RESTful API endpoint for adding/removing array elements?

Question

I have RESTful API built on top of a MongoDB store, so it's nice that you can store arrays. It's straightforward to create a new resource like this:

POST /users { items: [ 1001, 1002, 1003 ] }

But how would the HTTP endpoint for adding a new item or removing an item would look like?

Right now, I have to specify the entire array, including elements that I don't want to touch:

PATCH /users/{id} { name: 'Bruce Wayne', items: [ 1001, 1002 ] }

Or pass in a mongodb query directly:

PATCH /users/{id}?query[$push][items]=1003

Is there a better way to do this?

Edit:

I like how StackMob's API does it. How do I update the name and remove an element from items at the same time though? For example, when I'm updating a bunch of the user's details on an admin dashboard? I don't think replacing the entire array is a good idea in mongodb?

Answer 1

Passing a mongodb query seems like a bad idea. Depending on your backend implementation it could lead to an attacker doing bad things to your data as in SQL Injection

You can model the modification of an attribute on a resource with PUT or PATCH with some limitations:

• When using PUT the client is expected to send the whole representation of the resource. IT works for you but it may be cumbersome.
• When using PATCH the client is expected to send the attributes that are intended to change, instead of the whole resource. Yet, you have to send the whole value, not just the additions or deletions of items to the value. Again it works but you are not in love with it.

I think you are looking for a way to model adding and removing items to the array:

1. I would model the array as a resource on its own: /users/:id/items
2. Accept POSTto add an item to the array and DELETE to remove from the array.

It's simple and RESTful.

Answer 2

As per the REST standards to create and delete a new request --> POST -Create a new resource in a collection and DELETE -Delete a resource

I can give you an example of how the high-level HTTP endpoint in java looks like using Jersey. You can have a Resource class with the HTTP Path specified and specific Paths for methods doing different operations. So the URL could look like -- /rest/MyResource/Resource accompanied by a request JSON or XML(that contains your input data)

Here is a sample Resource class that would be your entry point(ofcourse you would have to do your configuration in web.xml to do URL mapping for this class) -->

import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.DELETE;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.json.JSONObject;

public class SampleRESTServiceResource {

    /**
     * @param incomingJsonString
     * @return Response 
     */
    @POST
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    public Response createNewResource(JSONObject myJson) {
        // Do a call to a DAO Implementation that does a JDBC call to insert into Mongo based on JSON
        return null;

    }

    /**
     * @param incomingJsonString
     * @return Return response 
     */
    @DELETE
    @Produces(MediaType.APPLICATION_JSON)
    @Consumes(MediaType.APPLICATION_JSON)
    public Response deleteResource(JSONObject myJson) {
        // Do a call to a DAO Implementation that does a JDBC call to delete resource from  Mongo based on JSON
        return null;
    }
}

If you want to try out an example you can refer to this page --> https://www.ibm.com/developerworks/library/wa-aj-tomcat/