How to implement an undoable delete with CRUD?

Question

• Is the undoable delete a DELETE operation or an UPDATE operation? (Deleted entries are not visible with the GET unless a special flag is set)

• Is only the real delete is the DELETE operation?

• And what is the best way to undo a delete? As UPDATE or as a DELETE with an undo flag?

Answer 1

I'm no expert on RESTful API design, but this is a doozy, so i thought i'd give my thoughts (i believe this question is purely opinion based anyway)

First of all, given the low impact of your decision, i would not trade anything in order follow some "standard" (if there is one for this type of action). However if its a case of typing one thing or another, heres my thoughts.

DELETE is supposed to be idempotent, if you delete, it's gone forever. So "standards" dictate that you should not issue DELETE unless you really want that resource gone.

Essentially what you're doing is archiving the resource by the sounds of it, so your moving the resource. RFC 2518 defines a MOVE method with may be useful here. You could then move the resource in and out of the "archive".

If you dont like MOVE, you could PATCH the resource to set it to be archived or soft-deleted. PATCH is essentially the same as PUT, except you can specify single attributes of the resource, rather than PUT'ing the entire resource object back.

I think those are the only two fitting methods. If you want to stick with the 3 or 4 core methods of GET, POST, PUT, DELETE. I would say go with DELETE to both archive and fully remove, with either a flag to specify whether its a soft or hard delete, or just make it so the first DELETE archives, and a DELETE on the archive is a hard delete.

Having said all that, as long as your API is documented, i wouldn't worry too much. Do whatever you feel is most appropriate and sensible. Hopefully this gives you something to mull over, and helps you make a decision. I don't think you will get a "standards say do XYZ" answer to this.