REST - Modify Part of Resource - PUT or POST

+4 A:

There are two ways to view a status update.

Update to a thing. That's a PUT. Option 3
Adding an additional log entry to the history of the thing. The list item in this sequence of log entries is the current status. That's a POST. Option 2.

If you're a data warehousing or functional programming type, you tend to be mistrustful of status changes, and like to POST a new piece of historical fact to a static, immutable thing. This does require distinguishing the thing from the history of the thing; leading to two tables.

Otherwise, you don't mind an "update" to alter the status of a thing and you're happy with a PUT. This does not distinguish between the thing and it's history, and keeps everything in one table.

Personally, I'm finding that I'm less and less trustful of mutable objects and PUT's (except for "error correction"). (And even then, I think the old thing can be left in place and the new thing added with a reference to the previous version of itself.)

If there's a status change, I think there should be a status log or history and there should be a POST to add a new entry to that history. There may be some optimization to reflect the "current" status in the object to which this applies, but that's just behind-the-scenes optimization.

S.Lott 2010-02-05 15:50:10

Thanks for the reply.I should have been more selective about the example I used (i.e. status update). The problem I'm tackling is more general that just statuses. And, where it is a status I'm updating, it's really an update to show that the receiving system is in the process of working on the resource (like a confirmation). I'll be putting error checking to define allowable state transitions for the field. So, really, my situation fits your #1 (which is the original #3).

Intellectual Tortoise 2010-02-05 17:56:35

If your data model doesn't have history, then, an update is the common fall-back plan. If you're still building, however, consider keeping *all* history. As an optimization, duplicating the most recent history in the thing itself.

S.Lott 2010-02-05 18:05:18

A:

Option 3 (PUT to some separated sub-resource) is your best bet right now, and it wouldn't necessarily be "wrong" to just use POST on the main resource itself - although you could disagree with that depending on how pedantic you want to be about it.

Stick with 3 and use more granular sub-resources, and if you really do have a need for PATCH-like behavior - use POST. Personally, I will still use this approach even if PATCH does actually end up as a viable option.

Mike 2010-02-05 15:50:22

+2 A:

HTTP does have a PATCH command. It is defined in Section 19.6.1.1 of RFC 2068, and was updated in draft-dusseault-http-patch-16, currently awaiting publication as RFC.

Julian Reschke 2010-02-05 16:13:01

In practice, it is probably better to stick to using POST instead for the time being, or just splitting out your resource into sub-resources and PUTing to those.

Mike 2010-02-05 16:39:45

Why is that better? A reason would be interesting...

Julian Reschke 2010-02-05 17:53:13

Lack of tooling.

Mike 2010-02-06 08:58:01

Whether lack of tooling is a problem certainly depends on the tools you have, right? So I'd recommend trying, instead of dismissing the option beforehand.

Julian Reschke 2010-02-06 09:02:09

PATCH addresses a tiny problem that was already solve-able with POST and some common sense - it's almost certainly going to be abused and damage the web (and any other system you allow it into) so I would just avoid it, it's not worth it.

Mike 2010-02-06 09:14:31

"Damage the web"? Please elaborate.

Julian Reschke 2010-02-11 13:00:44

It encourages a pattern that will be applied to hack at problems caused by bad design (e.g. poor identification of resources) rather than just used where it is actually necessary. There's been enough problems keeping people away from POST, I hate to think where we are going with PATCH.

Mike 2010-02-17 14:34:59

A:

Chris McCauley 2010-02-05 17:49:06

Our service needs to be open to third-party products such as SAP, Flex, Silverlight, Excel etc. That means that we have to use the lowest common denominator technology - for a while we weren't able to use PUT because only GET and POST were supported across all the client technologies - unfortunate but a reality. I thnk that using PUT but indicating that we really want to use PATCH is a reasonable compromise.

Chris McCauley 2010-02-06 10:38:54

PUT is a poor choice, since the primary distinction between non-safe verbs is idempotency. PUT is idempotent (as is DELETE) but PATCH is non idempotent (like POST) - so it makes far more sense to 'overload' POST... of course, 'just' using POST might be an idea since that works absolutely fine already, and the actual 'increase in visibility' you would get from introducing a method like PATCH is virtually nothing and not worth the effort or risk.

Mike 2010-02-06 11:19:42

The distinction that I find useful is that to me it is intuitive to PATCH directly to the resource URI. With POST I would prefer to post to a related "processing" resource, that applies the updates on my behalf. I agree that it is not a big difference but I don't forsee the mis-use that you do, so I'm ok with it :-)

Darrel Miller 2010-02-06 14:52:46

Sorry, meant to say POST

Chris McCauley 2010-02-07 09:43:41

+1 A:

PATCH is fine for patch or diff formats. Until then it's not very useful at all.

As for your solution 2 with a custom method, be it in the request or in the headers, no no no no and no, it's awful :)

Only two ways that are valid are either to PUT the whole resource, with the sub data modified, or POST to that resource, or PUT to a sub-resource.

It all depends on the granularity of your resources and the intended consequences on caching.

serialseb 2010-02-08 08:33:02

ansaurus

tags:

views:

answers:

REST - Modify Part of Resource - PUT or POST

related questions