FR: Request across multiple company codes #22
Description
Currently we have to specify a company to which we make a request using {cmpy_code}.
get /{cmpy_code}/employee/information
In an enterprise scenario we have many companies. Would it be possible to have an endpoint that returns data across multiple or all companies?
Requests like /employee/information or /student/information include cmpy_code as a field which we could filter on to manage the scope, but all of this data is coming from the same tables anyway.
The use case for this would be integrations with vendors that only make one call per instance but need to ingest data for multiple schools. For example a library or canteen system for a campus that hosts 2-3 school entities.
User permissions currently return status 403: forbidden when calling a company they do not have access to. I imagine this working like a filter to return only allowed company data in the response to an "all company" call. If a subset of schools can be specified, the forbidden response may still be applicable if an out-of-scope company is included.