Has flaws vs. Good enough • Needs recent GET on the resource. • Even with recent GET , there's obviously still race condition. • We need to send the whole resource (bandwidth). • But come on, we do this all the time with web forms…
application/json • Does not actually say anything about the diff format. • No shared libraries. • It is ambiguous: delete property vs. set to null? • You meet limits very soon: adding to arrays?
JSON Patch • JavaScript Object Notation Patch (RFC 6902) • Way to describe changes made on JSON. • Not ambiguous, supports addressing nested structures (e.g. replacing properties of nested objects, adding to array). • application/json-patch+json
JSON Patch • atomic operations • path is able to address any element in JSON document • RFC is very short and half of it are examples. Just read it. • libraries…
• test: check if path has given value (if not, the patch fails) • remove: remove path • add: insert new value at path • replace: replace value at path • move: remove + add • copy: clones node inside the document Operations
Misc Tricks • Return "Undo Patch" in response (or link it) to provide undo. • Conditional requests can prevent race conditions: • use If-Match headers & 412 HTTP status • PUT/PATCH exposes whole document: • use JSON Schema & 400/422 for access control