Looking for some help to understand how content copy API validates user roles to implement something similar in assessment service for question set copy API

[aks30]

We are implementing question set copy API, and we are designing it based on the lines of content copy API. Wanted to understand how is user roles etc validated in content copy API.

cc - @joffinjoy

[pramodkvarma]

Why do we need separate API at all? Shouldn't we have a general collection deep and shallow copy API for all types of assets?

@vrayulu

[vrayulu]

@pramodkvarma - We need a wrapper API for each object type (content, collection, question, question set). But the underlying logic & code should be same for content & questions, and collections & question-sets.

@aks30 - please note the above while implementing the question set copy API.

[pramodkvarma]

Can you review and check once please? Thanks for clarifying.

[vinukumar-vs]

I. Wanted to understand how is user roles etc validated in content copy API.

SB-Knowlg core platform API's doesn't verify any user role check. The middleware will verify the user roles & his permission to call the API based on user-token passed in the request headers(x-authenticated-user-token).

The below code is resposible to check user-token & it's roles to access the API.
https://github.com/project-sunbird/knowledge-mw-service/blob/release-4.8.0/src/middlewares/request.middleware.js

Please refer the copy-content API for your reference.

As @vrayulu mentioned, Question-Set & Question are Object types similar to Collection & Content Object type. You have to write wrapper API's similar to collection & content copy API's

@aks30 can you share the design-document of Question-Set API to understand it better. I heard you are looking for question-set with dynamic(branching) question rendering based on complexity or answers given by the user.

[joffinjoy]

@vinukumar-vs I hope this is what you asked for: https://project-sunbird.atlassian.net/wiki/spaces/SingleSource/pages/2960850971/Design+QuML+Dependent+Questions

[aks30]

@vrayulu While what you mentioned definitely makes sense from the platform perspective, and from the limited understanding on how content copy works, we think it would be very complicated to combine the 2 logic given the question/question set copy includes much more to be done on top of what is done in content copy and is very different also, and that question/question-set copy API is already done from developer side and PR raised as here - Sunbird-Knowlg/knowledge-platform#823.

I would however ask @krgauraw if you can highlight here the complexities if one has to implement this and approx how much effort will it take. @maheshkumargangula this is where we need your help also so that we understand end to end the implications and impact as well as the effort to do this.

cc - @vijiurs