定制 colymba/silverstripe-restfulapi 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

colymba/silverstripe-restfulapi

Composer 安装命令:

composer require colymba/silverstripe-restfulapi

包简介

SilverStripe RESTful API with a default JSON serializer.

README 文档

README

⚠️ I haven't been able to give as much love as I would like to these repos as they deserve. If you have time and are interested to help maintain them, give me a shout. 🚨

SilverStripe RESTful API

Build Status

This module implements a RESTful API for read/write access to your SilverStripe Models. It comes bundled with a default Token Authenticator, Query Handler and JSON Serializers, and can be extended to your need and to return XML or other content type via custom components.

API URL structure

Action HTTP Verb URL
Find 1 record GET api/Model/ID
Find multiple records GET api/Model?param=val&__rand=1234
Update a record PUT api/Model/ID
Create a record POST api/Model
Delete a record DELETE api/Model/ID
- - -
Login & get token n/a api/auth/login?email=***&pwd=***
Logout n/a api/auth/logout
Password reset email n/a api/auth/lostPassword?email=***
- - -
Custom ACL methods n/a api/acl/YOURMETHOD

Model being the class name of the model you are querying (name formatting may vary depending on DeSerializer used). For example with a model class named Book URLs would look like:

  • api/Book/33
  • api/Book?title=Henry
  • api/Book?title__StartsWith=Henry
  • api/Book?title__StartsWith=Henry&__rand=123456&__limit=1
  • api/Book?title__StartsWith=Henry&__rand=123456&__limit[]=10&__limit[]=5

The allowed /auth/$Action must be defined on the used Authenticator class via the $allowed_actions config.

Requirements

Quick features highlight

What's all this?

RESTfulAPI

This is the main API Controller that receives all the requests, checks if authentication is needed and passing control to the authenticator if true, the resquest is then passed on to the QueryHandler, which uses the DeSerializer to figure out model & column names and decode the eventual payload from the client, the query result is then passed to the Serializer to be formatted and then returned to the client.

If CORS are enabled (true by default), the right headers are taken care of too.

Components

The RESTfulAPI uses 4 types of components, each implementing a different interface:

  • Authetication (Authenticator)
  • Permission Management (PermissionManager)
  • Query Handler (QueryHandler)
  • Serializer (Serializer)

Default components

This API comes with defaults for each of those components:

  • TokenAuthenticator handles authentication via a token in an HTTP header or variable
  • DefaultPermissionManager handles DataObject permission checks depending on the HTTP request
  • DefaultQueryHandler handles all find, edit, create or delete for models
  • DefaultSerializer / DefaultDeSerializer serialize query results into JSON and deserialize client payloads
  • EmberDataSerializer / EmberDataDeSerializer same as the Default version but with specific fomatting fo Ember Data.

You can create you own classes by implementing the right interface or extending the existing components. When creating you own components, any error should be return as a RESTfulAPIError object to the RESTfulAPI.

Token Authentication Extension

When using TokenAuthenticator you must add the TokenAuthExtension DataExtension to a DataObject and setup TokenAuthenticator with the right config.

By default, API authentication is disabled.

Permissions management

DataObject API access control can be managed in 2 ways. Through the api_access YML config allowing for simple configurations, or via DataObject permissions through a PermissionManager component.

A sample Group extension GroupExtension is also available with a basic set of dedicated API permissions. This can be enabled via config or you can create your own.

By default, the API only performs access control against the api_access YML config.

Config

See individual component configuration file for mode details

Here is what a site's config.yml file could look like:

---
Name: mysite
After:
    - 'framework/*'
    - 'cms/*'
---
# API access
Artwork:
  api_access: true
Author:
  api_access: true
Category:
  api_access: true
Magazine:
  api_access: true
Tag:
  api_access: 'GET,POST'
Visual:
  api_access: true
Image:
  api_access: true
File:
  api_access: true
Page:
  api_access: false
# RestfulAPI config
Colymba\RESTfulAPI\RESTfulAPI:
  authentication_policy: true
  access_control_policy: 'ACL_CHECK_CONFIG_AND_MODEL'
  dependencies:
    authenticator: '%$Colymba\RESTfulAPI\Authenticators\TokenAuthenticator'
    authority: '%$Colymba\RESTfulAPI\PermissionManagers\DefaultPermissionManager'
    queryHandler: '%$Colymba\RESTfulAPI\QueryHandlers\DefaultQueryHandler'
    serializer: '%$Colymba\RESTfulAPI\Serializers\EmberData\EmberDataSerializer'
  cors:
    Enabled: true
    Allow-Origin: 'http://mydomain.com'
    Allow-Headers: '*'
    Allow-Methods: 'OPTIONS, GET'
    Max-Age: 86400
# Components config
Colymba\RESTfulAPI\QueryHandlers\DefaultQueryHandler\DefaultQueryHandler:
  dependencies:
    deSerializer: '%$Colymba\RESTfulAPI\Serializers\EmberData\EmberDataDeSerializer'
Colymba\RESTfulAPI\Serializers\EmberData\EmberDataSerializer:
  sideloaded_records:
    Artwork:
      - 'Visuals'
      - 'Authors'

Todo

  • API access IP throttling (limit request per minute for each IP or token)
  • Check components interface implementation

License

BSD 3-clause license

Copyright (c) 2018, Thierry Francois (colymba) All rights reserved.

colymba/silverstripe-restfulapi 适用场景与选型建议

colymba/silverstripe-restfulapi 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 28.92k 次下载、GitHub Stars 达 63, 最近一次更新时间为 2013 年 10 月 19 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「rest」 「api」 「restful」 「silverstripe」 「REST API」 「json api」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 colymba/silverstripe-restfulapi 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 colymba/silverstripe-restfulapi 我们能提供哪些服务?
定制开发 / 二次开发

基于 colymba/silverstripe-restfulapi 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 28.92k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 63
  • 点击次数: 19
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 63
  • Watchers: 9
  • Forks: 33
  • 开发语言: PHP

其他信息

  • 授权协议: BSD-3-Clause
  • 更新时间: 2013-10-19