REST on Rails article

Matt Biddulph has an intriguing article on how to use xml templates and Rail's built-in class reflection to expose a CRUD interface to your models.

You could take his module file, put it in your appname/lib directory, include the following into your application.rb or environment.rb along with an authorization method:

class ApplicationController < ActionController::Base
  include RestResource

  def authorize 
    unless session[:user_id] 
      ...
    end 
  end 

end

then call the method in your class along with an authentication filter:

class AdminController < ApplicationController

  rest_resource :product
  rest_resource :order
  rest_resource :user
  before_filter :authorize

  ...

and you've got yourself an authenticated REST service for listing, updating, deleting, and inserting your models.

You don't even want to know what something like this would take with .NET. And you really wouldn't want to do it because you'd essentially be exposing your data to the mercy of the client. But with Rails, you still get the same validation logic provided by your controller as if you were building a separate service API.

Of course, you'd still bypass any other logic in your controller methods so this would not be a good approach to take for all your model classes.