all users is too slow.
Also should be able to search by username as well as email
Currently the app uses the API's Get Users by Email Address
to implement the user detail view. From the returned list, it just takes the first item. This is obiously not ideal.
@simonredfern Is there a call to get an individual user?
If not, i'd like to suggest a new call Get User by User ID
using /user/USER_ID
.
There is a problem on legacy systems, though: apisandbox has quite a few users where /users
returns an empty user_id. How could we get those?
When an entitlement request has been accepted or declined an email should be sent to the requesting user.
Subject:
OBP Entitlement Request for the Role <Accepted/Declined>
Text should read:
The Entitlement Request for the Role has been <Accepted/Declined>.
cheers,
See OpenBankProject/OBP-API#770. The accessed key users
in the view may need changing to value
.
Port authentication and API usage from API Tester to API Manager.
Show first 80 chars
First item under "Resources" menu item is Customer
From an old example the names client key and client secret have been taken over. Replace these by consumer key and consumer secret to avoid confusion with other implementations, as those seem to be the proper names. See https://tools.ietf.org/html/rfc5849
OBP-API enhancement #815 Limit for getUsers implies response is limited to 50 users by default.
We need to enhance the form in order to support pagination.
Branches page should be under the new "Resources" menu item.
List Branches
Add Branch
Delete Branch
Update Branch.
Use OBP Branches APIs
Search for Users button doesn't seem to work (Firefox Mac)
Have to hit enter key for search to work.
Also buttton should be to the right (not left) of search box
Also field text button says we have to enter email address - but username works as well.
Initially requested by @simonredfern
We need to support add,remove and get entitlements.
https://apiexplorersandbox.openbankproject.com/?ignoredefcat=true&tags=#2_0_0-addEntitlement
https://apiexplorersandbox.openbankproject.com/?ignoredefcat=true&tags=#2_0_0-deleteEntitlement
https://apiexplorersandbox.openbankproject.com/?ignoredefcat=true&tags=#2_0_0-getEntitlements
This would be part of the Users tab
Add per second call limits to
@ichaib experienced this issue on 2017-03-31, shortly before 5pm. At this time, the API had Akka future timeouts and the API Manager (nginx) threw a 502 after a while. The API Manager should resolve the situation more gently, although the author of this issue has the suspicion that on these occasions the whole machine becomes unresponsive and there is nothing the API Manager can do about, except for being installed on a different machine than the API. Needs more investigation.
APIError 500: Something unexpected happened while serving the page at /obp/v3.0.0/users/6c34413c-0148-44be-9113-9e8c56789eef/entitlements
This might be related to an error on OBP-API with CanGetConnectorMetrics ??
If the API does not accept a (previously used?) token, requests_oauthlib
throws a TokenRequestDenied
. This should not result in a 500 by API Manager. It should probably just forward the error message to the user.
API Manager shows "User None" for some users without any providerId. For example on the labanquepostale sandbox https://labanquepostale-manager.openbankproject.com/users/all/user_id/0810918b-d4a7-4c5f-8cd3-e3defc8d8f6a#
... clicking on the name of partial function should take the user back to the list view and only show the calls to that partial function (with other search criteria still there).
This would allow us to see the details related to that call e.g. response codes etc.
Now that the API has added a user object to the consumer, the user's email address should be shown next to the developer email address on the consumer detail page.
The developer email address can be removed from consumer list page (proably replaced by description not needing its own row anymore)
Add page to list Entitlement Requests.
Each row will contain
Username (includes link to User), Email, Role Requested. Accept Button, Reject Button.
When Accept Button is pressed:
When Reject button is pressed
The list views consumers
,users
and metrics
could be made sortable by using a tablesorter plugin for jQuery, e.g. http://tablesorter.com
https://apimanagersandbox.openbankproject.com/entitlementrequests/?time=year
seems not to show most recent entitlement requests
Somehow a user accessed /oauth/authorize
without oauth credentials in session data.
KeyError at /oauth/authorize
'oauth_token'
...
File "/var/www/apimanager/API-Manager/apimanager/oauth/views.py" in get_redirect_url
79. resource_owner_key=self.request.session['oauth_token'],
self.request.session.get('oauth_token', '')
should be more defensive.
When accessing the API, sometimes requests end up in a 500 response from it, e.g. when accessing /
, /metrics
or /users
. The view should catch the APIError
exception and propably show it to the user.
The listing of entitlements should show bank_id (or not if it is empty)
Instead of using multiple functions to call the API, put it all into a class at base/api.py .
Also move more error handling into that class.
Instead of the extra dependency of supervisor
, gunicorn
's lifecycle could also be handled by systemd
which is running on all modern systems anyway. So please add a unit file, see https://raw.githubusercontent.com/OpenBankProject/OBP-Kafka-Python/master/obp-kafka-python.service for an example.
Note to admin: Needs to be configured on sandboxes after addition. Sandbox image needs to updated as well.
A manager should be able to create a customer for a user using call createCustomer. user_id
could be a select which shows user_id and username. API docs says This call may require additional permissions/role in the future. For now the authenticated user can create at most one linked customer.
tho, maybe the API needs to be extended.
Listing of customers seems to be only possible for the logged in user, so not applicable here.
Deleting or editing also currently seems impossible.
Keeping @simonredfern in the loop.
As requested by @simonredfern , the metrics should get a view to show some sort of summary in addition to text-centric list view. It should start with a bar chart with implemented by partial function
on y- and count
on x-axis. The filter form should be available in both views.
D3.js could be used for that. Or Chart.js
verify should come from settings and default to true e.g.
response = session.request(method, url, json=payload, verify=False)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.