Hello. Im doing a API REST and i have doutb about the api design. I have 3 roles (admin, professionals, patients). They have diferents things what they can see or do, but also things that are very similar.
For example, and admin can see all the users and information and a patients only can see a list of professionals with limit information.
I think about two endpoints, with a Plug to ensure the role. :
GET /api/patient/users, PatientController, :index
GET /api/admin/users, AdminController, :index
The other way i see, is one endpoint:
GET /api/users
and in the controller make and if, to load the right information to the role, or make a plug to redirect to the right controller o path.
What is the proper way?