openproject/docs/api/apiv3/forms.apib

# Group Forms

This API provides forms as a concept to aid in editing or creating resources. The goal of forms is to:

* make writable properties of a resource discoverable
* show to which values a property can be set
* validate changes to a resource and indicate validation errors

These benefits aside, a client can freely choose to immediately edit a resource without prior validation by a form.
In the case of an invalid request the edit will fail and return appropriate errors nevertheless.

A form is associated to a single resource and aids in performing changes on that resource.
When posting to a form endpoint with an empty request body or an empty JSON object,
you will receive an initial form for the associated resource.
Subsequent calls to the form should contain a single JSON object as described by the form.

## Actions

| Link                | Description                                                           | Condition                        |
|:-------------------:| --------------------------------------------------------------------- | -------------------------------- |
| validate            | Validate changes, show errors and allowed values for changed resource |                                  |
| commit              | Actually perform changes to the resource                              | form content is valid            |
| previewMarkup       | Post markup (e.g. markdown) here to receive an HTML-rendered response |                                  |

## Linked Properties

| Link                | Description                                      | Type          | Nullable | Supported operations |
|:-------------------:| ------------------------------------------------ | ------------- | -------- | -------------------- |
| self                | This form                                        | Form          |          | READ                 |

## Embedded Properties:

Apart from the linked properties, forms contain always three other embedded properties:

* `payload`
* `schema`
* `validationErrors`

Their purpose is explained below.

### Payload

The payload contains an edited version of the resource that will be modified when committing the form.
This representation contains all writable properties of the resource and reflects all changes that the latest call to **validate** included,
thereby acting as a preview for the changes.

In case the client tries to set the value to something invalid, the invalid change is also reflected here. However a validation error (see below)
indicates that a commit of this payload would fail.

It might happen that setting one property affects the allowed values for another property. Thus by changing a property A
the current value of another property B might become invalid. If the client did not yet touch the value of B, the payload will
contain a default value for that property. Nevertheless the client will also receive an appropriate validation error for value B.

The content of this element *can* be used as a template for the request body of a call to **validate** or **commit**.

A call to **validate** and **commit** does not need to include all properties that were defined in the `payload` section.
It is only necessary to include the properties that you want to change, as well as the `lockVersion` if one is present.
However you *may* include all the properties sent in the `payload` section.

### Schema

The schema embedded in a form is a normal [schema describing the underlying resource](#schema).
However, the embedded schema can change with each revalidation of the form.
For example it might be possible, that changing the type of a work package affects its available properties,
as well as possible values for certain properties.
As this makes the embedded schema very dynamic, it is not included as a static link.

### Validation Errors

Like a [schema](#schema) the validation errors build a dictionary where the key is a property name.
Each value is an error object that indicates the error that occurred validating the corresponding property.
There are only key value pairs for properties that failed validation, the element is empty if all validations succeeded.

However note that even in the case of validation errors, the response you receive from the form endpoint will be an HTTP 200.
That is because the main purpose of a form is helping the client to sort out validation errors.

### Meta object

Form resources may have an additional `_meta` object that contains parameters to be sent together with the resource,
but that do not belong to the resource itself. For example, parameters on if and how to send notifications for the action
performed with the API request can be sent.

Each individual endpoint will describe their meta properties, if available.

## Example Form [/api/v3/example/form]

+ Model
    + Body

            {
                "_links": {
                    "self": { "href": "/api/v3/example/form" },
                    "validate": {
                        "href": "/api/v3/example/form",
                        "method": "POST"
                    },
                    "previewMarkup": {
                        "href": "/api/v3/render/markdown",
                        "method": "POST"
                    },
                    "commit": {
                        "href": "/api/v3/example",
                        "method": "PATCH"
                    }
                },

                "_type": "Form",

                "_embedded": {
                    "payload": {
                        "_links": {
                            "status": { "href": "/api/v3/statuses/1" }
                        },
                        "_type": "Example",
                        "lockVersion": 5,
                        "subject": "An example title"
                    },
                    "schema": {
                        "_type": "Schema",
                        "_links": {
                            "self": { "href": "/api/v3/example/schema" }
                        },

                        "lockVersion": {
                            "type": "Integer",
                            "writable": false
                        },
                        "subject": {
                            "type": "String",
                            "minLength": 1,
                            "maxLength": 255
                        },
                        "status": {
                            "_links": {
                                "allowedValues": [
                                    { "href": "/api/v3/statuses/1", "title": "New" },
                                    { "href": "/api/v3/statuses/2", "title": "Closed" }
                                ]
                            },

                            "type": "Status",

                            "_embedded": {
                                "allowedValues": [
                                    {
                                        "_links": { "self": { "href": "/api/v3/statuses/1" } },
                                        "_type": "Status",
                                        "id": 1,
                                        "name": "New",
                                        "position": 1,
                                        "isDefault": true,
                                        "isClosed": false,
                                        "defaultDoneRatio": 0,
                                        "createdAt": "2014-05-21T08:51:20Z",
                                        "updatedAt": "2014-05-21T09:12:00Z"
                                    },
                                    {
                                        "_links": { "self": { "href": "/api/v3/statuses/2" } },
                                        "_type": "Status",
                                        "id": 2,
                                        "name": "Closed",
                                        "position": 2,
                                        "isDefault": false,
                                        "isClosed": true,
                                        "defaultDoneRatio": 100,
                                        "createdAt": "2014-05-21T08:51:20Z",
                                        "updatedAt": "2014-05-21T09:12:00Z"
                                    }
                                ]
                            }
                        }
                    },
                    "validationErrors": {
                        "subject": {
                            "_type": "Error",
                            "errorIdentifier": "urn:openproject-org:api:v3:errors:BadExampleError",
                            "message": "For the purpose of this example we need a validation error. The remainder of the response pretends there were no errors."
                        }
                    }
                }
            }

## show or validate form [POST]

This is an example of how a form might look like. Note that this endpoint does not exist in the actual implementation.

+ Request (application/json)

        {
            "lockVersion": 5,
            "_type": "Example",
            "subject": "An example title"
        }

+ Response 200 (application/hal+json)

    [Example Form][]

+ Response 400 (application/hal+json)

    Occurs when the client did not send a valid JSON object in the request body and the request body
    was not empty.

    Note that this error only occurs when the content is not at all a single JSON object.
    It **does not occur** for requests containing undefined properties or invalid property values.

    + Body

            {
                "_type": "Error",
                "errorIdentifier": "urn:openproject-org:api:v3:errors:InvalidRequestBody",
                "message": "The request body was neither empty, nor did it contain a single JSON object."
            }

+ Response 403 (application/hal+json)

    Returned if the client does not have sufficient permissions to modify the associated resource.

    + Body

            {
                "_type": "Error",
                "errorIdentifier": "urn:openproject-org:api:v3:errors:MissingPermission",
                "message": "You are not allowed to edit example resources."
            }

+ Response 409 (application/hal+json)

    Returned if underlying resource was changed since the client requested the form. This is determined using the `lockVersion` property.

    + Body

            {
                "_type": "Error",
                "errorIdentifier": "urn:openproject-org:api:v3:errors:UpdateConflict",
                "message": "The resource you are about to edit was changed in the meantime."
            }
Extract APIV3 documentation into single endpoints This does not differentiate further inside an endpoint and while useful (for e.g., work packages) we should discuss how the structure inside an endpoint should look like. 8 years ago			`# Group Forms`

			`This API provides forms as a concept to aid in editing or creating resources. The goal of forms is to:`

			`* make writable properties of a resource discoverable`
			`* show to which values a property can be set`
			`* validate changes to a resource and indicate validation errors`

			`These benefits aside, a client can freely choose to immediately edit a resource without prior validation by a form.`
			`In the case of an invalid request the edit will fail and return appropriate errors nevertheless.`

			`A form is associated to a single resource and aids in performing changes on that resource.`
			`When posting to a form endpoint with an empty request body or an empty JSON object,`
			`you will receive an initial form for the associated resource.`
			`Subsequent calls to the form should contain a single JSON object as described by the form.`

			`## Actions`

			`\| Link \| Description \| Condition \|`
			`\|:-------------------:\| --------------------------------------------------------------------- \| -------------------------------- \|`
			`\| validate \| Validate changes, show errors and allowed values for changed resource \| \|`
			`\| commit \| Actually perform changes to the resource \| form content is valid \|`
remove textile 6 years ago			`\| previewMarkup \| Post markup (e.g. markdown) here to receive an HTML-rendered response \| \|`
Extract APIV3 documentation into single endpoints This does not differentiate further inside an endpoint and while useful (for e.g., work packages) we should discuss how the structure inside an endpoint should look like. 8 years ago
			`## Linked Properties`

			`\| Link \| Description \| Type \| Nullable \| Supported operations \|`
			`\|:-------------------:\| ------------------------------------------------ \| ------------- \| -------- \| -------------------- \|`
			`\| self \| This form \| Form \| \| READ \|`

			`## Embedded Properties:`

			`Apart from the linked properties, forms contain always three other embedded properties:`

			* `payload`
			* `schema`
			* `validationErrors`

			`Their purpose is explained below.`

			`### Payload`

Fix typos in user facing and non-user facing code Found via `codespell v2.1.dev0` 4 years ago			`The payload contains an edited version of the resource that will be modified when committing the form.`
Extract APIV3 documentation into single endpoints This does not differentiate further inside an endpoint and while useful (for e.g., work packages) we should discuss how the structure inside an endpoint should look like. 8 years ago			`This representation contains all writable properties of the resource and reflects all changes that the latest call to validate included,`
			`thereby acting as a preview for the changes.`

			`In case the client tries to set the value to something invalid, the invalid change is also reflected here. However a validation error (see below)`
			`indicates that a commit of this payload would fail.`

			`It might happen that setting one property affects the allowed values for another property. Thus by changing a property A`
			`the current value of another property B might become invalid. If the client did not yet touch the value of B, the payload will`
Fix typos in user facing and non-user facing code Found via `codespell v2.1.dev0` 4 years ago			`contain a default value for that property. Nevertheless the client will also receive an appropriate validation error for value B.`
Extract APIV3 documentation into single endpoints This does not differentiate further inside an endpoint and while useful (for e.g., work packages) we should discuss how the structure inside an endpoint should look like. 8 years ago
			`The content of this element can be used as a template for the request body of a call to validate or commit.`

			A call to validate and commit does not need to include all properties that were defined in the `payload` section.
			It is only necessary to include the properties that you want to change, as well as the `lockVersion` if one is present.
			However you may include all the properties sent in the `payload` section.

			`### Schema`

			`The schema embedded in a form is a normal [schema describing the underlying resource](#schema).`
			`However, the embedded schema can change with each revalidation of the form.`
			`For example it might be possible, that changing the type of a work package affects its available properties,`
			`as well as possible values for certain properties.`
			`As this makes the embedded schema very dynamic, it is not included as a static link.`

			`### Validation Errors`

			`Like a [schema](#schema) the validation errors build a dictionary where the key is a property name.`
Fix typos in user facing and non-user facing code Found via `codespell v2.1.dev0` 4 years ago			`Each value is an error object that indicates the error that occurred validating the corresponding property.`
Extract APIV3 documentation into single endpoints This does not differentiate further inside an endpoint and while useful (for e.g., work packages) we should discuss how the structure inside an endpoint should look like. 8 years ago			`There are only key value pairs for properties that failed validation, the element is empty if all validations succeeded.`

			`However note that even in the case of validation errors, the response you receive from the form endpoint will be an HTTP 200.`
			`That is because the main purpose of a form is helping the client to sort out validation errors.`

[34444] Projects copy APIv3 (#9149) * Create copy project endpoint * Add representers * Add _meta representer for copy module information * Add Meta payload representer * Extract parsing of copy attributes into service * Extract enqueue job for projects copy * Keep request object available in the bodied endpoint this allows us to access grape (e.g., for redirecting) * Add DelayedModify endpoint that redirects to job status * Use DelayedModify endpoint for copying projects * Add api paths for form/copy * Disable cache on ProjectCopyPayload * Add spec * Add resource spec * Extend schema for meta * Extend docs * Don't pass service result, but state as meta to forms * Use copy dependencies for naming copy options in API * Add description property for counting * Remove unused action attribute * Skip writable checks on meta property for payloads * Use prepend to allow create(...) usage with meta * Extend copy spec with custom fields usage * Add spec for copy flags * Add todos * Pass errors correctly to copy settings * Remove invalid parameters to copy that are now caught through project service * Remove duplicated validation * Linting * Make count a human readable, formattable description string * Make source count string readable * Provide the source project for generating the counts * Extract copying of attachments into sepearate dependent services This will allow the API to dynamically generate a copy association schema from each dependent service * Add spec for copy schema representer * Add payload representer spec * Also validate the model to pass the validations when copying * Make description optional and add note to schemas.apib * Add send_notifications to representer * Allow to configure sendNotifications * Allow bodied to receive a state process callback That allows us to manage the meta state on the API level, not on the service level * Make other services compatible with BaseCallable * Fix params passing from BaseCallable Wrapping a single hash into kwargs obviously loses their key indifference and we can't expect all services to use a single params object. Older services use kwargs * Copy wiki page with parent_id This will save some memory instead of memoizing the entire wiki page * Fix typo * Default to true for all copy associations That means if only a true value is passed, all other options will still be true * Do not try to copy attachments if the base dependency wasnt copied * Ensure null identifier gets rendered * Fix paths to the form and commit * Change redirect to an URL * Extend documentation on meta properties as table * Ensure we pass a default params if incoming params are nil Now that SetAttributes needs to splat params, they do no longer correctly get the no-param-default behavior of Ruby, so we need to explictly assign a default params hash * Fix expect for trailing path 4 years ago			`### Meta object`

			Form resources may have an additional `_meta` object that contains parameters to be sent together with the resource,
			`but that do not belong to the resource itself. For example, parameters on if and how to send notifications for the action`
			`performed with the API request can be sent.`

			`Each individual endpoint will describe their meta properties, if available.`

Extract APIV3 documentation into single endpoints This does not differentiate further inside an endpoint and while useful (for e.g., work packages) we should discuss how the structure inside an endpoint should look like. 8 years ago			`## Example Form [/api/v3/example/form]`

			`+ Model`
			`+ Body`

			`{`
			`"_links": {`
			`"self": { "href": "/api/v3/example/form" },`
			`"validate": {`
			`"href": "/api/v3/example/form",`
			`"method": "POST"`
			`},`
			`"previewMarkup": {`
remove textile 6 years ago			`"href": "/api/v3/render/markdown",`
Extract APIV3 documentation into single endpoints This does not differentiate further inside an endpoint and while useful (for e.g., work packages) we should discuss how the structure inside an endpoint should look like. 8 years ago			`"method": "POST"`
			`},`
			`"commit": {`
			`"href": "/api/v3/example",`
			`"method": "PATCH"`
			`}`
			`},`

			`"_type": "Form",`

			`"_embedded": {`
			`"payload": {`
			`"_links": {`
			`"status": { "href": "/api/v3/statuses/1" }`
			`},`
			`"_type": "Example",`
			`"lockVersion": 5,`
			`"subject": "An example title"`
			`},`
			`"schema": {`
			`"_type": "Schema",`
			`"_links": {`
			`"self": { "href": "/api/v3/example/schema" }`
			`},`

			`"lockVersion": {`
			`"type": "Integer",`
			`"writable": false`
			`},`
			`"subject": {`
			`"type": "String",`
			`"minLength": 1,`
			`"maxLength": 255`
			`},`
			`"status": {`
			`"_links": {`
			`"allowedValues": [`
			`{ "href": "/api/v3/statuses/1", "title": "New" },`
			`{ "href": "/api/v3/statuses/2", "title": "Closed" }`
			`]`
			`},`

			`"type": "Status",`

			`"_embedded": {`
			`"allowedValues": [`
			`{`
			`"_links": { "self": { "href": "/api/v3/statuses/1" } },`
			`"_type": "Status",`
			`"id": 1,`
			`"name": "New",`
			`"position": 1,`
			`"isDefault": true,`
			`"isClosed": false,`
			`"defaultDoneRatio": 0,`
			`"createdAt": "2014-05-21T08:51:20Z",`
			`"updatedAt": "2014-05-21T09:12:00Z"`
			`},`
			`{`
			`"_links": { "self": { "href": "/api/v3/statuses/2" } },`
			`"_type": "Status",`
			`"id": 2,`
			`"name": "Closed",`
			`"position": 2,`
			`"isDefault": false,`
			`"isClosed": true,`
			`"defaultDoneRatio": 100,`
			`"createdAt": "2014-05-21T08:51:20Z",`
			`"updatedAt": "2014-05-21T09:12:00Z"`
			`}`
			`]`
			`}`
			`}`
			`},`
			`"validationErrors": {`
			`"subject": {`
			`"_type": "Error",`
			`"errorIdentifier": "urn:openproject-org:api:v3:errors:BadExampleError",`
			`"message": "For the purpose of this example we need a validation error. The remainder of the response pretends there were no errors."`
			`}`
			`}`
			`}`
			`}`

			`## show or validate form [POST]`

			`This is an example of how a form might look like. Note that this endpoint does not exist in the actual implementation.`

			`+ Request (application/json)`

			`{`
			`"lockVersion": 5,`
			`"_type": "Example",`
			`"subject": "An example title"`
			`}`

			`+ Response 200 (application/hal+json)`

			`[Example Form][]`

			`+ Response 400 (application/hal+json)`

			`Occurs when the client did not send a valid JSON object in the request body and the request body`
			`was not empty.`

			`Note that this error only occurs when the content is not at all a single JSON object.`
			`It does not occur for requests containing undefined properties or invalid property values.`

			`+ Body`

			`{`
			`"_type": "Error",`
			`"errorIdentifier": "urn:openproject-org:api:v3:errors:InvalidRequestBody",`
			`"message": "The request body was neither empty, nor did it contain a single JSON object."`
			`}`

			`+ Response 403 (application/hal+json)`

			`Returned if the client does not have sufficient permissions to modify the associated resource.`

			`+ Body`

			`{`
			`"_type": "Error",`
			`"errorIdentifier": "urn:openproject-org:api:v3:errors:MissingPermission",`
			`"message": "You are not allowed to edit example resources."`
			`}`

			`+ Response 409 (application/hal+json)`

			Returned if underlying resource was changed since the client requested the form. This is determined using the `lockVersion` property.

			`+ Body`

			`{`
			`"_type": "Error",`
			`"errorIdentifier": "urn:openproject-org:api:v3:errors:UpdateConflict",`
			`"message": "The resource you are about to edit was changed in the meantime."`
			`}`