9

Without moving away from the RESTful paradigm, how could you model object validation in a RESTful way? Best to explain the theoretical use case I've come up with...

Imagine you have a system with a very thin web layer making calls to back-end RESTful services. Say a user visited a registration form and submitted it, the web layer would send the unvalidated data straight to a back-end service and, if the service responds with validation errors in JSON format, these can be sent back to the user as HTML.

However, imagine we want to have AJAX behaviour on the form. For example, the user enters their email address and we want to validate using AJAX, sending an error to the user if their email address is already registered.

Would it make sense to implement a single call to validate just the email address, or could the whole object be sent and validated in a back-end service? If the latter, what URL could you use to only validate an object, rather than actually create it?

DrewEaster
  • 3,316
  • 3
  • 35
  • 39

2 Answers2

2

In the past I have used the notion of a sandbox sub-resource to do what you are suggesting,

http://example.com/customer/23/sandbox

This allows me to POST deltas and have the changes applied and validated but not actually committed. This works quite well for the traditional "save/cancel" type dialogs.

However, I found dealing with those deltas to be a real pain, so I developed a different media type that recorded a sequence of events on the client and then posted that document to the sandbox resource. By replaying the sequence of events I could update and validate the server side resource in a simpler fashion.

Later on I realized that I really didn't need the distinct "sandbox" resource and now I just post the "sequence of events" document directly to the resource it is affecting. I have some data in the document itself that determines whether the changes are going to be permanent or just transient. It just depends if the user has pressed the save button yet or not.

Darrel Miller
  • 139,164
  • 32
  • 194
  • 243
  • Do you have an example of what the "sequence of events" document looks like? Is it still possible to `POST` to the resource directly? – mjs Apr 17 '12 at 17:01
  • @mjs Yes you can post directly to the resource. That's actually what I do now. I dropped the sandbox subresource. I have a short video that talks about the concept here http://vimeo.com/15564107 and I plan on posting a spec and a parser for the media type in the coming months. – Darrel Miller Apr 17 '12 at 17:24
0

Validating a single form field can improve user experience while the user is filling the form, but when the form is submitted, I would validate the whole object, because it's less error prone. The URL can be simply https://mysite.com/users/emailvalidator for validating the e-mail only (a single field), and the form could be POSTed to https://mysite.com/users (the whole object). In the former case, the URL tells clearly that the resource you want to use is an object which is able to validate an e-mail.

kol
  • 27,881
  • 12
  • 83
  • 120
  • I was thinking more about the REST call to the back-end service. Imagine the call to actually register a user was a POST to /users, how could I essentially make the same call but only to validate? – DrewEaster Dec 03 '11 at 16:45
  • Reading this: http://restfulobjects.files.wordpress.com/2011/11/restful-objects-spec-052.pdf. It talks about sending a query parameter "x-ro-validate-only=true" to instruct the server to validate only and not actually mutate. – DrewEaster Dec 03 '11 at 17:09
  • I would use the above hierarchical URL, because the "emailvalidator" resource is part of the "users" resource. From a logical point-of-view, "users" is a container to store user data, which also validates new data before letting them be inserted. Also from the logical point-of-view, the object "emailvalidator" is part of this validation process, a special part which can be called directly, using its own URL. (See this question about hierarchical URL design: http://stackoverflow.com/questions/7833548/hierarchical-restful-url-design) – kol Dec 03 '11 at 17:10
  • Actually you can POST anything which conforms to what the back-end service can accept (which can be defined by using WSDL or WADL). It is also correct to use a single URL, "/users", and decide what to do with the request of the client by checking parameters in the query. (I just prefer using hierarchical URLs and different URLs for logically different resources.) – kol Dec 03 '11 at 17:20