We were playing with the REST api’s using candidate+running DB and we wanted to know the behavior of REST vs CLI in multi-user environment.
In CLI, if 2 users A and B are working at the same time, before commit, no one is going to see each work(cli commands) uncommitted stuff and commit of user A will not commit the cli commands of user B.
Does it mean even though cli commands are going to candidate DB, they still maintain small private candidate DB for uncommitted work?
Whereas in REST, if 2 users A and B are working at the same time, commit performed by user A will commit the whole candidate DB? So we don’t maintain the multi-user support in REST??
I know JSON-RPC works exactly like CLI, but why is the REST behavior different. (I understand that each REST is a commit of itself but why REST on candidate DB wait till _commit REST command to perform final commit?
Please let us know are we are deciding between using REST vs JSON-RPC.
Also we found below description in the user-guide. Will it help in our case?
Sending REST requests using a browser is an easy way to test things. But using REST with Basic Authentication in the browser should not be used because of security considerations. Use the JSON-RPC login mechanism instead. Once authenticated, REST requests don’t need Basic Authentication anymore. You can read more about the JSON login mechanism in ???.
AND
The transaction Resource
The “transaction” resource represents a transaction datastore created by the JSON-RPC API. This allows REST API requests that read or write towards an existing transaction, without committing the transaction (this is left up to other entities e.g. the JSON-RPC API).
The media type of this resource is either “application/vnd.yang.datastore+xml” or “application/vnd.yang.datastore+json”.
=====
So in our case, if we let user login using the jsonrpc and use the sessionToken for the REST api’s (different token per user login). Then their REST api’s will end towards transaction resource and only on _commit, it will go to candidate then running? This looks like solving our case of multi-user environment where each user has its own session view.
Please confirm.
Thanks,
-gopal