[Feature Request] Use JSON instead of XML for the web api

[agramian]

I have made several modifications and additions to the web api which I need to submit pull requests for so I can take up this task.

Although the api works well enough with XML, it seems a bit slow (at least with Python) which I assume is as a result of converting dictionaries and hashes back and forth between XML. I'm open to suggestion but from my understanding, the only reason to use XML is if automated file uploading is desired. Otherwise JSON is much more lightweight and there is less work in parsing responses and sending requests on the client-side. Maybe later on if we see the need for allowing file uploads through the web api then we can use XML also.

For now though, I believe the existing functionality of the web api (getting, setting, creating items) should be done through JSON.

[joffems]

@agramian json is definitely light weight. I initially chose XML for its readability and due to one tool that I was using. This is no longer an issue and I think the swap is fine.

[agramian]

I have successfully converted the api from XML to JSON.

However another aspect of the web api i want to address before finalizing this is that web api requests only seem to be accepted if the web api user is logged in. It is not sufficient to just pass the api_key in as a request parameter. With python, I have been getting around this issue by using mechanize to simulate a browser navigating to the login page then logging in with the web api users credentials.

@joffems how can the web api requests be accepted simply with the api key and not if the web api user is logged in and has a user session initiated?

[joffems]

I don't remember the user needing to be logged in with a session.

Do you reproduction steps?

[agramian]

To reproduce it simply run the example curl command from the manual. The response is the content of the login page.

[agramian]

Also is it possible to determine from the line "authorize! :create, Webapi" whether the authorization failed and return a JSON error response rather than redirect to the login page and return its contents?

[ChrisWesterfield]

Why not add a parameter to the call url and offer both outputs depending on the parameter. So interfaces that access the api using xml wont need to be rewritten.

[agramian]

@ChrisWesterfield that's pretty straightforward to accomplish with rails. If we enable access through xml and JSON the difference would be calling the endpont with .xml vs .json (ex. api/assignments/create.json or api/assignments/create.xml).

However unless it would take an unreasonable amount of work to rewrite your code to use JSON I don't think we should go that route. You could always just not update the web api as well.

@joffems what are your thoughts?

[joffems]

@agramian I would like to keep the existing XML functionality in place for those that are using it. Ideally we should be able to update the API to work with both and get your updates integrated.

[agramian]

@joffems in that case I think the best course of action is to leave the existing xml api controller and route untouched and to create a new controller and route called ApiV2 or something which is where I will merge all my code to since the updated api will be significantly different.

[joffems]

@agramian ApiV2 will work well.

[agramian]

Version 2 of the web api is complete and merged to master. @joffems unless you have objections I will close this.

[joffems]

@agramian API looks good. Thanks!