Read only fields in REST

Question

I have a model which I'm exposing over a REST interface. Over the course of this model's lifecycle some fields will become read only, whilst other will remain editable.

I'm happy with handling this on the server side (as per this question) - I'll expect the client to send all of the data and I'll return an HTTP error 409 if they attempt to change a read only field.

However, how can/should the client discover if a field is read only in order to allow it to disable inputs?

Answer 1

Well it seems you need a way for the client to get not just the data, but the data about the data, in other words the metadata. If the main data is available via a REST URL as with /container/resourceid , you could imagine the metadata available as /metadata/container/resourceid , or perhaps /container/resourceid?format=meta

Answer 2

@JimmyP

Here is a simple example:

*** Request ***
GET /resource/12 HTTP/1.1
Host: service.org

*** Response ***
HTTP/1.1 200 Ok
Content-Type: …
Content-Length: …
Link: </resource/12/edit-form>; rel="edit-form"; type="text/html"

[Entity Body Goes Here]

Pay attention to following details:

• Link header (see RFC: https://www.rfc-editor.org/rfc/rfc5988)
• link's relation value "edit-form" (see RFC: https://www.rfc-editor.org/rfc/rfc6861)
• type "text/html" you can use any media type here which has enough expressive capabilities to indicate which data elements need to be submitted.

If client can recognise link header and value of "rel" attribute, then it can fetch editing resource and determine which fields need to be send back. Of course besides data elements(i.e. fields) "form" may also indicate submission URI, data encoding type, HTTP method etc...