When to tunnel GET under POST, or did Ian Robinson just say “never mind" about REST?
Paul Mansour
A third phrasing of the question might be: is it ever necessary to forgo a declarative style when querying a database over the web?
With respect to the first phrasing of the question, I can only think of three reasons:
1. The URL required to specify the resource is so long that it could cause trouble in various components on the web.
2. It is difficult or impossible to encode the required information into the URL. (Though I am not sure this is actually a valid reason)
3. Some sort of security concern.
Are there others?
With respect to the alternative phrasings of the question, I have been re-reading REST in Practice by Robinson, Webber, and Parastatidi. I have also been supplementing my reading with various video presentations by the authors, which are all extremely good. In particular I just watched one entitled “REST in Practice, in Practice” by Ian Robinson.
In this presentation Robinson gives a brief introduction to REST, and then how his current company was building a web API to its product, a graph database, applying principals of REST along the way. He shows an API navigating a graph database where the nodes are exposed as resources, traversing the database node by node via hypermedia. All well and good. Then, at 19 minutes and 47 seconds, he drops the bomb “Are You Serious?” Paraphrasing: “Does anyone really expect us to query a database this way over the web? This won’t work as a general way to query, it is too complicated, it’s too slow, etc.” All true enough, but rather than reconsidering (or rather extending the resource model), which is what I was expecting at that point in the video, he summarily concludes that the solution is to simply forget REST and a declarative, web oriented approach in favor of tunneling the query under POST. RPC. “No hypermedia shenanigans!” That’s a quote. I needed smelling salts at this point.
Here is where I was expecting the video to go at 19:47. Any (good) DBMS, whether it be a graph, relational, object, or what have you, can expose its elements as resources, like the nodes that Robinson shows. Everything is addressable. However, while for “discovery mode” it might be reasonable to navigate from one element to another using hypermedia, in general we need to perform queries that return sets of elements. Thus, additional resources must be defined. There are two ways to do this. First any given query can be encoded into the URL – though URL length might be an issue. Alternatively, the query definition, script or what have you, can be PUT to the server as a new resource in its own right, and then that new resource implies the existence of yet another resource which is the result of executing the query (The representation of the stored script includes a link to the result of the script). All of this holds regardless of the type of DBMS, whether the query language is declarative or imperative. Cachability, hypermedia, REST, restored.
I also don’t quite get his indictment of hypermedia in when it seems unrelated to the very basic issue of when it is appropriate to use GET vs POST.
What am I missing here? What am I not understanding?
