PDA

View Full Version : API / Webservice for external applications?


moelski
06-24-2010, 05:00 PM
Hi guys,

we will start using PT in a few days for our software project. It comes to the right time - now we don?t have to use Redmine :)

But I wonder if you see a chance to establish any kind of webservice or API to add issues from an external application.

Let me explain with an example ...
We develope a Delphi (Win32) application. And it would be great if we could add a formular to our software where the user fills out some stuff like Issuname, Text, ... and send it to our PT.
I know we could implement an instance of Internet Explorer directly in our application and open the Issue creation page directly from PT, but I think it would be nice to have the ability to add issues in a direct way.

What do you think about this?

Greetz
Dominik

ragtek
06-24-2010, 07:09 PM
+1 vote

at least there should be a easy api for creating projects and issues

we_are_borg
06-25-2010, 11:03 AM
I will put this in the dev internal feature requests.

ragtek
06-25-2010, 04:14 PM
thx :)

moelski
06-26-2010, 03:44 AM
thx, too :)

daFish
06-29-2010, 07:08 AM
Great to see this could make it into PT. :)
I hope you'll go with REST and JSON instead of something like XML-RPC or SOAP. Both would add to much overhead in my opinion.

we_are_borg
06-29-2010, 02:09 PM
It has the attention from the developers and there talking about it. It's not only overhead but also security that matters.

Ryan Ashbrook
06-29-2010, 06:33 PM
Any particular reason, aside from overhead, you wouldn't want us to go with XML-RPC?

The overhead from an XML-RPC based API wouldn't be that much, if implemented correctly.

daFish
06-30-2010, 06:57 AM
Any particular reason, aside from overhead, you wouldn't want us to go with XML-RPC?

The overhead from an XML-RPC based API wouldn't be that much, if implemented correctly.

I see it from the client-sides perspective. If I could use REST I wouldn't need to deal with the whole XML-structure. Just pass GET and POST values to the service who are less bytes instead of XML.
Even the authentication of a user can be done easily this way by forcing the API-Key (which is unique to the user) to be an GET-parameter in each request.

I know there is a lot of academic flavor in this discussion but I made good results using REST-based APIs (I even work with one on an custom CMS the company I work for is developing).

Ryan Ashbrook
07-01-2010, 02:23 AM
One thing to remember, also, is we need to deal with how vBulletin handles such requests, as well. vBulletin denies all POST requests that do not originate from the original domain, unless they are whitelisted within the ACP.

This may or may not pose a problem, I don't know for sure yet, never actually tried implementing such a thing within a vBulletin Modification.

daFish
07-01-2010, 08:05 AM
One thing to remember, also, is we need to deal with how vBulletin handles such requests, as well. vBulletin denies all POST requests that do not originate from the original domain, unless they are whitelisted within the ACP.

This may or may not pose a problem, I don't know for sure yet, never actually tried implementing such a thing within a vBulletin Modification.

Yeah, I totally forgot about that.
Maybe it could work that way: A user requests access to the webservice by filling out a small form including the domain where the requests come from. If the request is approved the domain gets added to the whitelist.
But this would not work if you use an external application.

Ryan Ashbrook
07-01-2010, 03:05 PM
Yeah, I totally forgot about that.
Maybe it could work that way: A user requests access to the webservice by filling out a small form including the domain where the requests come from. If the request is approved the domain gets added to the whitelist.
But this would not work if you use an external application.

Exactly.

Unless IP Addresses can also be specified within the Domain Whitelist, the API will be useless for what he is looking to do.

And even then, if you want to make the API globally available to all users, it's not exactly feasible to add every users IP Address to the whitelist.