mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-20 22:42:53 -05:00
a4a9ba7940
refs: https://github.com/TryGhost/Toolbox/issues/229 - we are getting rid of the concept of having multiple api versions in a single ghost install - removed all the code for multiple api versions & left canary wired up, but without the version in the URL - TODO: reorganise the folders so there's no canary folder when we're closer to shipping we need to minimise the pain of merging changes across from main for now
130 lines
2.1 KiB
Markdown
130 lines
2.1 KiB
Markdown
# API
|
|
|
|
## Stages
|
|
|
|
Each request goes through the following stages:
|
|
|
|
- input validation
|
|
- input serialisation
|
|
- permissions
|
|
- query
|
|
- output serialisation
|
|
|
|
The framework we are building pipes a request through these stages in respect of the API controller configuration.
|
|
|
|
|
|
## Frame
|
|
|
|
Is a class, which holds all the information for request processing. We pass this instance by reference.
|
|
Each function can modify the original instance. No need to return the class instance.
|
|
|
|
### Structure
|
|
|
|
```
|
|
{
|
|
original: Object,
|
|
options: Object,
|
|
data: Object,
|
|
user: Object,
|
|
file: Object,
|
|
files: Array
|
|
}
|
|
```
|
|
|
|
### Example
|
|
|
|
```
|
|
{
|
|
original: {
|
|
include: 'tags'
|
|
},
|
|
options: {
|
|
withRelated: ['tags']
|
|
},
|
|
data: {
|
|
posts: []
|
|
}
|
|
}
|
|
```
|
|
|
|
## API Controller
|
|
|
|
A controller is no longer just a function, it's a set of configurations.
|
|
|
|
### Structure
|
|
|
|
```
|
|
edit: function || object
|
|
```
|
|
|
|
```
|
|
edit: {
|
|
headers: object,
|
|
options: Array,
|
|
data: Array,
|
|
validation: object | function,
|
|
permissions: boolean | object | function,
|
|
query: function
|
|
}
|
|
```
|
|
|
|
### Examples
|
|
|
|
|
|
```
|
|
edit: {
|
|
headers: {
|
|
cacheInvalidate: true
|
|
},
|
|
// Allowed url/query params
|
|
options: ['include']
|
|
// Url/query param validation configuration
|
|
validation: {
|
|
options: {
|
|
include: {
|
|
required: true,
|
|
values: ['tags']
|
|
}
|
|
}
|
|
},
|
|
permissions: true,
|
|
// Returns a model response!
|
|
query(frame) {
|
|
return models.Post.edit(frame.data, frame.options);
|
|
}
|
|
}
|
|
```
|
|
|
|
```
|
|
read: {
|
|
// Allowed url/query params, which will be remembered inside `frame.data`
|
|
// This is helpful for READ requests e.g. `model.findOne(frame.data, frame.options)`.
|
|
// Our model layer requires sending the where clauses as first parameter.
|
|
data: ['slug']
|
|
validation: {
|
|
data: {
|
|
slug: {
|
|
values: ['eins']
|
|
}
|
|
}
|
|
},
|
|
permissions: true,
|
|
query(frame) {
|
|
return models.Post.findOne(frame.data, frame.options);
|
|
}
|
|
}
|
|
```
|
|
|
|
```
|
|
edit: {
|
|
validation() {
|
|
// custom validation, skip framework
|
|
},
|
|
permissions: {
|
|
unsafeAttrs: ['author']
|
|
},
|
|
query(frame) {
|
|
return models.Post.edit(frame.data, frame.options);
|
|
}
|
|
}
|
|
```
|