× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WEB400
  3. November 2020

Re: [EXTERNAL] Re: Mixing sql and service program in IWS...

If I'm violating REST standards, that's fine. I'll just call my solutions Web APIs. The main thing is that I'm using standard HTTP requests, in a stateless manner, over the internet, to interface with programs that provide access to resources (i.e., interface with stored procedures that provide access to DB2 data).

In an IWS REST service, you are not limited to having one method for each HTTP verb. You can certainly do it this way. But that would be a self-imposed constraint.

To continue with the students example... imagine "students" is the name of a REST service in IWS, and SPSTUDENTS is the name of a SQL stored procedure. Here is how the SPSTUDENTS stored procedure is called:
CALL SPSTUDENTS(<operation name>,<student ID>,<class ID>,<exam name>,<exam score>)
Only the <operation name> parameter is required.

In the "students" REST service in IWS, the first method receives GET requests using this URI:
http://myUrl/students/classEnrollments?classID=Psych101
This method executes the following SQL statement:
CALL SPSTUDENTS ('GETENROLLED',0,'Psych101',' ',0)
The stored procedure returns all students enrolled in the Psych101 class.

The second method of the "students" REST service in IWS also receives GET requests using this URI:
http://myURL/students/oneStudentScore?studentID=12345&examName=2020SpringFinal
This method executes the following SQL statement:
CALL SPSTUDENTS ('GETSTUDENTSCORE',12345,' ','2020SpringFinal',0)
The stored procedure returns a specific student's score on one exam.

The third method of the "students" REST service in IWS receives GET requests using this URI:
http://myUrl/students/allScoresOneExam?examName=2020SpringFinal
This method executes the following SQL statement:
CALL SPSTUDENTS ('GETEXAMSCORES',0,' ','2020SpringFinal',0)
The stored procedure returns the scores for all students who took the specified exam.

Each of the three methods corresponds to a legitimate use case as defined by the users at the educational institution. This helps knocks down the possibility of illegitimate actions (e.g., someone accidentally requesting all student scores on all exams ever, or someone accidentally deleting all of a student's scores instead of deleting one score from one exam).

Please note that you do not need to call a stored procedure for anything described above. In the example above, instead of calling a stored procedure, each method could have executed a slightly different SELECT statement. I just happen to like using stored procedures.

Let me be clear: I am not saying this is the "best" way of doing things. This is simply a way that I prefer to do things. You may hate this approach. That's okay. You are free to do things how you prefer.

Thanks,

Kelly Cookson
Senior Software Engineer II
Dot Foods, Inc.
1-217-773-4486 ext. 12676
www.dotfoods.com



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.