Mercurial > p > roundup > code
annotate roundup/rest.py @ 8218:32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
While adding fuzz testing for email addresses via REST
/rest/data/user/1/address, I had an error when setting the address to
the same value it currently had. Traced this to a bug in
userauditor.py. Fixed the bug. Documented in upgrading.txt.
While trying to track down issue, I realized invalid json was being
accepted without error. So I fixed the code that parses the json and
have it return an error. Also modified some tests that broke (used
invalid json, or passed body (e.g. DELETE) but shouldn't have. Add
tests for bad json to verify new code.
Fixed test that wasn't initializing the body_file in each loop, so the
test wasn't actually supplying a body.
Also realised PUT documentation was not correct. Output format isn't
quite like GET.
Fuss tests for email address also added.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 17 Dec 2024 19:42:46 -0500 |
| parents | 14e92a595828 |
| children | 818751637b77 |
| rev | line source |
|---|---|
|
5557
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
1 """ |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
2 Restful API for Roundup |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
3 |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
4 This module is free software, you may redistribute it |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
5 and/or modify under the same terms as Python. |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
6 """ |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
7 |
| 5602 | 8 from __future__ import print_function |
| 9 | |
| 6926 | 10 import hmac |
| 11 import json | |
| 12 import logging | |
| 13 import os | |
| 14 import re | |
| 15 import sys | |
| 16 import time | |
| 17 import traceback | |
|
8207
894eabf95385
chore(ruff): sort imports.
John Rouillard <rouilj@ieee.org>
parents:
8206
diff
changeset
|
18 from datetime import timedelta |
|
894eabf95385
chore(ruff): sort imports.
John Rouillard <rouilj@ieee.org>
parents:
8206
diff
changeset
|
19 from hashlib import md5 |
| 6926 | 20 |
| 5602 | 21 try: |
| 22 from urllib.parse import urlparse | |
| 23 except ImportError: | |
| 24 from urlparse import urlparse | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
25 |
|
8207
894eabf95385
chore(ruff): sort imports.
John Rouillard <rouilj@ieee.org>
parents:
8206
diff
changeset
|
26 from roundup import actions, date, hyperdb |
|
894eabf95385
chore(ruff): sort imports.
John Rouillard <rouilj@ieee.org>
parents:
8206
diff
changeset
|
27 from roundup.anypy.strings import b2s, bs2b, is_us, u2s |
|
894eabf95385
chore(ruff): sort imports.
John Rouillard <rouilj@ieee.org>
parents:
8206
diff
changeset
|
28 from roundup.cgi.exceptions import NotFound, PreconditionFailed, Unauthorised |
| 6926 | 29 from roundup.exceptions import Reject, UsageError |
| 30 from roundup.i18n import _ | |
|
8207
894eabf95385
chore(ruff): sort imports.
John Rouillard <rouilj@ieee.org>
parents:
8206
diff
changeset
|
31 from roundup.rate_limit import Gcra, RateLimit |
| 6926 | 32 |
|
6824
9811073b289e
replace accidently removed logger setup.
John Rouillard <rouilj@ieee.org>
parents:
6823
diff
changeset
|
33 logger = logging.getLogger('roundup.rest') |
|
9811073b289e
replace accidently removed logger setup.
John Rouillard <rouilj@ieee.org>
parents:
6823
diff
changeset
|
34 |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
35 try: |
|
7684
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
36 # if dicttoxml2 (or dicttoxml for Python <= 3.6) |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
37 # is installed in roundup directory, use it |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
38 from roundup.dicttoxml2 import dicttoxml |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
39 except ImportError: |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
40 try: |
|
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
41 # else look in sys.path |
|
7684
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
42 from dicttoxml2 import dicttoxml |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
43 except ImportError: |
|
7684
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
44 try: |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
45 from roundup.dicttoxml import dicttoxml |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
46 except ImportError: |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
47 try: |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
48 # else look in sys.path |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
49 from dicttoxml import dicttoxml |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
50 except ImportError: |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
51 # else not supported |
|
3eca3462ba0c
fix: add support for dicttoxml2.py
John Rouillard <rouilj@ieee.org>
parents:
7683
diff
changeset
|
52 dicttoxml = None |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
53 |
| 5602 | 54 # Py3 compatible basestring |
| 55 try: | |
|
8191
30818cc18058
chore(ruff): suppress py2/py3 compatibility code thought useless
John Rouillard <rouilj@ieee.org>
parents:
8190
diff
changeset
|
56 basestring # noqa: B018 |
| 5602 | 57 except NameError: |
| 58 basestring = str | |
| 59 unicode = str | |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
60 |
| 5998 | 61 |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
62 def _data_decorator(func): |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
63 """Wrap the returned data into an object.""" |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
64 def format_object(self, *args, **kwargs): |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
65 # get the data / error from function |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
66 try: |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
67 code, data = func(self, *args, **kwargs) |
| 5602 | 68 except NotFound as msg: |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
69 code = 404 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
70 data = msg |
| 5602 | 71 except IndexError as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
72 code = 404 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
73 data = msg |
| 5602 | 74 except Unauthorised as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
75 code = 403 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
76 data = msg |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
77 except (UsageError, KeyError) as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
78 code = 400 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
79 data = msg |
| 5602 | 80 except (AttributeError, Reject) as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
81 code = 405 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
82 data = msg |
| 5602 | 83 except ValueError as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
84 code = 409 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
85 data = msg |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
86 except PreconditionFailed as msg: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
87 code = 412 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
88 data = msg |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
89 except NotImplementedError: |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
90 code = 402 # nothing to pay, just a mark for debugging purpose |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
91 data = 'Method under development' |
| 5998 | 92 except: # noqa: E722 |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
93 exc, val, tb = sys.exc_info() |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
94 code = 400 |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
95 ts = time.ctime() |
| 5998 | 96 if getattr(self.client.request, 'DEBUG_MODE', None): |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
97 data = val |
|
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
98 else: |
|
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
99 data = '%s: An error occurred. Please check the server log' \ |
|
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
100 ' for more information.' % ts |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
101 # out to the logfile |
| 5998 | 102 print('EXCEPTION AT', ts) |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
103 traceback.print_exc() |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
104 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
105 # decorate it |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
106 self.client.response_code = code |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
107 if code >= 400: # any error require error format |
|
7726
6f66d74d37f3
Add configurable logging for REST
Ralf Schlatterbeck <rsc@runtux.com>
parents:
7684
diff
changeset
|
108 logmethod = getattr(logger, self.db.config.WEB_REST_LOGGING, None) |
|
6f66d74d37f3
Add configurable logging for REST
Ralf Schlatterbeck <rsc@runtux.com>
parents:
7684
diff
changeset
|
109 if logmethod: |
|
6f66d74d37f3
Add configurable logging for REST
Ralf Schlatterbeck <rsc@runtux.com>
parents:
7684
diff
changeset
|
110 logmethod("statuscode: %s" % code) |
|
6f66d74d37f3
Add configurable logging for REST
Ralf Schlatterbeck <rsc@runtux.com>
parents:
7684
diff
changeset
|
111 logmethod('message: "%s"' % data) |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
112 result = { |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
113 'error': { |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
114 'status': code, |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
115 'msg': data |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
116 } |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
117 } |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
118 else: |
|
6185
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
119 if hasattr(self.db, 'stats') and self.report_stats: |
|
8190
569aff540a21
chore(ruff): whatespace fixes/silence linting
John Rouillard <rouilj@ieee.org>
parents:
8188
diff
changeset
|
120 self.db.stats['elapsed'] = time.time() - self.start |
|
6185
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
121 data['@stats'] = self.db.stats |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
122 result = { |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
123 'data': data |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
124 } |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
125 return result |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
126 |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
127 format_object.wrapped_func = func |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
128 return format_object |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
129 |
| 6926 | 130 |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
131 def openapi_doc(d): |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
132 """Annotate rest routes with openapi data. Takes a dict |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
133 for the openapi spec. It can be used standalone |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
134 as the openapi spec paths.<path>.<method> = |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
135 |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
136 { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
137 "summary": "this path gets a value", |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
138 "description": "a longer description", |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
139 "responses": { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
140 "200": { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
141 "description": "normal response", |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
142 "content": { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
143 "application/json": {}, |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
144 "application/xml": {} |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
145 } |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
146 }, |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
147 "406": { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
148 "description": "Unable to provide requested content type", |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
149 "content": { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
150 "application/json": {} |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
151 } |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
152 } |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
153 }, |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
154 "parameters": [ |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
155 { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
156 "$ref": "#components/parameters/generic_.stats" |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
157 }, |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
158 { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
159 "$ref": "#components/parameters/generic_.apiver" |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
160 }, |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
161 { |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
162 "$ref": "#components/parameters/generic_.verbose" |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
163 } |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
164 ] |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
165 } |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
166 """ |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
167 |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
168 def wrapper(f): |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
169 f.openapi_doc = d |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
170 return f |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
171 return wrapper |
| 5998 | 172 |
| 6926 | 173 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
174 def calculate_etag(node, key, classname="Missing", node_id="0", |
| 5998 | 175 repr_format="json"): |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
176 '''given a hyperdb node generate a hashed representation of it to be |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
177 used as an etag. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
178 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
179 This code needs a __repr__ function in the Password class. This |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
180 replaces the repr(items) which would be: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
181 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
182 <roundup.password.Password instance at 0x7f3442406170> |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
183 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
184 with the string representation: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
185 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
186 {PBKDF2}10000$k4d74EDgxlbH...A |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
187 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
188 This makes the representation repeatable as the location of the |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
189 password instance is not static and we need a constant value to |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
190 calculate the etag. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
191 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
192 Note that repr() is chosen for the node rather than str() since |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
193 repr is meant to be an unambiguous representation. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
194 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
195 classname and node_id are used for logging only. |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
196 ''' |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
197 |
| 5998 | 198 items = node.items(protected=True) # include every item |
| 199 etag = hmac.new(bs2b(key), bs2b(repr_format + | |
| 200 repr(sorted(items))), md5).hexdigest() | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
201 logger.debug("object=%s%s; tag=%s; repr=%s", classname, node_id, |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
202 etag, repr(node.items(protected=True))) |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
203 # Quotes are part of ETag spec, normal headers don't have quotes |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
204 return '"%s"' % etag |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
205 |
| 5998 | 206 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
207 def check_etag(node, key, etags, classname="Missing", node_id="0", |
| 5998 | 208 repr_format="json"): |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
209 '''Take a list of etags and compare to the etag for the given node. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
210 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
211 Iterate over all supplied etags, |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
212 If a tag fails to match, return False. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
213 If at least one etag matches, return True. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
214 If all etags are None, return False. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
215 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
216 ''' |
| 5998 | 217 have_etag_match = False |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
218 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
219 node_etag = calculate_etag(node, key, classname, node_id, |
|
5729
9ea2ce9d10cf
A few internet references report that etags for the same underlying
John Rouillard <rouilj@ieee.org>
parents:
5727
diff
changeset
|
220 repr_format=repr_format) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
221 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
222 for etag in etags: |
|
6539
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
223 # etag includes doublequotes around tag: |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
224 # '"a46a5572190e4fad63958c135f3746fa"' |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
225 # but can include content-encoding suffix like: |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
226 # '"a46a5572190e4fad63958c135f3746fa-gzip"' |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
227 # turn the latter into the former as we don't care what |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
228 # encoding was used to send the body with the etag. |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
229 try: |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
230 suffix_start = etag.rindex('-') |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
231 clean_etag = etag[:suffix_start] + '"' |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
232 except (ValueError, AttributeError): |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
233 # - not in etag or etag is None |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
234 clean_etag = etag |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
235 if clean_etag is not None: |
|
f8df7fed18f6
issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents:
6525
diff
changeset
|
236 if clean_etag != node_etag: |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
237 return False |
| 5998 | 238 have_etag_match = True |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
239 |
|
8192
b4d7f9358ba6
chore(ruff): return/suppress boolen directly
John Rouillard <rouilj@ieee.org>
parents:
8191
diff
changeset
|
240 if have_etag_match: # noqa: SIM103 leave for coverage reports |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
241 return True |
|
8203
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
242 return False |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
243 |
| 5998 | 244 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
245 def obtain_etags(headers, input_payload): |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
246 '''Get ETags value from headers or payload data |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
247 Only supports one etag value not list. |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
248 ''' |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
249 etags = [] |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
250 if '@etag' in input_payload: |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
251 etags.append(input_payload['@etag'].value) |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
252 etags.append(headers.get("If-Match", None)) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
253 return etags |
| 5596 | 254 |
| 5998 | 255 |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
256 def parse_accept_header(accept): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
257 """ |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
258 Parse the Accept header *accept*, returning a list with 3-tuples of |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
259 [(str(media_type), dict(params), float(q_value)),] ordered by q values. |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
260 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
261 If the accept header includes vendor-specific types like:: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
262 application/vnd.yourcompany.yourproduct-v1.1+json |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
263 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
264 It will actually convert the vendor and version into parameters and |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
265 convert the content type into `application/json` so appropriate content |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
266 negotiation decisions can be made. |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
267 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
268 Default `q` for values that are not specified is 1.0 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
269 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
270 If q value > 1.0, it is parsed as a very small value. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
271 |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
272 # Based on https://gist.github.com/samuraisam/2714195 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
273 # Also, based on a snipped found in this project: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
274 # https://github.com/martinblech/mimerender |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
275 """ |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
276 result = [] |
|
5731
058ef18af5fd
Prevent crash when clients do not set accept header. Use
John Rouillard <rouilj@ieee.org>
parents:
5730
diff
changeset
|
277 if not accept: |
|
058ef18af5fd
Prevent crash when clients do not set accept header. Use
John Rouillard <rouilj@ieee.org>
parents:
5730
diff
changeset
|
278 return result |
|
058ef18af5fd
Prevent crash when clients do not set accept header. Use
John Rouillard <rouilj@ieee.org>
parents:
5730
diff
changeset
|
279 |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
280 for media_range in accept.split(","): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
281 parts = media_range.split(";") |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
282 media_type = parts.pop(0).strip() |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
283 media_params = [] |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
284 # convert vendor-specific content types into something useful (see |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
285 # docstring) |
|
6311
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
286 try: |
|
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
287 typ, subtyp = media_type.split('/') |
|
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
288 except ValueError: |
| 6926 | 289 raise UsageError("Invalid media type: %s" % media_type) |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
290 # check for a + in the sub-type |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
291 if '+' in subtyp: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
292 # if it exists, determine if the subtype is a vendor-specific type |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
293 vnd, sep, extra = subtyp.partition('+') |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
294 if vnd.startswith('vnd'): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
295 # and then... if it ends in something like "-v1.1" parse the |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
296 # version out |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
297 if '-v' in vnd: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
298 vnd, sep, rest = vnd.rpartition('-v') |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
299 if len(rest): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
300 # add the version as a media param |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
301 try: |
| 5998 | 302 media_params.append(('version', rest)) |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
303 except ValueError: |
| 5998 | 304 pass # return no version value; use rest default |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
305 # add the vendor code as a media param |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
306 media_params.append(('vendor', vnd)) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
307 # and re-write media_type to something like application/json so |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
308 # it can be used usefully when looking up emitters |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
309 media_type = '{}/{}'.format(typ, extra) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
310 q = 1.0 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
311 for part in parts: |
|
6311
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
312 try: |
|
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
313 (key, value) = part.lstrip().split("=", 1) |
|
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
314 except ValueError: |
| 6926 | 315 raise UsageError("Invalid param: %s" % part.lstrip()) |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
316 key = key.strip() |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
317 value = value.strip() |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
318 if key == "q": |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
319 q = float(value) |
|
5744
d4de45cde106
Accept header parsing fixes. Now return first acceptable match rather
John Rouillard <rouilj@ieee.org>
parents:
5740
diff
changeset
|
320 if q > 1.0: |
|
d4de45cde106
Accept header parsing fixes. Now return first acceptable match rather
John Rouillard <rouilj@ieee.org>
parents:
5740
diff
changeset
|
321 # Not sure what to do here. Can't find spec |
|
d4de45cde106
Accept header parsing fixes. Now return first acceptable match rather
John Rouillard <rouilj@ieee.org>
parents:
5740
diff
changeset
|
322 # about how to handle q > 1.0. Since invalid |
|
d4de45cde106
Accept header parsing fixes. Now return first acceptable match rather
John Rouillard <rouilj@ieee.org>
parents:
5740
diff
changeset
|
323 # I choose to make it lowest in priority. |
|
d4de45cde106
Accept header parsing fixes. Now return first acceptable match rather
John Rouillard <rouilj@ieee.org>
parents:
5740
diff
changeset
|
324 q = 0.0001 |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
325 else: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
326 media_params.append((key, value)) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
327 result.append((media_type, dict(media_params), q)) |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
328 result.sort(key=lambda x: x[2], reverse=True) |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
329 return result |
|
5567
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
330 |
| 5596 | 331 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
332 class Routing(object): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
333 __route_map = {} |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
334 __var_to_regex = re.compile(r"<:(\w+)>") |
|
5715
d9a3f6957731
issue2551042 - add extra \ to \w in raw string url_to_regex. Not sure
John Rouillard <rouilj@ieee.org>
parents:
5711
diff
changeset
|
335 url_to_regex = r"([\\w.\-~!$&'()*+,;=:\%%]+)" |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
336 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
337 @classmethod |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
338 def route(cls, rule, methods='GET'): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
339 """A decorator that is used to register a view function for a |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
340 given URL rule: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
341 @self.route('/') |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
342 def index(): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
343 return 'Hello World' |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
344 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
345 rest/ will be added to the beginning of the url string |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
346 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
347 Args: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
348 rule (string): the URL rule |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
349 methods (string or tuple or list): the http method |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
350 """ |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
351 # strip the '/' character from rule string |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
352 rule = rule.strip('/') |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
353 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
354 # add 'rest/' to the rule string |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
355 if not rule.startswith('rest/'): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
356 rule = '^rest/' + rule + '$' |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
357 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
358 if isinstance(methods, basestring): # convert string to tuple |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
359 methods = (methods,) |
|
8193
d06a140eab4d
chore(ruff): replace set(generator) with {set comprehension}
John Rouillard <rouilj@ieee.org>
parents:
8192
diff
changeset
|
360 methods = {item.upper() for item in methods} |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
361 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
362 # convert a rule to a compiled regex object |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
363 # so /data/<:class>/<:id> will become |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
364 # /data/([charset]+)/([charset]+) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
365 # and extract the variable names to a list [(class), (id)] |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
366 func_vars = cls.__var_to_regex.findall(rule) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
367 rule = re.compile(cls.__var_to_regex.sub(cls.url_to_regex, rule)) |
|
5851
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
368 # Save pattern to represent regex in route_map dictionary |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
369 # The entries consist of a 2-tuple of the (rule, dictionary) |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
370 # where rule is the compiled regex and dictionary contains the |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
371 # func_obj dict indexed by method. |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
372 pattern = rule.pattern |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
373 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
374 # then we decorate it: |
|
5851
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
375 # route_map[pattern] = (rule, func_dict) |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
376 # where func_dict is a dictionary of func_obj (see below) |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
377 # indexed by method name |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
378 def decorator(func): |
|
5851
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
379 rule_route = cls.__route_map.get(pattern, (rule, {})) |
| 5998 | 380 rule_dict = rule_route[1] |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
381 func_obj = { |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
382 'func': func, |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
383 'vars': func_vars |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
384 } |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
385 for method in methods: |
|
5851
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
386 rule_dict[method] = func_obj |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
387 cls.__route_map[pattern] = rule_route |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
388 return func |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
389 return decorator |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
390 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
391 @classmethod |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
392 def execute(cls, instance, path, method, input_payload): |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
393 # format the input_payload, note that we may not lowercase the path |
| 5679 | 394 # here, URL parameters are case-sensitive |
| 395 path = path.strip('/') | |
|
5622
2a7d23a098ca
Make @Routing.route('/') decoration work. This decoration matches
John Rouillard <rouilj@ieee.org>
parents:
5621
diff
changeset
|
396 if path == 'rest': |
|
2a7d23a098ca
Make @Routing.route('/') decoration work. This decoration matches
John Rouillard <rouilj@ieee.org>
parents:
5621
diff
changeset
|
397 # allow handler to be called for /rest/ |
|
2a7d23a098ca
Make @Routing.route('/') decoration work. This decoration matches
John Rouillard <rouilj@ieee.org>
parents:
5621
diff
changeset
|
398 path = 'rest/' |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
399 method = method.upper() |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
400 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
401 # find the rule match the path |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
402 # then get handler match the method |
|
5851
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
403 for path_regex, funcs in cls.__route_map.values(): |
|
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
404 # use compiled regex to find rule |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
405 match_obj = path_regex.match(path) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
406 if match_obj: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
407 try: |
|
5851
167ef847fcdf
issue2551053: Fix routing dict in rest.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5842
diff
changeset
|
408 func_obj = funcs[method] |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
409 except KeyError: |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
410 valid_methods = ', '.join(sorted(funcs.keys())) |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
411 raise Reject(_('Method %(m)s not allowed. ' |
| 6926 | 412 'Allowed: %(a)s') % { |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
413 'm': method, |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
414 'a': valid_methods |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
415 }, |
| 6926 | 416 valid_methods) |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
417 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
418 # retrieve the vars list and the function caller |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
419 list_vars = func_obj['vars'] |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
420 func = func_obj['func'] |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
421 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
422 # zip the varlist into a dictionary, and pass it to the caller |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
423 args = dict(zip(list_vars, match_obj.groups())) |
|
8196
94999f850fd6
fix: missed on input -> input_payload on e5362f8e1808
John Rouillard <rouilj@ieee.org>
parents:
8195
diff
changeset
|
424 args['input_payload'] = input_payload |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
425 return func(instance, **args) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
426 raise NotFound('Nothing matches the given URI') |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
427 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
428 |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
429 class RestfulInstance(object): |
| 5582 | 430 """The RestfulInstance performs REST request from the client""" |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
431 |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
432 __default_patch_op = "replace" # default operator for PATCH method |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
433 __accepted_content_type = { |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
434 "application/json": "json", |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
435 } |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
436 __default_accept_type = "json" |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
437 |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
438 __default_api_version = 1 |
| 5998 | 439 __supported_api_versions = [1] |
|
5687
83037aaf3b9d
Move definition/initialization of api_version into the class and out
John Rouillard <rouilj@ieee.org>
parents:
5686
diff
changeset
|
440 |
|
83037aaf3b9d
Move definition/initialization of api_version into the class and out
John Rouillard <rouilj@ieee.org>
parents:
5686
diff
changeset
|
441 api_version = None |
|
83037aaf3b9d
Move definition/initialization of api_version into the class and out
John Rouillard <rouilj@ieee.org>
parents:
5686
diff
changeset
|
442 |
|
7853
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
443 # allow 10M row response - can change using interfaces.py |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
444 # limit is 1 less than this size. |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
445 max_response_row_size = 10000001 |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
446 |
|
5568
edab9daa8015
Make objects returned by REST follow the standard
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5567
diff
changeset
|
447 def __init__(self, client, db): |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
448 self.client = client |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
449 self.db = db |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
450 self.translator = client.translator |
|
6185
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
451 # record start time for statistics reporting |
|
7683
b04e222501b8
fix: rest - set self.start from client.start
John Rouillard <rouilj@ieee.org>
parents:
7605
diff
changeset
|
452 self.start = client.start |
|
6185
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
453 # disable stat reporting by default enable with @stats=True |
|
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
454 # query param |
|
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
455 self.report_stats = False |
| 5604 | 456 # This used to be initialized from client.instance.actions which |
| 457 # would include too many actions that do not make sense in the | |
| 458 # REST-API context, so for now we only permit the retire and | |
| 459 # restore actions. | |
|
8201
d5ad7fcb9bf6
chore(ruff): replace dict(...) with equivalent {...}
John Rouillard <rouilj@ieee.org>
parents:
8199
diff
changeset
|
460 self.actions = {"retire": actions.Retire, "restore": actions.Restore} |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
461 |
|
5616
aa4c271514ae
Original code generated url's using a harcoded protocol and took the
John Rouillard <rouilj@ieee.org>
parents:
5604
diff
changeset
|
462 # note TRACKER_WEB ends in a / |
|
aa4c271514ae
Original code generated url's using a harcoded protocol and took the
John Rouillard <rouilj@ieee.org>
parents:
5604
diff
changeset
|
463 self.base_path = '%srest' % (self.db.config.TRACKER_WEB) |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
464 self.data_path = self.base_path + '/data' |
|
5569
2718aeb55ffa
Add base_path to generate uri
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5568
diff
changeset
|
465 |
| 5998 | 466 if dicttoxml: # add xml if supported |
|
5744
d4de45cde106
Accept header parsing fixes. Now return first acceptable match rather
John Rouillard <rouilj@ieee.org>
parents:
5740
diff
changeset
|
467 self.__accepted_content_type["application/xml"] = "xml" |
|
d4de45cde106
Accept header parsing fixes. Now return first acceptable match rather
John Rouillard <rouilj@ieee.org>
parents:
5740
diff
changeset
|
468 |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
469 def props_from_args(self, cl, args, itemid=None, skip_protected=True): |
| 5582 | 470 """Construct a list of properties from the given arguments, |
| 471 and return them after validation. | |
| 472 | |
| 473 Args: | |
| 474 cl (string): class object of the resource | |
| 475 args (list): the submitted form of the user | |
| 476 itemid (string, optional): itemid of the object | |
| 477 | |
| 478 Returns: | |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
479 dict: dictionary of validated properties excluding |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
480 protected properties if strip_protected=True. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
481 |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
482 Raises: UsageError if property does not exist and is not |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
483 prefixed with @ indicating it's a meta variable. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
484 |
| 5582 | 485 |
| 486 """ | |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
487 unprotected_class_props = cl.properties.keys() |
| 5998 | 488 protected_class_props = [p for p in |
| 489 list(cl.getprops(protected=True)) | |
| 490 if p not in unprotected_class_props] | |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
491 props = {} |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
492 # props = dict.fromkeys(class_props, None) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
493 |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
494 if not args: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
495 raise UsageError("No properties found.") |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
496 |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
497 for arg in args: |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
498 key = arg.name |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
499 value = arg.value |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
500 if key.startswith('@'): |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
501 # meta setting, not db property setting/reference |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
502 continue |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
503 if key in protected_class_props: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
504 # Skip protected props as a convenience. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
505 # Allows user to get object with all props, |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
506 # change one prop, submit entire object |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
507 # without having to remove any protected props |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
508 # FIXME: Enhancement: raise error if value of prop |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
509 # doesn't match db entry. In this case assume user |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
510 # is really trying to set value. Another possibility is |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
511 # they have an old copy of the data and it has been |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
512 # updated. In the update case, we want etag validation |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
513 # to generate the exception to reduce confusion. I think |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
514 # etag validation occurs before this function is called but |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
515 # I am not positive. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
516 if skip_protected: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
517 continue |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
518 elif key not in unprotected_class_props: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
519 # report bad props as this is an error. |
| 5998 | 520 raise UsageError("Property %s not found in class %s" % (key, |
|
8206
8656bd1cf1f1
chore(ruff): clean whitespace and remove unrecognized noqa directive.
John Rouillard <rouilj@ieee.org>
parents:
8205
diff
changeset
|
521 cl.classname)) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
522 props[key] = self.prop_from_arg(cl, key, value, itemid) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
523 |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
524 return props |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
525 |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
526 def prop_from_arg(self, cl, key, value, itemid=None): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
527 """Construct a property from the given argument, |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
528 and return them after validation. |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
529 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
530 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
531 cl (string): class object of the resource |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
532 key (string): attribute key |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
533 value (string): attribute value |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
534 itemid (string, optional): itemid of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
535 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
536 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
537 value: value of validated properties |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
538 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
539 """ |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
540 prop = None |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
541 if isinstance(key, unicode): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
542 try: |
| 5998 | 543 key.encode('ascii') # Check to see if it can be encoded |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
544 except UnicodeEncodeError: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
545 raise UsageError( |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
546 'argument %r is not a valid ascii keyword' % key |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
547 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
548 if value: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
549 try: |
| 5602 | 550 prop = hyperdb.rawToHyperdb(self.db, cl, itemid, key, value) |
| 551 except hyperdb.HyperdbValueError as msg: | |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
552 raise UsageError(msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
553 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
554 return prop |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
555 |
| 6926 | 556 def transitive_props(self, class_name, props): |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
557 """Construct a list of transitive properties from the given |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
558 argument, and return it after permission check. Raises |
|
6111
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
559 Unauthorised if no permission. Permission is checked by |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
560 checking View permission on each component. We do not allow to |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
561 traverse multilinks -- the last item of an expansion *may* be a |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
562 multilink but in the middle of a transitive prop. |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
563 """ |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
564 checked_props = [] |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
565 uid = self.db.getuid() |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
566 for p in props: |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
567 pn = p |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
568 cn = class_name |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
569 if '.' in p: |
|
6111
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
570 prop = None |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
571 for pn in p.split('.'): |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
572 # Tried to dereference a non-Link property |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
573 if cn is None: |
|
8190
569aff540a21
chore(ruff): whatespace fixes/silence linting
John Rouillard <rouilj@ieee.org>
parents:
8188
diff
changeset
|
574 raise UsageError("Property %(base)s can not be dereferenced in %(p)s." % {"base": p[:-(len(pn) + 1)], "p": p}) |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
575 cls = self.db.getclass(cn) |
|
6111
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
576 # This raises a KeyError for unknown prop: |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
577 try: |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
578 prop = cls.getprops(protected=True)[pn] |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
579 except KeyError: |
|
6554
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
580 raise KeyError("Unknown property: %s" % p) |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
581 if isinstance(prop, hyperdb.Multilink): |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
582 raise UsageError( |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
583 'Multilink Traversal not allowed: %s' % p) |
|
6111
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
584 # Now we have the classname in cn and the prop name in pn. |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
585 if not self.db.security.hasPermission('View', uid, cn, pn): |
|
7569
940f06dac1b4
flake8: add space between raise and (
John Rouillard <rouilj@ieee.org>
parents:
7552
diff
changeset
|
586 raise (Unauthorised |
|
6111
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
587 ('User does not have permission on "%s.%s"' |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
588 % (cn, pn))) |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
589 try: |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
590 cn = prop.classname |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
591 except AttributeError: |
|
2a513a057691
Fix transitive property check in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6091
diff
changeset
|
592 cn = None |
|
6554
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
593 else: |
|
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
594 cls = self.db.getclass(cn) |
|
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
595 # This raises a KeyError for unknown prop: |
|
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
596 try: |
|
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
597 prop = cls.getprops(protected=True)[pn] |
|
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
598 except KeyError: |
|
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
599 raise KeyError("Unknown property: %s" % pn) |
| 6926 | 600 checked_props.append(p) |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
601 return checked_props |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
602 |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
603 def error_obj(self, status, msg, source=None): |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
604 """Return an error object""" |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
605 self.client.response_code = status |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
606 result = { |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
607 'error': { |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
608 'status': status, |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
609 'msg': msg |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
610 } |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
611 } |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
612 if source is not None: |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
613 result['error']['source'] = source |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
614 |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
615 return result |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
616 |
|
5595
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
617 def patch_data(self, op, old_val, new_val): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
618 """Perform patch operation based on old_val and new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
619 |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
620 Args: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
621 op (string): PATCH operation: add, replace, remove |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
622 old_val: old value of the property |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
623 new_val: new value of the property |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
624 |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
625 Returns: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
626 result (string): value after performed the operation |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
627 """ |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
628 # add operation: If neither of the value is None, use the other one |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
629 # Otherwise, concat those 2 value |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
630 if op == 'add': |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
631 if old_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
632 result = new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
633 elif new_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
634 result = old_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
635 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
636 result = old_val + new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
637 # Replace operation: new value is returned |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
638 elif op == 'replace': |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
639 result = new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
640 # Remove operation: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
641 # if old_val is not a list/dict, change it to None |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
642 # if old_val is a list/dict, but the parameter is empty, |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
643 # change it to none |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
644 # if old_val is a list/dict, and parameter is not empty |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
645 # proceed to remove the values from parameter from the list/dict |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
646 elif op == 'remove': |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
647 if isinstance(old_val, list): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
648 if new_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
649 result = [] |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
650 elif isinstance(new_val, list): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
651 result = [x for x in old_val if x not in new_val] |
|
8198
de6b02c23ee9
chore(ruff): replace 'else: if bool_exp:' with 'elif bool_exp:'
John Rouillard <rouilj@ieee.org>
parents:
8197
diff
changeset
|
652 elif new_val in old_val: |
|
de6b02c23ee9
chore(ruff): replace 'else: if bool_exp:' with 'elif bool_exp:'
John Rouillard <rouilj@ieee.org>
parents:
8197
diff
changeset
|
653 old_val.remove(new_val) |
|
5595
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
654 elif isinstance(old_val, dict): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
655 if new_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
656 result = {} |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
657 elif isinstance(new_val, dict): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
658 for x in new_val: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
659 old_val.pop(x, None) |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
660 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
661 old_val.pop(new_val, None) |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
662 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
663 result = None |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
664 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
665 raise UsageError('PATCH Operation %s is not allowed' % op) |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
666 |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
667 return result |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
668 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
669 def raise_if_no_etag(self, class_name, item_id, input_payload, |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
670 repr_format="json"): |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
671 class_obj = self.db.getclass(class_name) |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
672 if not check_etag(class_obj.getnode(item_id), |
| 5998 | 673 self.db.config.WEB_SECRET_KEY, |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
674 obtain_etags(self.client.request.headers, |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
675 input_payload), class_name, item_id, |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
676 repr_format=repr_format): |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
677 raise PreconditionFailed( |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
678 "If-Match is missing or does not match." |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
679 " Retrieve asset and retry modification if valid.") |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
680 |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
681 def format_item(self, node, item_id, props=None, verbose=1): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
682 ''' display class obj as requested by verbose and |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
683 props. |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
684 ''' |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
685 uid = self.db.getuid() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
686 class_name = node.cl.classname |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
687 |
|
5740
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
688 # version never gets used since we only |
|
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
689 # support version 1 at this time. Set it as |
|
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
690 # placeholder for later use. |
| 5998 | 691 if self.api_version is None: |
| 692 version = self.__default_api_version # noqa: F841 | |
| 693 else: | |
| 694 version = self.api_version # noqa: F841 | |
| 695 | |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
696 result = {} |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
697 try: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
698 # pn = propname |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
699 for pn in sorted(props): |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
700 ok = False |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
701 working_id = item_id |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
702 nd = node |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
703 cn = class_name |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
704 for p in pn.split('.'): |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
705 if not self.db.security.hasPermission( |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
706 'View', uid, cn, p, working_id |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
707 ): |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
708 break |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
709 cl = self.db.getclass(cn) |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
710 nd = cl.getnode(working_id) |
|
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
711 working_id = v = getattr(nd, p) |
|
6254
5b66c480f71f
Handle empty Link for transitive property
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6185
diff
changeset
|
712 # Handle transitive properties where something on |
|
5b66c480f71f
Handle empty Link for transitive property
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6185
diff
changeset
|
713 # the road is None (empty Link property) |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
714 if working_id is None: |
|
6254
5b66c480f71f
Handle empty Link for transitive property
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6185
diff
changeset
|
715 prop = None |
|
5b66c480f71f
Handle empty Link for transitive property
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6185
diff
changeset
|
716 ok = True |
|
5b66c480f71f
Handle empty Link for transitive property
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6185
diff
changeset
|
717 break |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
718 prop = cl.getprops(protected=True)[p] |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
719 cn = getattr(prop, 'classname', None) |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
720 else: |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
721 ok = True |
|
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
722 if not ok: |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
723 continue |
| 5998 | 724 if isinstance(prop, (hyperdb.Link, hyperdb.Multilink)): |
| 725 linkcls = self.db.getclass(prop.classname) | |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
726 cp = '%s/%s/' % (self.data_path, prop.classname) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
727 if verbose and v: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
728 if isinstance(v, type([])): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
729 r = [] |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
730 for working_id in v: |
|
8201
d5ad7fcb9bf6
chore(ruff): replace dict(...) with equivalent {...}
John Rouillard <rouilj@ieee.org>
parents:
8199
diff
changeset
|
731 d = {"id": working_id, |
|
d5ad7fcb9bf6
chore(ruff): replace dict(...) with equivalent {...}
John Rouillard <rouilj@ieee.org>
parents:
8199
diff
changeset
|
732 "link": cp + working_id} |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
733 if verbose > 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
734 label = linkcls.labelprop() |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
735 d[label] = linkcls.get(working_id, label) |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
736 r.append(d) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
737 result[pn] = r |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
738 else: |
|
8201
d5ad7fcb9bf6
chore(ruff): replace dict(...) with equivalent {...}
John Rouillard <rouilj@ieee.org>
parents:
8199
diff
changeset
|
739 result[pn] = {"id": v, "link": cp + v} |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
740 if verbose > 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
741 label = linkcls.labelprop() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
742 result[pn][label] = linkcls.get(v, label) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
743 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
744 result[pn] = v |
| 5998 | 745 elif isinstance(prop, hyperdb.String) and pn == 'content': |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
746 # Do not show the (possibly HUGE) content prop |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
747 # unless very verbose, we display the standard |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
748 # download link instead |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
749 if verbose < 3: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
750 u = self.db.config.TRACKER_WEB |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
751 p = u + '%s%s/' % (class_name, node.id) |
|
8201
d5ad7fcb9bf6
chore(ruff): replace dict(...) with equivalent {...}
John Rouillard <rouilj@ieee.org>
parents:
8199
diff
changeset
|
752 result[pn] = {"link": p} |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
753 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
754 result[pn] = v |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
755 elif isinstance(prop, hyperdb.Password): |
| 5998 | 756 if v is not None: # locked users like anonymous have None |
| 757 result[pn] = "[password hidden scheme %s]" % v.scheme | |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
758 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
759 # Don't divulge it's a locked account. Choose most |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
760 # secure as default. |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
761 result[pn] = "[password hidden scheme PBKDF2]" |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
762 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
763 result[pn] = v |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
764 except KeyError as msg: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
765 raise UsageError("%s field not valid" % msg) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
766 |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
767 return result |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
768 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
769 @Routing.route("/data/<:class_name>", 'GET') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
770 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
771 def get_collection(self, class_name, input_payload): |
| 5582 | 772 """GET resource from class URI. |
| 773 | |
| 774 This function returns only items have View permission | |
| 775 class_name should be valid already | |
| 776 | |
| 777 Args: | |
| 778 class_name (string): class name of the resource (Ex: issue, msg) | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
779 input_payload (list): the submitted form of the user |
| 5582 | 780 |
| 781 Returns: | |
| 782 int: http status code 200 (OK) | |
| 783 list: list of reference item in the class | |
| 784 id: id of the object | |
| 785 link: path to the object | |
| 786 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
787 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
788 raise NotFound('Class %s not found' % class_name) |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
789 |
|
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
790 uid = self.db.getuid() |
|
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
791 |
|
5864
5e8e160fe2a0
Fix security checks for individual properties
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5851
diff
changeset
|
792 if not self.db.security.hasPermission('View', uid, class_name): |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
793 raise Unauthorised('Permission to view %s denied' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
794 |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
795 class_obj = self.db.getclass(class_name) |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
796 class_path = '%s/%s/' % (self.data_path, class_name) |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
797 |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
798 # Handle filtering and pagination |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
799 filter_props = {} |
| 5998 | 800 exact_props = {} |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
801 page = { |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
802 'size': None, |
|
7853
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
803 'index': 1, # setting just size starts at page 1 |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
804 } |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
805 verbose = 1 |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
806 display_props = set() |
|
5865
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
807 sort = [] |
|
7854
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
808 group = [] |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
809 for form_field in input_payload.value: |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
810 key = form_field.name |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
811 value = form_field.value |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
812 if key.startswith("@page_"): # serve the paging purpose |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
813 key = key[6:] |
|
8213
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
814 try: |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
815 value = int(value) |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
816 except ValueError as e: |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
817 raise UsageError("When using @page_%s: %s" % |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
818 (key, e.args[0])) |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
819 page[key] = value |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
820 elif key == "@verbose": |
|
8213
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
821 try: |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
822 verbose = int(value) |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
823 except ValueError as e: |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
824 raise UsageError("When using @verbose: %s" % |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
825 (e.args[0])) |
|
8197
5b8d1cb290cb
chore(ruff): replace 'x == y or x == z' with 'x in [y,z]'
John Rouillard <rouilj@ieee.org>
parents:
8196
diff
changeset
|
826 elif key in ["@fields", "@attrs"]: |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
827 f = value.split(",") |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
828 if len(f) == 1: |
| 5998 | 829 f = value.split(":") |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
830 display_props.update(self.transitive_props(class_name, f)) |
|
5865
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
831 elif key == "@sort": |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
832 f = value.split(",") |
| 5998 | 833 for p in f: |
|
5865
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
834 if not p: |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
835 raise UsageError("Empty property " |
| 5998 | 836 "for class %s." % (class_name)) |
|
5865
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
837 if p[0] in ('-', '+'): |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
838 pn = p[1:] |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
839 ss = p[0] |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
840 else: |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
841 ss = '+' |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
842 pn = p |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
843 # Only include properties where we have search permission |
|
5872
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
844 # Note that hasSearchPermission already returns 0 for |
|
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
845 # non-existing properties. |
|
5865
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
846 if self.db.security.hasSearchPermission( |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
847 uid, class_name, pn |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
848 ): |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
849 sort.append((ss, pn)) |
| 6926 | 850 else: |
|
6088
00a24243887c
Remove redundant permission check
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6086
diff
changeset
|
851 raise (Unauthorised( |
|
6086
c172bd18fa94
REST API: 403 on non-searchable properties
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6009
diff
changeset
|
852 'User does not have search permission on "%s.%s"' |
|
c172bd18fa94
REST API: 403 on non-searchable properties
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6009
diff
changeset
|
853 % (class_name, pn))) |
|
7854
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
854 elif key == "@group": |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
855 f = value.split(",") |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
856 for p in f: |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
857 if not p: |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
858 raise UsageError("Empty property " |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
859 "for class %s." % (class_name)) |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
860 if p[0] in ('-', '+'): |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
861 pn = p[1:] |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
862 ss = p[0] |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
863 else: |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
864 ss = '+' |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
865 pn = p |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
866 # Only include properties where we have search permission |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
867 # Note that hasSearchPermission already returns 0 for |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
868 # non-existing properties. |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
869 if self.db.security.hasSearchPermission( |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
870 uid, class_name, pn |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
871 ): |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
872 group.append((ss, pn)) |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
873 else: |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
874 raise (Unauthorised( |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
875 'User does not have search permission on "%s.%s"' |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
876 % (class_name, pn))) |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
877 elif key.startswith("@"): |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
878 # ignore any unsupported/previously handled control key |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
879 # like @apiver |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
880 pass |
| 5998 | 881 else: # serve the filter purpose |
|
5874
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
882 exact = False |
| 5998 | 883 if key.endswith(':'): |
|
5874
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
884 exact = True |
| 5998 | 885 key = key[:-1] |
| 886 elif key.endswith('~'): | |
| 887 key = key[:-1] | |
|
5872
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
888 p = key.split('.', 1)[0] |
| 5998 | 889 try: |
|
5872
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
890 prop = class_obj.getprops()[p] |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
891 except KeyError: |
| 5998 | 892 raise UsageError("Field %s is not valid for %s class." % |
| 893 (p, class_name)) | |
|
6554
576d630fc908
Fix error status for invalid props
John Rouillard <rouilj@ieee.org>
parents:
6544
diff
changeset
|
894 # Call this for the side effect of validating the key |
|
6559
178705fbeaa8
Change _ = to _discard = as _ is the translation service global
John Rouillard <rouilj@ieee.org>
parents:
6554
diff
changeset
|
895 # use _discard as _ is apparently a global for the translation |
|
178705fbeaa8
Change _ = to _discard = as _ is the translation service global
John Rouillard <rouilj@ieee.org>
parents:
6554
diff
changeset
|
896 # service. |
| 6926 | 897 _discard = self.transitive_props(class_name, [key]) # noqa: F841 |
| 898 | |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
899 # We drop properties without search permission silently |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
900 # This reflects the current behavior of other roundup |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
901 # interfaces |
|
5872
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
902 # Note that hasSearchPermission already returns 0 for |
|
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
903 # non-existing properties. |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
904 if not self.db.security.hasSearchPermission( |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
905 uid, class_name, key |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
906 ): |
|
6088
00a24243887c
Remove redundant permission check
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6086
diff
changeset
|
907 raise (Unauthorised( |
|
6086
c172bd18fa94
REST API: 403 on non-searchable properties
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6009
diff
changeset
|
908 'User does not have search permission on "%s.%s"' |
|
c172bd18fa94
REST API: 403 on non-searchable properties
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6009
diff
changeset
|
909 % (class_name, key))) |
|
5872
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
910 |
|
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
911 linkcls = class_obj |
|
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
912 for p in key.split('.'): |
| 5998 | 913 prop = linkcls.getprops(protected=True)[p] |
| 914 linkcls = getattr(prop, 'classname', None) | |
|
5872
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
915 if linkcls: |
|
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
916 linkcls = self.db.getclass(linkcls) |
|
1b91e3df3fd0
Implement transitive props for sort and filter
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5870
diff
changeset
|
917 |
| 5998 | 918 if isinstance(prop, (hyperdb.Link, hyperdb.Multilink)): |
|
5842
9c6617857032
Support use of duplicate rest filters keys. So URL's like:
John Rouillard <rouilj@ieee.org>
parents:
5824
diff
changeset
|
919 if key in filter_props: |
|
9c6617857032
Support use of duplicate rest filters keys. So URL's like:
John Rouillard <rouilj@ieee.org>
parents:
5824
diff
changeset
|
920 vals = filter_props[key] |
|
9c6617857032
Support use of duplicate rest filters keys. So URL's like:
John Rouillard <rouilj@ieee.org>
parents:
5824
diff
changeset
|
921 else: |
|
9c6617857032
Support use of duplicate rest filters keys. So URL's like:
John Rouillard <rouilj@ieee.org>
parents:
5824
diff
changeset
|
922 vals = [] |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
923 for p in value.split(","): |
|
8195
beab1ba70d34
chore(ruff): parenthesize "a and b or ..." to enforce/clarify precedence
John Rouillard <rouilj@ieee.org>
parents:
8194
diff
changeset
|
924 dig = (p and p.isdigit()) or \ |
| 5998 | 925 (p[0] in ('-', '+') and p[1:].isdigit()) |
|
5904
2b78e21d7047
Fix lookup of negative ids
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5874
diff
changeset
|
926 if prop.try_id_parsing and dig: |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
927 vals.append(p) |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
928 else: |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
929 vals.append(linkcls.lookup(p)) |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
930 filter_props[key] = vals |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
931 else: |
| 5998 | 932 if not isinstance(prop, hyperdb.String): |
|
5874
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
933 exact = False |
|
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
934 props = filter_props |
|
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
935 if exact: |
|
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
936 props = exact_props |
|
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
937 if key in props: |
|
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
938 if isinstance(props[key], list): |
|
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
939 props[key].append(value) |
|
5842
9c6617857032
Support use of duplicate rest filters keys. So URL's like:
John Rouillard <rouilj@ieee.org>
parents:
5824
diff
changeset
|
940 else: |
| 5998 | 941 props[key] = [props[key], value] |
|
5842
9c6617857032
Support use of duplicate rest filters keys. So URL's like:
John Rouillard <rouilj@ieee.org>
parents:
5824
diff
changeset
|
942 else: |
|
5874
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
943 props[key] = value |
| 5998 | 944 l = [filter_props] # noqa: E741 |
|
5870
5ae426616576
Implement pagination in REST API via limit/offset
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5865
diff
changeset
|
945 kw = {} |
|
5865
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
946 if sort: |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
947 l.append(sort) |
|
7854
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
948 if group: |
|
171ff2e487df
Add @group for grouping in rest interface.
John Rouillard <rouilj@ieee.org>
parents:
7853
diff
changeset
|
949 l.append(group) |
|
5874
6630baff5f68
Implement exact string search in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5873
diff
changeset
|
950 if exact_props: |
| 5998 | 951 kw['exact_match_spec'] = exact_props |
|
7853
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
952 if page['size'] is None: |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
953 kw['limit'] = self.max_response_row_size |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
954 elif page['size'] > 0: |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
955 if page['size'] >= self.max_response_row_size: |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
956 raise UsageError(_( |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
957 "Page size %(page_size)s must be less than admin " |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
958 "limit on query result size: %(max_size)s.") % { |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
959 "page_size": page['size'], |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
960 "max_size": self.max_response_row_size, |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
961 }) |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
962 kw['limit'] = self.max_response_row_size |
| 5998 | 963 if page['index'] is not None and page['index'] > 1: |
| 964 kw['offset'] = (page['index'] - 1) * page['size'] | |
|
8126
f7bd22bdef9d
Move permission check code to hyperdb
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8094
diff
changeset
|
965 obj_list = class_obj.filter_with_permissions(None, *l, **kw) |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
966 |
|
7853
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
967 # Have we hit the max number of returned rows? |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
968 # If so there may be more data that the client |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
969 # has to explicitly page through using offset/@page_index. |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
970 overflow = len(obj_list) == self.max_response_row_size |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
971 |
|
5865
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
972 # Note: We don't sort explicitly in python. The filter implementation |
|
04deafac71ab
Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5864
diff
changeset
|
973 # of the DB already sorts by ID if no sort option was given. |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
974 |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
975 # add verbose elements. 2 and above get identifying label. |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
976 if verbose > 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
977 lp = class_obj.labelprop() |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
978 display_props.add(lp) |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
979 |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
980 # extract result from data |
| 5998 | 981 result = {} |
| 982 result['collection'] = [] | |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
983 for item_id in obj_list: |
|
5864
5e8e160fe2a0
Fix security checks for individual properties
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5851
diff
changeset
|
984 r = {} |
|
8126
f7bd22bdef9d
Move permission check code to hyperdb
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8094
diff
changeset
|
985 # No need to check permission on id here, as we have only |
|
f7bd22bdef9d
Move permission check code to hyperdb
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8094
diff
changeset
|
986 # security-checked results |
|
f7bd22bdef9d
Move permission check code to hyperdb
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8094
diff
changeset
|
987 r = {'id': item_id, 'link': class_path + item_id} |
| 5998 | 988 if display_props: |
|
6088
00a24243887c
Remove redundant permission check
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6086
diff
changeset
|
989 # format_item does the permission checks |
|
00a24243887c
Remove redundant permission check
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6086
diff
changeset
|
990 r.update(self.format_item(class_obj.getnode(item_id), |
|
00a24243887c
Remove redundant permission check
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6086
diff
changeset
|
991 item_id, props=display_props, verbose=verbose)) |
|
5864
5e8e160fe2a0
Fix security checks for individual properties
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5851
diff
changeset
|
992 if r: |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
993 result['collection'].append(r) |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
994 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
995 result_len = len(result['collection']) |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
996 |
|
7853
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
997 if not overflow: # noqa: SIM108 - no nested ternary |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
998 # add back the number of items in the offset. |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
999 total_len = kw['offset'] + result_len if 'offset' in kw \ |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1000 else result_len |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1001 else: |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1002 # we have hit the max number of rows configured to be |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1003 # returned. We hae no idea how many rows can match. We |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1004 # could use 0 as the sentinel, but a filter could match 0 |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1005 # rows. So return -1 indicating we exceeded the result |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1006 # max size on this query. |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1007 total_len = -1 |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1008 |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1009 # truncate result['collection'] to page size |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1010 if page['size'] is not None and page['size'] > 0: |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1011 result['collection'] = result['collection'][:page['size']] |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1012 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1013 # pagination - page_index from 1...N |
|
5870
5ae426616576
Implement pagination in REST API via limit/offset
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5865
diff
changeset
|
1014 if page['size'] is not None and page['size'] > 0: |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1015 result['@links'] = {} |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1016 for rel in ('next', 'prev', 'self'): |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1017 if rel == 'next': |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1018 # if current index includes all data, continue |
|
7853
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1019 if page['size'] >= result_len: continue # noqa: E701 |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1020 index = page['index'] + 1 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1021 if rel == 'prev': |
| 5998 | 1022 if page['index'] <= 1: continue # noqa: E701 |
| 1023 index = page['index'] - 1 | |
| 1024 if rel == 'self': index = page['index'] # noqa: E701 | |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
1025 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1026 result['@links'][rel] = [] |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1027 result['@links'][rel].append({ |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1028 'rel': rel, |
| 5998 | 1029 'uri': "%s/%s?@page_index=%s&" % (self.data_path, |
| 1030 class_name, index) + | |
| 1031 '&'.join(["%s=%s" % (field.name, field.value) | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1032 for field in input_payload.value |
| 5998 | 1033 if field.name != "@page_index"])}) |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1034 |
|
7853
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1035 result['@total_size'] = total_len |
|
03c1b7ae3a68
issue2551328/issue2551264 unneeded next link and total_count incorrect
John Rouillard <rouilj@ieee.org>
parents:
7750
diff
changeset
|
1036 self.client.setHeader("X-Count-Total", str(total_len)) |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1037 self.client.setHeader("Allow", "OPTIONS, GET, POST") |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1038 return 200, result |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1039 |
|
7971
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1040 @Routing.route("/data/user/roles", 'GET') |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1041 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1042 def get_roles(self, input_payload): |
|
7971
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1043 """Return all defined roles for users with Admin role. |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1044 The User class property roles is a string but simulate |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1045 it as a MultiLink to an actual Roles class. |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1046 """ |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1047 if not self.client.db.user.has_role(self.client.db.getuid(), "Admin"): |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1048 raise Unauthorised( |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1049 'User does not have permission on "user.roles"') |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1050 |
|
7983
dd229bbdd32d
issue 2551353 - add roundup-classhelper
John Rouillard <rouilj@ieee.org>
parents:
7971
diff
changeset
|
1051 self.client.setHeader( |
|
dd229bbdd32d
issue 2551353 - add roundup-classhelper
John Rouillard <rouilj@ieee.org>
parents:
7971
diff
changeset
|
1052 "Allow", |
|
dd229bbdd32d
issue 2551353 - add roundup-classhelper
John Rouillard <rouilj@ieee.org>
parents:
7971
diff
changeset
|
1053 "GET" |
|
dd229bbdd32d
issue 2551353 - add roundup-classhelper
John Rouillard <rouilj@ieee.org>
parents:
7971
diff
changeset
|
1054 ) |
|
dd229bbdd32d
issue 2551353 - add roundup-classhelper
John Rouillard <rouilj@ieee.org>
parents:
7971
diff
changeset
|
1055 |
|
7971
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1056 return 200, {"collection": |
|
8190
569aff540a21
chore(ruff): whatespace fixes/silence linting
John Rouillard <rouilj@ieee.org>
parents:
8188
diff
changeset
|
1057 [{"id": rolename, "name": rolename} |
|
7971
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1058 for rolename in list(self.db.security.role.keys())]} |
|
fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
John Rouillard <rouilj@ieee.org>
parents:
7854
diff
changeset
|
1059 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1060 @Routing.route("/data/<:class_name>/<:item_id>", 'GET') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1061 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1062 def get_element(self, class_name, item_id, input_payload): |
| 5582 | 1063 """GET resource from object URI. |
| 1064 | |
| 1065 This function returns only properties have View permission | |
| 1066 class_name and item_id should be valid already | |
| 1067 | |
| 1068 Args: | |
| 1069 class_name (string): class name of the resource (Ex: issue, msg) | |
| 1070 item_id (string): id of the resource (Ex: 12, 15) | |
| 5678 | 1071 or (if the class has a key property) this can also be |
| 1072 the key name, e.g. class_name = status, item_id = 'open' | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1073 input_payload (list): the submitted form of the user |
| 5582 | 1074 |
| 1075 Returns: | |
| 1076 int: http status code 200 (OK) | |
| 1077 dict: a dictionary represents the object | |
| 1078 id: id of the object | |
| 1079 type: class name of the object | |
| 1080 link: link to the object | |
| 1081 attributes: a dictionary represent the attributes of the object | |
| 1082 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1083 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1084 raise NotFound('Class %s not found' % class_name) |
| 5678 | 1085 class_obj = self.db.getclass(class_name) |
| 1086 uid = self.db.getuid() | |
| 1087 # If it's not numeric it is a key | |
| 1088 if item_id.isdigit(): | |
| 5679 | 1089 itemid = item_id |
| 5678 | 1090 else: |
| 1091 keyprop = class_obj.getkey() | |
| 1092 try: | |
| 1093 k, v = item_id.split('=', 1) | |
| 1094 if k != keyprop: | |
| 5998 | 1095 raise UsageError("Field %s is not key property" % k) |
| 5678 | 1096 except ValueError: |
| 1097 v = item_id | |
| 1098 if not self.db.security.hasPermission( | |
| 1099 'View', uid, class_name, itemid=item_id, property=keyprop | |
| 1100 ): | |
| 1101 raise Unauthorised( | |
| 1102 'Permission to view %s%s.%s denied' | |
| 1103 % (class_name, item_id, keyprop) | |
| 1104 ) | |
|
7372
886a5c767d7e
Invalid REST item spec returns 404 rather than 400.
John Rouillard <rouilj@ieee.org>
parents:
7173
diff
changeset
|
1105 try: |
|
886a5c767d7e
Invalid REST item spec returns 404 rather than 400.
John Rouillard <rouilj@ieee.org>
parents:
7173
diff
changeset
|
1106 itemid = class_obj.lookup(v) |
|
886a5c767d7e
Invalid REST item spec returns 404 rather than 400.
John Rouillard <rouilj@ieee.org>
parents:
7173
diff
changeset
|
1107 except TypeError: |
|
886a5c767d7e
Invalid REST item spec returns 404 rather than 400.
John Rouillard <rouilj@ieee.org>
parents:
7173
diff
changeset
|
1108 raise NotFound("Item '%s' not found" % v) |
|
886a5c767d7e
Invalid REST item spec returns 404 rather than 400.
John Rouillard <rouilj@ieee.org>
parents:
7173
diff
changeset
|
1109 |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1110 if not self.db.security.hasPermission( |
| 5679 | 1111 'View', uid, class_name, itemid=itemid |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1112 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1113 raise Unauthorised( |
| 5679 | 1114 'Permission to view %s%s denied' % (class_name, itemid) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1115 ) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1116 |
| 5679 | 1117 node = class_obj.getnode(itemid) |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
1118 etag = calculate_etag(node, self.db.config.WEB_SECRET_KEY, |
|
5729
9ea2ce9d10cf
A few internet references report that etags for the same underlying
John Rouillard <rouilj@ieee.org>
parents:
5727
diff
changeset
|
1119 class_name, itemid, repr_format="json") |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
1120 props = None |
| 5998 | 1121 protected = False |
| 1122 verbose = 1 | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1123 for form_field in input_payload.value: |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
1124 key = form_field.name |
|
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
1125 value = form_field.value |
|
8197
5b8d1cb290cb
chore(ruff): replace 'x == y or x == z' with 'x in [y,z]'
John Rouillard <rouilj@ieee.org>
parents:
8196
diff
changeset
|
1126 if key in ["@fields", "@attrs"]: |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
1127 if props is None: |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
1128 props = set() |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
1129 # support , or : separated elements |
| 5998 | 1130 f = value.split(",") |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
1131 if len(f) == 1: |
| 5998 | 1132 f = value.split(":") |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
1133 props.update(self.transitive_props(class_name, f)) |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
1134 elif key == "@protected": |
|
5638
7e3cceec3f4f
Allow client to access read only/protected properties like creator,
John Rouillard <rouilj@ieee.org>
parents:
5636
diff
changeset
|
1135 # allow client to request read only |
|
7e3cceec3f4f
Allow client to access read only/protected properties like creator,
John Rouillard <rouilj@ieee.org>
parents:
5636
diff
changeset
|
1136 # properties like creator, activity etc. |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
1137 # used only if no @fields/@attrs |
|
5638
7e3cceec3f4f
Allow client to access read only/protected properties like creator,
John Rouillard <rouilj@ieee.org>
parents:
5636
diff
changeset
|
1138 protected = value.lower() == "true" |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
1139 elif key == "@verbose": |
|
8213
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
1140 try: |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
1141 verbose = int(value) |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
1142 except ValueError as e: |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
1143 raise UsageError("When using @verbose: %s" % |
|
14e92a595828
fix(web) issue2551382 - 409 not 400 errors returned
John Rouillard <rouilj@ieee.org>
parents:
8208
diff
changeset
|
1144 (e.args[0])) |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
1145 |
|
5661
b08a308c273b
Better display for Link/Multilink and content
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5660
diff
changeset
|
1146 result = {} |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
1147 if props is None: |
|
6090
e097ff5064b8
Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6088
diff
changeset
|
1148 props = set(class_obj.getprops(protected=protected)) |
|
8198
de6b02c23ee9
chore(ruff): replace 'else: if bool_exp:' with 'elif bool_exp:'
John Rouillard <rouilj@ieee.org>
parents:
8197
diff
changeset
|
1149 elif verbose > 1: |
|
8199
622e7bc2db69
chore(ruff): fix indentation level on de6b02c23ee9
John Rouillard <rouilj@ieee.org>
parents:
8198
diff
changeset
|
1150 lp = class_obj.labelprop() |
|
622e7bc2db69
chore(ruff): fix indentation level on de6b02c23ee9
John Rouillard <rouilj@ieee.org>
parents:
8198
diff
changeset
|
1151 props.add(lp) |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
1152 |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1153 result = { |
| 5679 | 1154 'id': itemid, |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1155 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1156 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
1157 'attributes': self.format_item(node, itemid, props=props, |
| 5998 | 1158 verbose=verbose), |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1159 '@etag': etag |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1160 } |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1161 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1162 self.client.setHeader("ETag", etag) |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1163 return 200, result |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1164 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1165 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'GET') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1166 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1167 def get_attribute(self, class_name, item_id, attr_name, input_payload): |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1168 """GET resource from attribute URI. |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1169 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1170 This function returns only attribute has View permission |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1171 class_name should be valid already |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1172 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1173 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1174 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1175 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1176 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1177 input_payload (list): the submitted form of the user |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1178 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1179 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1180 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1181 list: a dictionary represents the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1182 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1183 type: class name of the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1184 link: link to the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1185 data: data of the requested attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1186 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1187 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1188 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1189 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1190 'View', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1191 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1192 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1193 'Permission to view %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1194 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1195 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1196 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1197 class_obj = self.db.getclass(class_name) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1198 node = class_obj.getnode(item_id) |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
1199 etag = calculate_etag(node, self.db.config.WEB_SECRET_KEY, |
|
8190
569aff540a21
chore(ruff): whatespace fixes/silence linting
John Rouillard <rouilj@ieee.org>
parents:
8188
diff
changeset
|
1200 class_name, item_id, repr_format="json") |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1201 try: |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1202 data = node.__getattr__(attr_name) |
| 6926 | 1203 except AttributeError: |
|
7750
216662fbaaee
fix(i18n): fix incorrect lookup of some translations
John Rouillard <rouilj@ieee.org>
parents:
7726
diff
changeset
|
1204 raise UsageError(_("Invalid attribute %s") % attr_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1205 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1206 'id': item_id, |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
1207 'type': str(type(data)), |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1208 'link': "%s/%s/%s/%s" % |
|
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1209 (self.data_path, class_name, item_id, attr_name), |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1210 'data': data, |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1211 '@etag': etag |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1212 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1213 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1214 self.client.setHeader("ETag", etag) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1215 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1216 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1217 @Routing.route("/data/<:class_name>", 'POST') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1218 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1219 def post_collection(self, class_name, input_payload): |
| 5582 | 1220 """POST a new object to a class |
| 1221 | |
| 1222 If the item is successfully created, the "Location" header will also | |
| 1223 contain the link to the created object | |
| 1224 | |
| 1225 Args: | |
| 1226 class_name (string): class name of the resource (Ex: issue, msg) | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1227 input_payload (list): the submitted form of the user |
| 5582 | 1228 |
| 1229 Returns: | |
| 1230 int: http status code 201 (Created) | |
| 1231 dict: a reference item to the created object | |
| 1232 id: id of the object | |
| 1233 link: path to the object | |
| 1234 """ | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1235 return self.post_collection_inner(class_name, input_payload) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1236 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1237 @Routing.route("/data/<:class_name>/@poe", 'POST') |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1238 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1239 def get_post_once_exactly(self, class_name, input_payload): |
|
6349
c1a672b1ad85
Document post once functions.
John Rouillard <rouilj@ieee.org>
parents:
6311
diff
changeset
|
1240 """Get the Post Once Exactly token to create a new instance of class |
|
c1a672b1ad85
Document post once functions.
John Rouillard <rouilj@ieee.org>
parents:
6311
diff
changeset
|
1241 See https://tools.ietf.org/html/draft-nottingham-http-poe-00""" |
| 5998 | 1242 otks = self.db.Otk |
|
6823
fe0091279f50
Refactor session db logging and key generation for sessions/otks
John Rouillard <rouilj@ieee.org>
parents:
6814
diff
changeset
|
1243 poe_key = otks.getUniqueKey() |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1244 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1245 try: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1246 lifetime = int(input_payload['lifetime'].value) |
| 5998 | 1247 except KeyError: |
| 1248 lifetime = 30 * 60 # 30 minutes | |
| 1249 except ValueError: | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1250 raise UsageError("Value 'lifetime' must be an integer specify lifetime in seconds. Got %s." % input_payload['lifetime'].value) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1251 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1252 if lifetime > 3600 or lifetime < 1: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1253 raise UsageError("Value 'lifetime' must be between 1 second and 1 hour (3600 seconds). Got %s." % input_payload['lifetime'].value) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1254 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1255 try: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1256 # if generic tag exists, we don't care about the value |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1257 is_generic = input_payload['generic'] |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1258 # we generate a generic POE token |
| 5998 | 1259 is_generic = True |
| 1260 except KeyError: | |
| 1261 is_generic = False | |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1262 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1263 # a POE must be used within lifetime (30 minutes default). |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1264 # Default OTK lifetime is 1 week. So to make different |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1265 # lifetime, take current time, subtract 1 week and add |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1266 # lifetime. |
|
6814
3f60a71b0812
Summary: Support selecion session/otk data store. Add redis as data store.
John Rouillard <rouilj@ieee.org>
parents:
6693
diff
changeset
|
1267 ts = otks.lifetime(lifetime) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1268 if is_generic: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1269 otks.set(u2s(poe_key), uid=self.db.getuid(), |
| 5998 | 1270 __timestamp=ts) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1271 else: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1272 otks.set(u2s(poe_key), uid=self.db.getuid(), |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1273 class_name=class_name, |
| 5998 | 1274 __timestamp=ts) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1275 otks.commit() |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1276 |
| 5998 | 1277 return 200, {'link': '%s/%s/@poe/%s' % |
| 1278 (self.data_path, class_name, poe_key), | |
| 1279 'expires': ts + (60 * 60 * 24 * 7)} | |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1280 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1281 @Routing.route("/data/<:class_name>/@poe/<:post_token>", 'POST') |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1282 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1283 def post_once_exactly_collection(self, class_name, post_token, input_payload): |
|
6349
c1a672b1ad85
Document post once functions.
John Rouillard <rouilj@ieee.org>
parents:
6311
diff
changeset
|
1284 """Post exactly one to the resource named by class_name""" |
| 5998 | 1285 otks = self.db.Otk |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1286 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1287 # remove expired keys so we don't use an expired key |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1288 otks.clean() |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1289 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1290 if not otks.exists(u2s(post_token)): |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1291 # Don't log this failure. Would allow attackers to fill |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1292 # logs. |
| 5998 | 1293 raise UsageError("POE token '%s' not valid." % post_token) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1294 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1295 # find out what user owns the key |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1296 user = otks.get(u2s(post_token), 'uid', default=None) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1297 # find out what class it was meant for |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1298 cn = otks.get(u2s(post_token), 'class_name', default=None) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1299 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1300 # Invalidate the key as it has been used. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1301 otks.destroy(u2s(post_token)) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1302 otks.commit() |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1303 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1304 # verify the same user that requested the key is the user |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1305 # using the key. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1306 if user != self.db.getuid(): |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1307 # Tell the roundup admin that there is an issue |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1308 # as the key got compromised. |
|
5799
7ba0ee980fc7
logger.warn is deprecated. Replace with logger.warning.
John Rouillard <rouilj@ieee.org>
parents:
5745
diff
changeset
|
1309 logger.warning( |
| 5998 | 1310 'Post Once key owned by user%s was denied. Used by user%s', user, self.db.getuid() |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1311 ) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1312 # Should we indicate to user that the token is invalid |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1313 # because they are not the user who owns the key? It could |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1314 # be a logic bug in the application. But I assume that |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1315 # the key has been stolen and we don't want to tip our hand. |
| 5998 | 1316 raise UsageError("POE token '%s' not valid." % post_token) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1317 |
| 5998 | 1318 if cn != class_name and cn is not None: |
| 1319 raise UsageError("POE token '%s' not valid for %s, was generated for class %s" % (post_token, class_name, cn)) | |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1320 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1321 # handle this as though they POSTed to /rest/data/class |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1322 return self.post_collection_inner(class_name, input_payload) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1323 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1324 def post_collection_inner(self, class_name, input_payload): |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1325 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1326 raise NotFound('Class %s not found' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1327 if not self.db.security.hasPermission( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1328 'Create', self.db.getuid(), class_name |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1329 ): |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1330 raise Unauthorised('Permission to create %s denied' % class_name) |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1331 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1332 class_obj = self.db.getclass(class_name) |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1333 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1334 # convert types |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1335 props = self.props_from_args(class_obj, input_payload.value) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1336 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1337 # check for the key property |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1338 key = class_obj.getkey() |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1339 if key and key not in props: |
| 5576 | 1340 raise UsageError("Must provide the '%s' property." % key) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1341 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1342 for key in props: |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1343 if not self.db.security.hasPermission( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1344 'Create', self.db.getuid(), class_name, property=key |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1345 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1346 raise Unauthorised( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1347 'Permission to create %s.%s denied' % (class_name, key) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1348 ) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1349 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1350 # do the actual create |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1351 try: |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
1352 item_id = class_obj.create(**props) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1353 self.db.commit() |
| 5602 | 1354 except (TypeError, IndexError, ValueError) as message: |
| 5576 | 1355 raise ValueError(message) |
| 5602 | 1356 except KeyError as msg: |
| 5576 | 1357 raise UsageError("Must provide the %s property." % msg) |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
1358 |
|
5573
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1359 # set the header Location |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1360 link = '%s/%s/%s' % (self.data_path, class_name, item_id) |
|
5573
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1361 self.client.setHeader("Location", link) |
|
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1362 |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1363 self.client.setHeader( |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1364 "Allow", |
|
6544
9aa8df0b4426
issue2551178 - fix Traceback in Apache WSGI
John Rouillard <rouilj@ieee.org>
parents:
6543
diff
changeset
|
1365 None |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1366 ) |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1367 self.client.setHeader( |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1368 "Access-Control-Allow-Methods", |
|
6544
9aa8df0b4426
issue2551178 - fix Traceback in Apache WSGI
John Rouillard <rouilj@ieee.org>
parents:
6543
diff
changeset
|
1369 None |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1370 ) |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1371 |
|
5573
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1372 # set the response body |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1373 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1374 'id': item_id, |
|
5573
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1375 'link': link |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1376 } |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1377 return 201, result |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1378 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1379 @Routing.route("/data/<:class_name>/<:item_id>", 'PUT') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1380 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1381 def put_element(self, class_name, item_id, input_payload): |
| 5582 | 1382 """PUT a new content to an object |
| 1383 | |
| 1384 Replace the content of the existing object | |
| 1385 | |
| 1386 Args: | |
| 1387 class_name (string): class name of the resource (Ex: issue, msg) | |
| 1388 item_id (string): id of the resource (Ex: 12, 15) | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1389 input_payload (list): the submitted form of the user |
| 5582 | 1390 |
| 1391 Returns: | |
| 1392 int: http status code 200 (OK) | |
| 1393 dict: a dictionary represents the modified object | |
| 1394 id: id of the object | |
| 1395 type: class name of the object | |
| 1396 link: link to the object | |
| 1397 attributes: a dictionary represent only changed attributes of | |
| 1398 the object | |
| 1399 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1400 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1401 raise NotFound('Class %s not found' % class_name) |
| 5564 | 1402 class_obj = self.db.getclass(class_name) |
| 1403 | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1404 props = self.props_from_args(class_obj, input_payload.value, item_id) |
| 5602 | 1405 for p in props: |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1406 if not self.db.security.hasPermission( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1407 'Edit', self.db.getuid(), class_name, p, item_id |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1408 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1409 raise Unauthorised( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1410 'Permission to edit %s of %s%s denied' % |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1411 (p, class_name, item_id) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1412 ) |
| 5564 | 1413 try: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1414 self.raise_if_no_etag(class_name, item_id, input_payload) |
| 5564 | 1415 result = class_obj.set(item_id, **props) |
| 1416 self.db.commit() | |
| 5602 | 1417 except (TypeError, IndexError, ValueError) as message: |
| 5576 | 1418 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1419 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1420 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1421 # and changing invalid keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1422 raise UsageError(message) |
| 5564 | 1423 |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1424 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1425 'id': item_id, |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1426 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1427 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1428 'attribute': result |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1429 } |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1430 return 200, result |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1431 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1432 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PUT') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1433 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1434 def put_attribute(self, class_name, item_id, attr_name, input_payload): |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1435 """PUT an attribute to an object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1436 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1437 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1438 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1439 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1440 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1441 input_payload (list): the submitted form of the user |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1442 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1443 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1444 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1445 dict:a dictionary represents the modified object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1446 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1447 type: class name of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1448 link: link to the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1449 attributes: a dictionary represent only changed attributes of |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1450 the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1451 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1452 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1453 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1454 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1455 'Edit', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1456 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1457 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1458 'Permission to edit %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1459 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1460 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1461 class_obj = self.db.getclass(class_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1462 props = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1463 attr_name: self.prop_from_arg( |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1464 class_obj, attr_name, input_payload['data'].value, item_id |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1465 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1466 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1467 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1468 try: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1469 self.raise_if_no_etag(class_name, item_id, input_payload) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1470 result = class_obj.set(item_id, **props) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1471 self.db.commit() |
| 5602 | 1472 except (TypeError, IndexError, ValueError) as message: |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1473 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1474 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1475 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1476 # and changing invalid keys |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1477 raise AttributeError(message) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1478 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1479 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1480 'id': item_id, |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1481 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1482 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1483 'attribute': result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1484 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1485 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1486 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1487 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1488 @Routing.route("/data/<:class_name>", 'DELETE') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1489 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1490 def delete_collection(self, class_name, input_payload): |
| 5604 | 1491 """DELETE (retire) all objects in a class |
| 1492 There is currently no use-case, so this is disabled and | |
| 1493 always returns Unauthorised. | |
| 5582 | 1494 |
| 1495 Args: | |
| 1496 class_name (string): class name of the resource (Ex: issue, msg) | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1497 input_payload (list): the submitted form of the user |
| 5582 | 1498 |
| 1499 Returns: | |
| 1500 int: http status code 200 (OK) | |
| 1501 dict: | |
| 1502 status (string): 'ok' | |
| 1503 count (int): number of deleted objects | |
| 1504 """ | |
| 5604 | 1505 raise Unauthorised('Deletion of a whole class disabled') |
|
5740
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
1506 ''' Hide original code to silence pylint. |
|
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
1507 Leave it here in case we need to re-enable. |
|
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
1508 FIXME: Delete in December 2020 if not used. |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1509 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1510 raise NotFound('Class %s not found' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1511 if not self.db.security.hasPermission( |
| 5604 | 1512 'Retire', self.db.getuid(), class_name |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1513 ): |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1514 raise Unauthorised('Permission to delete %s denied' % class_name) |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1515 |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1516 class_obj = self.db.getclass(class_name) |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1517 for item_id in class_obj.list(): |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1518 if not self.db.security.hasPermission( |
| 5604 | 1519 'Retire', self.db.getuid(), class_name, itemid=item_id |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1520 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1521 raise Unauthorised( |
| 5604 | 1522 'Permission to retire %s %s denied' % (class_name, item_id) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1523 ) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1524 |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1525 count = len(class_obj.list()) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1526 for item_id in class_obj.list(): |
| 5604 | 1527 class_obj.retire (item_id) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1528 |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1529 self.db.commit() |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1530 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1531 'status': 'ok', |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1532 'count': count |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1533 } |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1534 |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1535 return 200, result |
|
5740
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
1536 ''' |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1537 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1538 @Routing.route("/data/<:class_name>/<:item_id>", 'DELETE') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1539 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1540 def delete_element(self, class_name, item_id, input_payload): |
| 5604 | 1541 """DELETE (retire) an object in a class |
| 5582 | 1542 |
| 1543 Args: | |
| 1544 class_name (string): class name of the resource (Ex: issue, msg) | |
| 1545 item_id (string): id of the resource (Ex: 12, 15) | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1546 input_payload (list): the submitted form of the user |
| 5582 | 1547 |
| 1548 Returns: | |
| 1549 int: http status code 200 (OK) | |
| 1550 dict: | |
| 1551 status (string): 'ok' | |
| 1552 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1553 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1554 raise NotFound('Class %s not found' % class_name) |
| 5998 | 1555 class_obj = self.db.classes[class_name] |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1556 if not self.db.security.hasPermission( |
| 5604 | 1557 'Retire', self.db.getuid(), class_name, itemid=item_id |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1558 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1559 raise Unauthorised( |
| 5604 | 1560 'Permission to retire %s %s denied' % (class_name, item_id) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1561 ) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1562 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1563 self.raise_if_no_etag(class_name, item_id, input_payload) |
| 5998 | 1564 class_obj.retire(item_id) |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
1565 self.db.commit() |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1566 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1567 'status': 'ok' |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1568 } |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1569 |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1570 return 200, result |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1571 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1572 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'DELETE') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1573 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1574 def delete_attribute(self, class_name, item_id, attr_name, input_payload): |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1575 """DELETE an attribute in a object by setting it to None or empty |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1576 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1577 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1578 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1579 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1580 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1581 input_payload (list): the submitted form of the user |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1582 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1583 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1584 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1585 dict: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1586 status (string): 'ok' |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1587 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1588 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1589 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1590 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1591 'Edit', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1592 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1593 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1594 'Permission to delete %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1595 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1596 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1597 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1598 class_obj = self.db.getclass(class_name) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1599 if attr_name not in class_obj.getprops(protected=False): |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1600 if attr_name in class_obj.getprops(protected=True): |
| 5998 | 1601 raise AttributeError("Attribute '%s' can not be deleted " |
| 1602 "for class %s." % (attr_name, class_name)) | |
|
8203
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
1603 raise UsageError("Attribute '%s' not valid for class %s." % ( |
|
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
1604 attr_name, class_name)) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1605 if attr_name in class_obj.get_required_props(): |
| 5998 | 1606 raise UsageError("Attribute '%s' is required by class %s and can not be deleted." % ( |
|
5740
abbea26a11df
Clean up pylint reports of unused modules, duplicate imports, indent
John Rouillard <rouilj@ieee.org>
parents:
5732
diff
changeset
|
1607 attr_name, class_name)) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1608 props = {} |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1609 prop_obj = class_obj.get(item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1610 if isinstance(prop_obj, list): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1611 props[attr_name] = [] |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1612 else: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1613 props[attr_name] = None |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1614 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1615 try: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1616 self.raise_if_no_etag(class_name, item_id, input_payload) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1617 class_obj.set(item_id, **props) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1618 self.db.commit() |
| 5602 | 1619 except (TypeError, IndexError, ValueError) as message: |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1620 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1621 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1622 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1623 # and changing invalid keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1624 raise UsageError(message) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1625 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1626 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1627 'status': 'ok' |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1628 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1629 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1630 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1631 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1632 @Routing.route("/data/<:class_name>/<:item_id>", 'PATCH') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1633 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1634 def patch_element(self, class_name, item_id, input_payload): |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1635 """PATCH an object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1636 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1637 Patch an element using 3 operators |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1638 ADD : Append new value to the object's attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1639 REPLACE: Replace object's attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1640 REMOVE: Clear object's attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1641 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1642 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1643 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1644 item_id (string): id of the resource (Ex: 12, 15) |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1645 input_payload (list): the submitted form of the user |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1646 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1647 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1648 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1649 dict: a dictionary represents the modified object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1650 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1651 type: class name of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1652 link: link to the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1653 attributes: a dictionary represent only changed attributes of |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1654 the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1655 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1656 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1657 raise NotFound('Class %s not found' % class_name) |
|
5580
d5a54b1851aa
Add default op action for Patch
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5579
diff
changeset
|
1658 try: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1659 op = input_payload['@op'].value.lower() |
|
5580
d5a54b1851aa
Add default op action for Patch
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5579
diff
changeset
|
1660 except KeyError: |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
1661 op = self.__default_patch_op |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1662 class_obj = self.db.getclass(class_name) |
|
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1663 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1664 self.raise_if_no_etag(class_name, item_id, input_payload) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1665 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1666 # if patch operation is action, call the action handler |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1667 action_args = [class_name + item_id] |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1668 if op == 'action': |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1669 # extract action_name and action_args from form fields |
|
5926
3ca3bfe6de16
Code-robustness, error-message improved
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5904
diff
changeset
|
1670 name = None |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1671 for form_field in input_payload.value: |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1672 key = form_field.name |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1673 value = form_field.value |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
1674 if key == "@action_name": |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1675 name = value |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
1676 elif key.startswith('@action_args'): |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1677 action_args.append(value) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1678 |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1679 if name in self.actions: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1680 action_type = self.actions[name] |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1681 else: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1682 raise UsageError( |
|
5926
3ca3bfe6de16
Code-robustness, error-message improved
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5904
diff
changeset
|
1683 'action "%s" is not supported, allowed: %s' % |
|
3ca3bfe6de16
Code-robustness, error-message improved
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5904
diff
changeset
|
1684 (name, ', '.join(self.actions.keys())) |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1685 ) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1686 action = action_type(self.db, self.translator) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1687 result = action.execute(*action_args) |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1688 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1689 result = { |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1690 'id': item_id, |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1691 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1692 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1693 'result': result |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1694 } |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1695 else: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1696 # else patch operation is processing data |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1697 props = self.props_from_args(class_obj, input_payload.value, item_id, |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1698 skip_protected=False) |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1699 |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1700 required_props = class_obj.get_required_props() |
| 5602 | 1701 for prop in props: |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1702 if not self.db.security.hasPermission( |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1703 'Edit', self.db.getuid(), class_name, prop, item_id |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1704 ): |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1705 raise Unauthorised( |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1706 'Permission to edit %s of %s%s denied' % |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1707 (prop, class_name, item_id) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1708 ) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1709 if op == 'remove' and prop in required_props: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1710 raise UsageError( |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1711 "Attribute '%s' is required by class %s " |
| 5998 | 1712 "and can not be removed." % (prop, class_name) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1713 ) |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1714 |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1715 props[prop] = self.patch_data( |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1716 op, class_obj.get(item_id, prop), props[prop] |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1717 ) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1718 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1719 try: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1720 result = class_obj.set(item_id, **props) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1721 self.db.commit() |
| 5602 | 1722 except (TypeError, IndexError, ValueError) as message: |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1723 raise ValueError(message) |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1724 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1725 result = { |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1726 'id': item_id, |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1727 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1728 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1729 'attribute': result |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1730 } |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1731 return 200, result |
|
5557
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
1732 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1733 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PATCH') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1734 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1735 def patch_attribute(self, class_name, item_id, attr_name, input_payload): |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1736 """PATCH an attribute of an object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1737 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1738 Patch an element using 3 operators |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1739 ADD : Append new value to the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1740 REPLACE: Replace attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1741 REMOVE: Clear attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1742 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1743 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1744 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1745 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1746 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1747 input_payload (list): the submitted form of the user |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1748 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1749 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1750 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1751 dict: a dictionary represents the modified object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1752 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1753 type: class name of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1754 link: link to the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1755 attributes: a dictionary represent only changed attributes of |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1756 the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1757 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1758 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1759 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1760 try: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1761 op = input_payload['@op'].value.lower() |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1762 except KeyError: |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
1763 op = self.__default_patch_op |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1764 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1765 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1766 'Edit', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1767 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1768 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1769 'Permission to edit %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1770 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1771 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1772 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1773 prop = attr_name |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1774 class_obj = self.db.getclass(class_name) |
|
8203
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
1775 if (attr_name not in class_obj.getprops(protected=False) and |
|
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
1776 attr_name in class_obj.getprops(protected=True)): |
| 5998 | 1777 raise AttributeError("Attribute '%s' can not be updated " |
| 1778 "for class %s." % (attr_name, class_name)) | |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1779 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1780 self.raise_if_no_etag(class_name, item_id, input_payload) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1781 |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1782 props = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1783 prop: self.prop_from_arg( |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1784 class_obj, prop, input_payload['data'].value, item_id |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1785 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1786 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1787 |
|
5595
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
1788 props[prop] = self.patch_data( |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
1789 op, class_obj.get(item_id, prop), props[prop] |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
1790 ) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1791 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1792 try: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1793 result = class_obj.set(item_id, **props) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1794 self.db.commit() |
| 5602 | 1795 except (TypeError, IndexError, ValueError) as message: |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1796 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1797 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1798 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1799 # and changing invalid keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1800 raise UsageError(message) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1801 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1802 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1803 'id': item_id, |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1804 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1805 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1806 'attribute': result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1807 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1808 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1809 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1810 @Routing.route("/data/<:class_name>", 'OPTIONS') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1811 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1812 def options_collection(self, class_name, input_payload): |
| 5582 | 1813 """OPTION return the HTTP Header for the class uri |
| 1814 | |
| 1815 Returns: | |
| 1816 int: http status code 204 (No content) | |
| 1817 body (string): an empty string | |
| 1818 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1819 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1820 raise NotFound('Class %s not found' % class_name) |
| 5702 | 1821 self.client.setHeader( |
| 1822 "Allow", | |
| 1823 "OPTIONS, GET, POST" | |
| 1824 ) | |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1825 |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1826 self.client.setHeader( |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1827 "Access-Control-Allow-Methods", |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1828 "OPTIONS, GET, POST" |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1829 ) |
| 5575 | 1830 return 204, "" |
| 1831 | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1832 @Routing.route("/data/<:class_name>/<:item_id>", 'OPTIONS') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1833 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1834 def options_element(self, class_name, item_id, input_payload): |
| 5582 | 1835 """OPTION return the HTTP Header for the object uri |
| 1836 | |
| 1837 Returns: | |
| 1838 int: http status code 204 (No content) | |
| 1839 body (string): an empty string | |
| 1840 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1841 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1842 raise NotFound('Class %s not found' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1843 self.client.setHeader( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1844 "Accept-Patch", |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1845 "application/x-www-form-urlencoded, multipart/form-data" |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1846 ) |
| 5702 | 1847 self.client.setHeader( |
| 1848 "Allow", | |
| 1849 "OPTIONS, GET, PUT, DELETE, PATCH" | |
| 1850 ) | |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1851 self.client.setHeader( |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1852 "Access-Control-Allow-Methods", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1853 "OPTIONS, GET, PUT, DELETE, PATCH" |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1854 ) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1855 return 204, "" |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1856 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1857 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'OPTIONS') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1858 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1859 def option_attribute(self, class_name, item_id, attr_name, input_payload): |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1860 """OPTION return the HTTP Header for the attribute uri |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1861 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1862 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1863 int: http status code 204 (No content) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1864 body (string): an empty string |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1865 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1866 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1867 raise NotFound('Class %s not found' % class_name) |
| 5702 | 1868 class_obj = self.db.getclass(class_name) |
| 1869 if attr_name in class_obj.getprops(protected=False): | |
| 1870 self.client.setHeader( | |
| 1871 "Accept-Patch", | |
| 1872 "application/x-www-form-urlencoded, multipart/form-data" | |
| 1873 ) | |
| 1874 self.client.setHeader( | |
| 1875 "Allow", | |
| 1876 "OPTIONS, GET, PUT, DELETE, PATCH" | |
| 1877 ) | |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1878 self.client.setHeader( |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1879 "Access-Control-Allow-Methods", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1880 "OPTIONS, GET, PUT, DELETE, PATCH" |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1881 ) |
| 5702 | 1882 elif attr_name in class_obj.getprops(protected=True): |
| 1883 # It must match a protected prop. These can't be written. | |
| 1884 self.client.setHeader( | |
| 1885 "Allow", | |
| 1886 "OPTIONS, GET" | |
| 1887 ) | |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1888 self.client.setHeader( |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1889 "Access-Control-Allow-Methods", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1890 "OPTIONS, GET" |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
1891 ) |
| 5702 | 1892 else: |
| 5998 | 1893 raise NotFound('Attribute %s not valid for Class %s' % ( |
| 1894 attr_name, class_name)) | |
| 5575 | 1895 return 204, "" |
| 1896 | |
| 6926 | 1897 @openapi_doc({ |
| 1898 "summary": "Describe Roundup rest endpoint.", | |
| 1899 "description": ( | |
| 1900 "Report all supported api versions " | |
| 1901 "and default api version. " | |
| 1902 "Also report next level of link " | |
| 1903 "endpoints below /rest endpoint"), | |
| 1904 "responses": { | |
| 1905 "200": { | |
| 1906 "description": "Successful response.", | |
| 1907 "content": { | |
| 1908 "application/json": { | |
| 1909 "examples": { | |
| 1910 "success": { | |
| 1911 "summary": "Normal json data.", | |
| 1912 "value": """ | |
| 1913 { | |
| 1914 "data": { | |
| 1915 "default_version": 1, | |
| 1916 "supported_versions": [ 1 ], | |
| 1917 "links": [ | |
| 1918 { | |
| 1919 "uri": "https://tracker.example.com/demo/rest", | |
| 1920 "rel": "self" | |
| 1921 }, | |
| 1922 { | |
| 1923 "uri": "https://tracker.example.com/demo/rest/data", | |
| 1924 "rel": "data" | |
| 1925 }, | |
| 1926 { | |
| 1927 "uri": "https://tracker.example.com/demo/rest/summary", | |
| 1928 "rel": "summary" | |
| 1929 } | |
| 1930 ] | |
| 1931 } | |
| 1932 }""" | |
| 1933 } | |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1934 } |
| 6926 | 1935 }, |
| 1936 "application/xml": { | |
| 1937 "examples": { | |
| 1938 "success": { | |
| 1939 "summary": "Normal xml data", | |
| 1940 "value": """ | |
| 1941 <dataf type="dict"> | |
| 1942 <default_version type="int">1</default_version> | |
| 1943 <supported_versions type="list"> | |
| 1944 <item type="int">1</item> | |
| 1945 </supported_versions> | |
| 1946 <links type="list"> | |
| 1947 <item type="dict"> | |
| 1948 <uri type="str">https://rouilj.dynamic-dns.net/sysadmin/rest</uri> | |
| 1949 <rel type="str">self</rel> | |
| 1950 </item> | |
| 1951 <item type="dict"> | |
| 1952 <uri type="str">https://rouilj.dynamic-dns.net/sysadmin/rest/data</uri> | |
| 1953 <rel type="str">data</rel> | |
| 1954 </item> | |
| 1955 <item type="dict"> | |
| 1956 <uri type="str">https://rouilj.dynamic-dns.net/sysadmin/rest/summary</uri> | |
| 1957 <rel type="str">summary</rel> | |
| 1958 </item> | |
| 1959 <item type="dict"> | |
| 1960 <uri type="str">https://rouilj.dynamic-dns.net/sysadmin/rest/summary2</uri> | |
| 1961 <rel type="str">summary2</rel> | |
| 1962 </item> | |
| 1963 </links> | |
| 1964 </dataf>""" | |
| 1965 } | |
| 1966 } | |
| 1967 } | |
| 1968 } | |
| 1969 } | |
| 1970 } | |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1971 } |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1972 ) |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1973 @Routing.route("/") |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1974 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
1975 def describe(self, input_payload): |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1976 """Describe the rest endpoint. Return direct children in |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1977 links list. |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1978 """ |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1979 |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1980 # paths looks like ['^rest/$', '^rest/summary$', |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1981 # '^rest/data/<:class>$', ...] |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1982 paths = Routing._Routing__route_map.keys() |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1983 |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1984 links = [] |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1985 # p[1:-1] removes ^ and $ from regexp |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1986 # if p has only 1 /, it's a child of rest/ root. |
| 6926 | 1987 child_paths = sorted([p[1:-1] for p in paths if |
| 1988 p.count('/') == 1]) | |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1989 for p in child_paths: |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1990 # p.split('/')[1] is the residual path after |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1991 # removing rest/. child_paths look like: |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1992 # ['rest/', 'rest/summary'] etc. |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1993 rel = p.split('/')[1] |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1994 if rel: |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1995 rel_path = "/" + rel |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1996 else: |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1997 rel_path = rel |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
1998 rel = "self" |
| 6926 | 1999 links.append({"uri": self.base_path + rel_path, |
| 2000 "rel": rel}) | |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
2001 |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2002 result = { |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
2003 "default_version": self.__default_api_version, |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
2004 "supported_versions": self.__supported_api_versions, |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
2005 "links": links |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2006 } |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2007 |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2008 return 200, result |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2009 |
|
6384
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2010 @Routing.route("/", 'OPTIONS') |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2011 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2012 def options_describe(self, input_payload): |
|
6384
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2013 """OPTION return the HTTP Header for the root |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2014 |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2015 Returns: |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2016 int: http status code 204 (No content) |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2017 body (string): an empty string |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2018 """ |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2019 self.client.setHeader( |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2020 "Allow", |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2021 "OPTIONS, GET" |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2022 ) |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2023 self.client.setHeader( |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2024 "Access-Control-Allow-Methods", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2025 "OPTIONS, GET" |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2026 ) |
|
6384
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2027 return 204, "" |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2028 |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2029 @Routing.route("/data") |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2030 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2031 def data(self, input_payload): |
| 5658 | 2032 """Describe the subelements of data |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2033 |
| 5658 | 2034 One entry for each class the user may view |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2035 """ |
| 5658 | 2036 result = {} |
| 5998 | 2037 uid = self.db.getuid() |
| 2038 for cls in sorted(self.db.classes): | |
| 2039 if self.db.security.hasPermission('View', uid, cls): | |
|
8201
d5ad7fcb9bf6
chore(ruff): replace dict(...) with equivalent {...}
John Rouillard <rouilj@ieee.org>
parents:
8199
diff
changeset
|
2040 result[cls] = {"link": self.base_path + '/data/' + cls} |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2041 return 200, result |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
2042 |
|
6384
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2043 @Routing.route("/data", 'OPTIONS') |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2044 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2045 def options_data(self, input_payload): |
|
6384
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2046 """OPTION return the HTTP Header for the /data element |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2047 |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2048 Returns: |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2049 int: http status code 204 (No content) |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2050 body (string): an empty string |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2051 """ |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2052 self.client.setHeader( |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2053 "Allow", |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2054 "OPTIONS, GET" |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2055 ) |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2056 self.client.setHeader( |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2057 "Access-Control-Allow-Methods", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2058 "OPTIONS, GET" |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2059 ) |
|
6384
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2060 return 204, "" |
|
66a061e52435
Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents:
6349
diff
changeset
|
2061 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
2062 @Routing.route("/summary") |
| 5596 | 2063 @_data_decorator |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2064 def summary(self, input_payload): |
| 5596 | 2065 """Get a summary of resource from class URI. |
| 2066 | |
| 2067 This function returns only items have View permission | |
| 2068 class_name should be valid already | |
| 2069 | |
| 2070 Args: | |
| 2071 class_name (string): class name of the resource (Ex: issue, msg) | |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2072 input_payload (list): the submitted form of the user |
| 5596 | 2073 |
| 2074 Returns: | |
| 2075 int: http status code 200 (OK) | |
| 2076 list: | |
| 2077 """ | |
| 2078 if not self.db.security.hasPermission( | |
| 2079 'View', self.db.getuid(), 'issue' | |
| 2080 ) and not self.db.security.hasPermission( | |
| 2081 'View', self.db.getuid(), 'status' | |
| 2082 ) and not self.db.security.hasPermission( | |
| 2083 'View', self.db.getuid(), 'issue' | |
| 2084 ): | |
| 2085 raise Unauthorised('Permission to view summary denied') | |
| 2086 | |
| 2087 old = date.Date('-1w') | |
| 2088 | |
| 2089 created = [] | |
| 2090 summary = {} | |
| 2091 messages = [] | |
| 2092 | |
| 2093 # loop through all the recently-active issues | |
| 2094 for issue_id in self.db.issue.filter(None, {'activity': '-1w;'}): | |
| 2095 num = 0 | |
| 2096 status_name = self.db.status.get( | |
| 2097 self.db.issue.get(issue_id, 'status'), | |
| 2098 'name' | |
| 2099 ) | |
| 2100 issue_object = { | |
| 2101 'id': issue_id, | |
|
5621
39dbe83643c0
Fix path of links in /rest/summary.
John Rouillard <rouilj@ieee.org>
parents:
5620
diff
changeset
|
2102 'link': self.base_path + '/data/issue/' + issue_id, |
| 5596 | 2103 'title': self.db.issue.get(issue_id, 'title') |
| 2104 } | |
|
6009
d56e290ecab7
flake8 cleanups. Rename unused for loop vars argument unpacking.
John Rouillard <rouilj@ieee.org>
parents:
5998
diff
changeset
|
2105 for _x, ts, _uid, action, data in self.db.issue.history(issue_id): |
| 5596 | 2106 if ts < old: |
| 2107 continue | |
| 2108 if action == 'create': | |
| 2109 created.append(issue_object) | |
| 2110 elif action == 'set' and 'messages' in data: | |
| 2111 num += 1 | |
| 2112 summary.setdefault(status_name, []).append(issue_object) | |
| 2113 messages.append((num, issue_object)) | |
| 2114 | |
|
5668
a4bb88a1a643
A fix for https://issues.roundup-tracker.org/issue2551034
John Rouillard <rouilj@ieee.org>
parents:
5662
diff
changeset
|
2115 sorted(messages, key=lambda tup: tup[0], reverse=True) |
| 5596 | 2116 |
| 2117 result = { | |
| 2118 'created': created, | |
| 2119 'summary': summary, | |
| 2120 'most_discussed': messages[:10] | |
| 2121 } | |
| 2122 | |
| 2123 return 200, result | |
| 2124 | |
|
5732
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2125 def getRateLimit(self): |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2126 ''' By default set one rate limit for all users. Values |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2127 for period (in seconds) and count set in config. |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2128 However there is no reason these settings couldn't |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2129 be pulled from the user's entry in the database. So define |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2130 this method to allow a user to change it in the interfaces.py |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2131 to use a field in the user object. |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2132 ''' |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2133 # FIXME verify can override from interfaces.py. |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2134 calls = self.db.config.WEB_API_CALLS_PER_INTERVAL |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2135 interval = self.db.config.WEB_API_INTERVAL_IN_SEC |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2136 if calls and interval: |
| 5998 | 2137 return RateLimit(calls, timedelta(seconds=interval)) |
|
8203
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
2138 |
|
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
2139 # disable rate limiting if either parameter is 0 |
|
ef1333b153e3
chore(ruff): changes to else/elif and nested ifs to reduce nesting
John Rouillard <rouilj@ieee.org>
parents:
8201
diff
changeset
|
2140 return None |
|
5732
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2141 |
|
7605
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2142 def handle_apiRateLimitExceeded(self, apiRateLimit): |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2143 """Determine if the rate limit is exceeded. |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2144 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2145 If not exceeded, return False and the rate limit header values. |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2146 If exceeded, return error message and None |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2147 """ |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2148 gcra = Gcra() |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2149 # unique key is an "ApiLimit-" prefix and the uid) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2150 apiLimitKey = "ApiLimit-%s" % self.db.getuid() |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2151 otk = self.db.Otk |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2152 try: |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2153 val = otk.getall(apiLimitKey) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2154 gcra.set_tat_as_string(apiLimitKey, val['tat']) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2155 except KeyError: |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2156 # ignore if tat not set, it's 1970-1-1 by default. |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2157 pass |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2158 # see if rate limit exceeded and we need to reject the attempt |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2159 reject = gcra.update(apiLimitKey, apiRateLimit) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2160 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2161 # Calculate a timestamp that will make OTK expire the |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2162 # unused entry 1 hour in the future |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2163 ts = otk.lifetime(3600) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2164 otk.set(apiLimitKey, |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2165 tat=gcra.get_tat_as_string(apiLimitKey), |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2166 __timestamp=ts) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2167 otk.commit() |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2168 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2169 limitStatus = gcra.status(apiLimitKey, apiRateLimit) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2170 if not reject: |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2171 return (False, limitStatus) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2172 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2173 for header, value in limitStatus.items(): |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2174 self.client.setHeader(header, value) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2175 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2176 # User exceeded limits: tell humans how long to wait |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2177 # Headers above will do the right thing for api |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2178 # aware clients. |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2179 try: |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2180 retry_after = limitStatus['Retry-After'] |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2181 except KeyError: |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2182 # handle race condition. If the time between |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2183 # the call to grca.update and grca.status |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2184 # is sufficient to reload the bucket by 1 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2185 # item, Retry-After will be missing from |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2186 # limitStatus. So report a 1 second delay back |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2187 # to the client. We treat update as sole |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2188 # source of truth for exceeded rate limits. |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2189 retry_after = '1' |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2190 self.client.setHeader('Retry-After', retry_after) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2191 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2192 msg = _("Api rate limits exceeded. Please wait: %s seconds.") % retry_after |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2193 output = self.error_obj(429, msg, source="ApiRateLimiter") |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2194 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2195 # expose these headers to rest clients. Otherwise they can't |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2196 # respond to: |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2197 # rate limiting (*RateLimit*, Retry-After) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2198 # obsolete API endpoint (Sunset) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2199 # options request to discover supported methods (Allow) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2200 self.client.setHeader( |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2201 "Access-Control-Expose-Headers", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2202 ", ".join([ |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2203 "X-RateLimit-Limit", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2204 "X-RateLimit-Remaining", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2205 "X-RateLimit-Reset", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2206 "X-RateLimit-Limit-Period", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2207 "Retry-After", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2208 "Sunset", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2209 "Allow", |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2210 ]) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2211 ) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2212 |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2213 return (self.format_dispatch_output( |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2214 self.__default_accept_type, |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2215 output, |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2216 True # pretty print for this error case as a |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2217 # human may read it |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2218 ), None) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2219 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2220 def determine_output_format(self, uri): |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2221 """Returns tuple of: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2222 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2223 (format for returned output, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2224 possibly modified uri, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2225 output error object (if error else None)) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2226 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2227 Verify that client is requesting an output we can produce |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2228 with a version we support. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2229 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2230 Only application/json and application/xml (optional) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2231 are currently supported. .vcard might be useful |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2232 in the future for user objects. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2233 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2234 Find format for returned output: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2235 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2236 1) Get format from url extension (.json, .xml) and return |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2237 if invalid return (None, uri, 406 error) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2238 if not found continue |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2239 2) Parse Accept header obeying q values |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2240 if header unparsible return 400 error object. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2241 3) if empty or missing Accept header |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2242 return self.__default_accept_type |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2243 4) match and return best Accept header/version |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2244 this includes matching mime types for file downloads |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2245 using the binary_content property |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2246 if version error found in matching type return 406 error |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2247 5) if no requested format is supported return 406 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2248 error |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2249 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2250 """ |
|
8208
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2251 MAX_MIME_EXTENSION_LENGTH = 11 # application in /etc/mime.types |
|
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2252 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2253 # get the request format for response |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2254 # priority : extension from uri (/rest/data/issue.json) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2255 # only json or xml valid at this time. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2256 # header (Accept: application/json, application/xml) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2257 # default (application/json) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2258 ext_type = os.path.splitext(urlparse(uri).path)[1][1:] |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2259 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2260 # Check to see if the extension matches a value in |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2261 # self.__accepted_content_type. In the future other output |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2262 # such as .vcard for downloading user info can be |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2263 # supported. This method also allow detection of mistyped |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2264 # types like jon for json. Limit extension length to less than |
|
8208
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2265 # MAX_MIME_EXTENSION_LENGTH characters to allow passing JWT |
|
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2266 # via URL path. Could be useful for magic link login method or |
|
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2267 # account recovery workflow, using a JWT with a short |
|
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2268 # expiration time and limited rights (e.g. only password |
|
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2269 # change permission)) |
|
d87350f56100
chore(ruff): use variable not magic number.
John Rouillard <rouilj@ieee.org>
parents:
8207
diff
changeset
|
2270 if ext_type and (len(ext_type) < MAX_MIME_EXTENSION_LENGTH): |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2271 if ext_type not in list(self.__accepted_content_type.values()): |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2272 self.client.response_code = 406 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2273 return (None, uri, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2274 self.error_obj( |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2275 406, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2276 _("Content type '%s' requested in URL is " |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2277 "not available.\nAcceptable types: %s\n") % |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2278 (ext_type, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2279 ", ".join(sorted( |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2280 set(self.__accepted_content_type.values())))))) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2281 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2282 # strip extension so uri makes sense. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2283 # E.G. .../issue.json -> .../issue |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2284 uri = uri[:-(len(ext_type) + 1)] |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2285 return (ext_type, uri, None) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2286 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2287 # parse Accept header and get the content type |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2288 # Acceptable types ordered with preferred one (by q value) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2289 # first in list. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2290 try: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2291 accept_header = parse_accept_header( |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2292 self.client.request.headers.get('Accept') |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2293 ) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2294 except UsageError as e: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2295 self.client.response_code = 406 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2296 return (None, uri, self.error_obj( |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2297 400, _("Unable to parse Accept Header. %(error)s. " |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2298 "Acceptable types: */*, %(acceptable_types)s") % { |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2299 'error': e.args[0], |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2300 'acceptable_types': ", ".join(sorted( |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2301 self.__accepted_content_type.keys()))})) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2302 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2303 if not accept_header: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2304 # we are using the default |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2305 return (self.__default_accept_type, uri, None) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2306 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2307 accept_type = "" |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2308 valid_binary_content_types = [] |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2309 if uri.endswith("/binary_content"): |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2310 request_path = uri |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2311 request_class, request_id = request_path.split('/')[-3:-1] |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2312 try: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2313 designator_type = self.db.getclass( |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2314 request_class).get(request_id, "type") |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2315 except (KeyError, IndexError): |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2316 # class (KeyError) or |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2317 # id (IndexError) does not exist |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2318 # Return unknown mime type and no error. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2319 # The 400/404 error will be thrown by other code. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2320 return (None, uri, None) |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2321 |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2322 if designator_type: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2323 # put this first as we usually require exact mime |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2324 # type match and this will be matched most often. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2325 # Also for text/* Accept header it will be returned. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2326 valid_binary_content_types.append(designator_type) |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2327 |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2328 if not designator_type or designator_type.startswith('text/'): |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2329 # allow text/* as msg items can have empty type field |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2330 # also match text/* for text/plain, text/x-rst, |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2331 # text/markdown, text/html etc. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2332 valid_binary_content_types.append("text/*") |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2333 |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2334 # Octet-stream should be allowed for any content. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2335 # client.py sets 'X-Content-Type-Options: nosniff' |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2336 # for file downloads (sendfile) via the html interface, |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2337 # so we should be able to set it in this code as well. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2338 valid_binary_content_types.append("application/octet-stream") |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2339 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2340 for part in accept_header: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2341 if accept_type: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2342 # we accepted the best match, stop searching for |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2343 # lower quality matches. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2344 break |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2345 |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2346 # check for structured rest return types (json xml) |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2347 if part[0] in self.__accepted_content_type: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2348 accept_type = self.__accepted_content_type[part[0]] |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2349 # Version order: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2350 # 1) accept header version=X specifier |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2351 # application/vnd.x.y; version=1 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2352 # 2) from type in accept-header type/subtype-vX |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2353 # application/vnd.x.y-v1 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2354 # 3) from @apiver in query string to make browser |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2355 # use easy |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2356 # This code handles 1 and 2. Set api_version to none |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2357 # to trigger @apiver parsing below |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2358 # Places that need the api_version info should |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2359 # use default if version = None |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2360 try: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2361 self.api_version = int(part[1]['version']) |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2362 if self.api_version not in self.__supported_api_versions: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2363 raise ValueError |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2364 except KeyError: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2365 self.api_version = None |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2366 except (ValueError, TypeError): |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2367 self.client.response_code = 406 |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2368 # TypeError if int(None) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2369 msg = _("Unrecognized api version: %s. " |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2370 "See /rest without specifying api version " |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2371 "for supported versions.") % ( |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2372 part[1]['version']) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2373 return (None, uri, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2374 self.error_obj(406, msg)) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2375 |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2376 if part[0] == "*/*": |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2377 if valid_binary_content_types: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2378 self.client.setHeader("X-Content-Type-Options", "nosniff") |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2379 accept_type = valid_binary_content_types[0] |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2380 else: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2381 accept_type = "json" |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2382 |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2383 # check type of binary_content |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2384 if part[0] in valid_binary_content_types: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2385 self.client.setHeader("X-Content-Type-Options", "nosniff") |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2386 accept_type = part[0] |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2387 # handle text wildcard |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2388 if ((part[0] in 'text/*') and |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2389 "text/*" in valid_binary_content_types): |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2390 self.client.setHeader("X-Content-Type-Options", "nosniff") |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2391 # use best choice of mime type, try not to use |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2392 # text/* if there is a real text mime type/subtype. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2393 accept_type = valid_binary_content_types[0] |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2394 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2395 # accept_type will be empty only if there is an Accept header |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2396 # with invalid values. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2397 if accept_type: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2398 return (accept_type, uri, None) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2399 |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2400 if valid_binary_content_types: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2401 return (None, uri, |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2402 self.error_obj( |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2403 406, |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2404 _("Requested content type(s) '%s' not available.\n" |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2405 "Acceptable mime types are: */*, %s") % |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2406 (self.client.request.headers.get('Accept'), |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2407 ", ".join(sorted( |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2408 valid_binary_content_types))))) |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2409 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2410 return (None, uri, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2411 self.error_obj( |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2412 406, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2413 _("Requested content type(s) '%s' not available.\n" |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2414 "Acceptable mime types are: */*, %s") % |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2415 (self.client.request.headers.get('Accept'), |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2416 ", ".join(sorted( |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2417 self.__accepted_content_type.keys()))))) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2418 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2419 def dispatch(self, method, uri, input_payload): |
| 5582 | 2420 """format and process the request""" |
|
5732
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2421 output = None |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2422 |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2423 # Before we do anything has the user hit the rate limit. |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2424 |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2425 # Get the limit here and not in the init() routine to allow |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2426 # for a different rate limit per user. |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2427 apiRateLimit = self.getRateLimit() |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2428 |
|
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2429 if apiRateLimit: # if None, disable rate limiting |
|
7605
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2430 LimitExceeded, limitStatus = self.handle_apiRateLimitExceeded( |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2431 apiRateLimit) |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2432 if LimitExceeded: |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2433 return LimitExceeded # error message |
|
7595
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2434 |
|
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2435 for header, value in limitStatus.items(): |
|
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2436 # Retry-After will be 0 because |
|
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2437 # user still has quota available. |
|
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2438 # Don't put out the header. |
|
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2439 if header in ('Retry-After',): |
|
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2440 continue |
|
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2441 self.client.setHeader(header, value) |
|
5732
0e6ed3d72f92
Rest rate limiting code first commit. It is a bit rough and turned off
John Rouillard <rouilj@ieee.org>
parents:
5731
diff
changeset
|
2442 |
| 5574 | 2443 # if X-HTTP-Method-Override is set, follow the override method |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
2444 headers = self.client.request.headers |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2445 # Never allow GET to be an unsafe operation (i.e. data changing). |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2446 # User must use POST to "tunnel" DELETE, PUT, OPTIONS etc. |
|
5650
e8ca7072c629
Fix Python 3 issues in REST code.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5646
diff
changeset
|
2447 override = headers.get('X-HTTP-Method-Override') |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2448 if override: |
|
5730
4aa26a9f3b47
Tighten up use of X-HTTP-Method-Override to only work with POST.
John Rouillard <rouilj@ieee.org>
parents:
5729
diff
changeset
|
2449 if method.upper() == 'POST': |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2450 logger.debug( |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2451 'Method overridden from %s to %s', method, override) |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2452 method = override |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2453 else: |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2454 output = self.error_obj(400, |
|
5730
4aa26a9f3b47
Tighten up use of X-HTTP-Method-Override to only work with POST.
John Rouillard <rouilj@ieee.org>
parents:
5729
diff
changeset
|
2455 "X-HTTP-Method-Override: %s must be used with " |
| 5998 | 2456 "POST method not %s." % (override, method.upper())) |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2457 logger.info( |
|
5730
4aa26a9f3b47
Tighten up use of X-HTTP-Method-Override to only work with POST.
John Rouillard <rouilj@ieee.org>
parents:
5729
diff
changeset
|
2458 'Ignoring X-HTTP-Method-Override using %s request on %s', |
|
4aa26a9f3b47
Tighten up use of X-HTTP-Method-Override to only work with POST.
John Rouillard <rouilj@ieee.org>
parents:
5729
diff
changeset
|
2459 method.upper(), uri) |
|
4aa26a9f3b47
Tighten up use of X-HTTP-Method-Override to only work with POST.
John Rouillard <rouilj@ieee.org>
parents:
5729
diff
changeset
|
2460 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2461 # FIXME: when this method is refactored, change |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2462 # determine_output_format to raise an exception. Catch it here |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2463 # and return early. Also set self.client.response_code from |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2464 # error object['error']['status'] and remove from |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2465 # determine_output_format. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2466 (output_format, uri, error) = self.determine_output_format(uri) |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2467 if error: |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2468 output = error |
|
7596
e5fa31aad344
fix: replace bad reverted code change; allow js rate headers
John Rouillard <rouilj@ieee.org>
parents:
7595
diff
changeset
|
2469 |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2470 if method.upper() == 'OPTIONS': |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2471 # add access-control-allow-* access-control-max-age to support |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2472 # CORS preflight |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2473 self.client.setHeader( |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2474 "Access-Control-Allow-Headers", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2475 "Content-Type, Authorization, X-Requested-With, X-HTTP-Method-Override" |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2476 ) |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2477 # can be overridden by options handlers to provide supported |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2478 # methods for endpoint |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2479 self.client.setHeader( |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2480 "Access-Control-Allow-Methods", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2481 "HEAD, OPTIONS, GET, POST, PUT, DELETE, PATCH" |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2482 ) |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2483 # cache the Access headings for a week. Allows one CORS pre-flight |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2484 # request to be reused again and again. |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2485 self.client.setHeader("Access-Control-Max-Age", "86400") |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2486 |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2487 # response may change based on Origin value. |
| 6926 | 2488 self.client.setVary("Origin") |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2489 |
|
7156
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2490 # expose these headers to rest clients. Otherwise they can't |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2491 # respond to: |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2492 # rate limiting (*RateLimit*, Retry-After) |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2493 # obsolete API endpoint (Sunset) |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2494 # options request to discover supported methods (Allow) |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2495 self.client.setHeader( |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2496 "Access-Control-Expose-Headers", |
|
7173
5159d8ea585a
chore: flake8 formatting fixes
John Rouillard <rouilj@ieee.org>
parents:
7158
diff
changeset
|
2497 ", ".join([ |
|
7156
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2498 "X-RateLimit-Limit", |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2499 "X-RateLimit-Remaining", |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2500 "X-RateLimit-Reset", |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2501 "X-RateLimit-Limit-Period", |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2502 "Retry-After", |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2503 "Sunset", |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2504 "Allow", |
|
7173
5159d8ea585a
chore: flake8 formatting fixes
John Rouillard <rouilj@ieee.org>
parents:
7158
diff
changeset
|
2505 ]) |
|
7156
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2506 ) |
|
6f09103a6522
[issue2551263] expose headers to rest clients
John Rouillard <rouilj@ieee.org>
parents:
7155
diff
changeset
|
2507 |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2508 # Allow-Origin must match origin supplied by client. '*' doesn't |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2509 # work for authenticated requests. |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
2510 self.client.setHeader( |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2511 "Access-Control-Allow-Origin", |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2512 self.client.request.headers.get("Origin") |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
2513 ) |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2514 |
|
7155
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2515 # Allow credentials if origin is acceptable. |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2516 # |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2517 # If Access-Control-Allow-Credentials header not returned, |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2518 # but the client request is made with credentials |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2519 # data will be sent but not made available to the |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2520 # calling javascript in browser. |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2521 # Prevents exposure of data to an invalid origin when |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2522 # credentials are sent by client. |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2523 # |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2524 # If admin puts * first in allowed_api_origins |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2525 # we do not allow credentials but do reflect the origin. |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2526 # This allows anonymous access. |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2527 if self.client.is_origin_header_ok(api=True, credentials=True): |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2528 self.client.setHeader( |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2529 "Access-Control-Allow-Credentials", |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2530 "true" |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2531 ) |
|
89a59e46b3af
improve REST interface security
John Rouillard <rouilj@ieee.org>
parents:
6926
diff
changeset
|
2532 |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2533 # set allow header in case of error. 405 handlers below should |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2534 # replace it with a custom version as will OPTIONS handler |
|
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2535 # doing CORS. |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
2536 self.client.setHeader( |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
2537 "Allow", |
| 5702 | 2538 "OPTIONS, GET, POST, PUT, DELETE, PATCH" |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
2539 ) |
|
6693
9a1f5e496e6c
issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents:
6561
diff
changeset
|
2540 |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2541 # Is there an input_payload.value with format json data? |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2542 # If so turn it into an object that emulates enough |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2543 # of the FieldStorge methods/props to allow a response. |
|
5650
e8ca7072c629
Fix Python 3 issues in REST code.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5646
diff
changeset
|
2544 content_type_header = headers.get('Content-Type', None) |
|
5655
207e0f5d551c
Merge in non-conflicting changes from ba67e397f063
John Rouillard <rouilj@ieee.org>
diff
changeset
|
2545 # python2 is str type, python3 is bytes |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2546 if type(input_payload.value) in (str, bytes) and content_type_header: |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2547 # the structure of a content-type header |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2548 # is complex: mime-type; options(charset ...) |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2549 # for now we just accept application/json. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2550 # FIXME there should be a function: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2551 # parse_content_type_header(content_type_header) |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2552 # that returns a tuple like the Accept header parser. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2553 # Then the test below could use: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2554 # parsed_content_type_header[0].lower() == 'json' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2555 # That way we could handle stuff like: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2556 # application/vnd.roundup-foo+json; charset=UTF8 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2557 # for example. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2558 if content_type_header.lower() == "application/json": |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2559 try: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2560 input_payload = SimulateFieldStorageFromJson(b2s(input_payload.value)) |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2561 except ValueError as msg: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2562 output = self.error_obj(400, msg) |
|
6311
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
2563 else: |
|
8094
8e310a7b5e09
issue2551131 - Return accept-patch if patch body not accepted (415 code)
John Rouillard <rouilj@ieee.org>
parents:
7983
diff
changeset
|
2564 if method.upper() == "PATCH": |
|
8e310a7b5e09
issue2551131 - Return accept-patch if patch body not accepted (415 code)
John Rouillard <rouilj@ieee.org>
parents:
7983
diff
changeset
|
2565 self.client.setHeader("Accept-Patch", |
|
8e310a7b5e09
issue2551131 - Return accept-patch if patch body not accepted (415 code)
John Rouillard <rouilj@ieee.org>
parents:
7983
diff
changeset
|
2566 "application/json, " |
|
8e310a7b5e09
issue2551131 - Return accept-patch if patch body not accepted (415 code)
John Rouillard <rouilj@ieee.org>
parents:
7983
diff
changeset
|
2567 "application/x-www-form-urlencoded") |
| 6926 | 2568 output = self.error_obj(415, |
|
6311
be8d5a8e090a
Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents:
6254
diff
changeset
|
2569 "Unable to process input of type %s" % |
| 6926 | 2570 content_type_header) |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2571 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2572 # check for pretty print |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2573 try: |
|
8194
2ecd1a871993
chore(ruff): replace not a == b with a != b
John Rouillard <rouilj@ieee.org>
parents:
8193
diff
changeset
|
2574 pretty_output = input_payload['@pretty'].value.lower() != "false" |
|
5823
edd9e2c67785
Make REST-API updates work with WSGI
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5808
diff
changeset
|
2575 # Can also return a TypeError ("not indexable") |
|
edd9e2c67785
Make REST-API updates work with WSGI
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5808
diff
changeset
|
2576 # In case the FieldStorage could not parse the result |
|
edd9e2c67785
Make REST-API updates work with WSGI
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5808
diff
changeset
|
2577 except (KeyError, TypeError): |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2578 pretty_output = True |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2579 |
|
6185
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
2580 # check for runtime statistics |
|
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
2581 try: |
|
6561
01a5dd90286e
Remove unused report_stats
John Rouillard <rouilj@ieee.org>
parents:
6559
diff
changeset
|
2582 # self.report_stats initialized to False |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2583 self.report_stats = input_payload['@stats'].value.lower() == "true" |
|
6185
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
2584 # Can also return a TypeError ("not indexable") |
|
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
2585 # In case the FieldStorage could not parse the result |
|
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
2586 except (KeyError, TypeError): |
|
6561
01a5dd90286e
Remove unused report_stats
John Rouillard <rouilj@ieee.org>
parents:
6559
diff
changeset
|
2587 pass |
|
6185
1cb2375015f0
Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents:
6111
diff
changeset
|
2588 |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
2589 # check for @apiver in query string |
|
6510
d5a3fe9ac12d
Make error message for bad apiver a little better.
John Rouillard <rouilj@ieee.org>
parents:
6509
diff
changeset
|
2590 msg = _("Unrecognized api version: %s. " |
|
d5a3fe9ac12d
Make error message for bad apiver a little better.
John Rouillard <rouilj@ieee.org>
parents:
6509
diff
changeset
|
2591 "See /rest without specifying api version " |
| 5998 | 2592 "for supported versions.") |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
2593 try: |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2594 # FIXME: the version priority here is different |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2595 # from accept header. accept mime type in url |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2596 # takes priority over Accept header. Opposite here. |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
2597 if not self.api_version: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2598 self.api_version = int(input_payload['@apiver'].value) |
|
5823
edd9e2c67785
Make REST-API updates work with WSGI
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5808
diff
changeset
|
2599 # Can also return a TypeError ("not indexable") |
|
edd9e2c67785
Make REST-API updates work with WSGI
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5808
diff
changeset
|
2600 # In case the FieldStorage could not parse the result |
|
edd9e2c67785
Make REST-API updates work with WSGI
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5808
diff
changeset
|
2601 except (KeyError, TypeError): |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
2602 self.api_version = None |
|
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
2603 except ValueError: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2604 output = self.error_obj(406, msg % input_payload['@apiver'].value) |
|
5711
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2605 |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2606 # by this time the API version is set. Error if we don't |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2607 # support it? |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2608 if self.api_version is None: |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2609 # FIXME: do we need to raise an error if client did not specify |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2610 # version? This may be a good thing to require. Note that: |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2611 # Accept: application/json; version=1 may not be legal but.... |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2612 # Use default if not specified for now. |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2613 self.api_version = self.__default_api_version |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2614 elif self.api_version not in self.__supported_api_versions: |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2615 output = self.error_obj(406, msg % self.api_version) |
|
5711
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
2616 |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
2617 # sadly del doesn't work on FieldStorage which can be the type of |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2618 # input_payload. So we have to ignore keys starting with @ at other |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
2619 # places in the code. |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
2620 # else: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2621 # del(input_payload['@apiver']) |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
2622 |
| 5582 | 2623 # Call the appropriate method |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
2624 try: |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2625 # If output was defined by a prior error |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2626 # condition skip call |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
2627 if not output: |
|
8188
e5362f8e1808
chore(ruff): rename input and id parms/vars - don't shadow builtin
John Rouillard <rouilj@ieee.org>
parents:
8180
diff
changeset
|
2628 output = Routing.execute(self, uri, method, input_payload) |
| 5602 | 2629 except NotFound as msg: |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
2630 output = self.error_obj(404, msg) |
| 5602 | 2631 except Reject as msg: |
|
6525
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
2632 output = self.error_obj(405, msg.args[0]) |
|
c505c774a94d
Mutiple changes to REST code.
John Rouillard <rouilj@ieee.org>
parents:
6517
diff
changeset
|
2633 self.client.setHeader("Allow", msg.args[1]) |
|
5567
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
2634 |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2635 return self.format_dispatch_output(output_format, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2636 output, |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2637 pretty_output) |
|
7595
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2638 |
|
7605
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2639 def format_dispatch_output(self, accept_mime_type, output, |
|
5b3ecdfd77f7
refactor(api): extract api rate limit handling; add default val
John Rouillard <rouilj@ieee.org>
parents:
7597
diff
changeset
|
2640 pretty_print=True): |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
2641 # Format the content type |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2642 # if accept_mime_type is None, the client specified invalid |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2643 # mime types so we default to json output. |
|
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2644 if accept_mime_type == "json" or accept_mime_type is None: |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
2645 self.client.setHeader("Content-Type", "application/json") |
|
7595
26ef5054e510
refactor(api): early return if REST rate limit is exceeded
John Rouillard <rouilj@ieee.org>
parents:
7569
diff
changeset
|
2646 if pretty_print: |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
2647 indent = 4 |
| 5574 | 2648 else: |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
2649 indent = None |
|
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
2650 output = RoundupJSONEncoder(indent=indent).encode(output) |
|
8177
2967f37e73e4
refactor: issue2551289. invalid REST Accept header stops request
John Rouillard <rouilj@ieee.org>
parents:
8126
diff
changeset
|
2651 elif accept_mime_type == "xml" and dicttoxml: |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
2652 self.client.setHeader("Content-Type", "application/xml") |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2653 if 'error' in output: |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2654 # capture values in error with types unsupported |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2655 # by dicttoxml e.g. an exception, into something it |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2656 # can handle |
|
8207
894eabf95385
chore(ruff): sort imports.
John Rouillard <rouilj@ieee.org>
parents:
8206
diff
changeset
|
2657 import collections |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2658 import numbers |
| 5998 | 2659 for key, val in output['error'].items(): |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2660 if isinstance(val, numbers.Number) or type(val) in \ |
|
8205
4993e122235e
chore(ruff): suppress combine branches with one or expression
John Rouillard <rouilj@ieee.org>
parents:
8204
diff
changeset
|
2661 (str, unicode): # noqa: SIM114 |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2662 pass |
|
8205
4993e122235e
chore(ruff): suppress combine branches with one or expression
John Rouillard <rouilj@ieee.org>
parents:
8204
diff
changeset
|
2663 elif hasattr(val, 'isoformat'): # datetime # noqa: SIM114 |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2664 pass |
|
8205
4993e122235e
chore(ruff): suppress combine branches with one or expression
John Rouillard <rouilj@ieee.org>
parents:
8204
diff
changeset
|
2665 elif type(val) is bool: # noqa: SIM114 |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2666 pass |
|
8205
4993e122235e
chore(ruff): suppress combine branches with one or expression
John Rouillard <rouilj@ieee.org>
parents:
8204
diff
changeset
|
2667 elif isinstance(val, dict): # noqa: SIM114 |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2668 pass |
|
8205
4993e122235e
chore(ruff): suppress combine branches with one or expression
John Rouillard <rouilj@ieee.org>
parents:
8204
diff
changeset
|
2669 elif isinstance(val, collections.Iterable): # noqa: SIM114 |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2670 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2671 elif val is None: |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2672 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2673 else: |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2674 output['error'][key] = str(val) |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2675 |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2676 output = '<?xml version="1.0" encoding="UTF-8" ?>\n' + \ |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
2677 b2s(dicttoxml(output, root=False)) |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2678 elif accept_mime_type: |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2679 self.client.setHeader("Content-Type", accept_mime_type) |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2680 # do not send etag when getting binary_content. The ETag |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2681 # is for the item not the content of the item. So the ETag |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2682 # can change even though the content is the same. Since |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2683 # content is immutable by default, the client shouldn't |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2684 # need the etag for writing. |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2685 self.client.setHeader("ETag", None) |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2686 return output['data']['data'] |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
2687 else: |
|
8180
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2688 self.client.response_code = 500 |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2689 output = _("Internal error while formatting response.\n" |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2690 "accept_mime_type is not defined. This should\n" |
|
d02ce1d14acd
feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint.
John Rouillard <rouilj@ieee.org>
parents:
8177
diff
changeset
|
2691 "never happen\n") |
|
5557
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
2692 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
2693 # Make output json end in a newline to |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
2694 # separate from following text in logs etc.. |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
2695 return bs2b(output + "\n") |
|
5566
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2696 |
|
5567
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
2697 |
|
5566
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2698 class RoundupJSONEncoder(json.JSONEncoder): |
| 5582 | 2699 """RoundupJSONEncoder overrides the default JSONEncoder to handle all |
| 2700 types of the object without returning any error""" | |
|
5566
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2701 def default(self, obj): |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2702 try: |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2703 result = json.JSONEncoder.default(self, obj) |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2704 except TypeError: |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2705 result = str(obj) |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
2706 return result |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2707 |
| 5998 | 2708 |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2709 class SimulateFieldStorageFromJson(): |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2710 ''' |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
2711 The internals of the rest interface assume the data was sent as |
|
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
2712 application/x-www-form-urlencoded. So we should have a |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2713 FieldStorage and MiniFieldStorage structure. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2714 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2715 However if we want to handle json data, we need to: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2716 1) create the Fieldstorage/MiniFieldStorage structure |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2717 or |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2718 2) simultate the interface parts of FieldStorage structure |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2719 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2720 To do 2, create a object that emulates the: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2721 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2722 object['prop'].value |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2723 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2724 references used when accessing a FieldStorage structure. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2725 |
|
5690
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
2726 That's what this class does with all names and values as native |
|
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
2727 strings. Note that json is UTF-8, so we convert any unicode to |
|
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
2728 string. |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2729 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2730 ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2731 def __init__(self, json_string): |
|
8218
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2732 '''Parse the json string into an internal dict. |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2733 |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2734 Because spec for rest post once exactly (POE) shows |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2735 posting empty content. An empty string results in an empty |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2736 dict, not a json parse error. |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2737 ''' |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2738 def raise_error_on_constant(x): |
| 5998 | 2739 raise ValueError("Unacceptable number: %s" % x) |
|
8218
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2740 if json_string == "": |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2741 self.json_dict = {} |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2742 self.value = None |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2743 return |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2744 |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
2745 try: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
2746 self.json_dict = json.loads(json_string, |
| 5998 | 2747 parse_constant=raise_error_on_constant) |
| 2748 self.value = [self.FsValue(index, self.json_dict[index]) | |
|
8194
2ecd1a871993
chore(ruff): replace not a == b with a != b
John Rouillard <rouilj@ieee.org>
parents:
8193
diff
changeset
|
2749 for index in self.json_dict] |
|
8218
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2750 except (json.decoder.JSONDecodeError, ValueError) as e: |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2751 raise ValueError(e.args[0] + ". JSON is: " + json_string) |
|
32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
John Rouillard <rouilj@ieee.org>
parents:
8213
diff
changeset
|
2752 |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2753 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2754 class FsValue: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2755 '''Class that does nothing but response to a .value property ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2756 def __init__(self, name, val): |
| 5998 | 2757 self.name = u2s(name) |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
2758 if is_us(val): |
|
5690
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
2759 # handle most common type first |
| 5998 | 2760 self.value = u2s(val) |
| 2761 elif isinstance(val, type([])): | |
| 2762 # then lists of strings | |
| 2763 self.value = [u2s(v) for v in val] | |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
2764 else: |
|
5690
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
2765 # then stringify anything else (int, float) |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
2766 self.value = str(val) |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2767 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2768 def __getitem__(self, index): |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2769 '''Return an FsValue created from the value of self.json_dict[index] |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2770 ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2771 return self.FsValue(index, self.json_dict[index]) |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2772 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2773 def __contains__(self, index): |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2774 ''' implement: 'foo' in DICT ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
2775 return index in self.json_dict |