taler-docs

Documentation for GNU Taler components, APIs and protocols
Log | Files | Refs | README | LICENSE
commit 34beb9b3ffb08a7e68508a6465ba9ef57a785684
parent b68c6b2843d40f3db6a5176d1aeeef55345463b7
Author: Pius Loosli <loosp2@bfh.ch>
Date:   Mon, 16 Oct 2023 15:49:56 +0200

Donau: Authorization for charity administration

Diffstat:

Mcore/api-donau.rst | 21+++++++++++++--------


1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/core/api-donau.rst b/core/api-donau.rst
@@ -480,6 +480,8 @@ Inspired by the Taler exchange :ref:`Deposit<deposit-par>`.
 Charity administration and status information
 ---------------------------------------------
 
+The administration requests require an authorized bearer token to be set in the HTTP "Authorization" Header. This token can be set by a proxy validating authentication/authorization (using e.g. LDAP).
+
 .. http:GET::  /charities
 
   return all charities
@@ -543,7 +545,7 @@ Charity administration and status information
 
   .. http:POST:: /charities
 
-  Add a charity
+  Add a charity. Only allowed if the request comes with the administrator bearer token.
 
   **Request:** `CharityRequest`
 
@@ -554,6 +556,9 @@ Charity administration and status information
   :http:statuscode:`201 Created`:
     The request was successful, and the response is a `CharityResponse`.
 
+  :http:statuscode: `403 Forbidden`:
+    The request did not contain an accepted administrator bearer token in it's header.
+
   .. ts:def:: CharityRequest
   
     interface CharityRequest{
@@ -571,30 +576,29 @@ Charity administration and status information
 
 .. http:PATCH:: /charities/{id}
 
-  Modify a charity
+  Modify a charity. Only allowed if the request comes with the administrator bearer token.
 
   **Request:** `CharityRequest`
 
-  FIXME: Authentication...
-
   **Response:**
 
   :http:statuscode:`200 OK`:
     The request was successful.
 
+  :http:statuscode: `403 Forbidden`:
+    The request did not contain an accepted administrator bearer token in it's header.
 
 
 .. http:DELETE:: /charities/{id}
 
-  Delete (or deactivate) a charity.
+  Delete (or deactivate) a charity. Only allowed if the request comes with the administrator bearer token.
 
   **Request:**
 
-  FIXME: Authentication...
-
   **Response:**
 
   :http:statuscode:`200 OK`:
     The request was successful.
 
-
+  :http:statuscode: `403 Forbidden`:
+    The request did not contain an accepted administrator bearer token in it's header.
+\ No newline at end of file