Codit / practical-api-guidelines

Practical guidelines for building & designing APIs with .NET.
MIT License
16 stars 5 forks source link

Do not retrieve the full instance #90

Closed MassimoC closed 5 years ago

MassimoC commented 5 years ago

It is not a good idea (performance wise) to first retrieve the Customization just to check whether or not it exists. You could create a method on the repository that is called CustomizationExistsAsync which just performs a check whether or not the customization exists without retrieving the entity itself. An even better solution would be that the DeleteCustomizationAsync method returns the number of items that has been deleted. It the result of that method would be 0, you also know that the Customization doesn't exist.

You can also wonder whether you should return a 404 when you want to delete something that doesn't exist. In my opinion, a delete operation should be idempotent, which means that you should get the same result back if you call the same operation multiple times.

_Originally posted by @fgheysels

MassimoC commented 5 years ago
            var car = await _coditoRepository.GetCarAsync(newCustomization.CarId, false);
            if (car == null)
            {
                return BadRequest(new ProblemDetailsError(StatusCodes.Status400BadRequest, $"There is no car with id {newCustomization.CarId}."));
            }
fgheysels commented 5 years ago

I even wonder if a DELETE operation should even result in a BadRequest or NotFound status code.

DELETE should be idempotent, which means that if I call the same DELETE operation multiple times, I should have the same result back. Calling it the first time migth in fact delete the specified item and return a 200 (ok) back. However, when I call it directly afterwards, the specified item no longer exists but you could return a 200 back as well.

pietersap commented 5 years ago

I think idempotent should refer to the changes on the server-side. An operation is idempotent if calling it mutiple times has the same effect as calling it once. Calling the same DELETE operation multiple times will have the same effect on the server-side as calling it once, namely the entity is removed. Wether or not the resulting response is the same at the second call, is unrelated to this. This is also how it is currently written in our guidelines:

"Note that while idempotent operations produce the same result on the server (no side effects), the response itself may not be the same (e.g. a resource's state may change between requests)."