SilverStripe RESTful API with a default JSON serializer.
â ï¸ I haven't been able to give as much love as I would like to these repos as they deserve. If you have time and are interested to help maintain them, give me a shout. ð¨
This module implements a RESTful API for read/write access to your SilverStripe Models. It comes bundled with a default Token Authenticator, Query Handler and JSON Serializers, and can be extended to your need and to return XML or other content type via custom components.
|Find 1 record||
|Find multiple records||
|Update a record||
|Create a record||
|Delete a record||
|Login & get token||n/a||
|Password reset email||n/a||
|Custom ACL methods||n/a||
Model being the class name of the model you are querying (name formatting may vary depending on DeSerializer used). For example with a model class named
Book URLs would look like:
/auth/$Action must be defined on the used
Authenticator class via the
This is the main API Controller that receives all the requests, checks if authentication is needed and passing control to the authenticator if true, the resquest is then passed on to the QueryHandler, which uses the DeSerializer to figure out model & column names and decode the eventual payload from the client, the query result is then passed to the Serializer to be formatted and then returned to the client.
If CORS are enabled (true by default), the right headers are taken care of too.
RESTfulAPI uses 4 types of components, each implementing a different interface:
This API comes with defaults for each of those components:
TokenAuthenticatorhandles authentication via a token in an HTTP header or variable
DefaultPermissionManagerhandles DataObject permission checks depending on the HTTP request
DefaultQueryHandlerhandles all find, edit, create or delete for models
DefaultDeSerializerserialize query results into JSON and deserialize client payloads
EmberDataDeSerializersame as the
Defaultversion but with specific fomatting fo Ember Data.
You can create you own classes by implementing the right interface or extending the existing components. When creating you own components, any error should be return as a
RESTfulAPIError object to the
TokenAuthenticator you must add the
DataExtension to a
DataObject and setup
TokenAuthenticator with the right config.
By default, API authentication is disabled.
GroupExtension is also available with a basic set of dedicated API permissions. This can be enabled via config or you can create your own.
By default, the API only performs access control against the
api_access YML config.
See individual component configuration file for mode details
Here is what a site's
config.yml file could look like:
--- Name: mysite After: - 'framework/*' - 'cms/*' --- # API access Artwork: api_access: true Author: api_access: true Category: api_access: true Magazine: api_access: true Tag: api_access: 'GET,POST' Visual: api_access: true Image: api_access: true File: api_access: true Page: api_access: false # RestfulAPI config Colymba\RESTfulAPI\RESTfulAPI: authentication_policy: true access_control_policy: 'ACL_CHECK_CONFIG_AND_MODEL' dependencies: authenticator: '%$Colymba\RESTfulAPI\Authenticators\TokenAuthenticator' authority: '%$Colymba\RESTfulAPI\PermissionManagers\DefaultPermissionManager' queryHandler: '%$Colymba\RESTfulAPI\QueryHandlers\DefaultQueryHandler' serializer: '%$Colymba\RESTfulAPI\Serializers\EmberData\EmberDataSerializer' cors: Enabled: true Allow-Origin: 'http://mydomain.com' Allow-Headers: '*' Allow-Methods: 'OPTIONS, GET' Max-Age: 86400 # Components config Colymba\RESTfulAPI\QueryHandlers\DefaultQueryHandler\DefaultQueryHandler: dependencies: deSerializer: '%$Colymba\RESTfulAPI\Serializers\EmberData\EmberDataDeSerializer' Colymba\RESTfulAPI\Serializers\EmberData\EmberDataSerializer: sideloaded_records: Artwork: - 'Visuals' - 'Authors'
Copyright (c) 2018, Thierry Francois (colymba)
All rights reserved.
Module rating system helping users find modules that are well supported. For more on how the rating system works visit Module standards
Score not correct? Let us know there is a problem