One point that was made is that the RESTful API might be used by
trusted parties of the container to perform various actions which
gadgets are not allowed to do, while others pointed out that having
the same API available in JavaScript means 'first party gadgets' would
be able to be much more powerful and allow for the same kind of
functionality there without the need for container specific extensions.
So should the OpenSocial RESTful and Javascript API's have feature
parity and 'add friend(s)' be added to the JS API? (and there by
setting a trend for future developments in this area)
This topic does not seem to have complete consensus yet, but maybe
that can be reached inside of the voting time-frame.
davep
To keep things organized and easily trackable to see if we actually
voted this into 0.8.1 or not, yes it's quite useful to revote and
clarify your positions.
In the thread in which you voiced your objection you mentioned:
"If it were only app developers using both, then
it makes sense to have them be the same. But the audience of the two
interfaces is not the same"
To which there were a couple of reactions, including (for instance) from
Kevin Brown:
"This is already covered by ACLs (the container can simply not support
these
operations). The most likely outcome would be adding these to the JS
API,
not removing them from REST. Not supporting the write ops in the JS
makes it limiting for writing
first-party gadgets, which may have more privileges than third-party."
My:
"Sure, different authentications can give different rights ... however
that doesn't mean they don't have to have the same basic API?"
And Cassie's remark on this thread:
"+1 for as much parity as possible js vs restful vs json restful are
just different formats for the same data"
However you never responded or engaged in further dialog on this
topic. I will always completely encourage people to vote -1 if they
have a strong sentiment towards it, however it does mean your
responsible for defending your -1 and convincing the +1's on why they
missed your perfectly good point on thinking it was a bad idea.
Without that dialog the -1 quickly becomes a 'poison pill' which isn't
healthy for the process in my opinion.
Could you please explain why excerpts i posted above are invalid or
miss out on an important detail, from your point of view? That would
greatly help to move the discussion forward.
Thanks!
-- Chris
What is wrong with the current system that this fixes? You are
proposing a new 'rule' and you need to justify it, not the other way
around.
I agree with John P, that the REST API is a natural superset of the JS
API, and should be allowed, the future, to expand in areas that may
not be useful in a JavaScript context (and vis-versa). John and I have
both given examples in the previous thread and I can't point out all
the potential areas they might differ, that's why I think it should be
unconstrained.
I also think, as John H pointed out, that the proposal is not specific
enough. Does 'parity' mean semantics? Does it mean that the method
signatures are the same? Does it mean we take the PUT and DELETE verbs
out of REST API so that it has parity with the HTTP verbs in JS?
I get the sense that this new rule is to prevent the JS API from being
weakened or ignored, or that forces may lead to some set of developers
being 'shut out' of some functionality in OpenSocial. I don't see that
threat, so I don't see the need for this.
davep