silverstripe-restfulapi icon indicating copy to clipboard operation
silverstripe-restfulapi copied to clipboard

Published 20 hours ago verified publisher icon colymba

Expose Custom Methods

Open zegerman opened this issue 8 years ago • 3 comments

Hi,

thank you for the module. Its working great so far.

However I would like to make custom methods (e.g. of Controllers) accessible via REST.

Can this be done as well?

I see that something can be done with api/acl/ but not sure how this can be configured.

Thx Andy

zegerman avatar Mar 13 '16 11:03 zegerman

I would also like to get a handle on the custom method execution. From the code - it defers the method to the allowed_actions within the $authority (which by default is the RESTful_API_DefaultPermissionManager. Is that by design? The permission manager is responsible for delegating out the actions/methods to their final destination?

TihoBeretovac avatar Jul 06 '17 08:07 TihoBeretovac

I'd like some help with this aswell

sanderha avatar Jul 28 '17 14:07 sanderha

@zegerman @TihoBeretovac @sanderha sorry for not replying earlier...

it all depends what you are trying to achieve... if you have methods on some Controller you had like to access, this is already built in SS, you should be able to access it through the route ControllerName/method or setup a custom route to use something else than the controller name in the route.

If you want the result of your custom method to be serialized, you can always instantiate the Serializer in your custom method.

if you want your Controller methods to be accessed through the api/... route. This will need more work. You would have to extend the main API class with your own and edit the config of the new RESTfulAPI class, adding your own entry in $dependencies and the public property that match so the controller is instantiated. Then also add your own entry in allowed_actions and url_handlers. Then create the method that match your definition on url_handlers to access your controller and pass on the request to your own controller where the method is.... so overall, more complicated.

@TihoBeretovac the permission manager is used to check is the user accessing the api has the right to read, edit etc the model being accessed. Through the canView etc methods. Nothing more at the moment. The acl method on RestfulAPI is there just in case, for example if someone create a custom permission manager and needs to access some methods on it via the api. But at the minute or with the default, it's not in use.

colymba avatar Aug 09 '17 07:08 colymba