問題:
I am writing a RESTful service for a customer management system and I am trying to find the best practice for updating records partially.我正在爲客戶管理系統編寫 RESTful 服務,我正在嘗試尋找部分更新記錄的最佳實踐。 For example, I want the caller to be able to read the full record with a GET request.例如,我希望調用者能夠通過 GET 請求讀取完整記錄。 But for updating it only certain operations on the record are allowed, like change the status from ENABLED to DISABLED.但是爲了更新它,只允許對記錄進行某些操作,例如將狀態從 ENABLED 更改爲 DISABLED。 (I have more complex scenarios than this) (我有比這更復雜的場景)
I don't want the caller to submit the entire record with just the updated field for security reasons (it also feels like overkill).出於安全原因,我不希望調用者僅提交帶有更新字段的整個記錄(這也感覺有點矯枉過正)。
Is there a recommended way of constructing the URIs?是否有推薦的構造 URI 的方法? When reading the REST books RPC style calls seem to be frowned upon.在閱讀 REST 書籍時,RPC 風格的調用似乎不受歡迎。
If the following call returns the full customer record for the customer with the id 123如果以下調用返回 ID 爲 123 的客戶的完整客戶記錄
GET /customer/123
<customer>
{lots of attributes}
<status>ENABLED</status>
{even more attributes}
</customer>
how should I update the status?我應該如何更新狀態?
POST /customer/123/status
<status>DISABLED</status>
POST /customer/123/changeStatus
DISABLED
...
Update : To augment the question.更新:增加問題。 How does one incorporate 'business logic calls' into a REST api?如何將“業務邏輯調用”合併到 REST api 中? Is there an agreed way of doing this?是否有一種商定的方式來做到這一點? Not all of the methods are CRUD by nature.並非所有方法本質上都是 CRUD。 Some are more complex, like ' sendEmailToCustomer(123) ', ' mergeCustomers(123, 456) ', ' countCustomers() '有些更復雜,比如“ sendEmailToCustomer(123) ”、“ mergeCustomers(123, 456) ”、“ countCustomers() ”
POST /customer/123?cmd=sendEmail
POST /cmd/sendEmail?customerId=123
GET /customer/count
解決方案:
參考一: https://en.stackoom.com/question/AFcS參考二: https://stackoom.com/question/AFcS