Provide a project's user roles via the JSON API. #16999
Comments
warsaw
added
feature request
requires triaging
miketheman
added
APIs/feeds
and removed
requires triaging
|
This information is also currently available via the XML-RPC API (as much as I don't want to encourage it's use, it's there, folks use it for whatever reason, and is cached for ~48 hours (I'm a little fuzzy on how, if ever, it gets invalidated based on change.) Almost all the data returned in the current JSON API response is static, and user-driven changes are only from uploading a new release. It's unclear to me whether changes to a project's Owner/Maintainer roles does or should invalidate caches, or whether the responses to this API are fine with being stale for a period of time. Re: key naming and structure for accuracy sake, maybe consider a |
|
Hi @miketheman Thanks for the reminder about the XML-RPC API. I'm with you, I don't want to encourage its use either! 😄
I'm not sure what this means. There is information in the project JSON endpoint that actually comes from the latest upload, which is weird on the face of it, but understandable given how PyPI works and the API, so let's ignore that for now. But it does mean that whenever a project gets a new upload, some bits of that response change (IIUC of course).
Are you talking about caches inside warehouse itself?
That is a fantastic idea, thanks! Let me work on an update. |
Heh, I should not have said static, since it's not 🤦 My intent was to convey that the details that are emitted on that endpoint comes from release metadata uploaded, vs anything that can be changed on PyPI itself by the owner user.
I'm referring to the CDN cache in front of warehouse API calls |
Ah, I see what you're saying. Other than the project name (which can't be changed), and maybe
I don't think the endpoint itself should change. It'll still be a
... is that an argument against exposing this data on the existing JSON endpoint? Does warehouse itself do anything to the CDN? I think it should be okay; it's not like the project's HTML page doesn't also change, invalidating the CDN cache, and I bet that's hit way more often than the JSON API. |
warsaw
changed the title
|
Hey @warsaw ! Another use case surfaced with regards to org membership - here's two examples:
These should provide some ideas on how to reshape the response for this data. @ewdurbin also brought up that the changes here should probably not be returned on any release calls, only on the project, since the release details are a "snapshot" of what happened in that release. See |
Excellent point. I'll push that change. |
So in my current branch, I add Aside: I don't (yet) understand the difference between org roles and team roles. It makes sense to add org and team info to the JSON API, eventually. But without a proper REST API, I wonder if now's not the time for that? |
What's the problem this feature will solve?
Retrieving a project's users is not possible via the JSON API. This isn't secret information though, because that information can be scraped from the project's HTML page. That's pretty inconvenient though, requiring tools like
BeautifulSoupand tricky parsing of deep HTML documents. It would be so much better if the information were simply available in the"info"dict of the project's JSON API.Describe the solution you'd like
Add a
"users"key to the"info"dictionary of the project's JSON API. Why "users"? The HTML page calls them "maintainers", however the JSON dict already has fields for "author", "author_email", "maintainer", and "maintainer_email". Plus, if you look at the view for the project HTML page, they access the project's.usersfield. So this seems like the most minimal addition that still makes sense.Additional context
This is related to #15769
I have a branch I'll be pushing soon.
The text was updated successfully, but these errors were encountered: