Download - Drupal Web Services
![Page 1: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/1.jpg)
Drupal as a Web Service
Drupal Camp ChattanoogaNovember 9, 2013
Saturday, November 9, 13
![Page 2: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/2.jpg)
RESTful Web Services
✓REST, which stands for REpresentational State Transfer, is a simple, stateless architecture that runs over common web communication protocols (HTTP)
✓RESTful Web services are websites for machines
Saturday, November 9, 13
![Page 3: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/3.jpg)
RESTful Web Services
✓Has four defined aspects
- The base URI (http://www.example.com/api)
- The hypertext standard data type supported (JSON, XML, etc)
- Supported operations utilize HTTP methods
- Hypertext driven
Saturday, November 9, 13
![Page 4: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/4.jpg)
REST/HTTP Verbs
✓CRUD (Create, Retrieve, Update and Delete) Verbs:
- POST -- Create a new item(s)
- GET -- Retrieve an existing item(s)
- PUT -- Update an existing item(s)
- DELETE -- delete an existing item(s)
Saturday, November 9, 13
![Page 5: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/5.jpg)
REST/HTTP Verbs
✓PATCH -- used for partial updates
✓OPTIONS -- used to return information about the communication options for a given resource
✓HEAD -- returns metadata in the form of HTTP headers, with no message-body in the response (should return the same headers as a GET request to the same resource)
Saturday, November 9, 13
![Page 6: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/6.jpg)
REST/HTTP Verbs
✓TRACE -- used to invoke a loop-back of the request message, typica(y for diagnostic or testing purposes
✓CONNECT -- reserved for use with a proxy that can be dynamica(y switched to use tunneling (like SSL)
Saturday, November 9, 13
![Page 7: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/7.jpg)
ResourcesIn REST, a resource is a body of information
Clients request representations of resources )om servers, and servers respond to requests for resources, via URIs (Drupal ca(s these “endpoints”)
When a client receives a representation of a resource )om a server, including attached metadata, it should receive enough data to be fu(y informed about the resource represented
Saturday, November 9, 13
![Page 8: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/8.jpg)
HTTP Response Codes
✓Most common ones seen in Drupal Services
- 200/201 -- OK, successful response
- 401 -- unauthorized
- 404 -- not found
- 406 -- not acceptable
Saturday, November 9, 13
![Page 9: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/9.jpg)
Drupal REST Web Services
✓ Is provided in Drupal 7 with the Services 3.x module.
- Current release is 3.5
✓Utilizes the CRUD verbs for REST
- Can consume and provide XML or JSON
✓Comes with defined resources for users, nodes, taxonomy, comments and files
Saturday, November 9, 13
![Page 10: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/10.jpg)
Dependencies
✓Drupal Contrib modules:
- Chaos Tools
- Libraries
✓Other useful modules:
- Devel
Saturday, November 9, 13
![Page 11: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/11.jpg)
Self Explanatory Resources
✓Self-explanatory
- Comments
- Node
- Taxonomy_term
- Taxonomy_vocabulary
- User
Saturday, November 9, 13
![Page 12: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/12.jpg)
And the others…..
✓System
- Provides endpoints to perform functions that don’t fa( clearly under the purview of the other resource categories
✓Get, Set and Delete Variables (get_variable, set_variable, del_variable)
✓Check the current user connection (connect)
Saturday, November 9, 13
![Page 13: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/13.jpg)
And the others…..
✓File -- handles file uploads and file resource management, even files that are part of nodes
- Generates a file resource that can be used as part of a node or user resource
Saturday, November 9, 13
![Page 14: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/14.jpg)
And one undocumented...
✓ /services/session/token
✓Created in the Services release 7.x-3.4 to address a CSRF vulnerability identified on June 5, 2013
✓Returns a plain-text response containing a token that needs to be included in the headers as X-CSRF-Token
- Token is also available on a User resource endpoint
Saturday, November 9, 13
![Page 15: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/15.jpg)
Permissions
✓ In general, the Services endpoints utilize Drupal’s permissions system to determine access to information
- General Rule: If your user does not have permission to access a requested resource through the UI, then your user should not have permission through the web service either.
Saturday, November 9, 13
![Page 16: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/16.jpg)
Request Processing✓Once a request has been accepted through a Services API
endpoint as a valid request, the request goes through the same channels as a request through the user interface.
- User registration/creation/updates, login/logout uses the same processes as UI registration/management, login/logout
- Node creation/updates happen through the Forms API, as does Taxonomy and comments
Saturday, November 9, 13
![Page 17: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/17.jpg)
What does this mean?✓Fields added to the user profile wi( be available through
the User endpoints
✓Custom content types, including custom fields, are available through the Node endpoints
✓Custom fields added to Taxonomy term structure are available through the Taxonomy_term endpoints
...IN THEORY
Saturday, November 9, 13
![Page 18: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/18.jpg)
What’s reality?
✓Using the Forms API to process requests made through the API doesn’t always result in a clean, logical data structure for the API request
✓Not a( field types work properly through Services
✓Documentation on the required format for data is in poor, or nonexistent shape for many of the field types other than text and text area
Saturday, November 9, 13
![Page 19: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/19.jpg)
Well Supported Field Types
✓Text, Long Text (with or without Summary)
✓ Integer, Float, Decimal
✓Address Field, Email, Phone, Hidden
✓Entity/Term Reference (single value, select or radio)
✓ Image / File fields (complex process, but supported)
✓Date fields -- ISO format only
Saturday, November 9, 13
![Page 20: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/20.jpg)
Problematic field types
✓Boolean fields
✓Taxonomy and Entity Reference fields utilizing Autocomplete or multi-value (like Tags)
✓ Integer or Float based List fields, List fields using checkboxes, or mult-value List fields (Select/checkbox)
✓Date fields other than ISO
Saturday, November 9, 13
![Page 21: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/21.jpg)
Demo
✓Feature Source code available on GitHub
- https://github.com/spartansystems/DrupalWebServices
✓Need REST client browser plugin
- RESTClient for Firefox, POSTMAN for Chrome
✓Demo site at http://svc.drupalws.com
✓Firefox Plugin -- Tamper Data -- also helpful
Saturday, November 9, 13
![Page 22: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/22.jpg)
Demo
Saturday, November 9, 13
![Page 23: Drupal Web Services](https://reader034.vdocuments.us/reader034/viewer/2022051513/546b1f76af795902048b5202/html5/thumbnails/23.jpg)
My Contact Info
✓Lisa Ridley, Project Manager and Web/iOS developer, Spartan Systems LLC
✓ skype: lhridley
✓Twitter: lhridley
✓LinkedIn: www.linkedin/in/lisahridley
Saturday, November 9, 13