[Catalyst] Re: REST - like uri design for CRUD

Peter Karman peter at peknet.com
Wed Jan 23 02:37:48 GMT 2008



Peter Karman wrote on 1/20/08 7:53 PM:
> 
> 
> Aristotle Pagaltzis wrote on 1/20/08 7:36 PM:
>> * Peter Karman <peter at peknet.com> [2008-01-20 22:10]:
>>> there's no checking of HTTP method at all.
>>
>> Yikes!!
>>
>> <img src="http://example.org/foo/id/42/delete">
>>
>>

I actually consider that a feature, since it seems legit to me that a GET could 
act on an object. That's not REST, but RPC, as you indicated. In my apps, I do 
server-side auth checks to verify that users can't act on data they should not 
have access to. Then again, all my apps use POST to delete too. :)

That said, I did enable a method-check in v0.23 with a configuration option to 
turn it off.

>>> That API is intentionally RESTish
>>
>> It’s not REST if it ignores the uniform interface – it’s RPCish.
>> URI design is completely orthogonal to REST.
>>
> 
> you are right of course.
> 
> /me adds CatalystX::CRUD::REST to todo list...
> 

/me crosses item off list

http://search.cpan.org/~karman/CatalystX-CRUD-0.23/lib/CatalystX/CRUD/REST.pm

Thanks, Aristotle, for pointing out my naive understanding of REST. This thread 
helped me write the API in the module above.

Comments, suggestions always welcome.

pek

-- 
Peter Karman  .  http://peknet.com/  .  peter at peknet.com



More information about the Catalyst mailing list