Why PATCH method is not idempotent?
-
05-10-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I was wondering about this.
Suppose I have a user resource with id and name fields.
If I want to update a field I could just do a PATCH request to the resource like this
PATCH /users/42
{"name": "john doe"}
And then the application will update user 42 name.
But why if I repeat this request the outcome would be different?
According to RFC 5789
PATCH is neither safe nor idempotent
La solution
A PATCH request can be idempotent, but it isn't required to be. That is the reason it is characterized as non-idempotent.
Whether PATCH can be idempotent or not depends strongly on how the required changes are communicated.
For example, if the patch format is in the form of {change: 'Name' from: 'benjamin franklin' to: 'john doe'}, then any PATCH request after the first one would have a different effect (a failure response) than the first request.
Another reason for non-idempotency can be that applying the modification on something else than the original resource can render the resource invalid. This would then also be the case if you apply the change multiple times.
Autres conseils
I think clear answer when PATCH in not idempotent is this paragraph from RFC 5789:
There are also cases where patch formats do not need to operate from a known base-point (e.g., appending text lines to log files, or non- colliding rows to database tables), in which case the same care in client requests is not needed.
As RFC specifies that patch contains some "general changes" to the resource, we should look beyond just typical field replacement. If resource is for a counter, then patch can request it's increment, which is clearly not idempotet.
PATCH requests describe a set of operations to be applied to a resource, if you apply the same set of operations twice to the same resource, the result may not be the same. This is because defining the operations is up to you. In other words you have to define the merging rules.
Remember a PATCH request could be used for patching resources in many different formats, not just JSON.
So a PATCH request can be idempotent if you define the merging rules to be idempotent.
Idempotent example:
// Original resource
{
name: 'Tito',
age: 32
}
// PATCH request
{
age: 33
}
// New resource
{
name: 'Tito',
age: 33
}
Non-idempotent example:
// Original resource
{
name: 'Tito',
age: 32
}
// PATCH request
{
$increment: 'age'
}
// New resource
{
name: 'Tito',
age: 33
}
In the second example I used a "Mongo like" syntax I made up for incrementing an attribute. Clearly this is not idempotent, as sending the same request multiple times would result in different results each time.
Now you may be wondering if using such a made up syntax is valid. According to standards, it is:
The difference between the PUT and PATCH requests is reflected in the way the server processes the enclosed entity to modify the resource identified by the Request-URI. In a PUT request, the enclosed entity is considered to be a modified version of the resource stored on the origin server, and the client is requesting that the stored version be replaced. With PATCH, however, the enclosed entity contains a set of instructions describing how a resource currently residing on the origin server should be modified to produce a new version.
And you may also be wondering whether it is restful to use PATCH requests this way, and many people consider they are not, here's a good answer with lots of comments about the issue.
