A user sends a request to the JADE API to perform an action (e.g. save a judgement or suppress a comment). What happens? I think it'll roughly always be a sequence of operations.
- Check that the request is valid (e.g. CSRF token, OAuth status of user, etc.)
- Check that user has rights to perform action (and is not blocked)
- Check action's constraints (e.g. can't set the preference of a judgment that doesn't exist)
- Convert action into event and emit event to single source
- Process event in order to update state
Every action will do a similar dance. Step 1 will be common across all actions. Step 2 will be common for groups of actions (all non-banned users, oversighters, etc.). Steps 3, 4, and 5 will be unique to an action. 5 will happen "outside" of the API.
