Blog

Read the tutorial at http://codeontime.com/learn/getting-started/configuring-charts.

Application sever embedded in a web app created with Code On Time allows programmatic access to data controllers. By default, all data controller URIs (Uniform Resource Identifiers) are locked down.

For example, if you try navigating to http://demo.codeontime.com/northwind/appservices/MyProducts?SupplierCompanyName=Tokyo%20Traders, then you will see a prompt from the application server to enter a user name and password.

Enter admin/admin123% or user/user123% and you will see the following XML data.

<?xml version="1.0" encoding="utf-8"?>
<MyProducts totalRowCount="3" pageSize="100" pageIndex="0" rowCount="3">
  <items>
    <item ProductName="Mishi Kobe Niku" SupplierID="4" CategoryID="6" 
          QuantityPerUnit="18 - 500 g pkgs." UnitPrice="$97.00" UnitsInStock="29" 
          UnitsOnOrder="0" ReorderLevel="0" Discontinued="True" ProductID="9" 
          SupplierCompanyName="Tokyo Traders" CategoryCategoryName="Meat/Poultry" />
    <item ProductName="Ikura" SupplierID="4" CategoryID="8" 
          QuantityPerUnit="12 - 200 ml jars" UnitPrice="$31.00" UnitsInStock="31" 
          UnitsOnOrder="0" ReorderLevel="0" Discontinued="False" ProductID="10" 
          SupplierCompanyName="Tokyo Traders" CategoryCategoryName="Seafood" />
    <item ProductName="Longlife Tofu" SupplierID="4" CategoryID="7" 
          QuantityPerUnit="5 kg pkg." UnitPrice="$10.00" UnitsInStock="4" 
          UnitsOnOrder="20" ReorderLevel="5" Discontinued="False" ProductID="74" 
          SupplierCompanyName="Tokyo Traders" CategoryCategoryName="Produce" />
  </items>
</MyProducts>

A similar prompt will be displayed if you generate an app with Code On Time and access any data controller. If a user account is validated successfully then an HTTP error 404 is displayed. It indicates that a resource is not found. The application sever refuses to reveal any data.

You must configure access to the URIs for each data controller explicitly to enable request processing by the built-in application server.

Select a data controller in Project Designer and enter configuration parameters in the field “Representational State Transfer (REST) Configuration”.

REST configuration of a data controller must list at least one “Uri” parameter. A minimal configuration with a single “Uri” parameter is shown next:

Uri: .

The parameter is a regular expression evaluated against a web request URL targeting an application server of a web app. The “.” in the configuration will match the URI to any URL that contains at least one character.

A more restrictive configuration will allow listing an entire catalog of products but will now allow any arguments in the URL specified after the “?”.

Uri: appservices/Products$

The following URI configuration will allow a full listing of product catalog or a list of products filtered by SupplierCompanyName field. No other URLs will be allowed in a request.

Uri: Products$

Uri: Products?SupplierCompanyName=.+$

If multiple URIs are specified then a built-in application server will evaluate each of them in the order of definition. The application server will produce a response as soon as the first configuration URI has  a case-insensitive match to a web request URL.

Each “Uri” parameter may be followed with the following optional parameters providing additional restrictions.

This example will allow only a JSON response to HTTP GET requests of any data controller URI by authenticated users in the roles of Administrators or Power Users.

Uri: .
Method: GET
Users: *
Roles: Administrators, Power Users
Xml: False
JSON: True