REST URIs for filesystem-like resources

Question

We are working on a REST service that provides access to resources structured similar to a file system, i.e. they are arranged in a tree-like hierarchy with no fixed depth or naming conventions. Accessing a resource would look like

GET /repository/path/to/resource

i.e. the path part after /repository is the unique identifier for the resource. Now comes the problem: each resource also has properties such as permissions. The natural way to query the permission would be

GET /repository/path/to/resource/permissions

However, what if there is a resource named /path/to/resource/permissions? I guess you see the problem. The only solution that comes to my mind is to put the resources properties in a separate hierarchy, e.g.

GET /permissions/path/to/resource

but that doesn't look correct. Any ideas how to deal with the problem?

Answer 1

The problem is that you are relying on URI semantics for determining something. In REST that shouldn't be a problem, because your clients are expected to get the location of the resource responsible for the permissions as a link somewhere else. When you follow a link, it doesn't matter where the resource is. It might even be in another system or using another protocol.

There's nothing wrong with the option GET /permissions/path/to/resource as long as the representation for GET /repository/path/to/resource says that's where the permissions are.

If you're not using HATEOAS and you don't want to use it, then using a query parameter is probably the simplest option.

Answer 2

You could use a query parameter:

GET /repository/path/to/resource?properties=permissions

If there are other properties, you could query for them like this:

GET /repository/path/to/resource?properties=permissions,size