1 Rb-forms
- 1.1 API calls
  - 1.1.1 POST /api/create/
    - 1.1.1.1 Request
    - 1.1.1.2 Response
  - 1.1.2 POST /form/add_permisions
    - 1.1.2.1 Request
    - 1.1.2.2 Response
  - 1.1.3 POST /form/create
    - 1.1.3.1 Request
    - 1.1.3.2 Response
  - 1.1.4 GET /form/delete
    - 1.1.4.1 Request
    - 1.1.4.2 Response
  - 1.1.5 GET /form/find
    - 1.1.5.1 Request
    - 1.1.5.2 Response
  - 1.1.6 GET /form/listing
  - 1.1.7 Request
    - 1.1.7.1 Response
  - 1.1.8 GET /form/listing_permission_by_form_id
    - 1.1.8.1 Request
    - 1.1.8.2 Response
  - 1.1.9 GET /form/listing_permission_by_user_id
    - 1.1.9.1 Request
    - 1.1.9.2 Response
  - 1.1.10 GET /record/get_blobs
    - 1.1.10.1 Request
    - 1.1.10.2 Response
  - 1.1.11 GET /record/listing
    - 1.1.11.1 Request
    - 1.1.11.2 Response
  - 1.1.12 GET /record/retrieve
    - 1.1.12.1 Request
    - 1.1.12.2 Response
  - 1.1.13 POST /form/update
    - 1.1.13.1 Request
    - 1.1.13.2 Response
  - 1.1.14 POST /user/change_password
    - 1.1.14.1 Request
    - 1.1.14.2 Response
  - 1.1.15 POST /user/create
    - 1.1.15.1 Request
    - 1.1.15.2 Response
  - 1.1.16 GET /user/find
    - 1.1.16.1 Request
    - 1.1.16.2 Response
  - 1.1.17 GET /user/get_current_user
    - 1.1.17.1 Request
    - 1.1.17.2 Response
  - 1.1.18 GET /user/listing
    - 1.1.18.1 Request
    - 1.1.18.2 Response
  - 1.1.19 POST /user/login
    - 1.1.19.1 Request
    - 1.1.19.2 Response
  - 1.1.20 POST /user/logout
    - 1.1.20.1 Request
    - 1.1.20.2 Response
  - 1.1.21 POST /user/update
    - 1.1.21.1 Request
    - 1.1.21.2 Response
  - 1.1.22 P

Rb-forms

Rb-forms project is current solution developed in python. It’s functionality will be used as a template for java based solution. As a goal, new app should seamlessly take over usecases of old application.

API calls

I’ve tried to reproduce in document how current API looks like. However, because we are rebuilding application we should take it as an opportunity to fix most glaring shortocmings of current API if possible. As it’s to be agreed if such changes are possible to be made, as of now, I’m only marking them down using color.
Green text are changes that are suggested for addition.
Red text are changes that are suggested for deletion.

That being said, I’m suggesting adding authorization to ALL calls (if not marked otherwise in particular call), by utilizing header token, in similar way it’s currently working in other services. Token only should be enough to determine if access is valid for particular request.

Suggesting using Spring Security pre-auth for it, in similar way it is done in Campaign Validator project [see InternalStorageController class for API access restrictions, and security module for implementation of it].

POST /api/create/

creates data in CDP.

Request

Curl:

curl -X POST "http://localhost:5000/api/create?form_id=1" -H "accept: application/json" -H "Content-Type: multipart/form-data" -F "data={ "ActivityDate": "string", "Addresses": [ { "AddressLine1": "string", "AddressLine2": "string", "AddressLine3": "string", "City": "string", "CountryCode": "string", "DeliveryStatus": "string", "DoNotStandardize": true, "IsPreferred": true, "LocationCode": "string", "PostalCode": "string", "StateCode": "string" } ], "Birthdate": "string", "CompanyName": "string", "Emails": [ { "DeliveryStatus": "string", "EmailAddress": "string", "IsPreferred": true, "LocationCode": "string" } ], "EnrollmentStatus": "string", "FirstName": "string", "Gender": "string", "GlobalOptDate": "string", "GlobalOptOut": true, "GlobalOptSource": "string", "JoinDate": "string", "JsonExternalData": [ { "Agreements": [ { "MandatoryInd": true, "id": 0 } ], "AnnualFamilyIncome": "string", "CaregiverStatusDetailCode": "string", "Children": [ { "AdoptionFlag": "string", "BirthDate": "string", "CaregiverTypeCode": "string", "ChildStatusDetailCode": "string", "DataSourceCode": "string", "FeedingMethod": "string", "FirstName": "string", "FosterFlag": "string", "GenderCode": "string", "HcpProfileId": "string", "HospitalCity": "string", "HospitalId": "string", "HospitalName": "string", "HospitalState": "string", "LastName": "string", "MiddleName": "string", "MultiBirthChildNum": 0, "MultiBirthInd": 0, "PreferredBrand": "string", "PreferredProduct": "string", "PrematureBirthFlag": "string", "SalesRepNum": "string", "SalesRepTerritory": "string", "SelfReportedWicFlag": "string", "SrcChildId": "string", "Status": "string", "SynonymName": "string", "TerritoryCode": "string", "WicStatus": 0 } ], "Ethnicity": "string", "ExpectingInd": "string", "GovermentID": "string", "HouseholdSize": 0, "MomStatus": "string", "PrefSpokenLanguage": "string", "PreferedBrand": "string", "PreferedProduct": "string", "ProfileItemList": [ { "ItemType": "string", "ItemValue": "string" } ], "ProfileSubscriptions": [ { "ActivityDate": "string", "BrandOrgCode": "string", "ChannelCode": "string", "OptSource": "string", "OptStatus": "string", "SubscriptionId": "string" } ], "Specialty": "string", "UnmappedAttributes": [ {} ] } ], "LanguageCode": "string", "LastName": "string", "MaritalStatus": "string", "MiddleInit": "string", "MiddleName": "string", "Phones": [ { "AcceptsText": true, "DeliveryStatus": "string", "LocationCode": "string", "NeverAfter": "string", "NeverBefore": "string", "PhoneCountryCode": "string", "PhoneNumber": "string" } ], "Prefix": "string", "Username": "string" }"

Parameters

Parameters
name	type	value
form_id	query	number
data	formData	{ "ActivityDate": "string", "Addresses": [ { "AddressLine1": "string", "AddressLine2": "string", "AddressLine3": "string", "City": "string", "CountryCode": "string", "DeliveryStatus": "string", "DoNotStandardize": true, "IsPreferred": true, "LocationCode": "string", "PostalCode": "string", "StateCode": "string" } ], "Birthdate": "string", "CompanyName": "string", "Emails": [ { "DeliveryStatus": "string", "EmailAddress": "string", "IsPreferred": true, "LocationCode": "string" } ], "EnrollmentStatus": "string", "FirstName": "string", "Gender": "string", "GlobalOptDate": "string", "GlobalOptOut": true, "GlobalOptSource": "string", "JoinDate": "string", "JsonExternalData": [ { "Agreements": [ { "MandatoryInd": true, "id": 0 } ], "AnnualFamilyIncome": "string", "CaregiverStatusDetailCode": "string", "Children": [ { "AdoptionFlag": "string", "BirthDate": "string", "CaregiverTypeCode": "string", "ChildStatusDetailCode": "string", "DataSourceCode": "string", "FeedingMethod": "string", "FirstName": "string", "FosterFlag": "string", "GenderCode": "string", "HcpProfileId": "string", "HospitalCity": "string", "HospitalId": "string", "HospitalName": "string", "HospitalState": "string", "LastName": "string", "MiddleName": "string", "MultiBirthChildNum": 0, "MultiBirthInd": 0, "PreferredBrand": "string", "PreferredProduct": "string", "PrematureBirthFlag": "string", "SalesRepNum": "string", "SalesRepTerritory": "string", "SelfReportedWicFlag": "string", "SrcChildId": "string", "Status": "string", "SynonymName": "string", "TerritoryCode": "string", "WicStatus": 0 } ], "Ethnicity": "string", "ExpectingInd": "string", "GovermentID": "string", "HouseholdSize": 0, "MomStatus": "string", "PrefSpokenLanguage": "string", "PreferedBrand": "string", "PreferedProduct": "string", "ProfileItemList": [ { "ItemType": "string", "ItemValue": "string" } ], "ProfileSubscriptions": [ { "ActivityDate": "string", "BrandOrgCode": "string", "ChannelCode": "string", "OptSource": "string", "OptStatus": "string", "SubscriptionId": "string" } ], "Specialty": "string", "UnmappedAttributes": [ {} ] } ], "LanguageCode": "string", "LastName": "string", "MaritalStatus": "string", "MiddleInit": "string", "MiddleName": "string", "Phones": [ { "AcceptsText": true, "DeliveryStatus": "string", "LocationCode": "string", "NeverAfter": "string", "NeverBefore": "string", "PhoneCountryCode": "string", "PhoneNumber": "string" } ], "Prefix": "string", "Username": "string" }
files	file (formData)

Data Schema details

Data Schema details
Field	Type	Details
ActivityDate	String	2019-01-01 20:35:41 (UTC)
Addresses	Array	Array of Address
Birthdate	String	2019-01-01 20:35:41 (UTC)
CompanyName	String	max length 40, Name of customer's employer.
Emails	Array	Array of Email
EnrollmentStatus	String	max length 1, Status of customer's enrollment in program. Values "A" -Active, "C"- Cancelled, "S"-Suspended
FirstName	String	max length 60
Gender	String	max length 1, "M" - Male, "F" - Female, "U" - Unknown
GlobalOptDate	String	2019-01-01 20:35:41 (UTC)
GlobalOptOut	boolean	TRUE if customer should not receive marketing communications.
GlobalOptSource	String	max length 60, Where customer opted out.
JoinDate	String	2019-01-01 20:35:41 (UTC)
JsonExternalData	Array	Array of ExternalDataItem
LanguageCode	String	max length 3, Customer's preferred language. Format ISO 639-3 / 3 characters)
LastName	String	max length 60
MaritalStatus	String	max length 1, "M" - Married, "S" - Single
MiddleInit	String	max length 1
MiddleName	String	max length 60
Phones	Array	Array of Phone
Prefix	String	max length 10
Username	String	max length 10, Customer's username for web page or mobile app.

Address Schema details

Address Schema details
Field	Type	Details
AddressLine1	String	max length 255
AddressLine2	String	max length 255
AddressLine3	String	max length 255
City	String	max length 80
CountryCode	String	max length 3, 3166 Alpha-3 country code
DeliveryStatus	String	max length 3, 3166 Alpha-3 country code
DoNotStandardize	boolean	TRUE if address will not be standardized
IsPreferred	boolean	TRUE if postal address is preferred.
LocationCode	String	max length 10, H' for Home 'B' for Business/Work ‘O’ for Other - Default
PostalCode	String	max length 10, When submitting a value with the Zip Code Suffix then the hyphen delimiter must be used (#####-####)
StateCode	String	max length 80, Must be valid association with CountryCode value

Email Schema details

Email Schema details
Field	Type	Details
DeliveryStatus	String	max length 1
EmailAddress	String	max length 254
IsPreferred	boolean	TRUE if postal address is preferred.
LocationCode	String	max length 10, H' for Home 'B' for Business Work 'M' for Mobile ‘O’ for Other - Default

ExternalDataItem Schema details

ExternalDataItem Schema details
Field	Type	Details
Agreements	Array	Array of Agreement
AnnualFamilyIncome	String	max length 50
CaregiverStatusDetailCode	String	max length 2
Children	Array	Array of Child
Ethnicity	String	max length 255
ExpectingInd	String	max length 1, Pregnancy/Expecting Indicator. Values “Y”=Expecting/Pregnant“N”=Not Expecting, Not Pregnant
GovernmentID	String	Max length 255, ID of the government identfication number, such as Passport.
HouseholdSize	number
MomStatus	String	max length 255, Profile's mom status. Valid values (case-sensitive) "FIRST TIME MOM", "EXPERIENCED"
PrefSpokenLanguage	String	max length 255, use 3-byte ISO language code
PreferedBrand	String	max length 255, use 3-byte Brand Code
PreferedProduct	String	max length 255
ProfileItemList	Array	Array of ProfileItem
ProfileSubscriptions	Array	Array of ProfileSubscription
Specialty	String	max length 100, HCP Speciality (Nurse, Pediatrician, etc)
UnmappedAttributes	Map	Map of additional Attributes/Values pair

Agreement Schema details

Agreement Schema details
Field	Type	Details
ConsentAcceptedInd	boolean	TRUE if agreement is Accepted
ConsentDescription	String	Short description of Agreement
MandatoryInd	boolean	TRUE if particular agreement is mandatory
Id	number	id of agreement in form system

Child Schema details

Child Schema details
Field	Type	Details
AdoptionFlag	String	max length 1, Y-Adopted, N-Not Adopted
BirthDate	String	2019-01-01 20:35:41 (UTC)
CaregiverTypeCode	String	max length 50
ChildStatusDetailCode	String	max length 2
DataSourceCode	String	max length 20
FeedingMethod	String	max length 255, Valid values BREAST MILK ONLY, FORMULA ONLY, BREAST MILK AND FORMULA, I'M NOT SURE
FirstName	String	max length 60
FosterFlag	String	max length 1, Y-Fostered, N-Not fostered
GenderCode	String	max length 1, M-Male, F-Female, U-Unknown
HcpProfileId	String	max length 255, Hcp Profile Id associated to the Child record
HospitalCity	String	max length 80, Hospital City associated to the Children object when HospitalId not populated.
HospitalId	String	max length 50, Value of SourceHospitalId which is the Salesforce ID
HosptialName	String	max length 80, Hospital Name associated to the Children object when HospitalId not populated.
HospitalState	String	max length 2, ISO 3166-2 code
LastName	String	max length 60
MiddleName	String	max length 60
MultiBirthChildNum	number	1-single birth, 2-twins, 3-triplets, etc.
MultiBirthInd	number	1-single birth, 2-twins, 3-triplets, etc. Obsolete because of MultiBirthChildNum
PreferredBrand	String	max length 255, 3 characters Brand Code
PreferredProduct	String	max length 255
PrematureBirthFlag	String	max length 1, Y-Premature, N-Not premature
SalesRepNum	String	max length 255, Salesforce Employee Number, External_ID_mjn__c field
SalesRepTerritory	String	max length 255, Territory assigned to Sales Representative
SelfReportedWicFlag	String
SrcChildId	String	max length 20, To store the source's own external child id in CDP
Status	String	max length 1, Record status, A-Active, I-Inactive
SynonymName	String	max length 255, Nick name
TerritoryCode	String	max length 5
WicStatus	number	1-Yes, 2-No

ProfileItem Schema details

ProfileItem Schema details
Field	Type	Details
ItemType	String	max length 255
ItemValue	String	max length 255

ProfileSubscription Schema details

ProfileSubscription Schema details
Field	Type	Details
ActivityDate	String	2019-01-01 20:35:41 (UTC)
BrandOrgCode	String
ChannelCode	String
OptSource	String
OptStatus	String
SubscriptionId	String

Phones Schema details

Phones Schema details
Field	Type	Details
AcceptsText	boolean	TRUE if phone number can receive text messages
DeliveryStatus	String	max length 1
LocationCode	String	max length 10, H' for Home 'B' for Business/Work 'M' for Mobile ‘O’ for Other - Default
NeverAfter	String	2019-01-01 20:35:41 (UTC)
NeverBefore	String	2019-01-01 20:35:41 (UTC)
PhoneCountryCode	String	max length 3, ISO639-33 byte countrycode
PhoneNumber	String	max length 20

Response

code	Body

code	Body
200	`{ "code": "string", "results": "string", "status": true }`

ResponseBody Schema details

ResponseBody Schema details
Field	Type	Details
code	String	One of: GetAccessTokenFailed, FormIDInvalid, FileUploadFailed, FileSaveFailed, PushDataToCDPFailed, ThisFileTypeIsNotSupported, ExceededTheNumberOfFiles, ExceededTheSizeOfFiles
results	String	Detailed description
status	boolean	is success

code	Body

code	Body
200	empty response
400

ResponseBody Schema details

ResponseBody Schema details
Field	Type	Details
code	String	One of: GetAccessTokenFailed, FormIDInvalid, FileUploadFailed, FileSaveFailed, PushDataToCDPFailed, ThisFileTypeIsNotSupported, ExceededTheNumberOfFiles, ExceededTheSizeOfFiles. Other codes should be added such as ValidationFailed.
results	String	Detailed description

POST /form/add_permisions

Used for granting users permissions for specific form.

Rename endpoint to /form/permission_add with form_id as query parameter for more consistent API (which will be also used by requests proposed below).
Also provide endpoint POST /form/permission_set which will override current permissions to submitted. Same request as this one in terms of parameters.
Aso provide endpoint DELETE /form/permission to remove all permissions. No body needed.
Get is already covered and described in GET /form/listing_permission_by_form_id.

Request

Parameters

Parameters
name	type	value
requestBody	body

RequestBody Schema details

RequestBody Schema details
Field	Type	Details
form_id	number	form id
users	array	Array of User_id’s (number)

Response

code	Body

code	Body
200

ResponseBody Schema details

ResponseBody Schema details
Field	Type	Details
code	String	One of: GetAccessTokenFailed, FormIDInvalid, FileUploadFailed, FileSaveFailed, PushDataToCDPFailed, ThisFileTypeIsNotSupported, ExceededTheNumberOfFiles, ExceededTheSizeOfFiles
results	String	Detailed description
status	boolean	is success

code	Body

code	Body
200	empty response
400

ResponseBody Schema details

ResponseBody Schema details
Field	Type	Details
code	String	Proper error code for failure: eg. GetAccessTokenFailed, FormIDInvalid. Provide other neccessary. Other codes should be added such as ValidationFailed.
results	String	Detailed description

POST /form/create

Creates form.
All token related fields should be removed from payload.

Request

Parameters

Parameters
name	type	value
body	body

Agreement Schema details

Agreement Schema details
Field	Type	Details
access_token_authorization	String
access_token_scope	String
access_token_secret	String
agreements	Array	array of Agreement
blob_storage_account_key	String
blob_storage_account_name	String
blob_storage_container_name	String
cdp_accept_language	String
cdp_account_source	String
cdp_brand_org_code	String
cdp_client_code	String
cdp_program_code	String
cdp_source_code	String
cdp_tier_code	String
file_max	String	optional
file_size	String	optional
file_type_archived	boolean	optional
file_type_document	boolean	optional
file_type_image	boolean	optional
file_type	String	Optional; Type can be send as string instead of 2 exclusive booleans
market	String	optional
name	String
platform	String	optional
upload	String
url	String	optional
verify_email	String	optional

Agreement Schema details

Agreement Schema details
Field	Type	Details
ConsentAcceptedInd	boolean	TRUE if agreement is Accepted
ConsentDescription	String	Short description of Agreement
MandatoryInd	boolean	TRUE if particular agreement is mandatory
Id	number	id of agreement in form system

Response

code	Body

code	Body
200

ResponseBody Schema details

ResponseBody Schema details
Field	Type	Details
code	String	One of: GetAccessTokenFailed, FormIDInvalid, FileUploadFailed, FileSaveFailed, PushDataToCDPFailed, ThisFileTypeIsNotSupported, ExceededTheNumberOfFiles, ExceededTheSizeOfFiles
results	String	Detailed description
status	boolean	is success

code	Body

code	Body
200	empty response
400

ResponseBody Schema details

ResponseBody Schema details
Field	Type	Details
code	String	Proper error code for failure: eg. GetAccessTokenFailed, FormIDInvalid. Provide other neccessary. Other codes should be added such as ValidationFailed.
results	String	Detailed description

GET /form/delete

Deletes form for given Id.
Rename endpoint just to /form and change GET to DELETE

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

code	Body

code	Body
400

ResponseBody Schema details

ResponseBody Schema details
Field	Type	Details
code	String	Proper error code for failure: eg. GetAccessTokenFailed, FormIDInvalid. Provide other neccessary. Other codes should be added such as ValidationFailed.
results	String	Detailed description

GET /form/find

Fetches form for given Id.
Rename endpoint just to /form furthermore, consider making query parameter optional and providing NO parameter defaults to all returned.

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /form/listing

Retrieves all forms.
Rename endpoint to /form/all OR make /form query parameter optional and providing NO parameter defaults to all returned.

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /form/listing_permission_by_form_id

It supposes to list all permissions by given form_id, however, it is NOT requsted in API definition (but used in code)
Add missing parameter and rename endpoint to: /form/permission
Also, this request can be (and should be) merged together with “GET /form/listing_permission_by_user_id”, and using both parameters as optional, returning sum of two queries if both provided.

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /form/listing_permission_by_user_id

It supposes to list all permissions by given user_id, however, it is NOT requsted in API definition (but used in code)
Add missing parameter and rename endpoint to: /form/permission
Also, this request can be (and should be) merged together with “GET /form/listing_permission_by_form_id”, and using both parameters as optional, returning sum of two queries if both provided.

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /record/get_blobs

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /record/listing

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /record/retrieve

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

POST /form/update

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

POST /user/change_password

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

POST /user/create

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /user/find

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /user/get_current_user

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

GET /user/listing

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

POST /user/login

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

POST /user/logout

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

POST /user/update

Request

Parameters

Parameters
name	type	value
form_id	query	number

Response

code	Body

code	Body
200

NUTRINTG Forms with middleware

Rb-forms

API calls

POST /api/create/

Request

Response

POST /form/add_permisions

Request

Response

POST /form/create

Request

Response

GET /form/delete

Request

Response

GET /form/find

Request

Response

GET /form/listing

Request

Response

GET /form/listing_permission_by_form_id

Request

Response

GET /form/listing_permission_by_user_id

Request

Response

GET /record/get_blobs

Request

Response

GET /record/listing

Request

Response

GET /record/retrieve

Request

Response

POST /form/update

Request

Response

POST /user/change_password

Request

Response

POST /user/create

Request

Response

GET /user/find

Request

Response

GET /user/get_current_user

Request

Response

GET /user/listing

Request

Response

POST /user/login

Request

Response

POST /user/logout

Request

Response

POST /user/update

Request

Response

P