mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-22 02:11:44 +03:00

History

Fabien 'egg' O'Carroll 33f26fbf32 Updated subscriptions for Members Admin API refs https://github.com/TryGhost/Team/issues/616 We need a way to assign Products to Members via a Subscription, and we've followed the same pattern as the editSubscription method for the Members API controller, which acts upon Subscriptions as a nested resource. Subscriptions now are linked to products, and we've included those links by default in the Member Admin API as we already include subscriptions by default, and Products are now a core part of the Members feature-set.		2021-04-26 17:14:34 +01:00
..
canary	Updated subscriptions for Members Admin API	2021-04-26 17:14:34 +01:00
shared	✨ Added .yaml format support in redirects configuration (#12187 )	2020-11-04 12:08:32 +13:00
v2	🔒 Added a way to hide the secret settings once they are set	2021-04-16 17:05:16 +02:00
v3	🔒 Added a way to hide the secret settings once they are set	2021-04-16 17:05:16 +02:00
index.js	Reordered API exports to improve readability	2021-03-04 11:27:09 +13:00
README.md	Updated API versioning README.md	2019-09-12 16:27:09 +02:00

README.md

API Versioning

Ghost supports multiple API versions. Each version lives in a separate folder e.g. api/v2, api/v3, api/canary etc. Next to the API folders there is a shared folder, which contains shared code, which all API versions use.

Stages

Each request goes through the following stages:

input validation
input serialisation
permissions
query
output serialisation

The framework we are building pipes a request through these stages in respect of the API controller configuration.

Frame

Is a class, which holds all the information for request processing. We pass this instance by reference. Each function can modify the original instance. No need to return the class instance.

Structure

{
  original: Object,
  options: Object,
  data: Object,
  user: Object,
  file: Object,
  files: Array
}

Example

{
  original: {
    include: 'tags'
  },
  options: {
    withRelated: ['tags']
  },
  data: {
    posts: []
  }
}

API Controller

A controller is no longer just a function, it's a set of configurations.

Structure

edit: function || object

edit: {
  headers: object,
  options: Array,
  data: Array,
  validation: object | function,
  permissions: boolean | object | function,
  query: function
}

Examples

edit: {
  headers: {
    cacheInvalidate: true
  },
  // Allowed url/query params
  options: ['include']
  // Url/query param validation configuration
  validation: {
    options: {
      include: {
        required: true,
        values: ['tags']
      }
    }
  },
  permissions: true,
  // Returns a model response!
  query(frame) {
    return models.Post.edit(frame.data, frame.options);
  }
}

read: {
  // Allowed url/query params, which will be remembered inside `frame.data`
  // This is helpful for READ requests e.g. `model.findOne(frame.data, frame.options)`.
  // Our model layer requires sending the where clauses as first parameter.
  data: ['slug']
  validation: {
    data: {
      slug: {
        values: ['eins']
      }
    }
  },
  permissions: true,
  query(frame) {
    return models.Post.findOne(frame.data, frame.options);
  }
}

edit: {
  validation() {
    // custom validation, skip framework
  },
  permissions: {
    unsafeAttrs: ['author']
  },
  query(frame) {
    return models.Post.edit(frame.data, frame.options);
  }
}