This is more a is this expected behavior or should I raise a bug report?
So say the ERP.BO.Warehse table. Its column for warehouse code is varchar 8. If I create a warehouse, 01234567 (8 characters) and I go to the service and do ‘/api/help/methods/Erp.BO.WarehseSvc/index#!/Custom_methods/GetByID’ with ‘0123456789’ (10 characters) the call works.
I understand the API is truncating the inbound string and using that. I know I can limit my fields on the front end to prevent this but its more of a vague ‘Why is this so?’ question.
I don’t know the technical limitations or best practice of a REST API, but wouldn’t it be more intuitive to fail the call as length exceeds the max length, or let the query run its course without truncating the value, hence call failure?
Is it returning just the one warehouse? Or all warehouses? In my limited experimentation so far it seems like filtering defaults to return everything if something is wrong rather than return nothing like I would expect.
It only returns a single row if the truncated string matches a record. I have tested and repeated this on Ep.BO.PartSvc and a number of other get by id methods. So it appears it was designed this way, and may well be standard practice for REST api implementation.
We ended up just raising a ticket with Epicor, just to clarify if this is expected behavior. Again we obviously can employee front end restrictions to max length of characters, but its just an interesting bug vector in our code if we allow say a front end element to enter more than the character limit, and the API returned code 200.
I’d have to do a Epicor EF Novel for that one to be fully explained. I’ve done a few overviews of the development of the Epicor Data Layer before but usually with an adult beverage otherwise I end up sounding like grandpa in the rocker and the kids are patting my head and putting a blanket on my lap.
In short, the core BO ‘get’ methods have the query strings are parsed into name / value pairs and applied to a sproc. If the value is truncated - to ‘01234567’ in your case, that might give you the warning and results. I’ll have to play with it to confirm.
Rest is just blindly passing the query through for the BO objects to process just as if you newed up a bo directly and called the method with parameters.
