Possible to filter expenses by user?

Following up my other post
(https://groups.google.com/d/msg/freeagent_api/PvhEzuFQbik/SiJMTTktRR8J)…

Is there a way to filter expenses by (the current) user url/id? I’m looking
into multiple user support for my app, but the API only seems capable of
returning an “all or nothing” response for expenses.

This is fine for super-users (permission level 8) who can see everything
anyway, but if the current user is an employee at a lower permission (e.g.
level 3), then I would only want to retrieve their personal out-of-pocket
expenses. This would mirror what happens on the FA website: an employee at
permission level 3 can see only their own expenses. The filter is provided
by a nested URL, e.g https://…/user/284/expenses.

I couldn’t see a way of doing this other than manually filtering through
the JSON response in code (which is far from ideal, and potentially
insecure). If not yet available, could you let me know if it’s planned in
an API update?

Thanks,
Chris


http://twitter.com/plymsoftware

Hi Chris,

Expenses are a bit different from the rest of the resources returned by the
API. While the rest of the resources are returned for the user linked to
the token like Harry said, expenses are returned based on your permission
level. Any user with at least the “My Money” level will get all the
expenses present on the company. I’m afraid that for now you will have to
manually filter them from the response.

I realise this is inconsistent with how the app behaves, and that we should
offer a better way of filtering these. I’ll keep you informed if and when
we add expense filtering to the API.

Best regards,
IoanOn Tuesday, 23 April 2013 11:45:40 UTC+1, Chris Blunt wrote:

Hi Harry,

Back working on expenses, and looking at the results I’m getting, it seems
the API is not filtering expenses by the current user.

I have two users setup in my account: myself as admin user, and “Joe
Employee” with a permission level of “Contracts and Projects” (level 3?).
As myself, I’ve posted a few expenses which I can see. When I login to
Freeagent as Joe, I can’t see these expenses (I can only see Expenses
filtered by my name).

However, if I authenticate with the API as Joe, and then perform a
“/expenses” API call, I get a response containing all the expenses in the
account - not just those I can see.

I’ve verified this in the Google oAuth sandbox (Screenshots attached)

https://lh6.googleusercontent.com/-7KBkXmJ3sTw/UXZmEWIK-qI/AAAAAAAATMI/6Gqkn7y0NxQ/s1600/Screen+Shot+2013-04-23+at+11.43.05.png

https://lh5.googleusercontent.com/-J4CXfADAzU0/UXZmGhv0vfI/AAAAAAAATMQ/_RiuvZN8FjQ/s1600/Screen+Shot+2013-04-23+at+11.43.20.png

https://lh4.googleusercontent.com/-sDYPKFsGv5w/UXZmKOSZAaI/AAAAAAAATMY/n9lHLTXyx6Q/s1600/Screen+Shot+2013-04-23+at+11.43.33.png

Appreciate any advice you can give on this. Is there anything else I need
to supply to the API to filter expenses?

Thanks!
Chris

http://plymouthsoftware.com
http://twitter.com/plymsoftware

On Monday, 15 April 2013 17:32:50 UTC+1, Harry wrote:

Hi Chris,

The API returns all items of a resource that the current user (as
identified by their access token) can see. If you want to support multiple
users you can store an access token for each user so they can see the same
items as they would get through the web interface.

I hope this helps.

Regards,
Harry Mills

On Mon, Apr 15, 2013 at 3:56 PM, Chris Blunt cbl...@gmail.com wrote:

Following up my other post (
https://groups.google.com/d/msg/freeagent_api/PvhEzuFQbik/SiJMTTktRR8J)

Is there a way to filter expenses by (the current) user url/id? I’m
looking into multiple user support for my app, but the API only seems
capable of returning an “all or nothing” response for expenses.

This is fine for super-users (permission level 8) who can see everything
anyway, but if the current user is an employee at a lower permission (e.g.
level 3), then I would only want to retrieve their personal out-of-pocket
expenses. This would mirror what happens on the FA website: an employee at
permission level 3 can see only their own expenses. The filter is provided
by a nested URL, e.g https://…/user/284/expenses.

I couldn’t see a way of doing this other than manually filtering through
the JSON response in code (which is far from ideal, and potentially
insecure). If not yet available, could you let me know if it’s planned in
an API update?

Thanks,
Chris

http://plymouthsoftware.com
http://twitter.com/**plymsoftware http://twitter.com/plymsoftware


You received this message because you are subscribed to the Google
Groups “FreeAgent API” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to freeagent_ap...@googlegroups.com.
To post to this group, send email to freeag...@googlegroups.com.
Visit this group at http://groups.google.com/group/freeagent_api?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Hi Harry,

Ah, sorry! I hadn’t realised the API filtered results that way, all makes
sense! Thanks for clearing that one up.

Cheers
ChrisOn 15 Apr 2013 17:33, “Harry Mills” harry@freeagent.com wrote:

Hi Chris,

The API returns all items of a resource that the current user (as
identified by their access token) can see. If you want to support multiple
users you can store an access token for each user so they can see the same
items as they would get through the web interface.

I hope this helps.

Regards,
Harry Mills

On Mon, Apr 15, 2013 at 3:56 PM, Chris Blunt cbl2001@gmail.com wrote:

Following up my other post (
https://groups.google.com/d/msg/freeagent_api/PvhEzuFQbik/SiJMTTktRR8J)…

Is there a way to filter expenses by (the current) user url/id? I’m
looking into multiple user support for my app, but the API only seems
capable of returning an “all or nothing” response for expenses.

This is fine for super-users (permission level 8) who can see everything
anyway, but if the current user is an employee at a lower permission (e.g.
level 3), then I would only want to retrieve their personal out-of-pocket
expenses. This would mirror what happens on the FA website: an employee at
permission level 3 can see only their own expenses. The filter is provided
by a nested URL, e.g https://…/user/284/expenses.

I couldn’t see a way of doing this other than manually filtering through
the JSON response in code (which is far from ideal, and potentially
insecure). If not yet available, could you let me know if it’s planned in
an API update?

Thanks,
Chris

http://plymouthsoftware.com
http://twitter.com/**plymsoftware http://twitter.com/plymsoftware


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to freeagent_api+unsubscribe@googlegroups.com.
To post to this group, send email to freeagent_api@googlegroups.com.
Visit this group at http://groups.google.com/group/freeagent_api?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.


You received this message because you are subscribed to a topic in the
Google Groups “FreeAgent API” group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/freeagent_api/taovcQtQ_Vw/unsubscribe?hl=en
.
To unsubscribe from this group and all its topics, send an email to
freeagent_api+unsubscribe@googlegroups.com.
To post to this group, send email to freeagent_api@googlegroups.com.
Visit this group at http://groups.google.com/group/freeagent_api?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Hi Chris,

The API returns all items of a resource that the current user (as
identified by their access token) can see. If you want to support multiple
users you can store an access token for each user so they can see the same
items as they would get through the web interface.

I hope this helps.

Regards,
Harry MillsOn Mon, Apr 15, 2013 at 3:56 PM, Chris Blunt cbl2001@gmail.com wrote:

Following up my other post (
https://groups.google.com/d/msg/freeagent_api/PvhEzuFQbik/SiJMTTktRR8J)…

Is there a way to filter expenses by (the current) user url/id? I’m
looking into multiple user support for my app, but the API only seems
capable of returning an “all or nothing” response for expenses.

This is fine for super-users (permission level 8) who can see everything
anyway, but if the current user is an employee at a lower permission (e.g.
level 3), then I would only want to retrieve their personal out-of-pocket
expenses. This would mirror what happens on the FA website: an employee at
permission level 3 can see only their own expenses. The filter is provided
by a nested URL, e.g https://…/user/284/expenses.

I couldn’t see a way of doing this other than manually filtering through
the JSON response in code (which is far from ideal, and potentially
insecure). If not yet available, could you let me know if it’s planned in
an API update?

Thanks,
Chris

http://plymouthsoftware.com
http://twitter.com/**plymsoftware http://twitter.com/plymsoftware


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to freeagent_api+unsubscribe@googlegroups.com.
To post to this group, send email to freeagent_api@googlegroups.com.
Visit this group at http://groups.google.com/group/freeagent_api?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Hi Harry,

Back working on expenses, and looking at the results I’m getting, it seems
the API is not filtering expenses by the current user.

I have two users setup in my account: myself as admin user, and “Joe
Employee” with a permission level of “Contracts and Projects” (level 3?).
As myself, I’ve posted a few expenses which I can see. When I login to
Freeagent as Joe, I can’t see these expenses (I can only see Expenses
filtered by my name).

However, if I authenticate with the API as Joe, and then perform a
“/expenses” API call, I get a response containing all the expenses in the
account - not just those I can see.

I’ve verified this in the Google oAuth sandbox (Screenshots attached)

https://lh6.googleusercontent.com/-7KBkXmJ3sTw/UXZmEWIK-qI/AAAAAAAATMI/6Gqkn7y0NxQ/s1600/Screen+Shot+2013-04-23+at+11.43.05.png

https://lh5.googleusercontent.com/-J4CXfADAzU0/UXZmGhv0vfI/AAAAAAAATMQ/_RiuvZN8FjQ/s1600/Screen+Shot+2013-04-23+at+11.43.20.png

https://lh4.googleusercontent.com/-sDYPKFsGv5w/UXZmKOSZAaI/AAAAAAAATMY/n9lHLTXyx6Q/s1600/Screen+Shot+2013-04-23+at+11.43.33.png

Appreciate any advice you can give on this. Is there anything else I need
to supply to the API to filter expenses?

Thanks!
Chris


http://twitter.com/plymsoftwareOn Monday, 15 April 2013 17:32:50 UTC+1, Harry wrote:

Hi Chris,

The API returns all items of a resource that the current user (as
identified by their access token) can see. If you want to support multiple
users you can store an access token for each user so they can see the same
items as they would get through the web interface.

I hope this helps.

Regards,
Harry Mills

On Mon, Apr 15, 2013 at 3:56 PM, Chris Blunt <cbl...@gmail.com<javascript:> wrote:

Following up my other post (
https://groups.google.com/d/msg/freeagent_api/PvhEzuFQbik/SiJMTTktRR8J)…

Is there a way to filter expenses by (the current) user url/id? I’m
looking into multiple user support for my app, but the API only seems
capable of returning an “all or nothing” response for expenses.

This is fine for super-users (permission level 8) who can see everything
anyway, but if the current user is an employee at a lower permission (e.g.
level 3), then I would only want to retrieve their personal out-of-pocket
expenses. This would mirror what happens on the FA website: an employee at
permission level 3 can see only their own expenses. The filter is provided
by a nested URL, e.g https://…/user/284/expenses.

I couldn’t see a way of doing this other than manually filtering through
the JSON response in code (which is far from ideal, and potentially
insecure). If not yet available, could you let me know if it’s planned in
an API update?

Thanks,
Chris

http://plymouthsoftware.com
http://twitter.com/**plymsoftware http://twitter.com/plymsoftware


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to freeagent_ap...@googlegroups.com <javascript:>.
To post to this group, send email to freeag...@googlegroups.com<javascript:>
.
Visit this group at http://groups.google.com/group/freeagent_api?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.