This project is not covered by Drupal’s security advisory policy.

I have never had the time to develop this module as planned. I believe that other modules now available may do what it aimed to do. Please contact me if you can confirm this (or want to take this over).

RESTfulness lets you build and manage a REST API to a Drupal site via administrative pages on your Drupal site itself.

In the simplest use of RESTfulness, any functionality that is currently available via a menu hook can be exposed as a REST function. Using the full complement of the standard HTTP verbs (GET, POST, PUT and DELETE), you can provide, for example, a blog API that looks like this:

  • GET /blog/entry/add (get "new blog entry" form)
  • POST /blog/entry/add (post new blog entry)
  • PUT /blog/entry/[nid] (edit blog entry)
  • DELETE /blog/entry/[nid] (delete blog entry)

You use the Accept: header of the HTTP request to specify what kind of content you want to get back. This content type is mapped to a theme. So you might specify text/html or application/xhtml+xml to request a response in (X)HTML. Or you might ask for text/xml or application/xml to get an XML version of the same content. The content type - to - theme mapping you specify determines which theme gets used.

All of this configuration happens via administrative pages, and the REST functions and content type mappings you define are stored as Drupal nodes. Hence, your API itself becomes content that you can manage using the full gamut of Drupal capabilities. You have the ability to insert code as "glue" to connect your REST API to Drupal core functionality and modules, but RESTfulness aims to provide as much GUI-based configurability, and management of the API using Drupal's own and other APIs (such as Views), as possible.

RESTfulness also encourages use of a wider set of HTTP response codes, which in many cases allow you to avoid crafting your own specialized error responses. So, for example, when a new item is created, the application will send back a 201.

RESTfulness provides stateless use of Drupal, essentially bypassing Drupal's session and user management. At present, it is targeted for fully trusted environments, where another security layer is managing access via the REST interface. This will be augmented in the future to integrate either with current Drupal authentication or some form of API key.

This module is intended to work in conjunction with another module called "Foreigner" which will permit Drupal to manage "virtual" content that is not actually stored in Drupal. RESTfulness will use this capability to provide a Drupal-powered tagging service that can mark up external content items, and to associate content with users who exist outside of the system.

There are several associated modules that provide commonly-used content type (so you don't have to define them yourselves), and sets of REST Functions as a starting point for your own API.

PLEASE NOTE that this module is still very much in development, and very incomplete! You will not find it usable yet. At this point, the code is here so that people can start to look at the approach I'm taking, tell me if & where it's wildly off base, discuss potential synergies with other projects, etc. Most notably, the Services module would appear to overlap with this one, but so far I think that that module differs enough in its implementation and bias to make this one worthwhile. All thoughts on this point are very welcome, as I don't want to produce redundancy.

Project Information