Silverstripe - Restful Server Caching - rest

for a web application (an Image Database) I am using the Restful Server Module. The Data is requested by another web application (a shop). The generation of the XML takes up to 1 second. the shop has to wait for the API to answer to display for example a Product Page. Is it possible to activate some caching for the Restful Server API?
I tried already with the Static Publisher but it seems to work just with cms pages.
Many thanks,
Florian

RestfulService does the caching for you. It accepts 2 paramaters. A serviceURL and also a cache time. The default is 3600 (1 hour). This is only going to work if the shop is built with silverstripe.
$serviceURL = 'http://www.imagedatabase.com/api/v1/Product?ID=1';
$service = new RestfulService($serviceURL, 7200); //2 hours expiry
$xml = $service->request()->getBody();
//get fields values
$productName = $service->searchValue($xml, 'Name');
$productPrice = $service->searchValue($xml, 'Price');
You also need to make a modification to Product assuming Product is a dataobject.
class Product extends DataObject {
...
static $api_access = true;
...
function canView($member = null) {
return true;
}
}
RestfulService docs
http://doc.silverstripe.org/framework/en/reference/restfulservice

well, I personally would cache on the client (so in the shop)
but if you have to, I don't think there is any built in way for this.
you could subclass the restful server and do some basic caching yourself (just the way the default SS RestfulClient does it, save it into a file)
class MyServer extends RestfulServer {
public $cache_expire;
function __construct($cache_expire = 3600) {
$this->cache_expire = $cache_expire;
}
protected function getHandler($className, $id, $relationName) {
$cache_path = Director::getAbsFile("assets/rest-cache/$className-$id-$relationName.{$this->request->getExtension()}");
if ($this->cache_expire > 0 && !isset($_GET['flush'])
&& #file_exists($cache_path) && #filemtime($cache_path) + $this->cache_expire > time()
) {
$store = file_get_contents($cache_path);
$response = unserialize($store);
} else {
$response = parent::getHandler($className, $id, $relationName);
$store = serialize($response);
file_put_contents($cache_path, $store);
}
return $response;
}
}
// NOTE, I have never tested this code, so you might run into minor spelling mistakes or something like that

Related

In a REST API, to GET a resource, should I include the resource ID in the url?

I am trying to create an REST API for creating and retrieving files in my database. The tutorial I was following uses the following method to retrive a single file:
$app->get('/file/:file_id', 'authenticate', function($file_id) {
global $user_id;
$response = array();
$db = new DbHandler();
// fetch file
$result = $db->getFile($file_id, $user_id);
if ($result != NULL) {
$response["error"] = false;
$response["id"] = $result["id"];
$response["file"] = $result["fileLocation"];
$response["status"] = $result["status"];
$response["createdAt"] = $result["created_at"];
echoRespnse(200, $response);
} else {
$response["error"] = true;
$response["message"] = "The requested resource doesn't exist";
echoRespnse(404, $response);
}
});
Here they are using the HTTP GET method and are specifying the file ID in the URL, is it OK to do this, safety wise? Would it not be safer to use POST and hide the file ID in the body of the request, or should they not be putting the file ID in a header with the GET request? or is it not something I should be worried about?
In REST post method is used to create a new resource not to get it. Get method is used for fetching the resource and you need to specify the ID to determine particular resource. Passing it via URL is a common practice. You can randomly generate such ID to make it harder to guess.
As Opal said above, the ID is used to identify a resource. If you are unsure have a read of this - http://blog.teamtreehouse.com/the-definitive-guide-to-get-vs-post

Application with fake data source for UI development

I have a web application with an Angular / Breeze client side calling into a Breeze Web API, which uses an Entity Framework code first model. I have a datacontext (Angular service) responsible for all communications with server.
I would like to completely separate the server development from the client side development so developers need not even have .NET installed on their system. I would like the solution to require very little coding in way of creating fakes, because the app is changing frequently and I do not want to have to rewrite fakes every time my implementation changes. I have a bunch of test data in the database that I would like to make available on the client.
What is a good way (standard way?) to achieve this?
Just create mocks. You don't even have to make a RESTful call if you don't want to, just have your service decide whether to hit the server or pull from cache and load up your cache locally on start -
function loadMocks (manager) {
var personMockOne = manager.createEntity('Person', { id: 1, firstName: 'John', lastName: 'Smith' });
var companyMockOne = manager.createEntity('Company', { id: 1, name: 'Acme Inc.' });
companyMockOne.employees.push(personMockOne);
}
http://pwkad.wordpress.com/2014/02/02/creating-mocks-with-breeze-js/
To Expand...
Doing this requires a bit of extra set up. I personally always write my queries separate from my controller / view model logic through a service which takes parameters. A few example parameters are always something like parameters and forceRemote. The idea is that when you go to execute the query you can decide whether to hit the server or query locally. A quick example -
function queryHereOrThere (manager, parameters, forceRemote) {
var query = breeze.EntityQuery().from('EntityName').using(manager);
query.where(parameters);
if (!forceRemote) {
query.executeQueryLocally();
} else {
query.executeQuery();
}
}
Here is my current solution.
Get data from the server with a 'unit test' that creates a Breeze Web API controller and uses it to gather the breeze metadata and all the test data from the database, then writes that data to testData.json and breezeMetadata.json.
Abstract the creation of the Breeze Entity Manager to an Angular service entityManager.
Create a fakeEntityManager Angular service, which: 1) creates the entity manager, 2) overrides the EntityManager.executeQuery function to always use the local version, and 3) loads up the mgr with the test data. The code for that service is below.
In the datacontext service, use the $injector service to conditionally inject a real or a fake entity manager.
datacontext.js
angular.module('app').factory('datacontext', ['$injector','config', datacontext]);
function datacontext($injector, config) {
if (config.useLocalData === true) {
var mgr = $injector.get('fakeEntityManager');
} else var mgr = $injector.get('entityManager');
...
fakeEntityManager.js
(function() {
'use strict';
var serviceId = 'fakeEntityManager';
angular.module('app').factory(serviceId, ['breeze', 'common', em]);
function em(breeze, common) {
var $q = common.$q;
var mgr = getMgr();
populateManager(["Projects", "People", "Organizations"]);
return mgr;
function getMgr() {
breeze.EntityManager.prototype.executeQuery = function(query) {
return $q.when(this.executeQueryLocally(query)).then(function (results) {
var data = {
results: results
};
if (query.inlineCountEnabled == true) data.inlineCount = results.length;
return data;
});
};
var metaData = < PASTE JSON HERE >
new breeze.ValidationOptions({ validateOnAttach: false }).setAsDefault();
var metadataStore = new breeze.MetadataStore();
metadataStore.importMetadata(metaData, true);
return new breeze.EntityManager({
dataService: new breeze.DataService(
{
serviceName: "fakeApi",
hasServerMetadata: false // don't ask the server for metadata
}),
metadataStore: metadataStore
});
}
function populateManager(resources) {
var testData = < PASTE JSON HERE >;
resources.forEach(function (resource) {
testData[resource].forEach(function (entity) {
mgr.createEntity(mgr.metadataStore.getEntityTypeNameForResourceName(resource), entity);
});
});
}
}
})();
If you don't use inlineCount queries there is no need to override executeQuery. You can just add the following property to the EntityManager constructor's parameter:
queryOptions: new breeze.QueryOptions({ fetchStrategy: breeze.FetchStrategy.FromLocalCache })
Todo: Override the EntityManager.saveChanges() function (or somehow configure the entity manager) to prevent calls to the server while still allowing entities to be edited and saved locally.

Symfony2 esi cache forms not working

I get to the weird situation. I have up to date server files with local files. This "flash message with error" appears when this is not valid:
if ($form->isValid() && $this->checkLastComment($commentRepository,$user,$status, $comment)) {
I have two urls. First /Home (working) for everyone where i load statuses with comments BUT I DO NOT CACHE THE PAGE
Then i have /Suggested url where i load statuses with comments BUT USING
$response->setPublic();
$response->setSharedMaxAge(3600);
I CACHE THE PAGE because its the same for all users.
But its weird because on local machine (caching is on i tested) everything runs normal when i want to create a comment... on prod, dev env.
On server it runs normal when i am under dev env.(caching is off) but when i try post comment on prod env. i get error flash message for the mentioned condition...
WTF? Where could be leak please? i have no idea.
The public esi cache somehow breaks my forms? or...?
One friend is able to post a comment there... another one is not.. weird... i wasn't before but after cache clear i am again able...
EDIT:
After lunch i tried it again and i am not able to post comment... wtf..
This is my header i see in chrome: (sending)
CommentForm[comment]:gllll
status_id:65084
CommentForm[_token]:4858119eccbc91da6219d4cbaa1b6c2e79dbd56a
comment_id:0
Using this jquery code:
var url=Routing.generate('create_comment', {"comment_id": comment_id_value, "status_id": status_id_value})+'.json';
$.post(url, $this.serialize(), function(data) {
To this controller:
public function createAction(Request $request, $comment_id=0, $status_id)
{
// first CHECK if user exists
$user=$this->getUser();
if ($user) {
$em=$this->getDoctrine()->getManager();
// GET REPOSITORIES
$statusRepository=$em->getRepository('WallBundle:Status');
$commentRepository=$em->getRepository('WallBundle:Comments');
$notifyRepository=$em->getRepository('NotifyBundle:Notify');
$userRepository=$em->getRepository('UserBundle:User');
// GET SM
$SM=$this->get('status_manager');
// GET status by ID
$status=$statusRepository->find($status_id);
// CHECK if this status exists
if ($status) {
$targetUser=$status->getUser();
if ($request->isMethod('POST') && ($this->getRequest()->getRequestFormat() == 'json')) {
if ($comment_id==0 || !$cE) {
$cE = new Comments();
}
$form = $this->createForm(new CommentFormType(), $cE);
$form->bind($request);
$comment=$form->getData()->getComment();
if ($form->isValid() && $this->checkLastComment($commentRepository,$user,$status, $comment)) {
AND the checkLastComment function
public function checkLastComment($commentRepository, User $user,Status $status, $comment)
{
// check if last comment was more than 10s ago
$lastCommentQueryArray=$commentRepository->getLastComment($user, $status);
$lastCommentTime=0;
$lastCommentContent='';
foreach ($lastCommentQueryArray as $lastComment) {
$lastCommentTime =$lastComment['time'];
$lastCommentContent=$lastComment['comment'];
}
if (($lastCommentTime+10>=time()) && (trim($lastCommentContent)==trim($comment))) {
return false;
}
else {
return true;
}
}
*But the bug should not be in the code because i am using this technique all over the web and everything runs good... only at this particularly page ITS NOT WORKING ... and the only difference between pages is that this one is cached ... + when i am creating a new comment it has nothing with cache isn't that right? it only takes the data from form which is on cached page... *

PHPUnit: Testing form submissions with session variables stored in Symfony2

I had a small test done in PHP for a Controller I had written in Symfony2:
class DepositControllerTest extends WebTestCase {
public function testDepositSucceeds() {
$this->crawler = self::$client->request(
'POST',
'/deposit',
array( "amount" => 23),
array(),
array()
);
$this->assertEquals(
"Deposit Confirmation",
$this->crawler->filter("title")->text());
}
}
Up to here, everything was great. Problem started when I realized I wanted to disable possible re-submissions while refreshing the page. So I added a small mechanism to send nonce on every submission.
It works something like this:
class ReplayManager {
public function getNonce() {
$uid = $this->getRandomUID();
$this->session->set("nonce", $uid);
return $uid;
}
public function checkNonce($cnonce) {
$nonce = $this->session->get("nonce");
if ($cnonce !== $nonce)
return false;
$this->session->set("nonce", null);
return true;
}
}
So I had to mofidy the controller to get the nonce when displaying the form, and consume it when submitting.
But now this introduces a problem. I cant make a request to POST /deposit because I dont know what nonce to send. I thought to requesting first GET /deposit to render the form, and setting one, to use it in the POST, but I suspect Symfony2 sessions are not working in PHPUnit.
How could I solve this issue? I would not want to go to Selenium tests, since they are significant slower, not to mention that I would have to rewrite A LOT of tests.
UPDATE: I add a very simplified version of the controller code by request.
class DepositController extends Controller{
public function formAction(Request $request){
$this->replayManager = $this->getReplayManager();
$context["nonce"] = $this->replayManager->getNonce();
return $this->renderTemplate("form.twig", $context);
}
protected function depositAction(){
$this->replayManager = $this->getReplayManager();
$nonce = $_POST["nonce"];
if (!$this->replayManager->checkNonce($nonce))
return $this->renderErrorTemplate("Nonce expired!");
deposit($_POST["amount"]);
return $this->renderTemplate('confirmation.twig');
}
protected function getSession() {
$session = $this->get('session');
$session->start();
return $session;
}
protected function getReplayManager() {
return new ReplayManager($this->getSession());
}
}
I'm not sure what ReplayManager does, but it looks to me as if it is not the right class to handle the 'nonce'. As the 'nonce' is ultimately stored in and retrieved from the session it should either be handled by the controller or abstracted out into its own class which is then passed in as a dependency. This will allow you to mock the nonce (sounds like a sitcom!) for testing.
In my experience problems in testing are actually problems with code design and should be considered a smell. In this case your problem stems from handling the nonce in the wrong place. A quick refactoring session should solve your testing problems.
It is possible to access the Symfony2 session from PHPUnit via the WebTestCase client. I think something like this should work:
public function testDepositSucceeds() {
$this->crawler = self::$client->request(
'GET',
'/deposit',
);
$session = $this->client->getContainer()->get('session');
$nonce = $session->get('nonce');
$this->crawler = self::$client->request(
'POST',
'/deposit',
array("amount" => 23, "nonce" => $nonce),
array(),
array()
);
$this->assertEquals(
"Deposit Confirmation",
$this->crawler->filter("title")->text());
}
EDIT:
Alternatively, if there is a problem getting the nonce value from the session, you could try replacing the two lines between the GET and POST requests above with:
$form = $crawler->selectButton('submit');
$nonce = $form->get('nonce')->getValue(); // replace 'nonce' with the actual name of the element

Logic behind linkage of ExpandoObject() members and FB Graph API

Just started today some dev using Facebook SDK and i can't figure out the logic followed to link the members of the expando object to the fields in the Graph API objects in the example bellow that was taken from facebook C# SDK docs:
public ActionResult RestFacebookPage()
{
FacebookApp app = new FacebookApp();
dynamic parameters = new ExpandoObject();
parameters.page_ids = "85158793417";
parameters.method = "pages.getInfo";
parameters.fields = "name";
dynamic result = app.Api(parameters);
return View("FacebookPage", result);
}
I do understand the page_ids and fields, but not pages.getInfo. It would be great if someone could enlighten me here and tell me where in the documentation i can find a reference that leads me to this....
Thanks a lot!
Not sure I understand what you are asking but there is a pretty decent example about translating php to facebook-c#-sdk over on their project page. Then you can just look up the official facebook developer documentation directly.
If you were asking more off a "how is this implemented" type of question, the best way to do this in my opinion is to break at the line containing app.Api and from there just step through the code. In the Api method there is a check to see if the parameters dictionary contains a key "method". If there is, the sdk figures the call is bound for the old rest api, not the graph api. A few stack frames lower we find the code that makes the url:
protected virtual Uri GetUrl(string name, string path, IDictionary parameters)
{
Contract.Requires(!String.IsNullOrEmpty(name));
Contract.Ensures(Contract.Result() != default(Uri));
if (_domainMaps[name] == null)
{
throw new ArgumentException("Invalid url name.");
}
UriBuilder uri = new UriBuilder(_domainMaps[name]);
if (!String.IsNullOrEmpty(path))
{
if (path[0] == '/')
{
if (path.Length > 1)
{
path = path.Substring(1);
}
else
{
path = string.Empty;
}
}
if (!String.IsNullOrEmpty(path))
{
uri.Path = UriEncoder.EscapeDataString(path);
}
}
if (parameters != null)
{
uri.Query = parameters.ToJsonQueryString();
}
return uri.Uri;
}
You should probably step into this method yourself to see what the variables hold and it should make sense to you. The source is always the best documentation. Hope this helps.