I have what I think is a fairly common task. I have a REST API that provides access to an Alert resource. When I query for Alerts, I want only the most recent ones, I don't want the entire universe (except for the first call I make). The natural candidate for the 'freshness' criteria is the Timestamp datatype in SQL. So, the first call I want to do something like this:
https://localhost/api/alerts
Which returns everything. My code will then scan the returned results, find the maximum Timestamp, and the next call will look like this:
https://localhost/api/alerts/<maximumTimestamp>
The issue is: what datatype should I use to pass the Timestamp? I don't like using a long because it seems like an interpretation of the byte[8] field that could get me into trouble on some machines. I thought about encoding it as a Base64 string, but that seems like a lot of work back and fourth (although, in a URL, everything is going to be encoded).
Has anyone else tried to deal with passing timestamps to reduce the size of the REST API result sets?
Related
I need an REST API endpoint which will return all the records having name starting with ABC.
The SQL query would be something like:
SELECT * FROM MyResource WHERE Name LIKE 'ABC%'
But how should I define the query string in the REST endpoint?
Using equal sign in the query string would not be appropriate, I think.
{Base URL}/myresource?name=ABC
Sofar I found following specification that can be used as base for the definition of the query: https://datatracker.ietf.org/doc/html/draft-ietf-scim-api-12#section-3.2.2.2
Equals is fine provided you use correct naming. For this request you can define i.e. 'namePrefix' parameter that is self-descriptive.
But how should I define the query string in the REST endpoint? Using equal sign in the query string would not be appropriate, I think.
Using an equal sign in the query string is fine -- the world wide web has been catastrophically successful, and you'll find query strings with encoded key/value pairs being used for all sorts of things.
There's no particular reason to assume that the spelling of a resource identifier should necessarily match the internal implementation details -- in fact, the opposite is the case: we're supposed to be able to change how a resource is implemented without necessarily needing to introduce a new identifier.
There's a tremendous advantage to using application/x-www-form-urlencoded data as your query string: that's how HTML GET forms do it, which in turn means that pretty much everyone has access to at least one general purpose library that knows how to construct resource identifiers that use that convention.
But if you would rather forego that advantage in favor of some other concern, that's OK too; REST/HTTP don't care what spelling conventions you use for your resource identifiers, so long as the result is consistent with the production rules described in RFC 3986.
I am working on a wrapper for an API, and one of the endpoints returns data that doesn't have the same results each time.
What is a good strategy to test that the endpoint is still valid?
This is a general question, although I am mostly interested in getting this to work in Python.
You need to define what you actually expect from the result. What are the statements that always hold for the result?
Popular candidates/examples are
it is valid JSON/HTML/XML
it contains certain substrings
it has certain "fields"
certain fields can be parsed as a date using a specific format, and the resulting date is within +/-1h of now.
I'm building an interface on Flask using SQLAlchemy and part of it is a search API. Essentially a type-ahead input is calling the server with its value (for example an email) and then the server is performing a SQLalchemy query using .like in a filter like below
q = session.query(User).filter(User.email.like('%'+term+'%')).all()
This query isn't really returning anything useful and after the first few characters, nothing at all. But if I perform the same query with the term hardcoded, like so:
q = session.query(User).filter(User.email.like('%mysearchterm%')).all()
It will return results perfectly fine, so there's something with how I'm putting the term into the like() method but I really can't figure out what the issue is. The term is coming in from an ajax POST and the value is there on the server-side, just .like() isn't using it correctly.
By "nothing useful" I mean that the first sets of results coming back have nothing to do with the actual term being inputted, after a term of length higher than 3-4 no results are returned back despite matching items existing in the DB.
Any help greatly appreciated.
Issues been resolved. This query sat inside of a larger query builder function which applied limit and offset to the query later in the function, because the limit and offset were higher than the amount of results back the returned result set was empty.
Can chock this one up to bad human error and lack of sleep.
What drawbacks can you think of if I design my REST API with query strings without parameter values? Like so:
http://host/path/to/page?edit
http://host/path/to/page?delete
http://host/path/to/page/+commentId?reply
Instead of e.g.:
http://host/api/edit?page=path/to/page
http://host/api/delete?page=path/to/page
http://host/api/reply?page=path/to/page&comment=commentId
( Edit: Any page-X?edit and page-X?delete links would trigger GET requests but wouldn't actually edit or delete the page. Instead, they show a page with a <form>, in which page-X can be edited, or a <form> with a Really delete page-X? confiramtion dialog. The actual edit/delete requests would be POST or DELETE requests. In the same manner as host/api/edit?page=path/to/page shows a page with an edit <form>. /Edit. )
Pleace note that ?action is not how query strings are usually formatted. Instead, they are usually formated like so: ?key=value;key2=v2;key3=v3
Moreover, sometimes I'd use URLs like this one:
http://host/path/to/page?delete;user=spammer
That is, I'd include a query string parameter with no value (delete) and one parameter with a value (user=spammer) (in order to delete all comments posted by the spammer)
My Web framework copes fine with query strings like ?reply. So I suppose that what I'm mostly wondering about, is can you think of any client side issues? Or any problems, should I decide to use another Web framework? (Do you know if the frameworks you use provides information on query strings without parameter values?)
(My understanding from reading http://labs.apache.org/webarch/uri/rfc/rfc3986.html is that the query string format I use is just fine, but what does that matter to all clients and server frameworks everywhere.)
(I currently use the Lift-Web framework. I've tested Play Framework too and it was possible to get hold of the value-less query strings parameters, so both Play and Lift-Web seems okay from my point of view.)
Here is a related question about query strings with no values. However, it deals with ASP.NET functions returning null in some cases: Access Query string parameters with no values in ASP.NET
Kind regards, Kaj-Magnus
Query parameters without value are no problem, but putting actions into the URI, in particular destructive ones, is.
Are you seriously thinking about "restful" design, and having a GET be a destructive action?
I've run into an issue with an autocomplete field I'm working on. The field I'm working with is composed of the form "<NAME> (<CODE>)". When a user starts typing in text, I want to display any results that match either NAME or CODE.
For example, if this list contains items and their codes, like "Personal Computer (PC)", then I'd want the list to pop up that row if the user types "P", "PC", "Per", etc.
I've gotten this to work fine in SQLite with a query like this:
SELECT *
FROM table
WHERE name LIKE "?%" or code LIKE "?%"
However, the problem I'm running into now is how to best sort the results that come back from this. For example, If someone enters "PC", I want "Personal Computer (PC)" to be the first result. However, if there's another row (you'll have to bear with me as this is contrived) "PC Case (301)", then there's no simple ordering I can do on the results to ensure that the best match appears first. Ordering by name and code both returns PC Case first.
I want a query where it returns the best match first, rather than items in alphabetical order. Is there such a function I can use in SQLite to get this, or should I return the results and then mess with the order in the code?
If it helps any, I'm using this for FilterQueryProviders on Android.
Yes, you should implement FullTextSearch and the use MATCH in your queries.
Ref: http://dotnetperls.com/sqlite-fts3
This is a long time after the fact, but I've solved my dilemma without having to resort to crazy sorting tactics.
Basically, once an autocomplete gets complex enough, you need to implement your own CursorAdapter (implementing FilterQueryProvider) then override convertToString(). That way, you end up being able to do complex queries via runQuery(), but can then convert it to readable form in convertToString().