The "read after write" problem

[cyppan]

When saving a document on create / update you have two approaches for what you should return to the user:

• Either you returns what's the database has returned to you
• Either you fully re-fetch the resource once saved

First approach implies that you should coerce the fields returned by the database using your resource schema, and hide those which are write-only (e.g passwords), or not defined in your schema. Second approach implies you should have the rights to read the resource. When someone has write access to a resource, but not read access, this approach will fail. E.g a user creation, he has no access_token yet.

Grape for now returns directly the database response, and I still need to code what's described in the first approach