Administrative service

Administrative service module represents web application written using Play framework. Module serves to produce external administrative (merchant) API that can be used for different merchant purposes. API method source code is located inside Play Controller classes and protected by:

  • Account role
  • Message digest

Each API methods in controllers annotated with @RoleAPI annotation containing required role as a value of AdminRoleValue enum, e.g:

Assigned roles for each particular account are stored in accountrole table in DB and can be modified on the fly using domain-service API methods.

Presence of annotation @RoleAPI also triggers the request message digest verification. Each methods requires unique verification based on formula described in Swagger annotations before API signature. In example above message digest is calculated using formula:

SHA-256(accountId+country.code+orderId+secret) where

accountID – id from Account entity

code – Country code

orderId – unique id for each API request

secret – unique hash for each account entity stored in DB

API documentation for each method is compiled automatically by Swagger on start using text and parameters in Swagger annotations. Please visit Dworkin Swagger UI demo page for methods discovering and testing.

Merchant (administrative) API service can be used for building Admin panel, which allows (depending on account roles) to manage DB entities, see transaction statistics, search for customers, etc . Please see Dworkin Admin panel example to understand what is possible to create with administrative API