Experimental Write API

Didrik Gauffin

unread,

May 17, 2023, 10:58:34 AM5/17/23

to Alaveteli Dev

Hello this is Didrik Gauffin writing on behalf of Handlingar.se (OKFN Sweden).

How are you going?

We are interested in using the Write API. The API currently seem to have an experimental status (https://alaveteli.org/docs/developers/api/#write-api-experimental). What are your requirements for the API and what can be done to improve it?

We are recommended to use this REST API profile from the Swedish dataportal website: https://dev.dataportal.se/rest-api-profil (SWEDISH ONLY).

Thank you and good day.

Graeme Porteous

unread,

May 17, 2023, 3:37:39 PM5/17/23

to alavet...@googlegroups.com

Hi Didrik,

The Write API is currently coupled with the anonymous external users which we're in the process of removing from core Alaveteli. This is because it adds complexity to many places of the codebase and was originally developed for our FOI Register project [1] which is very-old and has been long unused. As such in the latest release, 3 weeks ago, we announced that we're intending to make the API read only in the next release [2].

Now if the Write API was to remain in core Alaveteli then it would need to move to authorising individual users before any of the write endpoints are used. If your able to make some improvements to do this would be amazing and we would certainly prefer to remove external users without also removing the Write API.

Best,

[1] https://www.mysociety.org/2014/02/10/brighton-and-hove-city-council-launch-new-foi-system-in-aim-to-become-more-transparent/

[2] https://github.com/mysociety/alaveteli/blob/0.43.0.0/doc/CHANGES.md?plain=1#L65-L68

--
Graeme Porteous
gra...@mysociety.org

--
You received this message because you are subscribed to the Google Groups "Alaveteli Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to alaveteli-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/alaveteli-dev/ee2f7c1c-9345-48d3-af92-788fb2e1af0en%40googlegroups.com.

laurent...@gmail.com

unread,

May 26, 2023, 4:38:48 AM5/26/23

to Alaveteli Dev

Hi all,

We are aiming to use just a small bit of write API to send public body email update requests. I wrote some code to do this a while back, but we've never really used it yet. Part of the problem is that we don't use auth at all in that endpoint, so it could easily become a spam inlet. I might be able to help a little with this if needed.