Best way to implement a manually triggered task

[skid]

Not sure if this is more of a Nest.js question than Vendure, but here goes.

I want to implement a procedure that will sync some data with a remote server and I need it to be manually triggerable, as well as scheduled to execute periodically. What is the best way to implement the manual trigger? For example, can I do the following:

1. Implement the sync logic and IO in a service
2. Create a NestJS controller with a GET method that can trigger the action and call the service
3. Can I decorate a controller method with @Allow(Permission.SuperAdmin) (docs says it's for resolvers)
4. If so, what's the best practice for testing this method with a REST API client (can you do Bearer Token auth for REST methods?

Does this sound sensible, or are there better ways?

While here - how do I run a task periodically? Sorry if this is documented already :)

[michaelbromley]

Yes, you can apply the Allow decorator to a Controller method. I just updated the doc block to state this.

Auth is handled in the exact same way for REST as with GraphQL - either bearer token or cookie depending on your config. You can see the e2e tests that verify this here:

vendure/packages/core/e2e/plugin.e2e-spec.ts

Lines 116 to 129 in 97edcb9

	it('permission-restricted route forbidden', async () => {
	const response = await shopClient.fetch(restControllerUrl + '/restricted');
	expect(response.status).toBe(403);
	const result = await response.json();
	expect(result.message).toContain('FORBIDDEN');
	});
	it('permission-restricted route forbidden allowed', async () => {
	await shopClient.asUserWithCredentials('hayden.zieme12@hotmail.com', 'test');
	const response = await shopClient.fetch(restControllerUrl + '/restricted');
	expect(response.status).toBe(200);
	const result = await response.text();
	expect(result).toBe('success');
	});

how do I run a task periodically?

Take a look at the official NestJS cron package - since Vendure plugins are essentially just NestJS modules, you should be able to use this exactly as it shows in the docs.