Future Student Document Upload API Specification

Owned by Brooke Noble
Last updated: Dec 02, 2024 by Darren Bridgman
5 min read

Overview

This API allows for the uploading of documents for future students into the document management system (DocMan). It is designed for testing purposes and follows the standards and patterns outlined in the Synergetic API Patterns and Rules.

Preconditions / Synergetic Setup

  1. Identify or create Future Student in Synergetic for testing

  2. Verify that the necessary configurations (luDocumentSourceCode, luDocumentClassification, luDocumentType) match the intended tests (refer to Acceptance Criteria)

  3. Ensure the values to be used in these reference tables have been flagged for use by external API clients

    image-20241112-061951.png
    example of “EnabledForClientAPI” flag in lookup table

  4. Ensure that “Load User Profile” in the Advanced Settings of the application pool used by CoreAPI is set to True. This is needed to ensure that the directory used when scanning for viruses is accessible.

    image-20241202-043452.png

    Virus scanning is configured using the System|FileUpload|VirusScan|Enabled config key

Endpoint

Route: apiportal/v1/FutureStudent/Document

HTTP Method

POST

Request Payload

The request payload should be of the multipart/form-data type. The document should be attached as shown below. The SourcePath will be inferred from the file metadata. All other metadata should be form-data fields.

 

 

 

Required Fields

  • ID: The ID of the future student.

  • Description: A description of the document.

  • SourceCode: The document source code (from luDocumentSourceCode).

  • SourceDate: The date the document was sourced.

  • SourceReference: A reference for the source of the document.

  • SourcePath: The path of the source, given in the file metadata as the filename.

  • File: The document file, attached as a file. Field name should be File.

  • ClassificationCode: The classification code (from luDocumentClassification).

Example Request

POST /apiportal/v1/FutureStudent/Document HTTP/1.1 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="ID" 12345 ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="Description" Student Transcript ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="SourceCode" SC001 ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="SourceDate" 2024-11-12 ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="SourceReference" Ref123 ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="ClassificationCode" CC001 ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="File"; filename="transcript.pdf" Content-Type: application/pdf <file content here> ------WebKitFormBoundary7MA4YWxkTrZu0gW--

Response Payload

The response will be in JSON format and will vary depending on the result of the request.

Success

JSON

{ "RowNum": 1, "Result": { "DocumentSeq": <tDocumentSeq of the created document> } }

Validation Failure

JSON

{ "RowNum": 1, "Result": { "ValidationDetails": [ { "FieldName": "<name of field failing validation>", "Reason": "<reason field failed validation>" } ] } }

Non-Validation Error

JSON

Acceptance Criteria

Happy Path

GIVEN a client has a request payload including all required information
AND the ID matches a future student
AND all other information is valid

WHEN the client sends that request by calling the API to upload a document with the payload

THEN the document is created
AND all relevant fields populated with supplied values
AND the document is linked to the given ID
AND a success response is returned

General Validation

GIVEN a client has a request where one or more fields are missing

WHEN the client sends that request

THEN a validation failure response is returned indicating which fields are missing

ID Validation

GIVEN a client has a request with an ID that does not belong to a future student

WHEN the client sends that request

THEN a validation failure response is returned indicating that the given ID does not exist, or the client does not have permission to add documents to it.

Source Code Validation

GIVEN a client has a request with a document source code that does not refer to a document source code that may be used by clients

WHEN the client sends that request

THEN a validation failure response is returned indicating that the document source code was not found.

Document Type Validation

GIVEN a client has a request with an inferred document type
AND the inferred document type does not exist in luDocumentType

WHEN the client sends that request

THEN a validation failure response is returned indicating that the document type was not found.

Document Size Validation

GIVEN a client has a request with an inferred document type
AND the inferred document type exists in luDocumentType
AND the maximum file size permitted is configured, and is S
AND the document in the request is larger than S

WHEN the client sends that request

THEN a validation failure response is returned indicating that the document is too large.

Authentication and Authorization

GIVEN a client has a request
AND the client does not have permission to access the endpoint, as shown in the Interface Settings in SynWeb (see also security.TrustedVendor, and related tables)

WHEN the client sends that request

THEN an appropriate error code (likely 401/403) is returned, consistent with the rest of the public APIs.

Auditing

GIVEN everything works, is valid, etc.

WHEN a document is created by a client

THEN the client that created the document is recorded in media.tDocuments.

Integration

GIVEN a document created by this API

WHEN attempting to view the document in SynMain and/or SynWeb

THEN the document is viewable without errors (if it was viewable without errors prior to sending)
AND access controls imposed by document classifications are obeyed.