Drupal as a Web
Service
Drupal Camp Chattanooga
November 9, 2013

Saturday, November 9, 13
RESTful Web Services
✓ REST, which stands for REpresentational State Transfer,
is a simple, stateless architecture that ru...
RESTful Web Services
✓ Has four defined aspects
-

The base URI (http://www.example.com/api)

-

The hypertext standard dat...
REST/HTTP Verbs
✓ CRUD (Create, Retrieve, Update and Delete) Verbs:
-

GET -- Retrieve an existing item(s)

-

PUT -- Upda...
REST/HTTP Verbs
✓ PATCH -- used for partial updates
✓ OPTIONS -- used to return information about the
communication option...
REST/HTTP Verbs
✓ TRACE -- used to invoke a loop-back of the request
message, typica(y for diagnostic or testing purposes
...
Resources
In REST, a resource is a body of information
Clients request representations of resources )om servers,
and serve...
HTTP Response Codes
✓ Most common ones seen in Drupal Services
-

200/201 -- OK, successful response

-

401 -- unauthoriz...
Drupal REST Web Services
✓ Is provided in Drupal 7 with the Services 3.x module.
-

Current release is 3.5

✓ Utilizes the...
Dependencies
✓ Drupal Contrib modules:
-

Chaos Tools

-

Libraries

✓ Other useful modules:
-

Saturday, November 9, 13

...
Self Explanatory Resources
✓ Self-explanatory
-

Comments

-

Node

-

Taxonomy_term

-

Taxonomy_vocabulary

-

User

Sat...
And the others…..
✓ System
-

Provides endpoints to perform functions that don’t fa(
clearly under the purview of the othe...
And the others…..
✓ File -- handles file uploads and file resource management,
even files that are part of nodes

-

Saturday...
And one undocumented...
✓ /services/session/token
✓ Created in the Services release 7.x-3.4 to address a CSRF
vulnerabilit...
Permissions
✓ In general, the Services endpoints utilize Drupal’s
permissions system to determine access to information

-...
Request Processing
✓ Once a request has been accepted through a Services API
endpoint as a valid request, the request goes...
What does this mean?
✓ Fields added to the user profile wi( be available through
the User endpoints

✓ Custom content types...
What’s reality?
✓ Using the Forms API to process requests made through
the API doesn’t always result in a clean, logical d...
Well Supported Field Types
✓ Text, Long Text (with or without Summary)
✓ Integer, Float, Decimal
✓ Address Field, Email, P...
Problematic field types
✓ Boolean fields
✓ Taxonomy and Entity Reference fields utilizing
Autocomplete or multi-value (like T...
Demo
✓ Feature Source code available on GitHub
-

https://github.com/spartansystems/DrupalWebServices

✓ Need REST client ...
Demo

Saturday, November 9, 13
My Contact Info
✓ Lisa Ridley, Project Manager and Web/iOS developer,
Spartan Systems LLC

✓ lisa@spartansystems.co
✓ skyp...
Upcoming SlideShare
Loading in …5
×

Drupal Web Services

1,475 views
1,293 views

Published on

Drupal Camp Chattanooga 2013

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,475
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Drupal Web Services

  1. 1. Drupal as a Web Service Drupal Camp Chattanooga November 9, 2013 Saturday, November 9, 13
  2. 2. RESTful Web Services ✓ REST, which stands for REpresentational State Transfer, is a simple, stateless architecture that runs over common web communication protocols (HTTP) ✓ RESTful Web services are websites for machines Saturday, November 9, 13
  3. 3. RESTful Web Services ✓ Has four defined aspects - The base URI (http://www.example.com/api) - The hypertext standard data type supported (JSON, XML, etc) - Supported operations utilize HTTP methods - Hypertext driven Saturday, November 9, 13
  4. 4. REST/HTTP Verbs ✓ CRUD (Create, Retrieve, Update and Delete) Verbs: - GET -- Retrieve an existing item(s) - PUT -- Update an existing item(s) - Saturday, November 9, 13 POST -- Create a new item(s) DELETE -- delete an existing item(s)
  5. 5. REST/HTTP Verbs ✓ PATCH -- used for partial updates ✓ OPTIONS -- used to return information about the communication options for a given resource ✓ HEAD -- returns metadata in the form of HTTP headers, with no message-body in the response (should return the same headers as a GET request to the same resource) Saturday, November 9, 13
  6. 6. REST/HTTP Verbs ✓ TRACE -- used to invoke a loop-back of the request message, typica(y for diagnostic or testing purposes ✓ CONNECT -- reserved for use with a proxy that can be dynamica(y switched to use tunneling (like SSL) Saturday, November 9, 13
  7. 7. Resources In REST, a resource is a body of information Clients request representations of resources )om servers, and servers respond to requests for resources, via URIs (Drupal ca(s these “endpoints”) When a client receives a representation of a resource )om a server, including attached metadata, it should receive enough data to be fu(y informed about the resource represented Saturday, November 9, 13
  8. 8. HTTP Response Codes ✓ Most common ones seen in Drupal Services - 200/201 -- OK, successful response - 401 -- unauthorized - 404 -- not found - 406 -- not acceptable Saturday, November 9, 13
  9. 9. Drupal REST Web Services ✓ Is provided in Drupal 7 with the Services 3.x module. - Current release is 3.5 ✓ Utilizes the CRUD verbs for REST - Can consume and provide XML or JSON ✓ Comes with defined resources for users, nodes, taxonomy, comments and files Saturday, November 9, 13
  10. 10. Dependencies ✓ Drupal Contrib modules: - Chaos Tools - Libraries ✓ Other useful modules: - Saturday, November 9, 13 Devel
  11. 11. Self Explanatory Resources ✓ Self-explanatory - Comments - Node - Taxonomy_term - Taxonomy_vocabulary - User Saturday, November 9, 13
  12. 12. And the others….. ✓ System - Provides endpoints to perform functions that don’t fa( clearly under the purview of the other resource categories ✓ Get, Set and Delete Variables (get_variable, set_variable, del_variable) ✓ Check the current user connection (connect) Saturday, November 9, 13
  13. 13. And the others….. ✓ File -- handles file uploads and file resource management, even files that are part of nodes - Saturday, November 9, 13 Generates a file resource that can be used as part of a node or user resource
  14. 14. And one undocumented... ✓ /services/session/token ✓ Created in the Services release 7.x-3.4 to address a CSRF vulnerability identified on June 5, 2013 ✓ Returns a plain-text response containing a token that needs to be included in the headers as X-CSRF-Token - Saturday, November 9, 13 Token is also available on a User resource endpoint
  15. 15. Permissions ✓ In general, the Services endpoints utilize Drupal’s permissions system to determine access to information - Saturday, November 9, 13 General Rule: If your user does not have permission to access a requested resource through the UI, then your user should not have permission through the web service either.
  16. 16. Request Processing ✓ Once a request has been accepted through a Services API endpoint as a valid request, the request goes through the same channels as a request through the user interface. - User registration/creation/updates, login/logout uses the same processes as UI registration/management, login/logout - Node creation/updates happen through the Forms API, as does Taxonomy and comments Saturday, November 9, 13
  17. 17. What does this mean? ✓ Fields added to the user profile wi( be available through the User endpoints ✓ Custom content types, including custom fields, are available through the Node endpoints ✓ Custom fields added to Taxonomy term structure are available through the Taxonomy_term endpoints ...IN THEORY Saturday, November 9, 13
  18. 18. What’s reality? ✓ Using the Forms API to process requests made through the API doesn’t always result in a clean, logical data structure for the API request ✓ Not a( field types work properly through Services ✓ Documentation on the required format for data is in poor, or nonexistent shape for many of the field types other than text and text area Saturday, November 9, 13
  19. 19. Well Supported Field Types ✓ Text, Long Text (with or without Summary) ✓ Integer, Float, Decimal ✓ Address Field, Email, Phone, Hidden ✓ Entity/Term Reference (single value, select or radio) ✓ Image / File fields (complex process, but supported) ✓ Date fields -- ISO format only Saturday, November 9, 13
  20. 20. Problematic field types ✓ Boolean fields ✓ Taxonomy and Entity Reference fields utilizing Autocomplete or multi-value (like Tags) ✓ Integer or Float based List fields, List fields using checkboxes, or mult-value List fields (Select/checkbox) ✓ Date fields other than ISO Saturday, November 9, 13
  21. 21. Demo ✓ Feature Source code available on GitHub - https://github.com/spartansystems/DrupalWebServices ✓ Need REST client browser plugin - RESTClient for Firefox, POSTMAN for Chrome ✓ Demo site at http://svc.drupalws.com ✓ Firefox Plugin -- Tamper Data -- also helpful Saturday, November 9, 13
  22. 22. Demo Saturday, November 9, 13
  23. 23. My Contact Info ✓ Lisa Ridley, Project Manager and Web/iOS developer, Spartan Systems LLC ✓ lisa@spartansystems.co ✓ skype: lhridley ✓ Twitter: lhridley ✓ LinkedIn: Saturday, November 9, 13 www.linkedin/in/lisahridley

×