> > 1) it makes the code in the controller way too monolithic > What does that mean exactly? You can have multiple RESTful controllers, and they can call functions defined elsewhere if necessary.
> 2) it blurs the separation of routing and application level logic > What problems does this cause? How would you prefer to do it? > 3) it doesn't allow for granular access/authorization checks > Do you have an example? Note, you don't have to control access via decorators only -- you can check permissions within the method logic as well. Anyway, if you can provide more specific suggestions for how it could be made more useful (i.e., what should the API look like), maybe it can be improved. Anthony