json - Creating an Rails based API. A bit lost what to do after object is saved -


i'm creating rails based api manage sms subscriptions. there's subscriptions controller respond_to :html, :json, :xml , subscription model. both working fine.

when subscription made, user still needs confirm subscription entering pin on page sent phone, i'm thinking of confirms controller manage that.

i have few questions regarding how implement this.

(1) right approach or best practice after subscription made. show subscription object created (html, json or xml depending how created) , manage confirms controller separated action or should redirect confirmation controller instead?

i guess since api responds json , xml, not idea redirect other page/controller , better show object created?

(2) if case, i'm using cancan manage role abilities. since subscriptions belong user owner (the developer) doesn't need authenticated post (i know who's user owner associated because of combination of keyword/shortcode given) , subscriptions can made surfer (no need authenticating before creating) how restrict created object surfer?

i guess if user logged in becomes easy show object him because owner how regular surfers created object , not need authenticate?

i'm not having way connect surfer object restrict ability it.

(3) idea show object after created regular surfer? may think may not relevant when developer doing through json api itself?

the subscription model simple, works this

$ curl http://mysite.com/subscriptions \ -d shortcode=7889 \ -d keyword=keyword \ -d phone=6895874587 \ -d country=us \

let me try attack 1 one:)

  1. after record created practice return object if supported status code, ie if record created should return object along 200 status code. keep in mind status codes dont allow body, ie 201. modern http clients suport redirects still keep in 2 separate actions

  2. in still idea authenticate user since want prevent 1 user posting on behalf of user. regardless if can determine user analyzing parameters can tie subscription ex:

    @user=user.find_by_phone(params[:phone]) @subscribtion = @user.subscribtions.build(params)

  3. yes,its idea return has been saved.


Comments

Post a Comment

Popular posts from this blog

java - Play! framework 2.0: How to display multiple image? -

i need display gallery of photos. here template: @(photos: list[photo]) @title = { <bold>gallery</bold> } @main(title,"photo"){ <ul class="thumbnails"> @for(photo <- photos) { <li class="span3"> <a href="#" class="thumbnail"> <img src="@photo.path" alt=""> </a> </li> } </ul> } and here controller method: public static result getphotos() { return ok(views.html.photo.gallery.render(photo.get())); } and here photo bean : @entity public class photo extends model { @id public long id; @required public string label; public string path; public photo(string path, string label) { this.path = path; this.label = label; } private static finder<long, photo> find = new finder<long, photo>( long.class, photo.class); public static list<phot...
Read more

gmail - Is there any documentation for read-only access to the Google Contacts API? -

i want read-only access user's google contacts. there stackoverflow member wanted this, , received following answer : yes, there is, use https://www.googleapis.com/auth/contacts.readonly scope , "view contacts". this exchange reference read-only access google contacts can find using google. simply using access token obtained attempt read usual google contacts api (i.e. https://www.google.com/m8/feeds ) fails insufficient permissions. similarly, using google contacts api on new target fails 404 errors (for example https://www.googleapis.com/auth/contacts.readonly/default/full ). is there documentation anywhere on how use api, or permissible way access google contacts api full read-write access?
Read more

php - Controller/JToolBar not working in Joomla 2.5 -

relevant code: jtoolbarhelper::custom('savecategories', 'save', '', 'save', false, false); ... <input type="hidden" name="controller" value="easyblogcontroller"> according can dig docs , own previous questions, should call savecategories() function in easyblogcontroller . i've tried setting value easyblog , easyblog.php (file name) current easyblogcontroller (class name). clicking on save button refreshes page. not redirect, echo or var_dump test code put in savecategories() function. var_dump ing jrequest::getvar('controller') , 'task' return correct values. creating controller object , using $controller->execute('task'); works. the values going depend on location of controller trying call, , have couple options here. typically there controller in base folder of component (likely components/com_easyblog) in file called controller.php , class name inside ...
Read more