Define endpoint that allows API users to register tokens. By using an entity for tokens, the basic integration is done. The following items need to be handled:

  • Implement custom access controller for entity
  • Improve error handling: Currently, errors only return {"error":""}
  • Allow anonymous users to register tokens
  • Don't create entries for tokens that already exist for a given network
  • Refactor canonical URL for push notifications: REST endpoint is currently /admin/config/services/push_notifications/token/{push_notifications_token}
CommentFileSizeAuthor
#17 permissions_restful_web_services.png122.27 KBhaagendazs
#17 permissions_push_notifications.png110.2 KBhaagendazs
#15 d8_port_service-2776901-15.patch23.2 KBmihai7221

Comments

haagendazs created an issue. See original summary.

mihai7221’s picture

mihai7221 commented
Assigned: Unassigned » mihai7221
Category: Plan » Task
Status: Active » Closed (works as designed)

Because we created an entity for the push notifications token, Drupal automatically builds endpoints (GET, POST, DELETE, PATCH) so there's no need for this issue, I will update #2776915: D8 Port: Write API Documentation on how to GET and POST a push_notifications_token entity.

haagendazs’s picture

haagendazs commented
Assigned: mihai7221 » haagendazs
Issue summary: View changes
Status: Closed (works as designed) » Needs work
haagendazs’s picture

haagendazs commented
Issue summary: View changes
Status: Needs work » Active

  • haagendazs committed f2b4766 on 8.x-1.x 
    Issue #2776901: Implement custom access handler for entity

Also,...
haagendazs’s picture

haagendazs commented
Issue summary: View changes

haagendazs’s picture

haagendazs commented
Issue summary: View changes

@canutza: When I tested the web services integration locally, I was able to register a token for an anonymous user (user = 0), so I'll mark this item as done in the list without a code change.

  • haagendazs committed 9e12bcc on 8.x-1.x 
    Issue #2776901: Rename validator for unique token
mihai7221’s picture

mihai7221 commented

Regarding the refactoring of the canonical URLs, I don't know why, but using /entity/push_notifications_token, works and not /admin/config/services/push_notifications/token/, this needs to be investigated further.

As for the errors messages, we have the HTTP status codes, why we need messages? They may look better, but the status codes are as helpful as the message itself.

haagendazs’s picture

haagendazs commented
Issue summary: View changes

Agreed on the error messages. They might not be pretty, but the HTTP status codes should be enough. Let's stick with Drupal provides out of the box.

Regarding canonical URLs: I'd like to move the canonical URL of the push notifications token from /admin/config/services/push_notifications/token to /push_notifications/token. I'll give it a try and will see if I can also figure out the issue why the canonical URL does not work to create a new token.

  • haagendazs committed 9632690 on 8.x-1.x 
    Issue #2776901: Change canonical URL for notification entity
haagendazs’s picture

haagendazs commented
Status: Active » Needs review

I've changed the canonical URL for token entities to be /push_notifications/token/{push_notifications_token}. I've marked both pages as admin pages in the routing configuration.

I've looked into the issue about creating a new entity over REST vs. deleting it or getting it, and using different URLs. This URL gives a pretty good overview for how this is being done in JavaScript for nodes, users, and terms: https://www.drupal.org/documentation/modules/rest/javascript. It seems that for nodes, the same issue exists. In order to create a new node, the endpoint is http://example.com/entity/node, whereas to GET the node, the endpoint is http://example.com/node/123?_format=json.

This article https://www.drupal.org/documentation/modules/rest/post seems to indicate that starting in Drupal 8.2.0, new nodes can be created without the entity component in the path. I wonder if that will be the same for any entity, but I haven't tried Drupal 8.2.0 yet.

Examples for REST integration

Here are the examples that I used to POST tokens, GET tokens, and DELETE tokens. My example site lives at local.sd8.com and I'm using Basic Authorization, which is converted into a hash. The tool I used to play around was Postman. All the examples are HTTP request examples.

POST

POST /entity/push_notifications_token HTTP/1.1
Host: local.sd8.com
X-CSRF-Token: ivTNJtmq8z_qAIW-P9uvIFJZrTggQfokWX13lM6-cy0
Content-Type: application/json
Authorization: Basic bWFyaW86dGVzdGVy
Cache-Control: no-cache

{
  "token": [
    {
      "value": "123ab312123"
    }
  ],
  "network": [
    {
      "value": "gcm"
    }
  ]
}

=> Status Code 201

GET

GET /push_notifications/token/18?_format=json HTTP/1.1
Host: local.sd8.com
X-CSRF-Token: ivTNJtmq8z_qAIW-P9uvIFJZrTggQfokWX13lM6-cy0
Content-Type: application/json
Authorization: Basic bWFyaW86dGVzdGVy
Cache-Control: no-cache

=> Status Code 200

DELETE

GET /push_notifications/token/18?_format=json HTTP/1.1
Host: local.sd8.com
X-CSRF-Token: ivTNJtmq8z_qAIW-P9uvIFJZrTggQfokWX13lM6-cy0
Content-Type: application/json
Authorization: Basic bWFyaW86dGVzdGVy
Cache-Control: no-cache

=> Status Code 204

I think this is ready for review.

  • haagendazs committed c367ef6 on 8.x-1.x 
    Issue #2776901: Fix typo for delete access control
mihai7221’s picture

mihai7221 commented
StatusFileSize
new d8_port_service-2776901-15.patch23.2 KB

I tried to add a token as an anonymous user, however, the permissions didn't quite work. I added a patch to fix this. Please review.

Please make sure to give the users permissions to register tokens and for POST requests for push notifications tokens.

mihai7221’s picture

mihai7221 commented

Hm, I just realized (as always) that I merged wrong from the 8.x-1.x branch, the permissions file is wrong on my branch.
Ignore my previous post, I will create a new branch from 8.x-1.x to make sure everything is alright.

haagendazs’s picture

haagendazs commented
StatusFileSize
new permissions_push_notifications.png110.2 KB
new permissions_restful_web_services.png122.27 KB

@canutza: Thanks for retrying. I just tried registering a token for an anonymous user again and was able to do so with the latest 8.x-1.x dev branch. The only thing I needed was a valid CSFR token. I've attached my permissions and here's the code I used to register the token:

POST /entity/push_notifications_token HTTP/1.1
Host: local.sd8.com
Content-Type: application/json
X-CSRF-Token: x0L8NnHQGJJp79zYZlmAqy2p1rCTQBWr4wytsP_fKWY
Cache-Control: no-cache
Postman-Token: 0a1c3adb-1d57-7ade-521d-4cfa5775e12f

{
  "token": [
    {
      "value": "123abza312123"
    }
  ],
  "network": [
    {
      "value": "gcm"
    }
  ]
}
mihai7221’s picture

mihai7221 commented
Status: Needs review » Fixed

Yup, everything looks good, we can close this issue I suppose.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.