Feature: optional JSON endpoint for data export #62
Right now, if a service or website (e.g. publiccode.eu or in future the fsfe.org website) wants to extract data from a forms application (e.g. pmpc-sign), this basically only works when this service is on the same server as forms, and reads forms' JSON file.
This is bad, since we do not want to couple services just because of this, or even cannot (in case of the FSFE website). Also, it is a security concern since this service could access all kinds of sensible data, e.g. signers of an open letter that did not want to appear publicly.
I propose an optional, configurable endpoint for forms. It would allow us to export certain data under certain conditions and make them available via a defined URL, ideally in a JSON format.
The fields that are exported should be customisable.
Let's say I want to export a few things for the
pmpc-sign application in forms:
- total number of signatures
commentof every entry that has
permissionPub = yes.
This could be available via
That can then be used in other services, e.g.:
- pmpc-website where you can define remote JSON data as data source: https://gohugo.io/templates/data-templates/#get-remote-data
Definition of fields and conditions
Probably, we need to settle on a basic language to define the exported fields and their conditions. IMHO this could be quite raw, like an SQL dialect,
jq expressions or raw python, or something customised.
In any case I think we should make every field optional so that we don't expose unwanted data.
How about a dynamic CSS file via which we could insert text using the
content field (example). Then, e.g. on fsfe.org, we could give an element an ID and append/prepend e.g. the number of signatures. One would have to test how thois behaves with caching but it's an idea 🤷
No due date set.
No dependencies set.
Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?