On Dec 28, 10:27 am, Mike Orr <[email protected]> wrote: > On Tue, Dec 28, 2010 at 2:05 AM, mahmoudimus <[email protected]> wrote: > > Hi! > > > I am trying to use best practices when designing a RESTful > > authenticated API that allows developers to issue commands from > > different accounts and I'm trying to find out how to best implement > > this using paster's restcontroller. > > > Here's an example of the API I want to implement: > > > # note that everything will be using basic http authentication using > > # an SSL connection > > > GET /accounts/AD00193830fe3ff # gets user information > > > The URL for the above GET command would be: > > https://user1:[email protected]/accounts/AD00193830fe3ff/ > > > POST /accounts/AD00193830fe3ff/deducts # deducts points from another > > account > > { > > "account_id": "AD0024433333cd", > > "points": 15 > > } > > > The URL for the above POST command would be: > > https://user1:[email protected]/accounts/AD00193830fe3ff/deducts > > This URL also has a POST payload associated with it. > > > Here's how I went about implementing this: > > > I created an accounts controller using paster's restcontroller command > > and added the map.resource command to routing.py > > > The part I'm confused about is how does one implement the second part? > > How can I get the 'AD00193830fe3ff' account and pass it to the > > deducts resource? > > > The only way I came up with was to issue a: > > > map.connect("deduct", "accounts/:(acct_id)/deducts", > > controller="accounts", action="create", > > conditions=dict(method["POST"])) > > > Is this correct Pylon's way of doing it? Or am I missing something > > here? > > Resources are single-item things. REST does not address the issue of a > transaction spanning multiple items. So you can either attach it > arbitrarily to one member, in which case the "from" member above is > logical, or you can attach it at a higher level such as > "/accounts/transfer". In either case, you can use one of the resource > arguments to create the extra methods. > > map.resource("account", "accounts", member={"deducts": "POST"}) > > This would create a route to your URL above. You'd have to define the > "deducts" action method yourself; "paster restcontroller" isn't smart > enough to do that. > > I use this to create an "ask_delete" URL for a delete confirmation form. > > -- > Mike Orr <[email protected]>
Thanks! I'll give both suggestions a try. Would it more make sense for the POST request for something like "accounts/transfer" to contain the account_id as part of the payload instead of having it in the hierarchal URL structure? That would certainly simplify things. Mahmoud -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
