Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Handle complex POST/PATCH requests in RESTful API

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Dmitry Petrov Dmitry Petrov
December 12, 2012
1
180

Handle complex POST/PATCH requests in RESTful API

Report with a speech on the 2012 sfcampua

Avatar for Dmitry Petrov

Dmitry Petrov

December 12, 2012
Tweet

More Decks by Dmitry Petrov

See All by Dmitry Petrov
Обработка сложных POST/PATCH запросов в RESTfu API
Avatar for Dmitry Petrov fightmaster
1
540

Featured

See All Featured
Design in an AI World
Avatar for tapps tapps
0
140
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
2.9k
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
Avatar for Ines Montani inesmontani
PRO
3
2k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
37
7.1k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
Avatar for soudai sone soudai
PRO
62
49k
Build The Right Thing And Hit Your Dates
Avatar for Maggie C. maggiecrowley
38
3k
Believing is Seeing
Avatar for Spiro Bolos oripsolob
1
53
What Being in a Rock Band Can Teach Us About Real World SEO
Avatar for Ade Holder 427marketing
0
170
How Software Deployment tools have changed in the past 20 years
Avatar for Geshan Manandhar geshan
0
32k
Evolving SEO for Evolving Search Engines
Avatar for Ryan Jones ryanjones
0
120

Transcript

  1. Dmitry Petrov [email protected] Handle Complex POST/PATCH requests in RESTful API

  2. ProFIT Dmitry Petrov The system of process control printing Product

    Fulfillment and Information Tracking

  3. ProFIT Dmitry Petrov Daily: ~ 1 000 orders ~1 000

    000 print productions 1 hour of downtime ~ 25 000$ Product Fulfillment and Information Tracking

  4. RESTful API Dmitry Petrov ~ 60 entity ~100 API endpoints

    Complex business logic RESTful API for ProFIT

  5. Dmitry Petrov GET /api/orders/12/items/fg45sf54 The server response: { "id": "fg45sf54",

    "url": "http://localhost/api/orders/12/items/fg45sf54", "product": "business cards", "quantity": 1000, "previews": { "front": { "large": "http://localhost/large/front.jpg", "medium": "http://localhost/medium/front.jpg", "small": "http://localhost/small/front.jpg", }, "back": { "large": "http://localhost/large/back.jpg", "medium": "http://localhost/medium/back.jpg", "small": "http://localhost/small/back.jpg", } } } GET /api/orders/12 The server response: { "id": 12, "url": "http://localhost/api/orders/12", "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "", "phone": null, "address": { "country": "Russia", "city": "Saratov", "zip": 123456, "street": "Vavilova", "residentional": false } } } RESTful API, examples GET

  6. Dmitry Petrov GET /api/product-box-types/12-type/associations The server response: [ { "id":

    1, "product": "business_cards", "quantity": 1000 }, ...... ] GET /api/machines/KARAT+1/hot-folders The server response: [ { "path":"/home/somepath/", "types": [ "34-f-Type", "33-S-Type", ...... ] }, ...... ] GET /api/press-sheets/134/label The server response: { "label": "epl string" } RESTful API, examples GET

  7. Dmitry Petrov POST http://localhost/api/press-sheets/12/transition Body of the request: { "transition":

    "start:printing:front", "note": null } POST http://localhost/api/orders, PUT http://localhost/api/orders/12 Body of the request: { "id": 12, "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "", "phone": null, "address": { "country": "Russia", "city": "Saratov", "zip": 123456, "street": "Vavilova", "residentional": false } } } RESTful API, examples POST / PUT

  8. Dmitry Petrov PATCH http://localhost/api/orders/12 Body of the request: { "client":

    { "email": "", "phone": null } } PATCH http://localhost/api/orders/12 Body of the request: { "client": { "email": "" }, "address": { "street": "Vavilova", "residentional": true } } Object: { "id": 12, "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "[email protected]", "phone": "8-888-999", "address": { "country": "Russia", "city": "Saratov", "zip": 123456, "street": "Vavilova", "residentional": false } } } RESTful API, examples PATCH

  9. Dmitry Petrov Become thoughtful . . .

  10. DTO Dmitry Petrov Data Transfer Object DTO attribute1: String attribute2:

    String Assembler createDTO updateDomainObject serialize deserialize DomainObject1 attribute1: String DomainObject2 attribute2: String

  11. Dmitry Petrov GET /api/orders/12 The server response: { "id": 12,

    "url": "http://localhost/orders/12", "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "", "phone": null, "address": { "country": "Russia", "city": "Saratov", "zip": 123456, "street": "Vavilova", "residentional": false } } } Examples of DTO

  12. Dmitry Petrov { "transition": "start:printing:front", "note": null } { "label":

    "epl string" } [ { "path":"/home/somepath/", "types": [ "34-f-Type", ...... ] }, ...... ] Examples of DTO

  13. Dmitry Petrov Reducing the number of queries Independence from API

    "Makes you think" The benefits of using DTO pattern

  14. Dmitry Petrov FOSRestBundle JMSSerializerBundle LiipHelloBundle FOSCommentBundle Popular bundles and examples

  15. Dmitry Petrov GET /api/orders/12 The server response: { "id": 12,

    "url": "http://localhost/api/orders/12", "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "", "phone": null, "address": { "country": "Russia", "city": "Saratov", "zip": 123456, "street": "Vavilova", "residentional": false } } } JMSSerializerBundle & GET method

  16. Dmitry Petrov POST /api/orders, Body of the request: { "id":

    12, "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "", "phone": null, "address": { "country": "Russia", "city": "Saratov", "zip": 123456, "street": "Vavilova", "residentional": false } } } JMSSerializerBundle & POST method

  17. Dmitry Petrov JMSSerializerBundle & PATCH method

  18. Dmitry Petrov $this->deserialize($request, 'Rest\OrderDTO', 'json'); JMSSerializerBundle

  19. MERGE Dmitry Petrov $this->merge($oldDTO, $newDTO); JMSSerializerBundle

  20. Dmitry Petrov Merging DTO

  21. Dmitry Petrov PATCH /api/orders/12 Request: { "client": { "email": "",

    "phone": null } } JMSSerializerBundle & PATCH method

  22. Problems / Disadvantages Dmitry Petrov GET - serialization of null

    values PATCH - deserialized into an object PATCH - merge null values MERGE - a lot of useless code RESTful API, JMSSerializerBundle

  23. Dmitry Petrov SimpleThingsFormSerializerBundle July 15, 2012 SimpleThingsFormSerializerBundle

  24. Dmitry Petrov SimpleThingsFormSerializerBundle

  25. Dmitry Petrov GET /api/orders/12 The server response: { "id": "12",

    "url": "http://localhost/orders/12", "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "", "phone": "", "address": { "country": "Russia", "city": "Saratov", "zip": "123456", "street": "Vavilova", "residentional": "false" } } } SimpleThingsFormSerializerBundle

  26. Problems / Disadvantages Dmitry Petrov Converting data into string Lack

    of support PATCH method (v. 2.0) The ideological aversion The dirty mix *Type and *DTO SimpleThingsFormSerializerBundle

  27. Dmitry Petrov Отпуск

  28. Dmitry Petrov Отпуск

  29. Dmitry Petrov Отпуск

  30. Requirements Dmitry Petrov (Un)Serialization of objects Preservation of the type

    in data Metadata cache Reinvent the wheel

  31. Assumptions Dmitry Petrov The output format is json Metadata is

    stored in yml There are get/set methods Reinvent the wheel

  32. After 36 hours... train Saratov - Kiev is comming 30

    hours Dmitry Petrov SimpleSerializer SimpleSerializerBundle Details can be found on the habr Reinvent the wheel

  33. Benefits Dmitry Petrov This is library Separation of serialization rules

    and format Absence voiced disadvantages "Inteligent" deserialization SimpleSerializer

  34. Dmitry Petrov SimpleSerializer & POST / PATCH

  35. Dmitry Petrov SimpleSerializer & POST method

  36. What? Where? When? Dmitry Petrov Parameters of requests Data transfer

    objects Business logic RESTful API, validation

  37. Parameters of requests Dmitry Petrov /api/orders/12 /api/boxes/BOX-1-1 /api/orders?valid=true RESTful API,

    validation

  38. Routing requirements Dmitry Petrov RESTful API, validation

  39. Dmitry Petrov ParameterChecker RESTful API, validation

  40. Dmitry Petrov RESTful API, validation

  41. Dmitry Petrov RESTful API, validation

  42. Dmitry Petrov AbstractRestController RESTful API, validation

  43. Dmitry Petrov PATCH /api/orders/12 Body of the request: { "client":

    { "email": "", "comment": "I'm hacker" } } Object: { "id": 12, "client": { "firstname": "Dmitry", "lastname": "Petrov", "email": "[email protected]", "phone": "8-888-999", "address": { "country": "Russia", "city": "Saratov", "zip": 123456, "street": "Vavilova", "residentional": false } } } RESTful API, validation

  44. Dmitry Petrov POST /api/press-sheets/12/transition Body of the request: { "transition":

    "start:printing:front", "note": null, "comment": "I'm hacker" } POST /api/press-sheets/12/transition Body of the request: { "transition": "start:printing:front", "comment": "I'm hacker" } Object: { "transition": "start:printing:front", "note": null } RESTful API, validation

  45. Dmitry Petrov How, where and when to handle these situations?

    RESTful API, validation

  46. Dmitry Petrov REST APIs with Symfony2: The Right Way

  47. Dmitry Petrov Disadvantages Conventionalism Duplication of code Only works as

    filter REST APIs with Symfony2: The Right Way

  48. Dmitry Petrov "Inteligent" deserialization 3 modes of deserialization: Strict, Medium

    strict, Non-strict + Support groups SimpleSerializer

  49. Dmitry Petrov RESTful API, handle of DTO

  50. Dmitry Petrov RESTful API, handle of domain object

  51. Behat, PHPUnit Dmitry Petrov Controllers Data access layer Service layer

    RESTful API, testing

  52. Dmitry Petrov RESTful API, Behat scenario

  53. Problems Dmitry Petrov Run time: Behat ~ 90 minutes PHPUnit

    ~ 5 minutes RESTful API, testing

  54. WSSE Dmitry Petrov Atom Authentication How to create a custom

    Authentication Provider EscapeWSSEAuthenticationBundle (v. 2.0) MopaWSSEAuthenticationBundle (v. 2.1) RESTful API, authentication

  55. WSSE Header Dmitry Petrov X-WSSE: UsernameToken Username="bob", PasswordDigest="quR/EWLAV4xLf9Zqyw4pDmfV9OY=", Nonce="d36e316282959a9ed4c89851497a717f", Created="2003-12-15T14:43:07Z"

    RESTful API, authentication

  56. Password digest Dmitry Petrov Base64 (SHA1 (Nonce + CreationTimestamp +

    Password)) RESTful API, authentication

  57. Dmitry Petrov RESTful API, The End

  58. Any questions? Dmitry Petrov @old_fightmaster RESTful API https://github.com/opensoft https://github.com/fightmaster Special

    thanks to ProFIT team