Applications wishing to support REST should subclass this class, implement the methods to be called,
and define a UrlMap XDATA block which maps Urls and request Method (DELETE/GET/POST/PUT) to those methods.
Users define a csp web application which will be serviced by their custom subclass. To achieve this, in the
management portal set the 'Dispatch Class' to the name of the custom subclass of %CSP.REST. See the
csp/samples/docserver web application and the corresponding REST.DocServer sample in the SAMPLES namespace.
Note: %CSP.REST extends %CSP.Login instead of just %CSP.Page because %CSP.Login contains the
default CORS support as well as being a subclass of %CSP.Page.
Note: The REST support uses features not available on VMS and will not function on VMS platforms.
parameter HTTP405METHODNOTALLOWED = 405 Method Not Allowed;
parameter HTTP406NOTACCEPTABLE = 406 Not Acceptable;
parameter HTTP409CONFLICT = 409 Conflict;
parameter HTTP415UNSUPPORTEDMEDIATYPE = 415 Unsupported Media Type;
parameter HTTP423LOCKED = 423 Locked;
parameter HTTP500INTERNALSERVERERROR = 500 Internal Server Error;
parameter HandleCorsRequest;
This parameter influences the CORS support. The default is an empty string meaning 'not specified'.
If set to true (1) then CORS processing is ON. If set to false (0) then CORS processing is OFF.
If left unset ("") then the decision to process CORS is delegated to the setting on the URL map route.
parameter UseSession = 0;
This parameter controls the CSP session support. By default the CSP session will be
ended after each request in accordance with the spirit of REST. However this CAN be
overridden by the user. To use a session, it's necessary to manage the CSPSESSION cookie.
Browsers do this automatically but command line tools such as CURL require the setting of
options.
Note that if you choose to use a session then this will use a CSP license until the session
is ended or expires and the grace period has been satisfied. If you use the default of no
session then this will be the same behavior as SOAP requests of holding a license for ten
seconds.
Methods
classmethod AcceptsContentType(pType As %String) as %Boolean
This method tests the HTTP_ACCEPT header and returns true if
the passed content type is acceptable
classmethod AccessCheck(Output pAuthorized As %Boolean = 0) as %Status
This method performs a basic access check. You can override this to add additional checks.
This method gets called prior to dispatch of the request. Put any common code here
that you want to be executed for EVERY request. If pContinue is set to 0, the
request will NOT be dispatched according to the UrlMap. In this case it's the
responsibility of the user to return a response.