Hi, Just getting started learning how to use XData and I have setup a basic server to return a dataset in json. Before moving on to creating other endpoints I wanted to look at the security options and as a starter I implemented a very crude basic authentication method which worked, however it prompted for username/password on normal get/list queries but did prompt and therefore displayed the metadata information for the server/model eg. typing http://localhost/flix/$model returned all the field information for the table. How do I stop this?
I should also add for reference that I followed Chapter 7 of the new TMS Web core book by Holger Flick to set this up.
Thank you
Richard
wlandgraf
(Wagner Landgraf)
June 8, 2023, 11:54am
2
Burton_Richard:
How do I stop this?
Your API is protected already by your basic authentication (although I suggest using JWT).
What do you want to stop, exactly?
Thank you for your reply. Using a browser to access one of my end points it behaves as expected, however when i use localhost/tms or localhost/tms/myentity it still provides the details of these.
Thank you
Richard
This some of info that gets displayed if i use localhost/tms/$model from a browswer
Title
Server API
Version
3
Schemas
0
Namespace
XData.Default
EntityTypes
0
Name
mat_prc
Properties
0
Name
ID
Required
true
Type
Int32
1
Name
CoilNumber
Length
12
Type
String
2
Name
OrderNo
Length
10
Type
String
3
Name
OrderType
Length
1
Type
String
4
Name
Pack_ID
Length
3
Type
String
5
Name
Cust_Ref
Length
64
Type
String
6
Name
CustCode
Length
8
Type
String
7
Name
CustName
Length
64
Type
String
8
Name
Proforma
Length
1
Type
String
9
Name
Date_Pos
Type
DateTime
10
Name
Date_Pos_J
Type
Int32
11
Name
Date_Req
Type
DateTime
12
Name
Date_Ready
Type
DateTime
13
Name
Date_Ship
Type
DateTime
14
Name
Date_CallOff
Type
DateTime
15
Name
Machine
Length
16
Type
String
16
Name
Opt_Width
Precision
10
Scale
3
Type
Double
17
Name
Opt_Length
Precision
10
Scale
2
Type
Double
18
Name
Opt_Gauge
Precision
10
Scale
3
Type
Double
19
Name
Opt_Weight
Precision
10
Scale
3
Type
Double
20
Name
Act_Width
Precision
10
Scale
3
Type
Double
21
Name
Act_Length
Precision
10
Scale
2
Type
Double
22
Name
Act_Gauge
Precision
10
Scale
3
Type
Double
23
Name
Act_Weight
Precision
10
Scale
3
Type
Double
24
Name
Pck_Weight
Precision
10
Scale
3
Type
Double
25
Name
Grade
Length
10
Type
String
26
Name
Spec
Length
20
Type
String
27
Name
Bay
Length
3
Type
String
28
Name
Row
Length
3
Type
String
29
Name
CastNo
Length
16
Type
String
30
Name
CustCoilNo
Length
20
Type
String
31
Name
GRNNo
Length
16
Type
String
32
Name
Qty_Here
Type
Int32
33
Name
Qty_Togo
Type
Int32
34
Name
Des_Weight
Precision
10
Scale
3
Type
Double
35
Name
WB_Ref
Length
8
Type
String
36
Name
Checked
Length
1
Type
String
37
Name
Inv_Des
Length
1
Type
String
38
Name
Complete
Length
1
Type
String
39
Name
EditDate
Type
DateTime
40
Name
EditUser
Length
3
Type
String
41
Name
SalesNumber
Length
12
Type
String
42
Name
Site
Length
20
Type
String
43
Name
SuppCode
Length
6
Type
String
44
Name
SuppName
Length
64
Type
String
45
Name
SupplierOrderNo
Length
20
Type
String
46
Name
ShippingList
Length
20
Type
String
47
Name
MaterialType
Length
1
Type
String
48
Name
AllocateCode
Length
6
Type
String
49
Name
AllocateName
Length
64
Type
String
50
Name
AllocateOrder
Length
10
Type
String
51
Name
AllocateItem
Length
12
Type
String
52
Name
Salesman
Length
32
Type
String
53
Name
CostPrice
Type
Double
54
Name
Cost_Type
Length
4
Type
String
55
Name
MarketStatus
Length
1
Type
String
56
Name
MarketSuitability
Length
1
Type
String
57
Name
SOL_ID
Type
Int32
58
Name
Marketdate
Type
DateTime
59
Name
MarketDateTime
Type
DateTime
60
Name
MarketNotes
Type
Stream
61
Name
MarketNonPrime
Length
1
Type
String
62
Name
Alloc_Qty
Precision
10
Scale
3
Type
Double
63
Name
Alloc_Weight
Precision
10
Scale
3
Type
Double
64
Name
Alloc_Who
Length
20
Type
String
65
Name
Alloc_Ref
Type
Int32
66
Name
Reserved
Length
20
Type
String
67
Name
ReservedCustomerCode
Length
6
Type
String
68
Name
ReservedCustomerName
Length
128
Type
String
69
Name
ReservedReason
Type
Stream
70
Name
ItemNote
Type
Stream
71
Name
PurchaseOrderNo
Length
20
Type
String
72
Name
Date_SellBy
Type
DateTime
73
Name
MarketValue
Precision
10
Scale
2
Type
Double
74
Name
MarketValueType
Length
4
Type
String
75
Name
Sellingprice
Precision
10
Scale
2
Type
Double
76
Name
SellingType
Length
4
Type
String
77
Name
SalePrice
Precision
10
Scale
2
Type
Double
78
Name
SalePriceType
Length
4
Type
String
79
Name
QuarantineDate
Type
DateTime
80
Name
Offloadprice
Precision
10
Scale
2
Type
Double
81
Name
Offloadpricetpye
Length
4
Type
String
82
Name
TransportPrice
Precision
10
Scale
2
Type
Double
83
Name
TrasnportPriceType
Length
4
Type
String
84
Name
QualityScore
Length
2
Type
String
85
Name
StkChk
Length
1
Type
String
86
Name
StkChkDate
Length
10
Type
String
87
Name
StkChkPage
Length
10
Type
String
88
Name
StkChkNumber
Length
10
Type
String
89
Name
Part
Length
50
Type
String
90
Name
Division
Length
50
Type
String
91
Name
DK
Length
50
Type
String
92
Name
Onhold
Length
1
Type
String
93
Name
Hold
Length
1
Type
String
94
Name
ReadyForCollection
Length
1
Type
String
95
Name
NonPrime
Length
1
Type
String
96
Name
ReservedTooltip
Type
Stream
97
Name
TransferOrderNo
Length
10
Type
String
98
Name
SMS_FreeWeeks
Type
Int32
99
Name
TransportArranged
Length
1
Type
String
100
Name
HandSNotificationSent
Length
1
Type
String
NavigationProperties
[]
Key
0
ID
EntityContainers
0
Name
Default
EntitySets
0
Name
mat_prc
EntityType
mat_prc
EnumTypes
[]
InstanceTypes
[]
Controllers
0
Name
openapi
Actions
0
Name
swagger.json
Parameters
0
{…}
1
{…}
HttpMethod
GET
IsResultStream
true
IsResultSingleObject
true
OperationId
ICustomOpenApiService.SwaggerDocument
1
Name
swaggerui
Actions
0
Parameters
[]
HttpMethod
GET
IsResultStream
true
IsResultSingleObject
true
OperationId
ICustomSwaggerUIService.SwaggerUI
wlandgraf
(Wagner Landgraf)
June 8, 2023, 2:08pm
5
What is this? A table? No XData endpoints return a text table by default.
In any case, if you want to override any existing XData endpoint you can create a service operation with the same route as the endpoint you want to override, and set RoutingPrecedence
property of the TXDataServer
component to TXDataRoutingPrecedence.Service
.
XDataSever1.RoutingPrecedence := TXDataRoutingPrecedence.Service;
...
[ServiceContract]
[Route('')]
ISomeService = interface(IInvokable)
['{3B1C0691-6D7C-41FF-9F47-BD6392C2CC9F}']
[HttpGet, Route('$model')]
procedure ReturnCustomModel;
end;