Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
REST module is currently hard-coded to JSON-LD. We want to be able to configure what format should be available on what resource operation. Example: I want to create nodes with POST requests that carry XML, but I want to forbid all other formats. I want to retrieve nodes with GET requests that ask for JSON-LD or XML, but I want to forbid all other formats.
Depends on #1850704: Available serialization formats.
Comment | File | Size | Author |
---|---|---|---|
#17 | format-config-1850734-17.patch | 20.38 KB | klausi |
#17 | format-config-1850734-17-interdiff.txt | 1.08 KB | klausi |
#16 | format-config-1850734-16.patch | 18.07 KB | klausi |
#15 | format-config-1850734-15.patch | 18.08 KB | klausi |
#15 | format-config-1850734-15-interdiff.txt | 6.25 KB | klausi |
Comments
Comment #1
klausiHere is a first patch that attempts to make resource operations (GET, POST, PUT etc.) as well as serialization formats (drupal_jsonld, jsonld, xml etc.) configurable. It contains mostly changes to the admin UI to add nested options for configuration. Please forgive me for the poor usability, but since that won't be a settings page that is often used I just implemented those nested checkboxes. Better suggestions are welcome!
This is not yet finished, I just worked on GET/read test case. The rest will probably fail horribly. Posting my intermediate work to keep you up to date and to give you a chance to chime in early.
Comment #3
klausiNow at least the existing test cases should pass.
TODO:
* Implement the Content-Type format restriction for POST/PUT/PATCH write operations. The routing does not handle that for us
* Look into extending the test cases and what we have to cover.
Comment #5
klausiImplemented the format restriction for incoming data now and merged with #1850704: Available serialization formats.
TODO: Look into extending the test cases and what we have to cover.
Comment #6
klausiRerolled after #1850704: Available serialization formats was committed. No other changes.
Comment #8
klausiSome interesting things changed in the routing system, this should fix the read test case.
Comment #9
Crell CreditAttribution: Crell commented$enabled sounds like a boolean, not a list of enabled resources. This should probably be $enabled_formats or $enabled_resources or something more descriptive.
The comment doesn't match the code. The comment says "no format restrictions", but the code is checking methods. Vis, it's adding the route no matter what if it isn't filtering on method, but it could still be filtering on format, no?
This can be collapsed to an abbreviated ternary.
$request->blah ?: 'drupal_jsonld';
Comment #10
klausiThanks, fixed that. I guess the format restriction setting per method is confusing, it works the usual Drupal way of "if nothing is selected all must be allowed".
Also added the public method to the resource interface.
Comment #12
klausi#10: format-config-1850734-10.patch queued for re-testing.
Comment #13
Crell CreditAttribution: Crell commentedThanks, klausi!
Comment #14
catchGoing to ask for a usability review. I'm not sure we really need a UI for this - we still don't have one for RSS feeds for example.
Comment #15
klausiSo here is a patch that does not make the additional configuration options available in the UI. If a resource is enabled in the UI simply all methods and all formats are enabled for it.
Comment #16
klausiPatch does not apply anymore, rerolled. No other changes.
Comment #17
klausiPatch does not apply anymore, rerolled.
Also simplified the dblog resource, see interdiff.
Comment #18
klausiAlso tagging for Crell.
Comment #19
Crell CreditAttribution: Crell commentedKlausi: Can you generate some screenshots here to help the UX folks give feedback?
Comment #20
klausiActually I want to move on with the recent non UI changing patch, so that we have the settings available in YAML and can add a proper UI later or in contrib.
Comment #21
klausiRaising priority to major since it would be really bad to ship REST module with a hard coded format (currently JSON-LD).
I also opened #1927162: Remove REST module's UI to discuss the fate of REST module's UI as a follow-up. So let's leave the usability question out of this issue to move forward.
Comment #22
Crell CreditAttribution: Crell commentedI'm OK with punting on the UI. There's things to discuss there yet, and I don't want to hold up API flexibility on it. We can follow up in the other issue.
Back to RTBC again.
Comment #23
Dries CreditAttribution: Dries commentedCommitted to 8.x. Thanks.