If you have a comment on this topic, contact Aptify Documentation. If you want to return to the Aptify Community Site, please click here.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Introduction

The purpose of Service Data Objects is to provide the ability to securely execute SQL on the database server from Aptify Web and Aptify SOA, returning the results to the caller.  The flexibility of being able to execute SQL statements, including stored procedures, without opening up the service layer to SQL injection attacks is a powerful feature in Aptify SOA.  System administrators and developers have control over which SQL statements can be executed through the Services Data Objects Entity.  Service Data Objects are executed by Name, not the SQL that executes.  Aptify SOA looks up the Service Data Object, confirms that the current platform and User are allowed to execute the Service Data Object, retrieves the SQL statement from the Service Data Object record, executes it and returns the results to the caller.

Service Data Objects can be any valid SQL statement, which can include stored procedures and/or functions that are defined in Aptify as Database Objects (but Service Data Objects are not limited to Aptify Database Objects).  Service Data Objects can also define parameters that can be passed with the service call and applied to the SQL statement.

Generally Service Data Objects are a good choice for providing data when leveraging an Aptify Views is not appropriate. 

 

How to Create Service Data Object

Error rendering macro 'excerpt-include' : No link could be created for 'PK55:Create A Service Data Object'.

Calling Service Data Object from Aptify SOA:

 

Headers

In order to receive search results, you must send the AptifyAuthorization header.

Header NameHeader Value
AptifyAuthorization<AuthType> <TokenId>
MethodGET

End Point

Cached?Yes

Example Endpoint

URL
https://<service base>/services/DataObjects/{Service DataObject Name}

Parameters defined in the SDO object need to be appended to the URL as a query string. Parameters should be the same as those defined in the SDO object.

Endpoint Example With Parameters

https://<service base>/services/DataObjects/{Service DataObject Name}?ParameterName1=value1&ParameterName2=Value2&....

Sample End Point(Execute spGetCompanyAccountSummary SDO):

The following example illustrates how to execute the "spGetCompanyAccountSummary" stored procedure as an endpoint. This example expects two parameters which are defined in the Web Service Application. The parameters are companyId (10) and Convertmulticurrency (false).

 

URL
 https://<service base>/services/DataObjects/spGetCompanyAccountSummary?CompanyID=10&Convertmulticurrency=false

Sample Response Body 

The search results are represented as a JSON array of JSON objects, where each object contains record data. The properties of the objects will be some of the fields of the record, always including the ID and Name field.

Here is sample result for spGetCompanyAccountSummary data object.

 
Sample Search Data
{
"dataObjectName":"spGetCompanyAccountSummary",
 "results":
	[
		{
			"OrderTotal":xxxx.xxxx,
			"PaymentTotal":xxxx.xxxx,
			"BalanceTotal":xxxx.xxxx
		}
	]
}
  • No labels