-
Notifications
You must be signed in to change notification settings - Fork 0
Martim de Carvalho e Sousa Pinto da Silva edited this page Jun 12, 2020
·
1 revision
The project consists in developing a global marketplace which specializes in the sale of gaming related digital products using redemption keys.
By the end of the seventh iteration, it will be already established:
- The routes and endpoints of the platform
- All actions are defined as well as the technology used for that action. The input parameters that should be included in the HTTP requests are also included
- The permission of access to this routes
- JSON response are identified and defined
| M01: Authentication and register | Resources associated with user authentication and sign in into the platform |
| M02: Individual user profile | Resources associated with personal information and property acquired/sold management |
| M03: Administration | Resources associated with the administration interface |
| M04: Product Search and interaction | Resources associated with the product searching in the website and the pages describing each product |
| M05: Cart and checkout | Resources associated with the personal shopping cart and the checkout process |
| M06: Offer | Resources associated with offer placement/canceling and discounts |
| M07: Social Interaction | Resources associated with the community part of the website includes reporting and feedback. |
| M08: Static Pages | Static resources of the platform. |
| PUB | Public | Group of users without any permission on the platform |
| ATHUSER | Authenticated User | User which login was successful. Has the privilege to access to his personal account information. |
| ATVUSER | Active User | Authenticated user which is not banned. Has full privileges in the platform such as selling and buying products |
| BUY | Buyer | Active User that after buying a product acquires privileges in the bought he made, such as possibility to submit reports and feedback |
| SELL | Seller | Active User that after publishing an offer acquires privileges in the offer he made, such as possibility to cancel and edit it |
| BAN | Banned User | Authenticated user that because of it behaviour has is privileges in the website reduced |
| ADM | Administrator | Administrator is a special type of user which have all privileges of adding/editing and removing content |
- R101: Login Form[/login]
- R102: Login Action [/login]
- R103: Register Form[/register]
- R104: Register Action [/register]
- R105: Login with Google Action [/login]
- R106: Register with Google Action [/register]
- R107: Admin Login Form [/admin/login]
- R108: Admin Login Action [/admin/login]
- R109: Logout User[/logout]
- R110: Logout Admin[/admin/logout]
- R111: Password Recovery Form[/password/reset]
- R112: Password Reset Link Form[/password/reset/{token}]
- R113: Password Reset Action[/password/reset]
- R114: Send Recovery Link Action[/password/email]
| URL | /login |
| Description | Page with a form to login. |
| Method | GET |
| UI | UI07 Sign in/up |
| Submit | R102 |
| Permissions | PUB |
| URL | /login | |
| Description | Action to submit the login request. | |
| Method | POST | |
| Request Body | +username: string | Username to check login |
| +password: string | Password to check login | |
| Redirects | Current page | Success |
| Login page | Error | |
| Permissions | PUB |
| URL | /register |
| Description | Page with a form to register to a user account. |
| Method | GET |
| UI | UI07 Sign in/up |
| Submit | R104 |
| Permissions | PUB |
| URL | /register | |
| Description | Action to submit the register request. | |
| Method | POST | |
| Request Body | +username: string | Username to be used |
| +email: string | Email to be used | |
| +birthDate: date | Birth date to be used | |
| +password: string | Password to be used | |
| +password_confirmation: string | Password to checked against password | |
| Redirects | Current page | Success |
| Sign up page | Error | |
| Permissions | PUB |
| URL | /login | |
| Description | Action to submit the login request. | |
| Method | POST | |
| Request Body | +username: string | Username to check login |
| +password: string | Password to check login | |
| Returns | 200 OK | The login is successful and the login modal is closed |
| 400 Bad Request | The form is malformed | |
| 401 Unauthorized | The login was wrong. A message broadcasting the error is displayed in the modal | |
| Permissions | PUB |
| URL | /register | |
| Description | Action to submit the register request. | |
| Method | POST | |
| Request Body | +username: string | Username to be used |
| +email: string | Email to be used | |
| +birthDate: date | Birth date to be used | |
| +password: string | Password to be used | |
| +password_confirmation: string | Password to checked against password | |
| Returns | 200 OK | Success |
| 400 Bad Request | The form is malformed | |
| Permissions | PUB |
| URL | /admin/login or /admin |
| Description | View with the admin login form |
| Method | GET |
| UI | UI19 (Admin Page - Login) |
| Submit | R108 |
| Permissions | PUB |
| URL | /admin/login | |
| Description | Action to submit the admin login request. | |
| Method | POST | |
| Request Body | +username: string | Username to check login |
| +password: string | Password to check login | |
| Redirects | R301 | Success |
| R107 | Error | |
| Permissions | PUB |
| URL | /logout | |
| Description | Action to submit the logout request. | |
| Method | POST | |
| Redirects | R401 | Success |
| Permissions | AUTHUSER |
| URL | /admin/logout | |
| Description | Action to submit the logout request for an admin account. | |
| Method | POST | |
| Redirects | R107 | Success |
| Permissions | ADM |
| URL | /password/reset |
| Description | View that allows to recovery password using a recovery email. |
| Method | GET |
| UI | |
| SUBMIT | R114 |
| Permissions | PUB |
| URL | /password/reset/{token} |
| Description | View that allows to recovery password using a recovery email. |
| Method | GET |
| Parameters | +token: string |
| UI | |
| SUBMIT | R113 |
| Permissions | PUB |
| URL | /password/reset | |
| Description | Action to reset the password | |
| Method | POST | |
| Request Body | +newPassword: string | New account password |
| Redirects | R401 | Success |
| Permissions | PUB |
| URL | /password/email | |
| Description | Action to send the recovery email password | |
| Method | POST | |
| Request Body | +email: string | Target account email |
| Redirects | R401 | Success |
| Permissions | PUB |
- R201:User Homepage/User Edit View [/user/{username}]
- R202:User Purchases View [/user/purchases]
- R203:User Offers View [/user/{username}/offers]
- R204:User Reports View [/user/reports]
- R205:User Delete Action [/user]
- R206:User Delete Profile Picture Action[/user/image]
- R207:User Update Action [/user]
| URL | /user/{username} | |
| Description | View that works simultaneously as user profile homepage but also user edit profile. | |
| Method | GET | |
| Parameters | +username: string | Username of the user |
| UI | UI10 (User Page - Account - As own user) | |
| AJAX Calls | R205 | Called when deleting the account. |
| R206 | Called when the user deletes his profile photo. | |
| R207 | Called when the user deletes his profile photo. | |
| Permissions | ATHUSER |
| URL | /user/purchases | |
| Description | View with the purchases done. | |
| Method | GET | |
| UI | UI11 (User Page - Purchases - As own user) | |
| Permissions | BUY or BAN |
| URL | /user/{username}/offers | |
| Description | View the offers that either active or already sold out(own profile only). | |
| Method | GET | |
| Parameters | +username: string | Username of the user |
| UI | UI12 (User Page - Offers - As own user) | |
| Permissions | PUB or ATHUSER |
| URL | /user/reports | |
| Description | View the reports that an user made. | |
| Method | GET | |
| UI | UI13 (User Page - Reports) | |
| Permissions | ATHUSER |
| URL | /user | |
| Description | Action to submit the account delete request. | |
| Method | DELETE | |
| Request Body | +password: string | Password to check the account |
| Returns | 200 OK | Success |
| 400 Bad Request | Invalid information given | |
| 401 Unauthorized | Not allowed | |
| 404 Not Found | User not found | |
| Permissions | ATHUSER |
| URL | /user/image | |
| Description | Action to delete a profile picture. | |
| Method | DELETE | |
| Returns | 200 OK | Success |
| 400 Bad Request | Invalid information given | |
| 401 Unauthorized | Not allowed | |
| 404 Not Found | User image not found | |
| Permissions | ATHUSER |
| URL | /user | |
| Description | Action executed when an update to the user personal information occurs. | |
| Method | POST | |
| Request Body | ?description: string | New description to update the profile |
| ?currentPassword: string | Password to check the account | |
| ?newPassword: string | New password | |
| ?newPassword_confirmation: string | New password | |
| ?newPhoto: file | New profile photo | |
| ?newEmail: string | New email address | |
| ?newPaypalAddress: string | New paypal address | |
| Returns | 200 OK | Success |
| 400 Bad Request | Invalid information given | |
| 401 Unauthorized | Not allowed | |
| 404 Not Found | User not found | |
| Permissions | ATHUSER |
- R301: Admin Homepage [/admin]
- R302: Products Listing View [/admin/product]
- R303: Products Listing Action[/api/admin/product]
- R304: Product Insertion Form View [/admin/product/form]
- R305: Product Add Action [/admin/product]
- R306: Product Update View [/admin/product/{id}]
- R307: Product Update Action[/admin/product/{id}]
- R308: Product Remove Action[/admin/product/{id}]
- R309: Categories Listing View [/admin/category]
- R310: Categories Listing Action [/api/admin/category]
- R311: Categories Add Action [/admin/category]
- R312: Categories Remove Action [/admin/category/{id}]
- R313: Categories Update Action [/admin/category/{id}]
- R314: Genres Listing View [/admin/genre]
- R315: Genres Listing Action [/api/admin/genre]
- R316: Genres Add Action [/admin/genre]
- R317: Genres Remove Action [/admin/genre/{id}]
- R318: Genres Update Action [/admin/genre/{id}]
- R319: Platforms Listing View [/admin/platform]
- R320: Platforms Listing Action [/api/admin/platform]
- R321: Platforms Add Action [/admin/platform]
- R322: Platforms Remove Action [/admin/platform/{id}]
- R323: Platforms Update Action [/admin/platform/{id}]
- R324: Users Listing View [/admin/user]
- R325: Users Listing Action [/api/admin/user/list]
- R326: Users Update Action [/admin/user/{id}]
- R327: Reports Listing View [/admin/report]
- R328: Reports Listing Action [/api/admin/report]
- R329: Transactions Listing View [/admin/transaction]
- R330: Transactions Listing Action [/api/admin/transaction]
- R331: Reviews Listing View [/admin/review]
- R332: Reviews Listing Action [/api/admin/review]
- R333: Reviews Remove Action [/admin/review/{id}]
- R334: FAQ Listing View [/admin/faq]
- R335: FAQ Listing Action [/api/admin/faq]
- R336: FAQ Add Action [/admin/faq]
- R337: FAQ Update Action [/admin/faq/{id}]
- R338: FAQ Remove Action [/admin/faq/{id}]
| URL | /admin | |
| Description | View the Admin homepage. | |
| Method | GET | |
| Returns | UI18 (Admin Page - Dashboard) | |
| Permissions | ADM |
| URL | /admin/product | |
| Description | Page that will allow the user to navigate through and choose products. | |
| Method | GET | |
| UI | UI06 (Admin Page - Dashboard) | |
| AJAX Calls | R303 | Called by the platform on the page rendering process and when searching. |
| R308 | Called when removing a product. | |
| Permissions | ADM |
| URL | /api/admin/product | |
| Description | Request to return the list of products information. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging. |
| ?query: string | String to use as element of searching. | |
| Response Body | JSON303 | |
| Permissions | ADM |
| URL | /admin/product/form | |
| Description | View to insert a new product. | |
| Method | GET | |
| UI | UI21 (Admin Page - Add/Edit Product) | |
| Submit | R305 | |
| Permissions | ADM |
| URL | /admin/product | |
| Description | View to insert a new product. | |
| Method | PUT | |
| Request Body | +productName: string | Name of the new product |
| +gameDescription: string | Text with the description for the product | |
| +genres: array | Array of id of genres | |
| +platforms: array | Array of id of platforms | |
| +categoryId: array | Id of game category | |
| +photo: file | Photo that describes the game | |
| Redirects | R302 | Success |
| Permissions | ADM |
| URL | /admin/product/{id} | |
| Description | View to update the product information. | |
| Method | GET | |
| Parameters | +id: integer | Product id |
| UI | UI21 (Admin Page - Add/Edit Product) | |
| Submit | R307 | |
| Permissions | ADM |
| URL | /admin/product/{id} | |
| Description | Action to update a product information. | |
| Method | POST | |
| Parameters | +id: integer | Id of the product to update |
| Request Body | +productName: string | Name of the product |
| +gameDescription: string | Text with the description for the product | |
| +genres: array | Array of id of genres | |
| +platforms: array | Array of id of platforms | |
| +categoryId: array | Id of game category | |
| ?photo: file | Photo that describes the game | |
| Redirects | R302 | Success |
| Permissions | ADM |
| URL | /admin/product/{id} | |
| Description | Action to remove a product. | |
| Method | DELETE | |
| Parameters | +id: integer | Id of the product to remove |
| Redirects | R302 | Success |
| Returns | 400 Bad Request | Product could not remove product |
| Permissions | ADM |
| URL | /admin/category | |
| Description | View with the list of the categories in the system. | |
| Method | GET | |
| AJAX Calls | R310 | Called in the rendering of the page. |
| R311 | Used while adding a new category. | |
| R312 | Called when a deletion is executed. | |
| R313 | Called when a update occurs. | |
| Permissions | ADM |
| URL | /api/admin/category | |
| Description | Request to return the information about categories. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging |
| Response Body | JSON311 | |
| Permissions | ADM |
| URL | /admin/category | |
| Description | Action to insert a new category. | |
| Method | PUT | |
| Request Body | +categoryName: string | Name of the new category |
| Returns | 200 OK | The category submission was successful |
| 400 Bad Request | The category submission had an error | |
| 401 Unauthorized | The insertion of the category was refused | |
| Response Body | JSON300 | |
| Permissions | ADM |
| URL | /admin/category/{id} | |
| Description | Action to remove a category. | |
| Method | DELETE | |
| Parameters | +id: integer | Id of the category to remove |
| Returns | 200 OK | The category deletion was successful |
| 400 Bad Request | The category deletion had an error | |
| 401 Unauthorized | The deletion of the category was refused | |
| 404 Not Found | Category not found | |
| Permissions | ADM |
| URL | /admin/category/{id} | |
| Description | Action to update a category. | |
| Method | POST | |
| Parameters | +id: integer | Id of the category to update |
| Request Body | +categoryName: string | Name of the new category |
| Returns | 200 OK | The category update was successful |
| 400 Bad Request | The category update had an error | |
| 401 Unauthorized | The update of the category was refused | |
| 404 Not Found | Category not found | |
| Permissions | ADM |
| URL | /admin/genre | |
| Description | View with the list of the genres in the system. | |
| Method | GET | |
| AJAX Calls | R315 | Called in the rendering of the page. |
| R316 | Used while adding a new genre. | |
| R317 | Called when a deletion is executed. | |
| R318 | Called when a update is made. | |
| Permissions | ADM |
| URL | /api/admin/genre | |
| Description | Request to return the information about genres. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging |
| Response Body | JSON315 | |
| Permissions | ADM |
| URL | /admin/genre | |
| Description | Action to insert a new genre. | |
| Method | PUT | |
| Request Body | +genreName: string | Name of the new genre |
| Returns | 200 OK | The genre submission was successful |
| 400 Bad Request | The genre submission had an error | |
| 401 Unauthorized | The insertion of the genre was refused | |
| Response Body | JSON300 | |
| Permissions | ADM |
| URL | /admin/genre/{id} | |
| Description | Action to remove a genre. | |
| Method | DELETE | |
| Parameters | +id: integer | Id of the genre to remove |
| Returns | 200 OK | The genre deletion was successful |
| 400 Bad Request | The genre deletion had an error | |
| 401 Unauthorized | The deletion of the genre was refused | |
| 404 Not Found | Genre not found | |
| Permissions | ADM |
| URL | /admin/genre/{id} | |
| Description | Action to update a genre. | |
| Method | POST | |
| Parameters | +id: integer | Id of the genre to update |
| Request Body | +genreName: string | Name of the new genre |
| Returns | 200 OK | The genre update was successful |
| 400 Bad Request | The genre update had an error | |
| 401 Unauthorized | The update of the genre was refused | |
| 404 Not Found | Genre not found | |
| Permissions | ADM |
| URL | /admin/platform | |
| Description | View with the list of the platforms in the system. | |
| Method | GET | |
| AJAX Calls | R320 | Called in the rendering of the page. |
| R321 | Used while adding a new platform. | |
| R322 | Called when a deletion is executed. | |
| R323 | Called when a update is made. | |
| Permissions | ADM |
| URL | /api/admin/platform | |
| Description | Request to return the information about platforms. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging |
| Response Body | JSON320 | |
| Permissions | ADM |
| URL | /admin/platform | |
| Description | Action to insert a new platform. | |
| Method | PUT | |
| Request Body | +platformName: string | Name of the new platform |
| Returns | 200 OK | The platform submission was successful |
| 400 Bad Request | The platform submission had an error | |
| 401 Unauthorized | The insertion of the platform was refused | |
| Response Body | JSON300 | |
| Permissions | ADM |
| URL | /admin/platform/{id} | |
| Description | Action to remove a platform. | |
| Method | DELETE | |
| Parameters | +id: integer | Id of the platform to remove |
| Returns | 200 OK | The platform deletion was successful |
| 400 Bad Request | The platform deletion had an error | |
| 401 Unauthorized | The deletion of the platform was refused | |
| 404 Not Found | Platform not found | |
| Permissions | ADM |
| URL | /admin/platform/{id} | |
| Description | Action to update a platform. | |
| Method | POST | |
| Parameters | +id: integer | Id of the platform to update |
| Request Body | +platformName: string | Name of the new platform |
| Returns | 200 OK | The platform update was successful |
| 400 Bad Request | The platform update had an error | |
| 401 Unauthorized | The update of the platform was refused | |
| 404 Not Found | Platform not found | |
| Permissions | ADM |
| URL | /admin/user | |
| Description | View with the list of the users in the system. | |
| Method | GET | |
| AJAX Calls | R325 | Called in the rendering of the page and when searching users. |
| R326 | Called when a ban/unban is executed. | |
| Permissions | ADM |
| URL | /api/admin/user | |
| Description | Request to return the list of users. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging. |
| ?query: string | String to use as element of searching. | |
| Response Body | JSON325 | |
| Permissions | ADM |
| URL | /admin/user/{id} | |
| Description | Action to ban/unban a user. | |
| Method | POST | |
| Parameters | +id: integer | Id of the genre to update |
| Request Body | +ban: boolean | Whether it is to ban or unban. |
| Returns | 200 OK | The user update was successful |
| 400 Bad Request | The user update had an error | |
| 401 Unauthorized | The update of the user was refused | |
| 404 Not Found | User not found | |
| Permissions | ADM |
| URL | /admin/report | |
| Description | View with the list of the reports in the system. | |
| Method | GET | |
| AJAX Calls | R328 | Called in the rendering of the page. |
| Permissions | ADM |
| URL | /api/admin/report | |
| Description | Request to return the list of reports. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging. |
| Response Body | JSON328 | |
| Permissions | ADM |
| URL | /admin/transaction | |
| Description | View with the list of the transactions in the system. | |
| Method | GET | |
| AJAX Calls | R330 | Called in the rendering of the page and when searching for transactions. |
| Permissions | ADM |
| URL | /api/admin/transaction | |
| Description | Request to return the list of transactions. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging. |
| ?query: string | String to use as element of searching. | |
| Response Body | JSON330 | |
| Permissions | ADM |
| URL | /admin/review | |
| Description | View with the list of the reviews in the system. | |
| Method | GET | |
| AJAX Calls | R332 | Called in the rendering of the page and when searching for reviews. |
| R333 | Called when deleting a review. | |
| Permissions | ADM |
| URL | /api/admin/review | |
| Description | Request to return the list of reviews. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging. |
| ?query: string | String to use as element of searching. | |
| Response Body | JSON332 | |
| Permissions | ADM |
| URL | /admin/review/{id} | |
| Description | Action to remove review. | |
| Method | DELETE | |
| Parameters | +id: integer | Id of the review to remove |
| Returns | 200 OK | The review deletion was successful |
| 400 Bad Request | The review deletion had an error | |
| 401 Unauthorized | The review of the category was refused | |
| 404 Not Found | Review not found | |
| Permissions | ADM |
| URL | /admin/faq | |
| Description | View with the list of the FAQs in the system. | |
| Method | GET | |
| AJAX Calls | R335 | Called in the rendering of the page. |
| R336 | Called when adding a FAQ. | |
| R337 | Called when updating a FAQ. | |
| R338 | Called when deleting a FAQ. | |
| Permissions | ADM |
| URL | /api/admin/faq | |
| Description | Request to return the list of FAQs. | |
| Method | GET | |
| Parameters | ?page: integer | Results paging. |
| Response Body | JSON335 | |
| Permissions | ADM |
| URL | /admin/faq | |
| Description | Action to insert a new FAQ. | |
| Method | PUT | |
| Request Body | +question: string | New question |
| +answer: string | New answer | |
| Returns | 200 OK | The FAQ submission was successful |
| 400 Bad Request | The FAQ submission had an error | |
| 401 Unauthorized | The FAQ of the platform was refused | |
| Response Body | JSON300 | |
| Permissions | ADM |
| URL | /admin/faq/{id} | |
| Description | Action to update a FAQ. | |
| Method | POST | |
| Parameters | +id: integer | Id of the FAQ to update |
| Request Body | +question: string | Updated question |
| +answer: string | Updated answer | |
| Returns | 200 OK | The FAQ update was successful |
| 400 Bad Request | The FAQ update had an error | |
| 401 Unauthorized | The update of the FAQ was refused | |
| 404 Not Found | FAQ not found | |
| Permissions | ADM |
| URL | /admin/faq/{id} | |
| Description | Action to remove a FAQ. | |
| Method | DELETE | |
| Parameters | +id: integer | Id of the FAQ to remove |
| Returns | 200 OK | The FAQ deletion was successful |
| 400 Bad Request | The FAQ deletion had an error | |
| 401 Unauthorized | The deletion of the FAQ was refused | |
| 404 Not Found | FAQ not found | |
| Permissions | ADM |
- R401: Website Homepage[/ or /home]
- R402: Products Listing [/search]
- R403: Product Page [/product/{id}/{platform}]
- R404: Listing Restriction [/search/filters]
- R405: Offers Ordering [/product/{id}/{platform}/offers]
| URL | / or /home | |
| Description | Main page of the website, with the most popular and most recent products. | |
| Method | GET | |
| UI | UI01 (Homepage) | |
| Permissions | PUB |
| URL | /search | |
| Description | Page that will allow the user to navigate through and choose products. | |
| Method | GET | |
| Parameters | ?page: integer | Current page searching |
| ?filters: array | Different types of search filters applied | |
| UI | UI06 (Product Searching) | |
| AJAX Calls | R404 | When updating filters or switching pages. |
| Permissions | PUB |
| URL | /product/{id}/{platform} | |
| Description | Page that will allow the user to see the product's information. | |
| Method | GET | |
| Parameters | +id: integer | ID of the product |
| +platform: integer | ID of the products platform | |
| UI | UI09 (Product Page) | |
| AJAX Calls | R405 | When getting more offers for the product. |
| R502 | Add an offer to the cart. | |
| Permissions | PUB |
| URL | api/product | |
| Description | Action that returns all products regarding the filters selected. | |
| Method | GET | |
| Parameters | ?query: integer | String inserted in the search bar with the search query |
| ?genres: array | Genres | |
| ?platforms: array | Platforms | |
| ?categories: array | Categories | |
| ?maxPrice: float | Maximum Price | |
| ?page: integer | Page | |
| ?orderingParameter: string | Order parameter to define the way the results of the search will be presented | |
| Response Body | JSON404 | |
| Permissions | PUB |
| URL | /api/product/{id}/{platform}/offers | |
| Description | Request to return a number of offers of the given product starting at a certain offer number. | |
| Method | GET | |
| Parameters | +id: integer | The id of the product |
| +platform: integer | The id of platform of the product | |
| ?orderingParameter: string | Order parameter to define the way the results of the search will be presented | |
| ?numberOffers: integer | Number of offers previously loaded | |
| Response Body | JSON405 | |
| Permissions | PUB |
- R501: Cart View [cart]
- R502: Cart Add [cart]
- R503: Cart Remove [/cart/{id}]
- R504: Checkout View [/cart/checkout]
- R505: Checkout Action [/cart/checkout]
| URL | /cart | |
| Description | View for the personal shopping cart. | |
| Method | GET | |
| UI | UI03 (Cart) | |
| AJAX Calls | R503 | When deleting an entry from the cart. |
| Permissions | PUB |
| URL | /cart | |
| Description | Action to submit a new offer into the cart. | |
| Method | PUT | |
| Request Body | +offerId: integer | Offer to insert into the personal cart. |
| Returns | 200 OK | The insertion of the item on the cart was successful. |
| 400 Bad Request | The insertion of the product was wrong. | |
| 401 Unauthorized | The insertion of the product was refused. | |
| Permissions | PUB or ATVUSER |
| URL | /cart/{id} | |
| Description | Action to remove an offer from the cart. | |
| Method | DELETE | |
| Parameters | +id: integer | ID of the cart entry we want to remove. |
| Returns | 200 OK | The deletion of the item on the cart was successful. |
| 400 Bad Request | The deletion of the product was wrong. | |
| 401 Unauthorized | The deletion of the product was refused. | |
| 404 Not Found | ID of the cart not found. | |
| Permissions | PUB or ATVUSER |
| URL | /cart/checkout | |
| Description | View the checkout form. | |
| Method | GET | |
| AJAX Calls | R503 | Used if the current step in the checkout procedure is the "confirm your order step" and the user deletes a offer from the cart. |
| Submit | R505 | |
| Permissions | ATVUSER |
| URL | /cart/checkout | |
| Description | Action to buy the items in the cart. | |
| Method | PUT | |
| Request Body | +name: string | Name to which the bill will be addressed. |
| +email: string | Email address to which the bill will be addressed. | |
| +address: string | Address to which the bill will be addressed. | |
| +zipcode: string | Zipcode to which the bill will be addressed. | |
| Redirects | R202 | Success |
| R504 | Error | |
| Permissions | ATVUSER |
- R601: New Offer View [/offer]
- R602: Active Offer View [/offer/{id}]
- R603: Offer Add Action [/offer]
- R604: Offer Edit Action [/offer/{id}]
- R605: Offer Cancel Action [/offer/{id}]
- R606: Discount Listing Action [/api/offer/{id}/discount]
- R607: Discount Add Action [/offer/{id}/discount]
- R608: Discount Edit Action [/offer/{offerId}/discount/{discountId}]
- R609: Discount Remove Action [/offer/{offerId}/discount/{discountId}]
- R610: Key Listing Action [/api/offer/{id}/key]
- R611: Key Add Action [/offer/{id}/key]
- R612: Key Edit Action [/offer/{offerId}/key/{keyId}]
- R613: Key Remove Action [/offer/{offerId}/key/{keyId}]
| URL | /offer | |
| Description | View with create offer form. | |
| Method | GET | |
| UI | UI08 (Add/Edit Offer) | |
| AJAX Calls | R603 | Used to add the new offer to the database. |
| Permissions | ATVUSER |
| URL | /offer/{id} | |
| Description | View with edit offer form. | |
| Method | GET | |
| Parameters | +id: integer | ID of the offer we want to edit. |
| UI | UI08 (Add/Edit Offer) | |
| AJAX Calls | R604 | Used to update the offer in the database. |
| R607 | Used add a discount to the offer. | |
| R608 | Used edit a discount of the offer. | |
| R609 | Used delete a discount of the offer. | |
| R611 | Used add a key to the offer. | |
| R612 | Used edit a key associated with the offer. | |
| R613 | Used delete a key associated with the offer. | |
| Permissions | ATVUSER |
| URL | /offer | |
| Description | Action to submit a new offer. | |
| Method | PUT | |
| Request Body | +gameId: integer | Id with the game that offer will be about. |
| +idPlatform: integer | Id of platform for that game. | |
| +keys: array | Array of the keys the seller wants to publish. | |
| +price: float | Unitary price for those keys. | |
| +paypal: string | Id with the game that offer will be about. | |
| ?discounts: array | Array with all discount dates and rates for that offer. | |
| Returns | 200 OK | The insertion of the offer was successful. |
| 400 Bad Request | The offer insertion was invalid. | |
| 401 Unauthorized | The offer insertion was refused. | |
| Permissions | ATVUSER |
| URL | /offer/{id} | |
| Description | Action to edit an offer. | |
| Method | POST | |
| Parameters | +id: integer | ID of the offer we want to edit. |
| Request Body | +price: float | Unitary price for those keys. |
| +paypal: string | Id with the game that offer will be about. | |
| Returns | 200 OK | The update of the offer was successful. |
| 400 Bad Request | The offer update was invalid. | |
| 401 Unauthorized | The offer update was refused. | |
| 404 Not Found | Offer not found. | |
| Permissions | SELL |
| URL | /offer/{id} | |
| Description | Action to cancel an offer. | |
| Method | DELETE | |
| Parameters | +id: integer | ID of the offer we want to edit. |
| Returns | 200 OK | The cancellation of the offer was successful. |
| 400 Bad Request | The offer cancellation was invalid. | |
| 401 Unauthorized | The offer cancellation was refused. | |
| 404 Not Found | Offer not found. | |
| Permissions | SELL |
| URL | /api/offer/{id}/discount | |
| Description | Returns discounts of the given offer. | |
| Method | GET | |
| Parameters | +id: integer | ID of the offer the discounts belong to. |
| Response Body | JSON606 | |
| Permissions | SELL |
| URL | /offer/{id}/discount | |
| Description | Action to submit a new discount. | |
| Method | PUT | |
| Parameters | +id: integer | ID of the offer the discount belongs to. |
| Request Body | +rate: integer | Rate with the discount rate of the offer. |
| +startDate: date | Date for the discount to take effect. | |
| +endDate: date | Date for the discount to stop having effect on the offer. | |
| Returns | 200 OK | The insertion of the discount was successful. |
| 400 Bad Request | The discount insertion was invalid. | |
| 401 Unauthorized | The discount insertion was refused. | |
| 404 Not Found | Offer not found. | |
| Permissions | SELL |
| URL | /offer/{offerId}/discount/{discountId} | |
| Description | Action to edit a discount. | |
| Method | POST | |
| Parameters | +offerId: integer | ID of the offer the discount belongs to. |
| +discountId: integer | ID of the discount we want to edit. | |
| Request Body | +rate: integer | Rate with the discount rate of the offer. |
| +startDate: date | Date for the discount to take effect. | |
| +endDate: date | Date for the discount to stop having effect on the offer. | |
| Returns | 200 OK | The update of the discount was successful. |
| 400 Bad Request | The discount update was invalid. | |
| 401 Unauthorized | The discount update was refused. | |
| 404 Not Found | Offer or discount not found. | |
| Permissions | SELL |
| URL | /offer/{offerId}/discount/{discountId} | |
| Description | Action to delete a discount. | |
| Method | DELETE | |
| Parameters | +offerId: integer | ID of the offer the discount belongs to. |
| +discountId: integer | ID of the discount we want to edit. | |
| Returns | 200 OK | The deletion of the discount was successful. |
| 400 Bad Request | The discount deletion was invalid. | |
| 401 Unauthorized | The discount deletion was refused. | |
| 404 Not Found | Offer or discount not found. | |
| Permissions | SELL |
| URL | /api/offer/{id}/key | |
| Description | Returns keys of the given offer. | |
| Method | GET | |
| Parameters | +id: integer | ID of the offer the keys belong to. |
| Response Body | JSON610 | |
| Permissions | SELL |
| URL | /offer/{id}/key | |
| Description | Action to submit a new key. | |
| Method | PUT | |
| Parameters | +id: integer | ID of the offer the key belongs to. |
| Request Body | +key: string | The new key. |
| Returns | 200 OK | The insertion of the key was successful. |
| 400 Bad Request | The key insertion was invalid. | |
| 401 Unauthorized | The key insertion was refused. | |
| 404 Not Found | Offer not found. | |
| Permissions | SELL |
| URL | /offer/{offerId}/key/{keyId} | |
| Description | Action to edit a key. | |
| Method | POST | |
| Parameters | +offerId: integer | ID of the offer the key belongs to. |
| +keyId: integer | ID of the key we want to edit. | |
| Request Body | +key: integer | The updated key. |
| Returns | 200 OK | The update of the key was successful. |
| 400 Bad Request | The key update was invalid. | |
| 401 Unauthorized | The key update was refused. | |
| 404 Not Found | Offer or key not found. | |
| Permissions | SELL |
| URL | /offer/{offerId}/key/{keyId} | |
| Description | Action to delete a key. | |
| Method | DELETE | |
| Parameters | +offerId: integer | ID of the offer the key belongs to. |
| +keyId: integer | ID of the key we want to edit. | |
| Returns | 200 OK | The deletion of the key was successful. |
| 400 Bad Request | The key deletion was invalid. | |
| 401 Unauthorized | The key deletion was refused. | |
| 404 Not Found | Offer or key not found. | |
| Permissions | SELL |
- R701: Feedback Listing Action [/user/{username}/feedback]
- R702: Report View [/report/{id}]
- R703: Report Message Add Action [/report/{id}]
- R704: Report Add Action [/key/{id}/report]
- R705: Feedback Add Action [/key/{id}/feedback]
- R706: Admin Report View [/admin/report/{id}]
- R707: Admin Report Message Add Action[/admin/report/{id}]
| URL | /api/user/{username}/feedback | |
| Description | View with the feedback made to a certain user. | |
| Method | GET | |
| Parameters | +username: string | Username of the user. |
| ?evaluation: boolean | Evaluation of the feedback given. | |
| UI | UI10 (User Page - Account - As own user) | |
| UI10 (User Page - Account - From another user) | ||
| UI09 (Product Page) | ||
| Response Body | JSON701 | |
| Permissions | PUB |
| URL | /report/{id} | |
| Description | View a report that a user has made or that was made against him. | |
| Method | GET | |
| Parameters | +id: integer | ID of the report. |
| UI | UI14 (Report - Report Details) | |
| AJAX Calls | R703 | Used to add a message to the report. |
| Permissions | ATHUSER |
| URL | /report/{id} | |
| Description | Action to submit a new message to a report. | |
| Method | PUT | |
| Parameters | +id: integer | ID of the report. |
| Request Body | +message: string | The new message. |
| Returns | 200 OK | The insertion of the message was successful. |
| 400 Bad Request | The message insertion was invalid. | |
| 401 Unauthorized | The message insertion was refused. | |
| 404 Not Found | Report not found. | |
| Permissions | ATHUSER |
| URL | /key/{id}/report | |
| Description | Action to submit a new report. | |
| Method | PUT | |
| Parameters | +id: integer | ID of the key that we are reporting. |
| Request Body | +title: string | The title of the report. |
| +description: string | The description of the report. | |
| Returns | 200 OK | The insertion of the report was successful. |
| 400 Bad Request | The report insertion was invalid. | |
| 401 Unauthorized | The report insertion was refused. | |
| 404 Not Found | Key not found. | |
| Permissions | BUY |
| URL | /key/{id}/feedback | |
| Description | Action to submit a new feedback. | |
| Method | PUT | |
| Parameters | +id: integer | ID of the key that we are give feedback about. |
| Request Body | +evaluation: boolean | The evaluation of the feedback. |
| ?comment: string | The comment of the feedback. | |
| Returns | 200 OK | The insertion of the feedback was successful. |
| 400 Bad Request | The feedback insertion was invalid. | |
| 401 Unauthorized | The feedback insertion was refused. | |
| 404 Not Found | Key not found. | |
| Permissions | BUY |
| URL | /admin/report/{id} | |
| Description | View a report made by a buyer. | |
| Method | GET | |
| Parameters | +id: integer | ID of the report. |
| UI | UI27 (Admin Page - Reports Details) | |
| AJAX Calls | R707 | Used to add a message to the report. |
| Permissions | ADM |
| URL | /admin/report/{id} | |
| Description | Action to submit a new message to a report by an admin. | |
| Method | PUT | |
| Parameters | +id: integer | ID of the report. |
| Request Body | +message: string | The new message. |
| Returns | 200 OK | The insertion of the message was successful. |
| 400 Bad Request | The message insertion was invalid. | |
| 401 Unauthorized | The message insertion was refused. | |
| 404 Not Found | Report not found. | |
| Permissions | ADM |
{
"id": "23"
}{
"products": [
{
"id": "1",
"title": "GTA V",
"platform": "1",
"image": "O8GHTDJN12UMHN4B9813128B1231",
"price": "25.99"
},
{
"id": "2",
"title": "Rocket League",
"platform": "3",
"image": "873Q20HFR8934IVY804UN5GN409",
"price": "12.99"
}
]
}{
"categories": [
{
"id": "1",
"name": "Game"
},
{
"id": "2",
"name": "DLC"
}
]
}{
"genres": [
{
"id": "1",
"name": "Game"
},
{
"id": "2",
"name": "DLC"
}
]
}{
"platforms": [
{
"id": "1",
"name": "Game"
},
{
"id": "2",
"name": "DLC"
}
]
}{
"users": [
{
"id": "1",
"userName": "lockdownPT",
"image": "O8GHTDJN12UMHN4B9813128B1231"
},
{
"id": "2",
"userName": "Motapinto",
"image": "O8GHTDJN12UMHN4B9813128B1231"
}
]
}{
"report": [
{
"id": "1",
"reporter": "lockdownPT",
"report": "He is Fake",
"status":"Closed"
},
{
"id": "2",
"reporter": "Motapinto",
"report": "He is Fake",
"status":"Open"
}
]
}{
"transaction": [
{
"id": "1",
"seller": "lockdownPT",
"buyer": "Motapinto",
"totalPrice":"50"
},
{
"id": "2",
"seller": "Motapinto",
"buyer": "LockdownPT",
"totalPrice":"50"
}
]
}{
"review": [
{
"id": "1",
"date": "2019/05/04",
"author": "LockdownPT",
"target":"Ruben Almeida"
},
{
"id": "2",
"date": "2019/05/04",
"author": "Ruben Almeida",
"target":"LockdownPT"
}
]
}{
"faq": [
{
"id": "1",
"question": "This is a question",
"answer": "This is an answer",
"target":"Ruben Almeida"
},
{
"id": "2",
"date": "2019/05/04",
"author": "Ruben Almeida",
"target":"LockdownPT"
}
]
}{
"products": [
{
"id": "1",
"title": "GTA V",
"platform": "1",
"image": "O8GHTDJN12UMHN4B9813128B1231",
"price": "25.99"
},
{
"id": "2",
"title": "Rocket League",
"platform": "3",
"image": "873Q20HFR8934IVY804UN5GN409",
"price": "12.99"
}
]
}{
"offers": [
{
"id": "1",
"seller": "bestseller439",
"feedback": "99",
"numSells": "1897",
"stock": "10",
"price": "39.00"
},
{
"id": "29",
"seller": "okseller583",
"feedback": "70",
"numSells": "156",
"stock": "2",
"price": "37.59"
}
]
}{
"discounts": [
{
"id":"1",
"rate":"42",
"start_date":"2020/01/15",
"end_date":"2020/01/20"
},
{
"id":"5",
"rate":"50",
"start_date":"2020/01/30",
"end_date":"2020/02/3"
}
]
}{
"keys": [
{
"id":"1",
"key":"UYBHHAEWF87G238DENWSSF",
"price_sold":"50.39"
},
{
"id":"14",
"key":"AIJWBFVBEU8FG023BFFHIU",
"price_sold":"45.79"
}
]
}{
"feedback": [
{
"id":"1",
"evaluation":"true",
"comment":"He is great",
"evaluation_date":"2020/01/20",
"author":"okseller583"
},
{
"id":"2",
"evaluation":"false",
"comment":"He is not great",
"evaluation_date":"2020/02/20",
"author":"notokseller583"
}
]
}First submission: 16/04/2020
Changes done to first submission: 17/04/2020
- Changed all POST methods to PUT and all PUT methods to POST.
- Fixed table 207 layout
- Inserted logout's resources
- Change search to be indexable
- Removed the user id from the cart module URLs
- Login and register are no longer AJAX Calls
Changes done to second submission: 26/04/2020
- Changed routes to remove unnecessary authorizations
- Added discount related routes
- Fixed missing links
- Changed all tables to markdown based layout Changes done to third submission: 3/05/2020
- Added the password recovery section
- Added links to relations
GROUP2043, 26/04/2020
- Luís Ramos, [email protected] (Editor)
- José Guerra, [email protected]
- Martim Silva, [email protected]
- Ruben Almeida, [email protected]