************************************************************************************* Welcome to gCube Global Record of Stocks and Fisheries (GRSF) Publisher documentation ************************************************************************************* gCube Global Record of Stocks and Fisheries (GRSF) Publisher is a RESTful application which exposes operations via REST-API. See the available `REST-API docs <../api-docs/index.html>`_. Authorization ============= D4Science adopts state-of-the-art industry standards for authentication and authorization. Specifically, the implementation fully adopts `OIDC (OpenID Connect) `_ for authentication and UMA 2 (User-Managed Authorization) for authorization flows. `JSON Web Token (JWT) Access token `_ are used for both authentication and authorization. Obtain your Bearer token here: https://dev.d4science.org/how-to-access-resources Service ======= You can call the methods of the Web Service by writing your own REST client application or using existing REST client plugins. HTTP Statuses ------------- Any successful operation returns *200 OK* HTTP status code. The create operation returns *201 Created*. Any Background operation returns *202 Accepted*. Any operation which does not provide any content return *204 No Content*. The most common error status a client can obtain are: * **400 Bad Request** used to indicate a clients error ``_; * **401 Unauthorized** used to indicate that the client does not provide the authorization token in the HTTP Header or the client has not enough right to perform such request ``_; * **404 Not Found** used to indicate that the requested instance does not exist ``_; * **405 Method Not Allowed** the used HTTP method is not supported for the requested URL ``_. The response contains the *Allow* HTTP Header indicating the supported HTTP method for such URL ``_; * **409 Conflict** the request could not be completed due to a conflict with the current state of the target resource (e.g. the name of the resource already exists) ``_; * **500 Internal Server Error** indicate a server failure ``_. You can find a complete list of HTTP Status at ``_ If you get a *500 Internal Server Error*, please report it in the `gCube ticketing system `_. Please use this checklist before reporting an error: * Replicate the request; * The failure could be temporal due to network error, server issue and many other temporal issues. For this reason, please retry the request after a certain amount of time before reporting the issue; * indicate how to replicate the error; * indicate the time when the error occurred (this simplifies identifying the issue). HTTP Methods ------------ This is a pure RESTful service. It uses standard HTTP Methods to perform a listing of collections and CRUD (Create Read Update Delete) operations on instances. .. table:: +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Operation | HTTP Method | URL | Success HTTP Status | Safe | Idempotent | +==============+=============+========================================+=====================+========+============+ | Supported | OPTIONS | /{COLLECTION} | 204 No Content | Y | Y | | HTTP Methods | | | [#allow]_ | | | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | List | GET | /{COLLECTION} | 200 OK | Y | Y | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Count | GET | /{COLLECTION}?count=true | 200 OK | Y | Y | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Exists | HEAD | /{COLLECTION} | 204 No Content | Y | Y | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Create | POST | /{COLLECTION} | 201 Created | N | N | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Supported | OPTIONS | /{COLLECTION}/{INSTANCE_ID} | 204 No Content | Y | Y | | HTTP Methods | | | [#allow]_ | | | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Exist | HEAD | /{COLLECTION}/{INSTANCE_ID} | 204 No Content | Y | Y | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Read | GET | /{COLLECTION}/{INSTANCE_ID} | 200 OK | Y | Y | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Update | PUT | /{COLLECTION}/{INSTANCE_ID} | 200 OK | N | Y | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Patch | PATCH | /{COLLECTION}/{INSTANCE_ID} | 200 OK | N | Y | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Delete | DELETE | /{COLLECTION}/{INSTANCE_ID} | 204 No Content | N | N [#del]_ | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ | Purge | DELETE | /{COLLECTION}/{INSTANCE_ID}?purge=true | 204 No Content | N | N [#del]_ | + +-------------+----------------------------------------+---------------------+--------+------------+ | | PURGE | /{COLLECTION}/{INSTANCE_ID} | 204 No Content | N | N [#del]_ | +--------------+-------------+----------------------------------------+---------------------+--------+------------+ .. [#allow] Supported HTTP Methods in **Allow** HTTP Header .. [#del] DELETE has been defined as idempotent. *Allamaraju* [#Allamaraju]_ argues that DELETE idempotency should be accomplished client-side. The server should inform the client if the delete operation succeeded because the resource was really deleted or it was not found, i.e., **404 Not Found** error is suggested instead of **204 No Content**. The latter situation should be treated as idempotent by the client. We share the same vision. For this reason, gCat does not provide server-side idempotency for DELETE and PURGE operations. .. [#Allamaraju] Allamaraju S. RESTful Web Services Cookbook: Solutions for Improving Scalability and Simplicity . O’Reilly. first ed. 2010 About URL ^^^^^^^^^ The presented URL uses the following convention: * **{COLLECTION}** is the plural name of the entity type; * **{INSTANCE_ID}** is an identification that enables univocally identifying the instance in the collection. About Safety and Idempotency properties ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * A method is *Safe* if it does not produce any side effects. "This does not prevent an implementation from including behaviour that is potentially harmful, that is not entirely read-only, or that causes side effects while invoking a safe method" ``_; * A method is *Idempotent* if the same operation repeated multiple times has the same side effect than using it one time. "repeating the request will have the same intended effect, even if the original request succeeded, though the response might differ" ``_. You can find more information about HTTP Methods at ``_ Uncommon HTTP Methods ^^^^^^^^^^^^^^^^^^^^^ * PATCH method allows to perform a differential update (i.e. an update which provides only the differences and not the whole new representation); * PURGE method is not a standard but is widely used in service which requires this action (e.g. `Varnish `_, `Squid `_). gCat provides support for this method, but to support a wider range of clients, it also provides the Purge action via *DELETE* with the additional get parameter ``purge=true``. Content-Type ------------ Any request must contain an indication of the interesting content type. The client must specify the **Accept** HTTP Header for any operation returning a result. .. code-block:: rest Accept: application/json For any operation sending content to the service, it is necessary to specify the **Content-Type** HTTP Header. .. code-block:: rest Content-Type: application/json The service accepts and returns only JSON objects. `Profile Collection <../api-docs/resource\_Profile.html>`_ instead can be manipulated in XML only. Collections ----------- The safe methods of following collections are available to any user belonging to the VRE (i.e. Catalogue Member). * `Fishery Collection <../api-docs/resource_FisheryRESTAPIs.html>`_. * `Stock Collection <../api-docs/resource_StockRESTAPIs.html>`_. * `Traceability Unit Collection <../api-docs//resource_TraceabilityUnitRESTAPIs.html>`_. Catalogue-Editors can invoke non-safe methods. The following collections are available for Catalogue-Admins or above only: * `Configuration Collection <../api-docs/resource_Configuration.html>`_. An overview of the available collections is available at `<../api-docs/index.html>`_; Roles ----- Any user has one or more roles in the catalogue. Only the VRE Manager can assign roles to VRE users. The service uses the following hierarchic roles: **Catalogue-Member**: A user with such a role is mainly capable of listing and reading records; **Catalogue-Editor**: A user with such a role is capable of managing the records and capable of using other safe APIs; **Catalogue-Admin**: A user with such a role is capable of administrating many aspects of the catalogue; **Catalogue-Manager**: A user with such a role can use all the APIs exposed by the service. **Methods Result** The service exposes `its methods <../api-docs/index.html>`_ using a standard naming approach. Moreover, they accept (in the case of HTTP POST/PUT methods) JSON objects. .. IMPORTANT:: The result of all methods is always a JSON object as per below: .. code:: javascript { "license_title": "Creative Commons Attribution Share-Alike 4.0", "maintainer": "GRSF Publisher", "id": "f47496b9-7602-40b0-a74c-b33d3341c5be", "author": "GRSF Publisher", ... "name": "23fd6734-b7cd-37eb-8b43-03b1495dd7af", "title": "Pagellus erythrinus - Levant", } *Inputs are automatically validated before the request is served.* Service Discovery on IS ======================= The service can be discovered in the gCore IS as gCore Endpoint with the following parameter: .. code:: xml org.gcube.data-catalogue grsf-publisher The service can be discovered in the Facet Based IS as EService with the following json query: .. code:: json { "@class": "EService", "consistsOf": [ { "@class": "IsIdentifiedBy", "target": { "@class": "SoftwareFacet", "group": "org.gcube.data-catalogue", "name": "grsf-publisher" } } ] } Service Maven Coordinates ========================= The maven coordinates of gCat service are: .. code:: xml org.gcube.data-catalogue grsf-publisher