At some point we want particular resources to have their own methods, instead of the generic, invariant version from the view system.
For instance, suppose we want to see entries which have not yet been approved. Something like:
/entries?status='pending'
Permissions on these methods must be implicit. That is, we should not say that a particular user is entitle to GET a resource but not with a particular query parameter.
At some point we want particular resources to have their own methods, instead of the generic, invariant version from the view system.
For instance, suppose we want to see entries which have not yet been approved. Something like:
/entries?status='pending'
Permissions on these methods must be implicit. That is, we should not say that a particular user is entitle to GET a resource but not with a particular query parameter.
This needs thought.