mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-19 08:31:43 +03:00
1e6f4ba340
no issue - Admin API v2 returned /404/, see comment in code base: /** * CASE: admin api should serve preview urls * * @NOTE * The url service has no clue of the draft/scheduled concept. It only generates urls for published resources. * Adding a hardcoded fallback into the url service feels wrong IMO. * * Imagine the site won't be part of core and core does not serve urls anymore. * Core needs to offer a preview API, which returns draft posts. * That means the url is no longer /p/:uuid, it's e.g. GET /api/v2/content/preview/:uuid/. * /p/ is a concept of the site, not of core. * * The site is not aware of existing drafts. It won't be able to get the uuid. * * Needs further discussion. */ |
||
---|---|---|
.. | ||
shared | ||
v0.1 | ||
v2 | ||
index.js | ||
README.md |
API Versioning
Ghost supports multiple API versions. Each version lives in a separate folder e.g. api/v0.1, api/v2. Next to the API folders there is a shared folder, which the API versions use.
NOTE: v0.1 is deprecated and we won't touch this folder at all. The v0.1 folder contains the API layer which we have used since Ghost was born.
Stages
Each request goes through the following stages:
- validation
- input serialisation
- permissions
- query
- output serialisation
The framework we are building pipes a request through these stages depending on the API controller implementation.
Frame
Is a class, which holds all the information for API processing. We pass this instance per reference. The target function can modify the original instance. No need to return the class instance.
Structure
{
original: Object,
options: Object,
data: Object,
user: Object,
file: Object,
files: Array
}
Example
{
original: {
include: 'tags'
},
options: {
withRelated: ['tags']
},
data: {
posts: []
}
}
API Controller
A controller is no longer just a function, it's a set of configurations.
Structure
edit: function || object
edit: {
headers: object,
options: Array,
data: Array,
validation: object | function,
permissions: boolean | object | function,
query: function
}
Examples
edit: {
headers: {
cacheInvalidate: true
},
options: ['include']
validation: {
options: {
include: {
required: true,
values: ['tags']
}
}
},
permissions: true,
query(frame) {
return models.Post.edit(frame.data, frame.options);
}
}
read: {
data: ['slug']
validation: {
data: {
slug: {
values: ['eins']
}
}
},
permissions: true,
query(frame) {
return models.Post.findOne(frame.data, frame.options);
}
}
edit: {
validation() {
// custom validation, skip framework
},
permissions: {
unsafeAttrs: ['author']
},
query(frame) {
return models.Post.edit(frame.data, frame.options);
}
}