Joris Berthelot

API Details :

PUT : /api/companyStatus?isActive=true

Company account-did needs to pass into header.

As per current implementation system returning bad request code (400) in below scenarios

1. Account did not exists into DMS System.[This is validation in system for all API]
2. Company already activated / deactivated , still user want to perform same operation.
3. Active company with same name already exists.

We need to change status response to conflict in for point 2 & 3 scenarios only.

Note: No changes required for scenario 1.

CC – Joris Berthelot , Samir

 Hi Rohan J Khandave,

I believe scenario 1 should return 404 code instead of 400. 400 would mean the request is malformed which is not the case... 404 means the resource does not exist.

However, if the account did header (or any required data) is not passed, it should return a 400 error.

Scenario 2 & 3 should, IMO, always return 200 (or 202 if the action if delayed), unless some internal error occurs and, thus should return a 5xx error.

Thanks!

Hello Joris Berthelot,

You are right , account-did is required in header. If it not passed or wrong input comes we show 400 error.

Regarding point 2 & 3 ,

• We can not pass 202 because all API are synchronous in execution.
• For server error we always returns 500 as status code.
• You needed status code 200 even if API returns some validation message to user , please confirm this ?

Thanks,
RohanK

CC – Samir
 

Hi Rohan J Khandave,

Could you explain "You needed status code 200 even if API returns some validation message to user , please confirm this ?"?

Maybe provide some example?

Thanks!

Hello Joris Berthelot,

Currently API returns bad request in below scenarios

1. Company already activated / deactivated , still user want to perform same operation.
2. Active company with same name already exists.

We are changing response code from Bad Request (400) to Conflict (409) , are you fine with this ? Or you want to OK (200) status for above mentioned scenarios. So we can do changes accordingly.

Thanks,
RohanK

Hi Rohan J Khandave,

PUT HTTP verb is supposed to be idempotent so if you proceed the same call multiple time, the result should be the same: always return the same success response (200) unless an error occurs.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/PUT

Applying several times the same  activation state is not a conflictual IMO and should be allowed.

Does this make sense to you?

Hello Joris Berthelot,

Thanks for sharing details.

We will do the changes at our end and return 200 status in below scenarios.

1. Activate already active company.
2. Deactivate already deactivate company.

There is no change in below scenarios, currently API returns Bad Request.

1. Company not found.
2. When user try to activate already deactivated and in system another active company exists with same name.

Shamooka Mohapatra , please let us know if any changes needed at your end for above changes ? if no then we can start this change at our end.

Thanks,
RohanK

Hi Rohan J Khandave,

When a company is not found, it should return 404, not 400. That's the original request of this card

When user try to activate already deactivated and in system another active company exists with same name

I'm not sure to understand what you wrote here....

Thanks!

Hello Joris Berthelot,

Thanks,
RohanK

Hi Rohan J Khandave,

We get account did into header ,we try to validate those header value when validation fails , returns bad request. If you still want to return Not Found (404). We can take this change. But this change will get applicable for all DMS API's.

Validation means user data input validation: if data is missing, empty, null, zero, not parseable, etc. -> return 400.

If the data format is valid but when looking up into your database, there's no match -> return 404.

This behavior should be indeed enforce on all API endpoints. There is very strong difference between "invalid input" and "missing requested resource".

DMS has validation , company name must be unique for active companies, system validate company names among all active companies. So when some one try to activate company system validate any other active company has same name or not.

This is a weird logic but why not. That case should return 409 and then we will ignore on our side meaning the company has been already deactivated.

Thanks for your patience!

Hi Samir,

I see this card is being spilled over again and again from a sprint to another. Can we get this done asap please?

Thanks,

cc. Amrendra Kumar

Any update on this, please?

cc Amrendra Kumar

Hi Joris Berthelot,

Can we have a call to discuss this. Please let me know your availability?

Regards,

Samir

Hello,

Has this card been fixed already? Because I'm getting 404 now when a system seems to not exist. Could you confirm?

Thanks!