Versions Compared

Old Version 5

changes.mady.by.user D.Pachula

Saved on

compared with

New Version 6

changes.mady.by.user D.Pachula

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

The RestAPI backend has to be provided by the CBs system including an authentification process. The provided description is an example on the possible implementations and data exchanges IATF CARA will support.

IATF CARA is a single user application using progressive web app technology without a central database. At the moment all communication with IATF CARA is done using loading and saving files. CBs have their own systems and database infrastructures. To improve the interaction with those system the concept exists to provide a restful interface to pull and push data from CARA. The base IATF CARA won’t be changed. It will be offline available and only locally active and use the browser cache as comfort feature to give access to all locally saved reports.

...

The idea is to solve the following functionalities. Though not each functionality has to be used and some functionalities might be set on the local instance of IATF CARA while other might be provided by the defined CB which is selected in the report.

  • Actions and data

    • Loading and saving of backups an external database (Cancelled due to the fact that reports can belong to different CBs) Automatic saving of active report to REST Api RESTApi backend

    • Requesting pre generated reports from CB

    • Requesting co auditor reports for merge

    • Pushing reports to CB

    • Pulling of nc management reports by an organization

    • Pushing of nc management reports by an organization

  • Data formats

    • xml/json format for complex structures

    • string for single returns like tokens

  • Requests

    • GET for requesting data using a token in url

    • POST all other requests and updates (PUT?)

...

  • SSO with session token

    • redirect to single sign on

    • redirect back to IATF CARA with session information

  • Using a session token

    • Authentication will be send using post

    • Received token will be available for the active CARA session (not saved in the browser cache)

    • Received token will be send on each request using

      • get url/(token}

      • Header

      • post

        Code Block
        {
  token: "required session token"
  api-key: "optional"
}

...

Pull Features

  • Pulling a report from CB/internal database

    • Providing a request button the auditor can open a mask choosing the cb and entering his Authentifikation and the report id to pull the prepared report

      • if the report is found it will be loaded

        • If the report exists locally user is warned that it will be replaced and has to confirm

      • return is report as json or xml

      • if it fails user will be informed

      • return is am error message or false

    • Providing a load from data storage button to pull the latest version from data storage

      • User has to confirm that he wants to overwrite the local report

    • Accessing a list of

  • Pulling an nc report for an organization

    • Providing a request button in IATF NC CARA a mask opens asking for the authentication and the report key (the reportkey contains also the CB-Id at the beginning so CARA will use the correct request)

      • if the report is found it will be loaded

        • If the report exists locally user is warned that it will be replaced and has to confirm

      • return is an nc managamenet report as json or xml

      • if it fails user will be informed

      • return is an error message or false

...

  • Pushing a report to CB/datatstorage

    • Providing a button to push the report to CB/data storage only if the url is set

      • When the button is pressed the user is asked for the authentication

      • Post content url/{id}

        Code Block
        optional token in header or url
{
  token: "session token on seperate authentification"in header or tokenurl,
in url userId: as orstring,
  userreportId: "user"as string,
  passwordreport: "Hash256",as base64  "content": "report",
string
}

  • Pushing a nc management report

    • Providing a button to return the report to the backend only if the url is set

      • When the button is pressed the user is asked for the authentication

      • Post content url/{id}

        Code Block
        optional token in header or url
{
  token: "session token on seperate authentification"in header or tokenurl,
in url userId: as orstring,
  userreportId: "user" as string,
  passwordreport: "Hash256",as   "content": "report",base64 string
}

Possibel urls

  • Authentication / or Authentifikation SSO redirect

  • Report

    • push

    • pull

  • Nc Management

    • push

    • pull

  • IATF NC CARA Nc Management

    • push

    • pull

...