Resources Over MVC – Allowed Verbs

December 5, 2011 23:08 by Admin

One of the principles of REST is to use “Hypermedia As The Engine Of Application State” (HATEOAS). This means that a web service should provide its clients with all the information they need in order to interact with the service… and this information should be provided along with the response to any request. Most people understand this to mean URIs should be embedded into the responses that are served, so that a client can follow the links in order to change the application state. However, something else that the HTTP standard provides in order to support this discoverability is the Allow header that the server can populate to indicate which HTTP methods a resource support. The Resources Over MVC (ROM) assembly allows this header to be supported.

The Allow header can be populated with a comma separated list of the HTTP verbs that a resource supports, for example:

   Allow: GET, PUT, DELETE

If you are using the ROM assembly it is possible to add support for populating the Allow header by having your controllers implement the IAllowedVerbs interface. This requires a single method to be implemented within the controller:

    public string GetAllowedVerbs(ActionExecutedContext actionExecutedContext)

 

This is called immediately before the resource is returned to the client. For static resources the implementation could return a constant string (e.g. "GET"). For a more dynamic controller (which perhaps supports list resources, detail resources and a number of Actions) the logic within the GetAllowedVerbs method can be more complex:

    public string GetAllowedVerbs(ActionExecutedContext actionExecutedContext)
    {
       
switch
(actionExecutedContext.ActionDescriptor.ActionName.ToUpper())
        {
           
case "DETAILS"
:
               
return "GET, PUT"
;
 

           
default
:
               
return "GET, POST";
        }
    }

 

In the above implementation, the code changes the list of supported verbs based on the Action that is being executed. With the above code in place making a request from a list resource produces the following response:

    HTTP/1.1 200 OK
    Date: Mon, 05 Dec 2011 22:42:25 GMT
    Allow: GET, POST
    Cache-Control: private
    Content-Type: application/xml; charset=utf-8
    Content-Length: 1017
    <?xml version="1.0" encoding="utf-8"?>
    <ArrayOfProduct>
        <Product>
            <Uri>
http://localhost/Products/1</Uri>
            <Id>1</Id>

            …

Whereas requesting a details resource produces the following:

    HTTP/1.1 200 OK
    Date: Mon, 05 Dec 2011 22:47:05 GMT
    Allow: GET, PUT
    Cache-Control: private
    Content-Type: application/xml; charset=utf-8
    Content-Length: 325
    <?xml version="1.0" encoding="utf-8"?>
    <Product>
        <Uri>
http://localhost/Products/1</Uri>
        <Id>1</Id>

        …

As you can see the list of allowed verbs has changed. The sample is available here: Samples.WebService.zip (4.5 mb)


Add comment

  Country flag

biuquote
  • Comment
  • Preview
Loading