NAME
App::MREST::Resource - HTTP request/response cycle
SYNOPSIS
In YourApp/Resource.pm:
use parent 'Web::MREST::Resource';In PSGI file:
use Web::Machine;
Web::Machine->new(
resource => 'App::YourApp::Resource',
)->to_app;It is important to understand that the Web::Machine object created is actually blessed into YourApp::Resource. The line of inheritance is:
YourApp::Resource
-> Web::MREST::Resource
-> Web::Machine::Resource
-> Plack::ComponentDESCRIPTION
Your application should not call any of the routines in this module directly. They are called by Web::Machine during the course of request processing. What your application can do is provide its own versions of selected routines.
METHODS
Context methods
Methods for manipulating the context, a hash where we accumulate information about the request.
context
Constructor/accessor
push_onto_context
Takes a hashref and "pushes" it onto $self->{'context'} for use later on in the course of processing the request.
Status declaration methods
Although Web::Machine takes care of setting the HTTP response status code, but when we have to override Web::Machine's value we have this "MREST declared status" mechanism, which places a declared_status property in the context. During finalization, the HTTP status code placed in this property overrides the one Web::Machine came up with.
mrest_declare_status
This method takes either a ready-made App::CELL::Status object or, alternatively, a PARAMHASH. In the former case, an HTTP status code can be "forced" on the response by including a http_code property in the object. In the latter case, the following keys are recognized (and all of them are optional):
- level
-
App::CELL::Status level, can be any of the strings accepted by that module. Defaults to 'ERR'.
- code
-
The HTTP status code to be applied to the response. Include this only if you need to override the code set by Web::Machine.
- explanation
-
Text explaining the status - use this to comply with RFC2616. Defaults to '<NONE>'.
- permanent
-
Boolean value for error statuses, specifies whether or not the error is permanent - use this to comply with RFC2616. Defaults to true.
mrest_declared_status_code
Accessor method, gets just the HTTP status code (might be undef); and allows setting the HTTP status code, as well, by providing an argument.
mrest_declared_status_explanation
Accessor method, gets just the explanation (might be undef). Does not allow changing the explanation - for this, nullify the declared status and declare a new one.
status_declared
Boolean method - checks context for presence of 'declared_status' property. If it is present, the value of that property is returned, just as if we had done $self->context->{'declared_status'}. Otherwise, undef (false) is returned.
declared_status
Synonym for status_declared
nullify_declared_status
This method nullifies any declared status that might be pending.
FSM Part One
The following methods override methods defined by Web::Machine::Resource. They correspond to what the Web::MREST calls "Part One" of the FSM. To muffle debug-level log messages from this part of the FSM, set $muffle{1} = 1 (above).
service_available (B13)
This is the first method called on every incoming request.
mrest_service_available
Hook. If you overlay this and intend to return false, you should call $self->mrest_declare_status !!
known_methods (B12)
Returns the value of MREST_SUPPORTED_HTTP_METHODS site parameter
uri_too_long (B11)
Is the URI too long?
allowed_methods (B10)
Determines which HTTP methods we recognize for this resource. We return these methods in an array. If the requested method is not included in the array, Web::Machine will return the appropriate HTTP error code.
RFC2616 on 405: "The response MUST include an Allow header containing a list of valid methods for the requested resource." -> this is handled by Web::Machine, but be aware that if the methods arrayref returned by allowed_methods does not include the current request method, allow_methods gets called again.
malformed_request (B9)
A true return value from this method aborts the FSM and triggers a "400 Bad Request" response status.
mrest_malformed_request
Hook
is_authorized (B8)
Authentication method - should be implemented in the application.
forbidden (B7)
Authorization method - should be implemented in the application.
valid_content_headers (B6)
Receives a Hash::MultiValue object containing all the Content-* headers in the request. Checks these against << $site->MREST_VALID_CONTENT_HEADERS >>, returns false if the check fails, true if it passes.
known_content_type (B5)
The assumption for PUT and POST requests is that they might have an accompanying request entity, the type of which should be declared via a Content-Type header. If the content type is not recognized by the application, return false from this method to trigger a "415 Unsupported Media Type" response.
The basic content-types (major portions only) accepted by the application should be listed in $site->MREST_SUPPORTED_CONTENT_TYPES. Override this method if that's not good by you.
valid_entity_length (B4)
Called by Web::Machine with one argument: the length of the request body. Return true or false.
charsets_provided
This method causes Web::Machine to encode the response body (if any) in UTF-8.
FSM Part Two (Content Negotiation)
See Web::MREST::Entity.
FSM Part Three (Resource Existence)
resource_exists (G7)
The initial check for resource existence is the URI-to-resource mapping, which has already taken place in allowed_methods. Having made it to here, we know that was successful.
So, what we do here is call the handler function, which is expected to return an App::CELL::Status object. How this status is interpreted is left up to the application: we pass the status object to the mrest_resource_exists method, which should return either true or false.
For GET and POST, failure means 404 by default, but can be overrided by calling mrest_declare_status from within mrest_resource_exists.
For PUT, success means this is an update operation and failure means insert.
For DELETE, failure means "202 Accepted" - i.e. a request to delete a resource that doesn't exist is accepted, but nothing actually happens.
allow_missing_post
If the application wishes to allow POST to a non-existent resource, this method will need to be overrided.
post_is_create
mrest_post_is_create
Looks for a 'post_is_create' property in the context and returns 1 or 0, as appropriate.
create_path
mrest_create_path
This should always return _something_ (never undef)
create_path_after_handler
This is set to true so we can set $self->context->{'create_path'} in the handler.
process_post
This is where we construct responses to POST requests that do not create a new resource. Since we expect our resource handlers to "do the needful", all we need to do is call the resource handler for pass two.
The return value should be a Web::Machine/HTTP status code like, e.g., \200 - this ensures that Web::Machine does not attempt to encode the response body, as in our case this would introduce a double- encoding bug.
delete_resource
This method is called on DELETE requests and is supposed to tell Web::Machine whether or not the DELETE operation was enacted. In our case, we call the resource handler (pass two).
finish_request
This overrides the Web::Machine method of the same name, and is called just before the final response is constructed and sent. We use it for adding certain headers in every response.