NAME
    WebAPI::DBIC

VERSION
    version 0.001002

DESCRIPTION
    WebAPI::DBIC provides the parts you need to build a feature-rich RESTful
    JSON web service API backed by DBIx::Class schemas.

    WebAPI::DBIC features include:

    * Use of the JSON+HAL (Hypertext Application Language) lean hypermedia
    type

    * Automatic detection and exposure of result set relationships as HAL
    "_links"

    * Supports safe robust multi-related-record CRUD transactions

    * Built on the strong foundations of Web::Machine, Path::Router and
    Plack

    * Built as fine-grained roles for maximum reusability and extensibility

    * A built-in copy of the generic HAL API browser application

    * An example command-line utility that gives you an instant web service
    for any DBIx::Class schema

  HAL - Hypertext Application Language
    The Hypertext Application Language hypermedia type (or HAL for short) is
    a simple JSON format that gives a consistent and easy way to hyperlink
    between resources in your API.

    Adopting HAL makes the API explorable, and its documentation easily
    discoverable from within the API itself. In short, it will make your API
    easier to work with and therefore more attractive to client developers.

    A JavaScript "HAL Browser" is included in the WebAPI::DBIC distribution.
    (WebAPI::DBIC doesn't yet offer direct support for documentation
    resources.)

    APIs that adopt HAL can be easily served and consumed using open source
    libraries available for most major programming languages. It's also
    simple enough that you can just deal with it as you would any other
    JSON.

    See <http://stateless.co/hal_specification.html> for more details.

  Web::Machine
    The Web::Machine module provides a RESTful web framework modeled as a
    formal state machine. This is a rigorous and powerful approach,
    originally developed in Haskel and since ported to See
    <https://raw.githubusercontent.com/basho/webmachine/develop/docs/http-he
    aders-status-v3.png> for an image of the state machine.

    By building on Web::Machine, WebAPI::DBIC removes the need to implement
    all the logic needed for accurate and full-features HTTP protocol
    behaviour. You just provide small pieces of logic at the decision points
    you care about and Web::Machine looks after the rest.

    See <https://github.com/basho/webmachine/wiki> for more information.

    Web::Machine provides the logic to handle a HTTP request for a *single
    resource*.

    With WebAPI::DBIC those resources typically represent a DBIx::Class
    result set, a row, or a method invocation on a row. They are implemented
    as a subclass of Web::Machine::Resource that consumes a some set of
    WebAPI::DBIC roles that add the specific desired functionality.

  Path::Router
    The Path::Router module is used to organize multiple resources into a
    URL namespace. It's used to route incoming requests to the appropriate
    Web::Machine instance. It's also used in reverse to construct links to
    other resources that are included in the outgoing responses.

    Path::Router supports full reversability: the value produced by a path
    match can be passed back in and you will get the same path you
    originally put in. This removes ambiguity and reduces mis-routings. This
    is important for WebAPI::DBIC because, for each resource returned, it
    automatically add HAL "_links" containing the URLs of the related
    resources, as defined by the DBIx::Class schema. This is what makes the
    API discoverable and browseable.

NAME
    WebAPI::DBIC - A composable RESTful JSON+HAL API to DBIx::Class schemas
    using roles, Web::Machine and Path::Router

STATUS
    The WebAPI::DBIC code has been in production use for over a year,
    however it's only recently been open sourced (July 2014) so it's still
    lacking in documentation, tests etc.

    It's also likely to undergo a period of refactoring now there are more
    developers contributing and the code is being applied to more domains.
    Interested? Please get involved! See "HOW TO GET HELP" below.

MODULES
  Roles
    WebAPI::DBIC::Resource::Role::DBIC is responsible for interfacing with
    DBIx::Class, 'rendering' individual records as resource data structures.
    It also interfaces with Path::Router to handle relationship linking.

    WebAPI::DBIC::Resource::Role::SetRender is responsible for rendering an
    entire result set as either plain JSON or JSON+HAL by iterating over the
    individual items. For JSON+HAL it adds the paging links.

    WebAPI::DBIC::Resource::Role::Set is responsible for accepting GET and
    HEAD requests for set resources (collections) and returning the results
    as JSON or JSON+HAL.

    WebAPI::DBIC::Resource::Role::SetWritable is responsible for accepting
    POST request for set resources. It handles the recursive creation of
    related records. Related records can be nested to any depth and are
    created from the bottom up within a transaction.

    WebAPI::DBIC::Resource::Role::Item is responsible for GET and HEAD
    requests for single item resources and returning the results as JSON or
    JSON+HAL.

    WebAPI::DBIC::Resource::Role::ItemWritable is responsible for accepting
    PUT and DELETE requests for single item resources. It handles the
    recursive update of related records. Related records can be nested to
    any depth and are updated from the bottom up within a transaction.
    Handles both 'PUT is replace' and 'PUT is update' logic.

    WebAPI::DBIC::Resource::Role::ItemInvoke is responsible for accepting
    POST requests for single item resources representing the invocation of a
    specific method on an item (e.g. POST
    /widget/42/invoke/my_method_name?args=...).

    WebAPI::DBIC::Resource::Role::DBICAuth is responsible for checking
    authorization to access a resource. It currently supports Basic
    Authentication, using the DBI DSN as the realm name and the return
    username and password as the username and password for the database
    connection.

    WebAPI::DBIC::Resource::Role::DBICParams is responsible for handling
    request parameters related to DBIx::Class such as "page", "rows",
    "order", "me", "prefetch", "fields" etc.

  Utility Roles
    WebAPI::DBIC::Role::JsonEncoder provides encode_json() and decode_json()
    methods.

    WebAPI::DBIC::Role::JsonParams provides a param() method that returns
    query parameters, except that any parameters with names that have a
    "~json" suffix have their values JSON decoded, so they can be arbitrary
    data structures.

  Resource Classes
    To make building typical applications easier, WebAPI::DBIC provides
    three pre-defined resource classes:

    WebAPI::DBIC::Resource::GenericItemDBIC for resources represented by an
    individual DBIx::Class row.

    WebAPI::DBIC::Resource::GenericSetDBIC for resources represented by a
    DBIx::Class result set.

    WebAPI::DBIC::Resource::GenericItemInvoke for resources that represent a
    specific method call on an item resource.

    These classes are *very* simple because all the work is done by the
    various roles they consume. For example, here's the entire code for
    WebAPI::DBIC::Resource::GenericItemDBIC:

        package WebAPI::DBIC::Resource::GenericItemDBIC;
        use Moo;
        extends 'WebAPI::DBIC::Resource::Base'; # is just Web::Machine::Resource
        with    'WebAPI::DBIC::Role::JsonEncoder',
                'WebAPI::DBIC::Role::JsonParams',
                'WebAPI::DBIC::Resource::Role::DBIC',
                'WebAPI::DBIC::Resource::Role::DBICAuth',
                'WebAPI::DBIC::Resource::Role::DBICParams',
                'WebAPI::DBIC::Resource::Role::Item',
                'WebAPI::DBIC::Resource::Role::ItemWritable',
                ;
        1;

  Other Classes
    A few other classes are provided:

    WebAPI::DBIC::Util.pm provides a few general utilities.

    WebAPI::DBIC::Machine.pm a subclass of Web::Machine.

    WebAPI::DBIC::WebApp - this is the main app class and is most likely to
    change in the near future so isn't documented yet.

HOW TO GET HELP
    *   IRC: irc.perl.org#webapi

    *   Source: <https://github.com/timbunce/WebAPI-DBIC>

CREDITS
    Stevan Little gets top billing for creating Web::Machine and
    Path::Router (not to mention Moose and much else besides).

    Matt Trout and Peter Rabbitson and the rest of the DBIx::Class team for
    creating and maintaining such an excellent object <-> relational mapper.

    Arthur Axel "fREW" Schmidt, both for his original "drinkup" prototype
    using Web::Machine that WebAPI::DBIC is based on, and for offering to
    help with the work required to open source and release WebAPI::DBIC to
    CPAN. Without that, and further help from Fitz Elliott, WebAPI::DBIC
    might still be a closed source internal project.

OVERVIEW OF REPRESENTIONS AND ACTIONS
    The docs below are from old internal documentation. They're a bit rought
    and will be reworked and found a better home. They're here for now
    because they are useful to give a sense of how the API works and what it
    supports.

  GENERIC ENTITY REPRESENTIONS
    Here we define the default behavior for GET, PUT, DELETE and POST
    methods on item and set resources.

    In these examples the ~ symbol is used to represent a common prefix. The
    prefix is intended to contain at least a single path name element plus a
    version number element, for example, in:

        GET ~/ecosystems/

    the ~ represents a prefix such as "/clients/v1", so the above is a
    shorthand way of representing:

        GET /clients/v1/ecosystems/

   Conventions
    Resource names are typically plural nouns, and lower case, with
    underscores if required. Verbs could be used for for non-resource
    requests and might be capitalized (e.g. /Convert?from=Y&to=Y).

    A parameter that's part of the url is represented in these examples with
    the :name convention, e.g. :id.

    XXX That might change to the 'URL Template' RFC6570 style
    http://tools.ietf.org/html/rfc6570

  GET Item
        GET ~/resources/:id

    returns

        {
            _links: { ... }  # optional
            _embedded: { ... }  # optional
            _meta: { ... }   # optional
            ... # data attributes, optional
        }

    The optional _links object holds relevant links in the HAL format (see
    below). This enables interactive browsing of the API.

    The optional _embedded object holds embedded resources in the HAL
    format. (see "prefetch").

    The optional _meta attribute might include things like the name of the
    attribute to treat as the label, or a count of items matching a search.

        GET ~/ecosystems/1

    would include

        {
            id: 1,
            ...
            person_id: 2,  # foreign key
            ...
            _links {
                self: {
                    href: "/ecosystems/1"
                },
                "relation:person": {
                    href: /person/19
                },
                "relation:email_domain": {
                    href: "/email_domain/8"
                }
            },
        }

    The "relation" links describe the relationships this resource has with
    other resources.

    TBD Currently only 1-1 relationships (e.g., belongs_to) are included.
    Also see "prefetch".

  GET Item Optional Parameters
   prefetch
        prefetch=relationship
        prefetch=relationship1,relationship2

    The prefetch parameter enables one or more related resources to be
    fetched and embedded in the response. For example:

        GET ~/ecosystems/1?prefetch=person

    would return:

        {
            id: 1,
            person_id: 2,  # foreign key
            ...
            _links: { ... },
            _embedded: {
                person: {  # prefetched using person_id
                    id: 2,
                    ...
                    _links: { ... },
                },
            }
        }

    Here the _embedded person is a resource, not an array of resources,
    because the relationship is 1-1. For 1-N relationships the value of the
    _embedded key would be an array that contains the relevant resource
    records.

   fields
    Partial responses:

        fields=field1,field2

    XXX Currently doesn't work for limiting the fields of prefetched
    relations.

   with
    The "with" parameter is used to control optional items within responses.
    It's a comma separated list of words. This parameter is only
    passed-through in paging links.

    * count

    Adds a "count" attribute to the "_meta" hash in the results containing
    the count of items in the set matched by the request, i.e., the number
    of items that would be returned if paging was disabled. Also adds a
    "last" link to the "_links" section of the results.

    * nolinks

    TBD - possibly used to disable links in the results, especially for
    large sets of small items where the links section would take significant
    time and space to construct and return. Might be better as a linkdepth=N
    where N is decremented at each level of embedding so linkdepth=0
    disables all links, but linkdepth=1 allows paging of the set but doesn't
    include links in the embedded resources.

  GET on Set
        GET ~/ecosystems

    returns

        {
            _links: { ... },  # optional
            _meta: { ... },   # optional
            _embedded: { 
                ecosystems => [
                    { ... }, ...
                ]
            }
        }

    The _embedded object contains a key matching the resource name whoose
    value is an array of those resources, in HAL format. It may seem unusual
    that the response isn't simply an array of the resources, but you can
    think of the 'set' as a 'virtual' entity that *contains nothing itself*
    but just acts as a container, or view, for a set of *embedded
    resources*.

    The _links objects would include links in HAL format for
    first/prev/next/last.

    The _meta could include attributes like limit, offset.

  GET on Set - Optional Parameters
   Paging
    Set results are returned in pages to prevent accidentally trying to
    fetch very large numbers of rows. The default is a small number.

        rows=N   - default 30 (at the time of writing)
        page=N   - default 1

   fields
    Partial results, as for GET Item above.

   Ordering
        order=field1
        order=field1 desc
        order=field1 asc,field2 asc

    A comma-separated list of one or more ordering clauses, each consisting
    of a field designator followed by an optional direction. Direction can
    be asc or desc and defaults to asc.

    Field names can refer to fields of "prefetch" relations. For example:

        ~/ecosystems_people?prefetch=person,client_auth&order=client_auth.username

   Filtering
        ?me.fieldname=value

    Filtering with query params

        ?me.color=red&me.state=running

    The me.*= values can be JSON data structures if the field name is
    sufixed with ~json, for example:

        ?me.color~json=["red","blue"]    # would actually be URL encoded

    which would be evaluated as an SQL 'IN' expression:

        color IN ('red', 'blue')

    More complex expressions can be expressed using hashes, for example:

        ?me.color~json={"like":"%red%"}  # would actually be URL encoded

    would be evaluated as

        color LIKE '%red%'

    and

        ?me.foo~json=[ "-and", {"!=":2}, {"!=":1} ]  # shown unencoded

    would be evaluated as

        foo != 2 and foo != 1

    See https://metacpan.org/module/SQL::Abstract#WHERE-CLAUSES for more
    examples.

    The me.* parameters are only passed-through in paging links.

   Prefetching Related Objects
        ?prefetch=person,client_auth

    The resource may have 1-1 relationships with other resources. (E.g., a
    "belongs_to" relationship in DBIx::Class terminology.)

    The relevant instances of related resources can be fetched and returned
    along with the requested resource by listing the relationships in a
    prefetch parameter.

    For example: GET /ecosystems_people?prefetch=person,client_auth

      {
        "_links": { ... },
        "_embedded": {
          "ecosystems_people": [
            {
              "client_auth_id": "29",
              "person_id": "8",
              ...
              "_links": { ... },
              "_embedded": {
                "client_auth": {   # embedded client_auth resourse
                  "id": 29
                  ...
                },
                "person": {        # embedded person resourse
                  "id": 8,
                  ...
                }
              },
            },
            ... # next ecosystems_people resource
          ]
        }
      }

   distinct
        distinct=1

    Only return distinct results.

    Currently this parameter requires that both the fields and order
    parameters are provided, and have identical values.

    The results are returned in HAL format, i.e., as an array of objects in
    an _embedded field, but the objects themselves are not in HAL format,
    i.e. they don't have _links or _embedded elements.

  PUT on Item
    Update resource attributes using the JSON attribute values in the
    request body.

    Embedded related resources can be supplied (if the Content-Type is
    "application/hal+json").

    Changes will be made in a single transaction.

    Prefetch of related resources is supported.

    TODO Enable use of the ETag header for optimistic locking?

  PUT on Set
    Not supported.

  DELETE on Item
    Delete the record.

  DELETE on Set
    Not supported.

  POST on Item
    Not supported.

  POST on Set
    Create a new resource in the set. Returns a 302 redirect with a Location
    header giving the URL of the newly created resource.

    Any attributes that aren't specified in the POST data will be given the
    default values specified by the database schema.

    The "prefetch" parameter can be used to request that the created
    resource ("prefetch=self") and any related resources, be returned in the
    body of the response.

    The rollback=1 parameter let's you rollback a POST to a set, e.g., for
    testing.

    TBD check that only fields valid for GET have been supplied

  Creating Related Resources
    If the Content-Type is "application/hal+json" then related resources can
    be provided via the "_embedded" attribute. They will be created first
    and the corresponding key fields of the main resource will be set to the
    appropriate values before it's inserted. All database changes will
    happen in a single transaction.

    For example, given a POST to /albums containing:

        {
            name: "album name",
            artist_id: null,        # optional
            _embedded => {
                artist => {
                    name: "artist name",
                }
            }
        }

    The artist resource would be created first and its primary key would be
    used to set the artist_id field before that was created.

    This process works recursively for any number of level and any number of
    relations at each level.

  Errors
    Error status responses should include a JSON object with at least these
    fields:

        {
            status: NNN,
            message: "...",
        }

    XXX Needs to be extended to be able to express errors related to
    specific attributes in the request.

    The above is out of date. XXX review work on JSON media types for error
    reporting (I recall there's one that has adopted HAL).

  Invoking Methods
    To enable the execution of functionality not covered by the general HTTP
    mechanisms described above, it's possible to define resources that
    represent arbitary methods. These methods are executed by a POST request
    to the correponding resource. The body of the request contains the
    parameters to the method.

    Currently a method can only be invoked on an item resource. The resource
    for the method call is simply the url of the item resource with
    '/invoke/:method' appended:

        POST ~/ecosystems/:id/invoke/:method

    The request supports the same query parameters as the corresponding item
    resource.

   Default Argument and Response Handling
    Custom method resources can be defined which can perform any desired
    action, argument and response handling.

    A default behaviour is provided to handle simple cases, and that is what
    is described here.

    The named method is invoked on the item object specified by the item
    resource. In other words, the method is a method in the schema's Result
    class.

    The POST request must use content-type of application/json and, if
    arguments are required, are specified via an 'args' element in the body
    JSON:

        { args => [ ... ] }

    The method is called in a scalar context.

    If the method returns a DBIx::Class::Row object it is returned as a JSON
    hash.

    If the method returns a DBIx::Class ResultSet object it is returned as a
    JSON array containing a hash for every row in the result set. There is
    no paging.

    If the method returns any other kind of value it it returned as a JSON
    hash containing a single element 'result':

        { result: ... }

    (To avoid attempting to serialize objects, if the result is blessed then
    it's stringified.)

    Note that this default behaviour is liable to change. If you want to
    make method calls like this you should define your own resource based on
    the one provided.

AUTHOR
    Tim Bunce <Tim.Bunce@pobox.com>

COPYRIGHT AND LICENSE
    This software is copyright (c) 2014 by Tim Bunce.

    This is free software; you can redistribute it and/or modify it under
    the same terms as the Perl 5 programming language system itself.

