Different models for RESTful GET and POST
Does REST ideas or conventions violate different models for GET / PUT / POST on the same URL?
Example:
Consider a simple resource found in api / things
I can create a thing:
POST api/things
with body = { Name: "New Thing" }
This returns the thing to me along with the location
{ Id: 500, Name: "New Thing", Links: ["api/things/500"] }
Location Header: api/things/500
I can get the following:
GET api/things/500
and i will get
{ Id: 500, Name: "New Thing", Links: ["api/things/500"] }
If I want to update it: PUT api / things / 500
{ Name: "Updated Thing", IsActive: false }
In this example, there are "rules" hidden behind different models.
- On creation, you cannot specify the Id or IsActive parameter. The identifier is generated by the server, always starts with Active.
- You cannot update the ID and hence the "link" that uses it, so the PUT model does not contain an ID field.
One strong criticism of this: I can't POST to create a new one, change the "Name" field and "SEND it back" to update it. I would have to know to remove the Id and link fields. I could "be liberal in what I accept" and allow IDs and links in the PUT request, but then I have to make additional decisions like, "Is this 400 if the ID / link they are posting is different?" "is it 400 if they don't send Id / Link?" If the API claims to accept these fields in PUT, it can be considered a contract that they can be updated.
source to share
It is perfectly legal to accept different DTOs for different methods. Quite often, POST creates a new object with default properties like Id, StartDate or Active, etc., so these properties are missing from the "POST DTO". I tend to shy away from PUT as the definition is that you are replacing one entity with another that may include an Id. I choose PATCH most of the time when you accept delta and partials. You can check each message sent and determine if it is a readonly property or not. In some cases, based on roles, it can only be for one user and replaced by another. Following this, POST is one DTO, PATCH is partial, PUT does not exist, and GET returns the full DTO.
I've seen a couple of places where PUT is useful. You want to modify a binary or you have a collection that you want to modify, PUT is fine. Otherwise, I love PATCH.
source to share