When you create a model/controller using sails generate user, which models are available? For instance, I know there some like basic CRUD, etc, but how to see all available methods?
PS: Unless I got it all wrong and there are no CRUD methods at all. I'm still learning Sails, so please forgive if its a silly question.
Basically, there are two groups of actions provided by Sails.js blueprints for a newly generated model/controller pair:
REST API: get /:controller/:id?, post /:controller, put /:controller/:id, delete /:controller/:id. These are classic REST set that should be the one being used in production. You can enable/disable these blueprints via rest property in config/controllers.js.
CRUD actions aka shortcuts: /:controller/find/:id?, /:controller/create, /:controller/update/:id, /:controller/destroy/:id. Inspired, by Rails' RESTful conventions, the shortcuts provide a way to call all the REST actions from browser address string, using GET HTTP method only, which can be very handy for developers. These can be enabled/disabled using shortcuts property in config/controllers.js, and it's a good idea to disable them in production (for example, using local environment settings (config/local.js)).
Related
Summary
I am seeing a lot of contradictory architectural examples of a REST API in my work and keep getting different opinions on the subject.
I am familiar with the principles of REST and seeing as each endpoint points to a resource followed by a verb such as /project/create project/123/read.
Following the MVC pattern assuming I have a controller that is responsible for updating a project resource:
router.put("/project/:id/update", ProjectController.put)
First question:
Should this route be responsible for all updates to this resource, in example, assuming different features on my client like marking a project as finished or changing it's title are separated and might not have anything in common for the user. Ending up with the route described above, or should there be something like this:
router.put("/project/:id/mark-as-done", ProjectController.markAsDone)
router.put("/project/:id/update-info", ProjectController.updateInfo)
Second question:
Assuming I want to create a notification resource if a project is created/updated/deleted. Since the notification is a resource on it's own I am not sure how to go about this, but what I assumed and was taught is to use another callback:
router.put("/project/:id/update", ProjectController.put, NotificationController.create)
Third question:
Could I use the same controller to read all resources or just one, for example:
router.get("/project/read", ProjectController.get)
router.get("/project/:id/read", ProjectController.get)
Making the logic in the controller method determinate if it will return all projects or just one. Or should it be separated into different methods?
I would define APIs like this:-
CRUD for Project entity
create- router.post(/projects)
update:- router.put(/projects/:id)
delete:- router.delete(/projects/:id)
read:- router.get(/projects) and/or router.get(/projects/:id)
You can define all above routes in ProjectController.
Regarding Notification entity you can define as follows
read:- router.get(/projects/:id/notifications)
The same can be applied to PUT, DELETE, POST
Here is a good article defining rest guidelines https://stackoverflow.blog/2020/03/02/best-practices-for-rest-api-design/
I've been starting out with Azure and have chosen to set up a Mobile Service using .NET in VS. I've been learning about the constituents of the Azure Todo get-started server project.
One thing I'm struggling to understand (even with extensive Googling) is what the TableController methods are for? I understand that TableController exposes the table to HTTP requests? But when I access data from my client I'm using ".LookupAsync" or ".UpdateAsync" methods on the Table returned by my MobileServiceClient instance.
Are the GetAllToDoItems(..), PathToDoItem(..), GetToDoItem(..), PostToDoItem(..), DeleteToDoItem(..) methods in the TableController being used behind the scenes somewhere when I make those calls on the MobileServiceClient Table?
Can I access those methods from my client? Are these methods standard/required method names?
Is TableController a good place to put server code for authorisation? E.g. the classic example of only returning that user's records?
Thanks for any help,
Tom.
Can I access those methods from my client? Are these methods standard/required method names?
At currently, Azure mobile app support C# and node.js as its backend language. From the Get started article, we can know that we can take advantage of Mobile App using native SDKs whether you're building native iOS, Android, and Windows apps or cross-platform Xamarin or Cordova (Phonegap) apps. We can see a lot of functions like GetAllToDoItems(..), PathToDoItem(..), GetToDoItem(..), PostToDoItem(..), DeleteToDoItem(..) in the backend project. This method is a MVC controller action name. Please note the SDK functions are the important, as we can see below, the backend project has a function called GetTodoItem.
public SingleResult<TodoItem> GetTodoItem(string id)
{
return Lookup(id);
}
However the function Lookup which under the namespace "Microsoft.Azure.Mobile.Server" is the key method in this function:
Is TableController a good place to put server code for authorisation? E.g. the classic example of only returning that user's records?
If you want to add authentication, I think this article may be give you helps. Just use Azure AD for example, if you want to protect some table controller, we only need to configure Azure AD then add [Authorize] attribute before table controller, it is not necessary to add authrize code in that table controller.
I have a Rails 4.2 app that uses rails_admin to manage CRUD actions for its models. It requires current_user.admin? == true for access.
I have just added A/B testing using the Split gem. I want to use the same authorization to allow admin only to view the split dashboard and thought the easiest way might be to create the route within the admin panel such that the dashboard would be available at example.com/admin/split.
I can mount the Split::Dashboard at 'admin/split' but that simply bypasses the admin authorization altogether.
Instead, I want to add a button/link with the rails_admin dashboard that redirects to admin/split where the dashboard is mounted within rails_admin.
Help appreciated.
split's webinterface is a sinatra app. It will not know anything about the rails_admin engine just by mounting it into the same url path. Check out the doc for the split interface https://github.com/splitrb/split#web-interface.
and https://steve.dynedge.co.uk/2011/12/09/controlling-access-to-routes-and-rack-apps-in-rails-3-with-devise-and-warden/
Rack::Auth::Basic will obviously not work for you, since it's basic http auth. So you have to use the second method by sticking you custom request middleware. The current_user will not be available there, since it's added by typical auth gems into the rails controllers. However if your lib is using warden for authentication ( like devise does), the info will be in request.env['warden']. Otherwise you will have to get the session id out the request.env["rack.session"]
The Problem
I'm aware of the basic way to create a route/endpoint in ServiceStack using methods with names like "Get", "Post", "Any", etc inside a service but in the particular case that I'm trying to work with I have an existing service (which I can make an IService via inheritance) that can not be retrofitted w/ServiceStack attributes and currently uses DTOs for the requests and responses.
This service contains many functions that I do not want to manually mask (as this is a pass-through layer) but otherwise already conform to ServiceStack's requirements. What I'm wondering is if there's a way to manually create these routes in a way that would work like I've mocked up here. My existing functions and DTOs already contain the information I would need to define the routes so if this approach is possible it would only require me to enumerate them at initialization time as opposed to generating the services layer manually.
I noticed there is an extension method on Routes.Add that takes an Expression of type Expression> but I was not able to get that working because I believe the underlying code makes assumptions about the type of Expression generated (LambdaExpression vs MemberExpression or something like that). I also may be barking up the wrong tree if that's not the intended purpose of that function but I can not find documentation anywhere on how that variant is supposed to work.
Why?
I'm not sure this is necessary but to shed some light on why I want to do this as opposed to retrofitting my existing layers: The current code is also used outside of a web service context and is consumed by other code internally. Retrofitting ServiceStack in to this layer would make every place that consumes it require ServiceStack's assemblies and be aware of the web service which is a concern I want separated from the lower code. We were previously using MVC/WCF to accomplish this goal but we want some of the features available from ServiceStack.
the current architecture looks like this:
data -> DAL -> discrete business logic -> composition -> web service
Hopefully that makes enough sense and I'm not being obtuse. If you would like any more details about what I want to do or why I'll try to update this post as soon as possible.
Thanks!
You might use the fallback route in order to provide your own routing mechanism.
Then you get the request.Path property and route using your own mapping of path:Function which can be stored in a simple dictionary.
Anyway, if you go this path I don't see much benefit in using servicestack. It seems you just need an http handler that routes requests to existing services.
I'm struggling to see how this is RESTful. I'm referring to the downloaded GitHub ServiceStack.Examples\src\ServiceStack.Examples\ServiceStack.Examples.sln. I do not see anything restful about this, there is no RESTful routes here at all and the method names are all verbs but they're all like GEtThis, etc. I don't see any Http verb attributes, nothing here.
Can someone explain what this is here becuase I feel like it doesn't even belong in the ServiceStack examples...??
Nobody said that example was supposed to be RESTful.
ServiceStack is a general services framework that lets you implement SOAP, MQ or REST+Web/HTML services with the same service.
The example your looking at is one of the first examples ever created for ServiceStack which makes use the Old API. You can compare and contrast it with the New API here. Since the example implements IService<T> it's not a REST service, since every HTTP Verb will invoke the same implementation above. To provide different implementations for each verb with the Old API you would need to inherit RestServiceBase<T> instead, or preferably use the New API.
If you want to consume this service via SOAP or MQ hosts than you need to ensure its accessible via POST by either maintaining single operation per Request DTO like this or by using a method named either Post() or Any() in the New API.