一个restful服务API设计问题 [英] A restful service API designing issue

问题描述

关于restful服务API设计的一个问题.我不确定如何正确地做到这一点.请给我一些建议.

One issue about the restful service API designing. I'm not sure how is a proper way to do it. Please give me some suggestions.

我的场景是这样的.我有一个用户资源和权限资源.

My scenario is like this. I have a user resource and permission resource.

http://www.sample.com/rest/users
http://www.sample.com/rest/permissions

用户可以拥有多个权限；一个权限可以供多个用户使用；这是多对多的关系.

User can have multiple permission; one permission can be used for many users; it is many to many relationship.

通常，我们可以说一个权限属于一个用户，所以我们有一个像这样的 API:

Normally, we can say a permission belongs to a user, so we have an API like:

http://www.sample.com/rest/users/{userId}/permissions

当我们想在权限和用户之间建立关系时，这里有两个选项.

When we want to build a relationship between the permission and an user, here are two options.

1. 我们可以先使用POST:http://www.sample.com/rest/permissions使用权限主体，然后发布:http://www.sample.com/rest/users/{userId}/permissions 带有一组权限 ID.我不确定是否有任何其他休息 API像这样设计.

1. we can first use POST: http://www.sample.com/rest/permissions with a permission body, then POST: http://www.sample.com/rest/users/{userId}/permissions with a set of permission ids. I'm not sure if there is any other rest APIs designing like this.

我们只能使用一种 API，例如:http://www.sample.com/rest/users/{userId}/permissions 带有权限对象内容.在这个方法中，我们做了两件事选项 1 中的描述. 缺点是我们不能永远重用创建权限，看起来一个用户可以拥有多个权限，但一种权限仅由一个用户使用，遵守我们的第一个设计.但对用户来说真的很简单.

we can use only one API like: http://www.sample.com/rest/users/{userId}/permissions with a permission object content. In this method, we do two things I descript in option 1. The downside is that we cannot never reuse the created permission, it looks like one user can have multiple permissions, but one permission only used by one user, which obey our first designing. But it is really simple to user.

如果您对此主题有任何经验，欢迎提出任何建议.

If you have any experience on this topic, any suggestions are welcome.

推荐答案

另一种方法是将用户和权限视为分隔的空间"或资源.您应该能够使用 CRUD 单独管理它们.

Another way is to think of the Users and Permissions as separated ‘spaces’ or resources. You should be able to manage them individually using CRUD.

创建用户

• 发布:/users/
• 返回:{userid}

创建权限

• 发布:/permissions/
• 返回:{permid}

然后来映射，你应该使用 PUT 因为它不是创建新资源而是映射两个资源

Then come to mapping, you should use PUT instead since it is not creating a new resource but to map the two resources

将用户添加到权限空间

• PUT:/permissions/users/{userId}/

或将用户添加到权限空间

Or add users to permissions space

• PUT:/permissions/users/
• 主体:{[userid1, userid2, ...]}

为用户空间添加权限

• PUT:/users/permissions/{permId}/

或为用户空间添加权限

• PUT:/users/permissions
• 主体:{[permid1, permid2, ... ]}

这篇关于一个restful服务API设计问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！