Class: CRUD extends Restful

Generates a RESTful CRUD (Create, Read, Update, Delete) interface for a given model, with control for enforcing limits, visibility of fields, and which fields can be updated through the REST API.


  1. Define your API library:

  2. Connect it in a handler:

    require_auth (user\Auth\HMAC::init ($this, $cache, 3600)); // Hand the request off to your new API $this->restful (new blog\API); ?>

Your API should now be accessible at the following endpoint:

To version your API, simply save it into a subfolder with the version name, for example:


Will map to:

For easy JavaScript access, see apps/admin/js/api.js which provides a client-side wrapper around the built-in CRUD methods. Simply give it a name and an endpoint URL path.

The various built-in methods include:

GET    /resource             # get first 30 objects
GET    /resource?offset=30   # get next 30 objects
GET    /resource/ID          # get object by ID value
POST   /resource             # create a new object
POST   /resource/ID          # update an existing object
POST   /resource/delete/ID   # delete an object
DELETE /resource/ID        # delete via HTTP DELETE method
GET    /resource/limit       # get the limit /resource is set for
GET    /resource/permissions # get the crud permissions

Also note that CRUD inherits from Restful, so you can add as many new methods to your API as you need.


public $model

The Model class to act upon.

public $editable = array ()

A list of fields that can be updated via REST.

public $visible = array ()

A list of fields that are accessible in REST results.

public $limit = 30

The item limit to be returned in one list call.

public $permissions = array ()

The permissions to enable/disable for this model.


private strip_object ($obj)

Strip the non-visible properties from an object. Returns it as an associative array.

private fetch ($id)

Fetch a single object by its ID.

private query ()

Create a new query object.

public get_limit ()

Returns the limit number.


GET /resource/limit

public get_permissions ()

Returns the permissions for this model.


GET /resource/permissions

public get__default ($id = false)

Handles getting a list of items via GET /resource or a single item via GET /resource/ID.


GET /resource/ID
GET /resource
GET /resource?offset=30

public post__default ($id = false)

Handles creating a new item via POST /resource. Returns the newly created resource, which should include its new ID value. Also handles updating existing items via POST /resource/ID.


POST /resource
POST /resource/ID

public delete__default ($id)

Delete an object via DELETE /resource/ID. Returns the deleted object data on success.


DELETE /resource/ID

public post_delete ($id)

Delete an object via POST /resource/delete/ID. Alias of DELETE /resource/ID for those without DELETE capability.


POST /resource/delete/ID