OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] A question about REST and transaction isolation

[ Lists Home | Date Index | Thread Index ]

K. Ari Krupnikov wrote:

> User A GETs a resource and edits it. User B GETs a resource and edits
> it. User A PUTs the modified resource back. User B PUTs her version of
> the modified resource back, unaware of A's edits. A's edits are lost
> without anyone noticing. What I want to happen is B to get a 409
> "Conflict" or some such.

I'm not sure how well REST provides answers to the problem of moving 
resources around.  Your problem is that the server, user A, and user B all 
have copies of the same information, and the server has to decide whether to 
accept or reject user B's version after user A has already done a checkin.

One easy solution is to add a sequence number or checkout date to each XML 

  <pilot-record seq="123">
   <name>Ari Krupnikov</name>
   <license-type>private - aeroplane</license-type>
    <type>single engine land</type>
    <rating>IFR single engine</rating>

When I send this back, the server checks my sequence number (or date) 
against the highest sequence number checked back in for Ari's data record; 
if the last checkin was, say, 111, then my information goes in; if the last 
checkin was 125, it rejects (at which point my client can check out the 
newest version and perhaps try to merge my previous changes into it).

Of course, it is easy for the client to cheat by simply bumping up the 
sequence number and resubmitting, but then again, the client can arbitrarily 
change information anyway -- it's just a matter of letting people know when 
there might be a conflict.

If you wanted something more secure, you could figure out a system of hashes 
and signatures against the original document accompanied by a list of 
changes, but that's probably getting into silly territory again unless this 
is a defence application or something similar.

As far as REST goes, the URL on the server always points to the server's 
current version of the information (the last checkin it accepted) -- that's 
about it.

All the best,



News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS