Mercurial > p > roundup > code

annotate doc/rest.txt @ 7605:5b3ecdfd77f7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
refactor(api): extract api rate limit handling; add default val Add handle_apiRateLimitExceeded to simplify dispatch() method. Add default value for pretty_print=True to format_dispatch_output.
author John Rouillard <rouilj@ieee.org>
date Wed, 16 Aug 2023 13:35:25 -0400
parents 5a8a41a2e3c8
children c5307dc0e8c6
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6586
24e2eeb2ed9a Add meta description to some doc pages.
John Rouillard <rouilj@ieee.org>
parents: 6539
diff changeset
1 .. meta::
6774
e7b4ad2c57ac landmarks, skiplink, remove bad attrs, autocomplete search
John Rouillard <rouilj@ieee.org>
parents: 6765
diff changeset
2 :description:
6586
24e2eeb2ed9a Add meta description to some doc pages.
John Rouillard <rouilj@ieee.org>
parents: 6539
diff changeset
3 Documentation on the RESTful interface to the Roundup Issue
7282
f86a4a712f1f update metadata for rest.txt html page.
John Rouillard <rouilj@ieee.org>
parents: 7155
diff changeset
4 Tracker. Enable REST access, endpoints, methods,
f86a4a712f1f update metadata for rest.txt html page.
John Rouillard <rouilj@ieee.org>
parents: 7155
diff changeset
5 authentication, discovery.
6586
24e2eeb2ed9a Add meta description to some doc pages.
John Rouillard <rouilj@ieee.org>
parents: 6539
diff changeset
6
6167
81ae33038ec5 more index entries.
John Rouillard <rouilj@ieee.org>
parents: 6166
diff changeset
7 .. index:: pair: api; Representational state transfer
81ae33038ec5 more index entries.
John Rouillard <rouilj@ieee.org>
parents: 6166
diff changeset
8 pair: api; rest
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
9
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
10 ====================
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
11 REST API for Roundup
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
12 ====================
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
13
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
14 .. contents::
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
15 :local:
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
16 :depth: 3
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
17
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
18 Introduction
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
19 ============
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
20
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
21 After the last 1.6.0 Release, a REST-API developed in 2015 during a
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
22 Google Summer of Code (GSOC) by Chau Nguyen, supervised by Ezio
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
23 Melotti was integrated. The code was updated by Ralf Schlatterbeck and
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
24 John Rouillard to address some limitations and incorporate essential
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
25 features for a single page web application, such as etag support,
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
26 pagination, and field embedding, among others.
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
27
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
28 Enabling the REST API
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
29 =====================
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
30
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
31 The REST API can be disabled in the ``[web]`` section of ``config.ini``
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
32 via the variable ``enable_rest`` which is ``yes`` by default.
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
33
5879
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
34 Users have to be authorized to use the rest api. The user must have
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
35 "Rest Access" permission. To add this to the "User" role change
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
36 schema.py to add::
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
37
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
38 db.security.addPermissionToRole('User', 'Rest Access')
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
39
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
40 This is usually included near where other permissions like "Web Access"
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
41 or "Email Access" are assigned.
94a7669677ae add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents: 5878
diff changeset
42
5901
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
43 You could also create a new role "rest" and assign the "Rest Access"
6373
3dcbe44eb1cd Fix thinko add role not permission to users.
John Rouillard <rouilj@ieee.org>
parents: 6315
diff changeset
44 permission to that role and then just add the "rest" role to
5901
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
45 those users who should have access.
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
46
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
47 The REST api is reached via the ``/rest/`` endpoint of the tracker
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
48 URL. Partial URLs paths below (not starting with https) will have
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
49 /rest removed for brevity.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
50
5826
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
51 Make sure that the ``secret_key`` option is defined in the
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
52 ``[web]`` section of your tracker's ``config.ini``. Following the
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
53 `upgrading directions`_ using ``roundup-admin ... updateconfig
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
54 ...`` will generate the ``secret_key`` comments and setting. Then
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
55 you can merge this into your ``config.ini``. If you are
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
56 installing a new tracker with ``roundup-admin ... install`` the
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
57 ``secret_key`` value is automatically set to some random value.
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
58
6205
1b9f6b9befeb Clarify need to set secret_key for rest.
John Rouillard <rouilj@ieee.org>
parents: 6204
diff changeset
59 If ``secret_key`` is not set, the etag value returned by a REST call
1b9f6b9befeb Clarify need to set secret_key for rest.
John Rouillard <rouilj@ieee.org>
parents: 6204
diff changeset
60 will changed on every call even though the item has not changed. This
1b9f6b9befeb Clarify need to set secret_key for rest.
John Rouillard <rouilj@ieee.org>
parents: 6204
diff changeset
61 means users will be unable to submit changes using the rest
1b9f6b9befeb Clarify need to set secret_key for rest.
John Rouillard <rouilj@ieee.org>
parents: 6204
diff changeset
62 interface. (Note, if you run roundup in a persistent mode: server,
1b9f6b9befeb Clarify need to set secret_key for rest.
John Rouillard <rouilj@ieee.org>
parents: 6204
diff changeset
63 wsgi, mod_python, the etag will change on every restart if not
1b9f6b9befeb Clarify need to set secret_key for rest.
John Rouillard <rouilj@ieee.org>
parents: 6204
diff changeset
64 explicitly set.)
5826
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
65
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
66 .. _upgrading directions: upgrading.html
8e17c34a5cf0 issue2551048. Document WEB_SECRET_KEY in config.ini.
John Rouillard <rouilj@ieee.org>
parents: 5824
diff changeset
67
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
68 Preventing CSRF Attacks
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
69 -----------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
70
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
71 Clients should set the header X-REQUESTED-WITH to any value and the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
72 tracker's config.ini should have ``csrf_enforce_header_x-requested-with
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
73 = yes`` or ``required``.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
74
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
75 If you want to allow Roundup's api to be accessed by an application
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
76 that is not hosted at the same origin as Roundup, you must permit
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
77 the origin using the ``allowed_api_origins`` setting in
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
78 ``config.ini``.
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
79
7556
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
80 Rate Limiting API Failed Logins
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
81 -------------------------------
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
82
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
83 To make brute force password guessing harder, the REST API has an
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
84 invalid login rate limiter. This feature restricts the number of
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
85 failed login attempts made with an invalid user or
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
86 password. Successful login attempts are limited by the normal API rate
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
87 limiter. The rate limiter is a GCRA leaky bucket variant, which is
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
88 shared by all API (REST/XMLRPC) endpoints. However it is important to
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
89 note that the rate limiter for the HTML/web interface is not shared by
7556
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
90 the API failed login rate limiter.
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
91
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
92 It is configured through the settings in config.ini. By setting the
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
93 value of ``api_failed_login_limit`` to a non-zero value, the limiter
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
94 is enabled. Setting it to 0 will disables the limiter (although this
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
95 is not recommended). If a user fails to log in more than
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
96 ``api_failed_login_limit`` times in
7556
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
97 ``api_failed_login_interval_in_sec`` seconds, a 429 HTTP error will be
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
98 returned. The error message also tells the user how long to wait
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
99 before trying to log in again.
7556
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
100
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
101 When a 429 error is returned, the associated account will be
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
102 temporarily locked until sufficient time has elapsed to generate an
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
103 additional login token. This time period is determined by the values
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
104 of the ``api_failed_login_interval_in_sec`` and ``api_failed_login_limit``
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
105 parameters. Any login attempts made during this lockout period will be
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
106 unsuccessful, even if the correct password is provided. This
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
107 effectively prevents brute force attacks from attempting more than one
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
108 password every
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
109 ``api_failed_login_interval_in_sec/api_failed_login_limit`` seconds on average.
7556
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
110
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
111 The system's default settings permit a maximum of four login attempts,
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
112 after which the user will experience a delay of 2.5 minutes (150
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
113 seconds). Currently, there is no established procedure for resetting
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
114 the rate limiter.
7556
273c8c2b5042 fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
John Rouillard <rouilj@ieee.org>
parents: 7499
diff changeset
115
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
116 Rate Limiting the API
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
117 ---------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
118
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
119 Roundup includes Rate Limiting for the API, which is distinct from
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
120 rate limiting login attempts on the web interface.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
121
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
122 This feature can be enabled by setting the ``api_calls_per_interval``
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
123 and ``api_interval_in_sec`` configuration parameters in the ``[web]``
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
124 section of the ``config.ini`` file. Details for these settings are
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
125 documented in the same file.
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
126
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
127 If ``api_calls_per_interval = 60`` and ``api_interval_in_sec = 60``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
128 the user can make 60 calls in a minute. They can use them all up in the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
129 first second and then get one call back every second. With
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
130 ``api_calls_per_interval = 60`` and ``api_interval_in_sec = 3600`` (1
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
131 hour) they can use all 60 calls in the first second and they get one
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
132 additional call every 10 seconds. ``api_calls_per_interval`` is the
6206
b6f2cf872d2e Expand sunset header explanation, fix formating missing `.
John Rouillard <rouilj@ieee.org>
parents: 6205
diff changeset
133 burst rate that you are willing to allow within ``api_interval_in_sec``
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
134 seconds. The average rate of use is the ratio of
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
135 ``api_calls_per_interval/api_interval_in_sec``. So you can have many
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
136 values that permit one call per second on average: 1/1, 60/60,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
137 3600/3600, but they all have a different maximum burst rates: 1/sec,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
138 60/sec and 3600/sec.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
139
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
140 In practice, a single page app may require 20 or 30 API calls to
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
141 populate the page with data, followed by a few seconds of waiting for
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
142 the user to select an issue. When displaying the issue, another 20 or
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
143 more calls may be needed to populate status dropdowns, retrieve the
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
144 first 10 messages in the issue, and so on. Therefore, controlling both
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
145 the burst rate and the average rate is a tuning exercise that is left
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
146 to the tracker admin.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
147
7600
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
148 It is worth noting that the rate limit feature may be slightly lossy,
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
149 meaning that under heavy load, it may miscount and allow more than the
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
150 burst count. On slower hardware, errors of up to 10% have been
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
151 observed. Using redis, PostgreSQL, or MySQL for storing ephemeral data
5a8a41a2e3c8 docs: rewrite segments using ahref paragraph rewriter.
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
152 minimizes the loss.
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
153
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
154 Client API
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
155 ==========
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
156
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
157 The top-level REST url ``/rest/`` will display the current version of
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
158 the REST API (Version 1 as of this writing) and some links to relevant
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
159 endpoints of the API. In the following the ``/rest`` prefix is omitted
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
160 from relative REST-API links for brevity.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
161
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
162 Headers
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
163 -------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
164
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
165 If rate limiting is enabled there are 3 "standard" headers:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
166
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
167 **X-RateLimit-Limit**: Calls allowed per period.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
168
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
169 **X-RateLimit-Remaining**: Calls available to be completed in this window.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
170
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
171 **X-RateLimit-Reset**: window ends in this many seconds. (Note,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
172 not an epoch timestamp). After this time, all
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
173 X-RateLimit-Limit calls are available again.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
174
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
175 and one helpful header to report the period that is missing
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
176 from other lists of rate limit headers:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
177
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
178 **X-RateLimit-Limit-Period**: Defines period in seconds for X-RateLimit-Limit.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
179
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
180 Also if the user has exceeded the rate limit, this header is added:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
181
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
182 **Retry-After**: The number of second to wait until 1 api call will succeed.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
183
6182
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
184 If the client has requested a deprecated API endpoint, the header:
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
185
6206
b6f2cf872d2e Expand sunset header explanation, fix formating missing `.
John Rouillard <rouilj@ieee.org>
parents: 6205
diff changeset
186 **Sunset**: an http date after which the end point will not be
b6f2cf872d2e Expand sunset header explanation, fix formating missing `.
John Rouillard <rouilj@ieee.org>
parents: 6205
diff changeset
187 available. This is not returned by current code, but can be used
6207
8a21f8ba3065 Doc updates. Mostly formatting.
John Rouillard <rouilj@ieee.org>
parents: 6206
diff changeset
188 when `Programming the REST API`_. It should be used as a hint that
8a21f8ba3065 Doc updates. Mostly formatting.
John Rouillard <rouilj@ieee.org>
parents: 6206
diff changeset
189 the REST endpoint will be going away. See
7139
42e68162279b update links.
John Rouillard <rouilj@ieee.org>
parents: 6774
diff changeset
190 https://www.rfc-editor.org/rfc/rfc8594 for details on this header and
6207
8a21f8ba3065 Doc updates. Mostly formatting.
John Rouillard <rouilj@ieee.org>
parents: 6206
diff changeset
191 the sunset link type.
6182
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
192
6185
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
193 Hyperdb Stats
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
194 -------------
6185
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
195
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
196 Adding ``@stats=true`` as a GET query parameter or POST data item will
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
197 augment the response with an ``@stats`` dictionary. Any value other
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
198 than ``true`` (any case) will disable the ``@stats`` dictionary. When
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
199 stats are enabled the response includes an ``@stats`` member and looks
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
200 like::
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
201
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
202 { "data": {
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
203 ...
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
204 "@stats": {
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
205 "cache_hits": 3,
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
206 "cache_misses": 1,
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
207 "get_items": 0.0009722709655761719,
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
208 "filtering": 0,
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
209 "elapsed": 0.04731464385986328
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
210 }
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
211 }
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
212 }
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
213
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
214 These are the same values returned in the html interface by setting
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
215 the ``CGI_SHOW_TIMING`` environment variable. By default performance
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
216 stats are not shown. The fields are subject to change. An
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
217 understanding of the code is recommended if you are going to use this
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
218 info.
1cb2375015f0 Enable timing stats reporting in REST interface.
John Rouillard <rouilj@ieee.org>
parents: 6182
diff changeset
219
6182
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
220 Versioning
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
221 ----------
6182
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
222
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
223 Currently there is only one version of the API. Versions are simple
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
224 integers. The current version is ``1``. Version selection is
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
225 implemented in the server using one of three methods:
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
226
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
227 1. Explicit version param in accept header:
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
228 ``application/json; version=1``
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
229
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
230 2. Version suffix in vendor accept header:
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
231 ``application/vnd.json.test-v1+json``
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
232
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
233 3. Adding version specifier in query string: ``@apiver=1``
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
234
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
235 If an explicit version is not provided, the server default is used.
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
236 The server default is reported by querying the ``/rest/`` endpoint as
acb9841bb4fd Adding description of Sunset header and versioning
John Rouillard <rouilj@ieee.org>
parents: 6167
diff changeset
237 described above.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
238
6311
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
239 Input Formats
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
240 -------------
6311
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
241
6384
66a061e52435 Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents: 6373
diff changeset
242 For a GET or OPTIONS request, the Content-Type header should
66a061e52435 Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents: 6373
diff changeset
243 not be sent.
66a061e52435 Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents: 6373
diff changeset
244
66a061e52435 Test options in rest interface against live server; rest doc update
John Rouillard <rouilj@ieee.org>
parents: 6373
diff changeset
245 Otherwise Content-Type is allowed to be ``application/json`` or
6311
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
246 ``application/x-www-form-urlencoded``. Any other value returns error
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
247 code 415.
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
248
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
249 CORS preflight requests
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
250 ~~~~~~~~~~~~~~~~~~~~~~~
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
251
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
252 CORS preflight requests are done using the OPTIONS method. They
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
253 require that REST be enabled. These requests do not make any changes
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
254 or get any information from the database. As a result they are
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
255 available to the anonymous user and any authenticated user. The user
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
256 does not need to have `Rest Access` permissions. Also these requests
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
257 bypass CSRF checks except for the Origin header check which is always
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
258 run for preflight requests.
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
259
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
260 You can permit only allowed ORIGINS by setting ``allowed_api_origins``
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
261 in ``config.ini`` to the list of origins permitted to access your
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
262 api. By default only your tracker's origin is allowed. If a preflight
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
263 request fails, the api request will be stopped by the browser.
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
264
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
265 The following CORS preflight headers are usually added automatically by
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6675
diff changeset
266 the browser and must all be present:
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
267
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
268 * `Access-Control-Request-Headers`
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
269 * `Access-Control-Request-Method`
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
270 * `Origin`
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
271
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
272 The headers of the 204 response depend on the
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
273 ``allowed_api_origins`` setting. If a ``*`` is included as the
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
274 first element, any client can read the data but they can not
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
275 provide authentication. This limits the available data to what
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
276 the anonymous user can see in the web interface.
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
277
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
278 All 204 responses will include the headers:
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
279
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
280 * `Access-Control-Allow-Origin`
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
281 * `Access-Control-Allow-Headers`
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
282 * `Access-Control-Allow-Methods`
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
283 * `Access-Control-Max-Age: 86400`
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
284
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
285 If the client's ORIGIN header matches an entry besides ``*`` in the
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
286 ``allowed_api_origins`` it will also include:
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
287
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
288 * `Access-Control-Allow-Credentials: true`
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
289
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
290 permitting the client to log in and perform authenticated operations.
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7139
diff changeset
291
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
292 If the endpoint accepts the PATCH verb the header `Accept-Patch` with
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
293 valid mime types (usually `application/x-www-form-urlencoded,
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
294 multipart/form-data`) will be included.
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
295
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
296 It will also include rate limit headers since the request is included
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
297 in the rate limit for the URL. The results from the CORS preflight
6675
7542269becfa Fix cache time week -> day.
John Rouillard <rouilj@ieee.org>
parents: 6674
diff changeset
298 should be cached for a day so preflight requests are not expected to
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
299 cause a problem. If it is an issue, you can see
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
300 `Creating Custom Rate Limits`_
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
301 and craft a rate limiter that ignores anonymous OPTIONS requests.
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
302
6311
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
303 Response Formats
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
304 ----------------
6311
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
305
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
306 The default response format is json.
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
307
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
308 If you add the ``dicttoxml.py`` module you can request XML formatted
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
309 data using the header ``Accept: application/xml`` in your
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
310 request. Both output formats are similar in structure.
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
311
6765
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
312 ``dicttoxml.py`` should be installed in the Python install directory,
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
313 or the file can be added to the Roundup installation directory long
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
314 ide ``rest.py``. It can also be enabled on a per tracker basis by
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
315 adding ``dicttoxml.py`` to the lib directory in your tracker home (you
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
316 may need to create the directory). Then this can be added to
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
317 `interfaces.py`_ to enable xml::
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
318
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
319 from roundup import rest
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
320 from dicttoxml import dicttoxml as dtox # from tracker_root/lib directory
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
321
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
322 rest.dicttoxml = dtox
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
323
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
324 .. _interfaces.py: customizing.html#interfaces-py-hooking-into-the-core-of-roundup
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
325
6311
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
326 The rest interface accepts the http accept header and can include
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
327 ``q`` values to specify the preferred mechanism. This is the preferred
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
328 way to specify alternate acceptable response formats.
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
329
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
330 To make testing from the browser easier, you can also append the
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
331 extension `.json` or `.xml` to the path component of the url. This
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
332 will force json or xml (if supported) output. If you use an extension
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
333 it takes priority over any accept headers.
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
334
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
335 The rest interface returns status 406 if you use an unrecognized
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
336 extension. You will also get a 406 status if none of the entries in
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
337 the accept header are available or if the accept header is invalid.
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
338
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
339
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
340 General Guidelines
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
341 ------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
342
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
343 Performing a ``GET`` on an item or property of an item will return an
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
344 ETag header or an @etag property. This needs to be submitted with
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
345 ``DELETE``, ``PUT`` and ``PATCH`` operations on the item using an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
346 ``If-Match`` header or an ``"@etag`` property in the data payload if
6539
f8df7fed18f6 issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents: 6519
diff changeset
347 the method supports a payload. The ETag header value will include a
f8df7fed18f6 issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents: 6519
diff changeset
348 suffix (starting with '-') indicating the Content-Encoding used to
f8df7fed18f6 issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents: 6519
diff changeset
349 respond to the request. If the response was uncompressed, there will
f8df7fed18f6 issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents: 6519
diff changeset
350 be no suffix. The ``@etag`` property never includes the suffix. Any
f8df7fed18f6 issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents: 6519
diff changeset
351 ETag value suffixed or not can be sent in an ``If-Match`` header as
f8df7fed18f6 issue2551175 - Make ETag content-encoding aware.
John Rouillard <rouilj@ieee.org>
parents: 6519
diff changeset
352 the suffix is ignored during comparison.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
353
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
354 The exact details of returned data is determined by the value of the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
355 ``@verbose`` query parameter. The various supported values and their
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
356 effects are described in the following sections.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
357
6311
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
358 All output is wrapped in an envelope called ``data``. The output
be8d5a8e090a Fix uncaught error when parsing rest headers, document
John Rouillard <rouilj@ieee.org>
parents: 6288
diff changeset
359 format is described in `Response Formats`_ above.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
360
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
361 When using collection endpoints (think list of issues, users ...), the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
362 ``data`` envelope contains metadata (e.g. total number of items) as
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
363 well as a ``collections`` list of objects::
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
364
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
365 { "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
366 "meta data field1": "value",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
367 "meta data field2": "value",
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
368 "collection": [
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
369 { "link": "url to item",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
370 "id": "internal identifier for item" },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
371 { "link": "url to second item",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
372 "id": "id item 2" },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
373 ... ]
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
374 "@links": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
375 "relation": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
376 { "rel": "relation/subrelation",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
377 "uri": "uri to use to implement relation" },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
378 ...
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
379 ],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
380 "relation2": [ {...} ], ...
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
381 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
382 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
383 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
384
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
385 available meta data is described in the documentation for the
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
386 collections endpoint.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
387
6207
8a21f8ba3065 Doc updates. Mostly formatting.
John Rouillard <rouilj@ieee.org>
parents: 6206
diff changeset
388 The ``link`` fields implement `HATEOS`_ by supplying a url for the
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
389 resource represented by that object. The "link" parameter with the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
390 value of a url is a special case of the @links parameter.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
391
6207
8a21f8ba3065 Doc updates. Mostly formatting.
John Rouillard <rouilj@ieee.org>
parents: 6206
diff changeset
392 .. _HATEOS: https://en.wikipedia.org/wiki/HATEOAS
8a21f8ba3065 Doc updates. Mostly formatting.
John Rouillard <rouilj@ieee.org>
parents: 6206
diff changeset
393
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
394 In the @links object, each relationship is a list of full link json
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
395 objects. These include rel (relationship) and uri properties. In the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
396 future this may be extended to include other data like content-type.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
397 However including a full @links object for every item includes a lot
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
398 of overhead since in most cases only the self relationship needs to be
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
399 represented.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
400
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
401 Because every object, link and multilink ends up getting a url, the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
402 shorter 'link' representation is used for this special case. The
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
403 ``link`` property expresses the ``self`` relationship and its value is
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
404 the uri property of the full link object. In collections, properties
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
405 from each item can be embedded in the returned data (see ``@fields``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
406 below). This can not be done if the property is called link as that
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
407 conflicts with the self url.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
408
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
409 When using an item endpoint (think an individual issue), metadata is
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
410 included in the ``data`` envelope. Inside of the envelope, the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
411 ``attributes`` object contains the data for the field/properties of
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
412 the issue. Example::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
413
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
414 { "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
415 "meta data field1": "value",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
416 "type": "type of item, issue, user ..."
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
417 "link": "link to retrieve item",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
418 "attributes": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
419 "title": "title of issue",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
420 "nosy": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
421 { "link": "url for user4",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
422 "id": "4" }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
423 ],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
424
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
425 ... }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
426 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
427 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
428
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
429 Using a property endpoint (e.g. title or nosy list for an issue) the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
430 ``data`` wrapper has a ``data`` subfield that represents the value of
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
431 the property. This ``data`` subfield may be a simple string (all types
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
432 except multilink) or a list of strings (multilink
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
433 properties). Example::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
434
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
435 { "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
436 "type": "description of class",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
437 "@etag": "\"f15e6942f00a41960de45f9413684591\"",
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
438 "link": "link to retrieve property",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
439 "id": "id for object with this property",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
440 "data": "value of property"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
441 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
442 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
443
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
444
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
445 Special Endpoints
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
446 -----------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
447
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
448 There are a few special endpoints that provide some additional data.
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
449 Tracker administrators can add new endpoints. See
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
450 "Programming the REST API"_ below.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
451
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
452 /summary
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
453 ~~~~~~~~
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
454
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
455 A Summary page can be reached via ``/summary`` via the ``GET`` method.
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
456 This is currently hard-coded for the standard tracker schema shipped
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
457 with roundup and will display a summary of open issues.
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
458
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
459 /data
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
460 ~~~~~
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
461
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
462 This is the primary entry point for data from the tracker.
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
463
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
464 The ``/data`` link will display a set of classes of the tracker. All
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
465 classes can be reached via ``/data/<classname>`` where ``<classname>``
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
466 is replace with the name of the class to query, e.g. ``/data/issue``.
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
467 Individual items of a class (e.g. a single issue) can be queried by
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
468 giving the issue-id, e.g., ``/data/issue/42``. Individual properties of
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
469 an item can be queried by appending the property, e.g.,
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
470 ``/data/issue/42/title``.
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
471
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
472
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
473 All the links mentioned in the following support the http method ``GET``.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
474 Results of a ``GET`` request will always return the results as a
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
475 dictionary with the entry ``data`` referring to the returned data.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
476
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
477 Details are in the sections below.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
478
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
479 /data/\ *class* Collection
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
480 --------------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
481
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
482 When performing the ``GET`` method on a class (e.g. ``/data/issue``),
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
483 the ``data`` object includes the number of items available in
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
484 ``@total_size``. A a ``collection`` list follows which contains the id
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
485 and link to the respective item. For example a get on
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
486 https://.../rest/data/issue returns::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
487
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
488 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
489 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
490 "collection": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
491 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
492 "id": "1",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
493 "link": "https://.../rest/data/issue/1"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
494 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
495 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
496 "id": "100",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
497 "link": "https://.../rest/data/issue/100"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
498 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
499 ...
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
500 ],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
501 "@total_size": 171
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
502 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
503 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
504
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
505 Collection endpoints support a number of features as seen in the next
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
506 sections.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
507
5982
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
508 A server may implement a default maximum number of items in the
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
509 collection. This can be used to prevent denial of service (DOS). As
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
510 a result all clients must be programmed to expect pagination
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
511 decorations in the response. See the section on pagination below for
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
512 details.
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
513
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
514 Searching
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
515 ~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
516
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
517 Searching is done by adding roundup field names and values as query
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
518 parameters. Using: https://.../rest/data/issue you can search using:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
519
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
520 .. list-table:: Query Parameters Examples
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
521 :header-rows: 1
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
522 :widths: 20 20 80
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
523
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
524 * - Query parameter
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
525 - Field type
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
526 - Explanation
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
527 * - ``title=foo``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
528 - String
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
529 - perform a substring search and find any issue with the word foo
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
530 in the title.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
531 * - ``status=2``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
532 - Link
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
533 - find any issue whose status link is set to the id 2.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
534 * - ``status=open``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
535 - Link
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
536 - find any issue where the name of the status is open.
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
537 Note this is not a string match so using status=ope will fail.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
538 * - ``nosy=1``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
539 - MultiLink
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
540 - find any issue where the multilink nosy includes the id 1.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
541 * - ``nosy=admin``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
542 - MultiLink
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
543 - find any issue where the multilink nosy includes the user admin.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
544 Note this is not a string match so using nosy=admi will fail.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
545 * - ``booleanfield=1`` - also values: true, TRUE, yes, YES etc. Other
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
546 values match false.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
547 - Boolean
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
548 - find an issue with the boolean field set to true.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
549
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
550 As seen above, Links and Multilinks can be specified numerically or
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
551 symbolically, e.g., searching for issues in status ``closed`` can be
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
552 achieved by searching for ``status=closed`` or ``status=3`` (provided
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
553 the ``closed`` status has ID 3). Note that even though the symbolic
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
554 name is a string, in this case it is also a key value. As a result it
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
555 only does an exact match.
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
556
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
557 Searching for strings (e.g. the issue title, or a keyword name)
5901
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
558 performs a case-insensitive substring search. Searching for
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
559 ``title=Something`` (or in long form title~=Something) will find all
5901
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
560 issues with "Something" or "someThing", etc. in the title.
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
561
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
562 Changing the search to ``title:=Something`` (note the `:`) performs an
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
563 exact case-sensitive string match for exactly one word ``Something``
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
564 with a capital ``S``. Another example is:
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
565 ``title:=test+that+nosy+actually+works.`` where the + signs are spaces
5901
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
566 in the string. Replacing ``+`` with the `URL encoding`_ for space
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
567 ``%20`` will also work. Note that you must match the spaces when
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
568 performing exact matches. So `title:=test++that+nosy+actually+works.``
5901
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
569 matches the word ``test`` with two spaces bewteen ``test`` and
a592e3156134 Added more verbage on "Rest Access" permission and reworked search docs.
John Rouillard <rouilj@ieee.org>
parents: 5898
diff changeset
570 ``that`` in the title.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
571
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
572 To make this clear, searching
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
573 ``https://.../rest/data/issue?keyword=Foo`` will not work unless there
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
574 is a keyword with a (case sensitive) name field of ``Foo`` which is
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
575 the key field of the keyword. However searching the text property
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
576 ``name`` using ``https://.../rest/data/keyword?name=Foo`` (note
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
577 searching keyword class not issue class) will return matches for
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
578 ``Foo``, ``foobar``, ``foo taz`` etc.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
579
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
580 In all cases the field ``@total_size`` is reported which is the total
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
581 number of items available if you were to retrieve all of them.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
582
6288
9d132769ed37 Add missing comma to rest.txt.
John Rouillard <rouilj@ieee.org>
parents: 6261
diff changeset
583 Other data types: Date, Interval, Integer, Number need examples and may
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
584 need work to allow range searches. Full text search (e.g. over the
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
585 body of a msg) is a work in progress.
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
586
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
587 .. _URL Encoding: https://en.wikipedia.org/wiki/Percent-encoding
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
588
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
589 Transitive Searching
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
590 ^^^^^^^^^^^^^^^^^^^^
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
591
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
592 In addition to searching an issue by its properties, you can search
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
593 for issues where linked items have a certain property. For example
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
594 using ``/issues?messages.author=1`` will find all issues that include
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
595 (link to) a message created by the admin user. This can also be done
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
596 using: ``/issues?messages.author=admin``. Note that this requires
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
597 search permission for messages.author, user.id, and users.username (to
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
598 perform search with ``admin``. If these search permissions are not
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
599 present, the search will silently drop the attribute.
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
600
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
601 Similarly you can find all issues where the nosy list includes James
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
602 Bond with: ``issue?nosy.realname=james+bond``. The alternate way to
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
603 perform this is to query the user class for the realname:
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
604 ``user?realname=james+bond`` and retrieve the id. Then you can execute
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
605 a second rest call ``issue?nosy=7`` to retrieve issues with id 7.
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
606
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
607 Make sure that search access to the class/properties are granted to the
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
608 user. Note that users can search a field even if they can't view
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
609 it. However they may be able to use searches to discover the value of
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
610 the field even if they can't view it.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
611
5865
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
612 Sorting
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
613 ~~~~~~~
5865
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
614
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
615 Collection endpoints support sorting. This is controlled by specifying a
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
616 ``@sort`` parameter with a list of properties of the searched class.
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
617 Optionally properties can include a sign ('+' or '-') to specify
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
618 ascending or descending sort, respectively. If no sign is given,
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
619 ascending sort is selected for this property. The following example
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
620 would sort by status (in ascending order of the status.order property)
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
621 and then by id of an issue::
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
622
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
623 @sort=status,-id
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
624
04deafac71ab Implement sorting of collections in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5863
diff changeset
625
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
626 Pagination
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
627 ~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
628
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
629 Collection endpoints support pagination. This is controlled by query
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
630 parameters ``@page_size`` and ``@page_index`` (Note the use of the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
631 leading `@` to make the parameters distinguishable from field names.)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
632
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
633 .. list-table:: Query Parameters Examples
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
634 :header-rows: 1
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
635 :widths: 20 80
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
636
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
637 * - Query parameter
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
638 - Explanation
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
639 * - ``@page_size``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
640 - specifies how many items are displayed at once. If no
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
641 ``@page_size`` is specified, all matching items are returned.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
642 * - ``@page_index``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
643 - (which defaults to 1 if not given) specifies which page number
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
644 of ``@page_size`` items is displayed.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
645
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
646 Also when pagination is enabled the returned data include pagination
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
647 links along side the collection data. This looks like::
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
648
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
649 { "data":
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
650 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
651 "collection": { ... },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
652 "@total_size": 222,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
653 "@links": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
654 "self": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
655 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
656 "uri":
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
657 "https://.../rest/data/issue?@page_index=1&@fields=status&@page_size=5",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
658 "rel": "self"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
659 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
660 ],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
661 "next": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
662 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
663 "uri":
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
664 "https://.../rest/data/issue?@page_index=2&@fields=status&@page_size=5",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
665 "rel": "next"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
666 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
667 ]
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
668 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
669 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
670 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
671
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
672 The ``@links`` parameter is a dictionary indexed by
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
673 relationships. Each relationship is a list of one or more full link
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
674 json objects. Above we have link relations to move to the next
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
675 page. If we weren't at the first page, there would be a ``prev``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
676 relation to move to the previous page. Also we have a self relation
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
677 (which is missing the @page_index, hence we are at page 1) that can be
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
678 used to get the same page again.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
679
5982
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
680 Note that the server may choose to limit the number of returned
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
681 entries in the collection as a DOS prevention measure. As a result
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
682 clients must be prepared to handle the incomplete response and request
88316ac61ab0 Add warning about collection size limit as anti-DOS mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5933
diff changeset
683 the next URL to retrieve all of the entries.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
684
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
685 Field embedding and verbose output
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
686 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
687
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
688 In collections, you can specify what fields should be embedded in the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
689 returned data. There are some shortcuts provided using the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
690 ``@verbose`` parameter. All the examples in this section are for a GET
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
691 operation on ``https://.../rest/data/issue``.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
692
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
693 .. list-table:: Query Parameters Examples
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
694 :header-rows: 1
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
695 :widths: 20 80
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
696
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
697 * - Query parameter
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
698 - Explanation
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
699 * - ``@verbose=0``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
700 - each item in the collection has its "id" property displayed
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
701 and a link with the URL to retrieve the item.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
702 * - ``@verbose=1``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
703 - for collections this output is the same as ``@verbose=0``. This
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
704 is the default.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
705 * - ``@verbose=2``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
706 - each item in the collection includes the "label" property in
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
707 addition to "id" property and a link for the item.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
708 This is useful as documented below in "Searches and selection"_.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
709 * - ``@verbose=3``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
710 - will display the content property of messages and files. Note
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
711 warnings about this below. Using this for collections is
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
712 discouraged as it is slow and produces a lot of data.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
713 * - ``@fields=status,title``
5824
352e78c3b4ab Allow @fields to include protected properties, document @protected
John Rouillard <rouilj@ieee.org>
parents: 5738
diff changeset
714 - will return the ``status`` and ``title`` fields for the
352e78c3b4ab Allow @fields to include protected properties, document @protected
John Rouillard <rouilj@ieee.org>
parents: 5738
diff changeset
715 displayed issues. It is added to the fields returned by the
352e78c3b4ab Allow @fields to include protected properties, document @protected
John Rouillard <rouilj@ieee.org>
parents: 5738
diff changeset
716 @verbose parameter. Protected properties
352e78c3b4ab Allow @fields to include protected properties, document @protected
John Rouillard <rouilj@ieee.org>
parents: 5738
diff changeset
717 can be included in the list and will be returned.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
718
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
719 In addition collections support the ``@fields`` parameter which is a
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
720 colon or comma separated list of fields to embed in the response. For
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
721 example ``https://.../rest/data/issue?@verbose=2`` is the same as:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
722 ``https://.../rest/data/issue?@fields=title`` since the label property
6090
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
723 for an issue is its title.
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
724 The @fields option supports transitive properties, e.g.
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
725 ``status.name``. The transitive property may not include multilinks in
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
726 the path except for the last component. So ``messages.author`` is not
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
727 allowed because ``messages`` is a multilink while ``messages`` alone
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
728 would be allowed. You can use both ``@verbose`` and
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
729 ``@fields`` to get additional info. For example
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
730 ``https://.../rest/data/issue?@verbose=2&@fields=status`` returns::
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
731
6090
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
732
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
733 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
734 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
735 "collection": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
736 {
6090
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
737 "link": "https://.../rest/data/issue/1",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
738 "title": "Welcome to the tracker START HERE",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
739 "id": "1",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
740 "status": {
6090
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
741 "link": "https://.../rest/data/status/1",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
742 "id": "1",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
743 "name": "new"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
744 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
745 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
746 ...
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
747 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
748
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
749 the format of the status field (included because of
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
750 ``@fields=status``) includes the label for the status. This is due to
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
751 inclusion of ``@verbose=2``. Without verbose you would see::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
752
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
753 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
754 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
755 "collection": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
756 {
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
757 "link": "https://.../rest/data/issue/1",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
758 "id": "1",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
759 "status": {
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
760 "link": "https://.../rest/data/status/1",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
761 "id": "1"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
762 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
763 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
764 ...
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
765 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
766
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
767 Note that the ``link`` field that is returned doesn't exist in the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
768 database. It is a construct of the rest interface. This means that you
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
769 can not set ``@fields=link`` and get the link property included in the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
770 output.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
771
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
772 Also using ``@fields=@etag`` will not work to retrieve the etag for
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
773 items in the collection.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
774
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
775 See the `Searches and selection`_ section for the use cases supported
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
776 by these features.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
777
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
778 Getting Message and Files Content
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
779 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
780
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
781 You can retreive a message with a url like
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
782 ``https://.../demo/rest/data/msg/11``. This returns something like::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
783
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
784 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
785 "data": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
786 "id": "11",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
787 "type": "msg",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
788 "link": "https://.../demo/rest/data/msg/11",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
789 "attributes": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
790 "author": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
791 "id": "5",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
792 "link": "https://.../demo/rest/data/user/5"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
793 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
794 "content": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
795 "link": "https://.../demo/msg11/"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
796 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
797 "date": "2017-10-30.00:53:15",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
798 "files": [],
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
799 "inreplyto": null,
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
800 "messageid": "<1509324807.14.0.296813919751.issue3@localhost>",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
801 "messagetype": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
802 "id": "1",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
803 "link": "https://.../demo/rest/data/msgtype/1"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
804 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
805 "recipients": [
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
806 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
807 "id": "1",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
808 "link": "https://.../demo/rest/data/user/1"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
809 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
810 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
811 "id": "3",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
812 "link": "https://.../demo/rest/data/user/3"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
813 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
814 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
815 "id": "4",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
816 "link": "https://.../demo/rest/data/user/4"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
817 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
818 ],
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
819 "subject": null,
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
820 "summary": "of has to who. or of account give because the",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
821 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
822 "@etag": "\"584f82231079e349031bbb853747df1c\""
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
823 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
824 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
825
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
826 To retreive the content, you can use the content link property:
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
827 ``https://.../demo/msg11/``. The trailing / is required. Without the
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
828 /, you get a web page that includes metadata about the message. With
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
829 the slash you get a text/plain (in most cases) data stream.
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
830
6630
0351caa802f7 Add missing url in example.
John Rouillard <rouilj@ieee.org>
parents: 6586
diff changeset
831 Also you can use the url: ``https://.../demo/rest/data/msg/11?@verbose=3``
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
832 and the content property (if the data is utf-8 compatible) now looks
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
833 like::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
834
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
835 ...
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
836 "author": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
837 "id": "5",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
838 "link": "https://.../demo/rest/data/user/5"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
839 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
840 "content": "of has to who pleasure. or of account give because the
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
841 reprehenderit\neu to quisquam velit, passage,
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
842 was or toil BC quis denouncing quia\nexercise,
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
843 veritatis et used voluptas I elit, a The...",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
844 "date": "2017-10-30.00:53:15",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
845 ...
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
846
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
847 Lines are wrapped for display, content value is one really long
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
848 line. If the data is not utf-8 compatible, you will get a link.
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
849
5929
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
850 Retrieving the contents of a file is similar. Performing a
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
851 get on ``https://.../demo/rest/data/file/11`` returns::
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
852
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
853 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
854 "data": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
855 "id": "11",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
856 "type": "file",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
857 "link": "https://.../demo/rest/data/file/11",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
858 "attributes": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
859 "acl": null,
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
860 "content": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
861 "link": "https://.../demo/file11/"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
862 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
863 "name": "afile",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
864 "status": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
865 "id": "1",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
866 "link": "https://.../demo/rest/data/filestatus/1"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
867 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
868 "type": "image/vnd.microsoft.icon"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
869 },
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
870 "@etag": "\"74276f75ef71a30a0cce62dc6a8aa1bb\""
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
871 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
872 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
873
5929
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
874 To download the file contents for this example you would
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
875 perform an http GET using: ``https://.../demo/file11/``. The trailing
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
876 / is required. You will receive a response of type
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
877 application/octet-stream.
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
878
5929
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
879 If you perform a get on
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
880 ``https://.../demo/rest/data/file/11?@verbose=3`` the content field
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
881 above is displayed as (wrapped for display)::
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
882
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
883 "content": "file11 is not text, retrieve using binary_content
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
884 property. mdsum: bd990c0f8833dd991daf610b81b62316",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
885
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
886
5929
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
887 You can use the `binary_content property`_ described below to
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
888 retrieve an encoded copy of the data.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
889
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
890 Other query params
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
891 ~~~~~~~~~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
892
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
893 This table lists other supported parameters:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
894
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
895 .. list-table:: Query Parameters Examples
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
896 :header-rows: 1
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
897 :widths: 20 80
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
898
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
899 * - Query parameter
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
900 - Explanation
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
901 * - ``@pretty=false``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
902 - by default json data is pretty printed to make it readable to
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
903 humans. This eases testing and with compression enabled the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
904 extra whitespace doesn't bloat the returned payload excessively.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
905 You can disable pretty printing by using this query parameter.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
906 Note the default is true, so @pretty=true is not supported at
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
907 this time.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
908
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
909 Using the POST method
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
910 ~~~~~~~~~~~~~~~~~~~~~
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
911
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
912 Only class links support the ``POST`` method for creation of new items
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
913 of a class, e.g., a new issue via the ``/data/issue`` link. The post
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
914 gets a dictionary of keys/values for the new item. It returns the same
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
915 parameters as the GET method after successful creation.
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
916
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
917 If you perform a get on an item with ``@verbose=0``, it is in the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
918 correct form to use as a the payload of a post.
5660
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
919
d8d2b7724292 First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
diff changeset
920
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
921 Safely Re-sending POST
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
922 ^^^^^^^^^^^^^^^^^^^^^^
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
923
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
924 POST is used to create new object in a class. E.G. a new issue. One
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
925 problem is that a POST may time out. Because it is not idempotent like
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
926 a PUT or DELETE, retrying the interrupted POST may result in the
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
927 creation of a duplicate issue.
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
928
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
929 To solve this problem, a two step process inspired by the POE - Post
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
930 Once Exactly spec:
7139
42e68162279b update links.
John Rouillard <rouilj@ieee.org>
parents: 6774
diff changeset
931 https://datatracker.ietf.org/doc/html/draft-nottingham-http-poe-00 is provided.
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
932
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
933 This mechanism returns a single use URL. POSTing to the URL creates
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
934 a new object in the class.
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
935
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
936 First we get the URL. Here is an example using curl::
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
937
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
938 curl -u demo:demo -s -X POST -H "Referer: https://.../demo/" \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
939 -H "X-requested-with: rest" \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
940 -H "Content-Type: application/json" \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
941 --data '' \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
942 https://.../demo/rest/data/issue/@poe
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
943
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
944 This will return a json payload like::
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
945
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
946 {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
947 "data": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
948 "expires": 1555266310.4457426,
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
949 "link": "https://.../demo/rest/data/issue/@poe/vizl713xHtIzANRW9jPb3bWXePRzmehdmSXzEta1"
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
950 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
951 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
952
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
953 The value of expires is a Unix timestamp in seconds. In this case it
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
954 has the default lifetime of 30 minutes after the current time. Using
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
955 the link more than 30 minutes into the future will cause a 400 error.
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
956
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
957 Within 30 minutes, the link can be used to post an issue with the same
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
958 payload that would normally be sent to:
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
959 ``https://.../demo/rest/data/issue``.
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
960
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
961 For example::
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
962
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
963 curl -u demo:demo -s -X POST \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
964 -H "Referer: https://.../demo/" \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
965 -H "X-requested-with: rest" \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
966 -H "Content-Type: application/json" \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
967 --data-binary '{ "title": "a problem" }' \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
968 https://.../demo/rest/data/issue/@poe/vizl713xHtIzANRW9jPb3bWXePRzmehdmSXzEta1
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
969
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
970 returns::
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
971
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
972 {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
973 "data": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
974 "link": "https://.../demo/rest/data/issue/2280",
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
975 "id": "2280"
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
976 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
977 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
978
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
979 Once the @poe link is used and creates an issue, it becomes invalid
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
980 and can't be used again. Posting to it after the issue, or other
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
981 object, is created, results in a 400 error [#poe_retry]_.
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
982
6261
424f70c076b9 Grammar fix. Remove word missed in rewrite.
John Rouillard <rouilj@ieee.org>
parents: 6207
diff changeset
983 Note that POE links are restricted to the class that was used to
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
984 get the link. So you can only create an issue using the link returned
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
985 from ``rest/data/issue/@poe``. You can create a generic POE link by adding
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
986 the "generic" field to the post payload::
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
987
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
988 curl -u demo:demo -s -X POST -H "Referer: https://.../demo/" \
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
989 -H "X-requested-with: rest" \
6194
0f0dedd2f95d Fix example to have 15 minute lifetime to match text.
John Rouillard <rouilj@ieee.org>
parents: 6185
diff changeset
990 --data 'lifetime=900&generic=1' \
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
991 https://.../demo/rest/data/issue/@poe
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
992
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
993 This will return a link under: ``https://.../demo/rest/data/issue/@poe``::
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
994
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
995 {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
996 "data": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
997 "expires": 1555268640.9606116,
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
998 "link":
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
999 "https://.../demo/rest/data/issue/@poe/slPrzmEq6Q9BTjvcKhfxMNZL4uHXjbHCidY1ludZ"
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
1000 }
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1001 }
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
1002
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1003 You could use the link and change 'issue' to 'user' and it would work
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1004 to create a user. Creating generic POE tokens is *not* recommended,
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1005 but is available if a use case requires it.
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1006
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1007 This example also changes the lifetime of the POE url. This link has
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1008 a lifetime of 15 minutes (900 seconds). Using it after 16 minutes will
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1009 result in a 400 error. A lifetime up to 1 hour can be specified.
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1010
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1011 POE url's are an optional mechanism. If:
5688
1b9ef04b9528 Add docs on how to add new rest endpoints.
John Rouillard <rouilj@ieee.org>
parents: 5678
diff changeset
1012
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1013 * you do not expect your client to retry a failed post,
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1014 * a failed post is unlikely (e.g. you are running over a local lan),
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1015 * there is a human using the client and who can intervene if a post
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1016 fails
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1017
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1018 you can use the url ``https://.../demo/data/<class>``. However if you
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1019 are using this mechanism to automate creation of objects and will
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1020 automatically retry a post until it succeeds, please use the POE
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1021 mechanism.
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1022
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1023 .. [#poe_retry] As a future enhancement, performing a POST to the POE
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1024 link soon after it has been used to create an object will
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1025 change. It will not return a 400 error. It will will trigger a
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1026 301 redirect to the url for the created object. After some
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1027 period of time (maybe a week) the POE link will be removed and
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1028 return a 400 error. This is meant to allow the client (a time
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1029 limited way) to retrieve the created resource if the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1030 response was lost.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1031
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1032 Other Supported Methods for Collections
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1033 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1034
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1035 Supports the ``OPTIONS`` method for determining which methods are
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1036 allowed on a given endpoint.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1037
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1038 Does not support PUT, DELETE or PATCH.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1039
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1040 /data/\ *class*/\ *id* item
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1041 ---------------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1042
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1043 When performing the ``GET`` method on an item
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1044 (e.g. ``/data/issue/42``), a ``link`` attribute contains the link to
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1045 the item, ``id`` contains the id, ``type`` contains the class name
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1046 (e.g. ``issue`` in the example) and an ``etag`` property can be used
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1047 to detect modifications since the last query.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1048
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1049 Individual properties of the item are returned in an ``attributes``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1050 dictionary. The properties returned depend on the permissions of the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1051 account used for the query.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1052
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1053 By default all (visible to the current user) attributes/properties are
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1054 returned. You can limit this by using the ``@fields`` query parameter
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1055 similar to how it is used in collections. This way you can only return
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1056 the fields you are interested in reducing network load as well as
6090
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
1057 memory and parsing time on the client side. Or you can add additional
e097ff5064b8 Allow transitive properties in @fields in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5982
diff changeset
1058 transitive properties. By default protected
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1059 properties (read only in the database) are not listed. This
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1060 makes it easier to submit the attributes from a
5824
352e78c3b4ab Allow @fields to include protected properties, document @protected
John Rouillard <rouilj@ieee.org>
parents: 5738
diff changeset
1061 ``@verbose=0`` query using PUT. To include protected properties
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
1062 in the output of a GET add the query parameter
5824
352e78c3b4ab Allow @fields to include protected properties, document @protected
John Rouillard <rouilj@ieee.org>
parents: 5738
diff changeset
1063 ``@protected=true`` to the query and attributes like: actor,
352e78c3b4ab Allow @fields to include protected properties, document @protected
John Rouillard <rouilj@ieee.org>
parents: 5738
diff changeset
1064 created, creator and activity will be include in the result.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1065
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1066 Link and Multilink properties are displayed as a dictionary with a
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1067 ``link`` and an ``id`` property by default. This is controlled by the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1068 ``@verbose`` attribute which is set to 1 by default. If set to 0, only
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1069 the id is shown for Link and Multilink attributes. In this form, the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1070 data can be modified and sent back using ``PUT`` to change the item.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1071 If set to 2, the label property (usually ``name`` e.g. for status) is
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1072 also put into the dictionary. Content properties of message and file
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1073 object are by default also shown as a dictionary with a sole link
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1074 attribute. The link is the download link for the file or message. If
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1075 @verbose is >= 3, the content property is shown in json as a (possibly
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1076 very long) string. Currently the json serializer cannot handle files
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1077 not properly utf-8 encoded, so specifying @verbose=3 for files is
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1078 currently discouraged.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1079
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1080 An example of returned values::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1081
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1082 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1083 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1084 "type": "issue",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1085 "@etag": "\"f15e6942f00a41960de45f9413684591\"",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1086 "link": "https://.../rest/data/issue/23",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1087 "attributes": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1088 "keyword": [],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1089 "messages": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1090 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1091 "link": "https://.../rest/data/msg/375",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1092 "id": "375"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1093 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1094 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1095 "link": "https://.../rest/data/msg/376",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1096 "id": "376"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1097 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1098 ...
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1099 ],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1100 "files": [],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1101 "status": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1102 "link": "https://.../rest/data/status/2",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1103 "id": "2"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1104 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1105 "title": "This is a title title",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1106 "superseder": [],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1107 "nosy": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1108 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1109 "link": "https://.../rest/data/user/4",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1110 "id": "4"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1111 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1112 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1113 "link": "https://.../rest/data/user/5",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1114 "id": "5"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1115 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1116 ],
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1117 "assignedto": null,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1118 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1119 "id": "23"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1120 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1121 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1122
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1123 Retrieve item using key value
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1124 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1125
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1126 If the class has a key attribute, e.g. the 'status' class in the
5895
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1127 classic tracker, it can be used to retrieve the item.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1128
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1129 You can get an individual status by specifying the key-attribute value
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1130 e.g. ``/data/status/name=closed``. Note that ``name`` in this example
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1131 must be the key-attribute of the class. A short-form (which might not
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1132 be supported in future version of the API) is to specify only the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1133 value, e.g. ``/data/status/closed``. This short-form only works when
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1134 you're sure that the key of the class is not numeric. E.G. if the name
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1135 was "7", /data/status/7 would return the status with id 7 not the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1136 status with name "7". To get the status with name 7, you must use
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1137 the long form /data/status/name=7
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1138
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1139 The long-form (with ``=``) is different from a query-parameter like
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1140 ``/data/status?name=closed`` which would find all stati (statuses)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1141 that have ``closed`` as a substring.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1142
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1143 Dealing with Messages and Files
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1144 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1145
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1146 Using the requests library you can upload a file using::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1147
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1148 d = dict (name = filename, content = content, type = content_type)
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1149 j = self.post ('file', data = d)
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1150
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1151 Instead of specifying json = dictionary we specify data = dictionary
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1152 as shown above. (We believe) this encodes the contents using
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1153 application/x-www-form-urlencoded which is not optimal for large files
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1154 due to the encoding overhead.
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1155
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1156 The requests library can use multipart/form-data which is more
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1157 efficient for large files. To do this specify both, files= *and* data=
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1158 parameters, e.g.::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1159
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1160 # A binary string that can't be decoded as unicode
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1161 url = 'https://.../demo/rest/data/'
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1162 content = open ('random-junk', 'rb').read ()
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1163 fname = 'a-bigger-testfile'
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1164 d = dict(name = fname, type='application/octet-stream')
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1165 c = dict (content = content)
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1166 r = session.post (url + 'file', files = c, data = d)
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1167
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1168 Curl can be used to post a file using multipart/form-data with::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1169
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1170 curl -u demo:demo -s -X POST -H "Referer: https://.../demo/" \
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1171 -H "X-requested-with: rest" \
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1172 -F "name=afile" -F "type=image/vnd.microsoft.icon" \
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1173 -F "content=@doc/roundup-favicon.ico" \
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1174 https://.../demo/rest/data/file
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1175
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1176 the file is located at doc/roundup-favicon.ico. These calls will
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1177 return something like::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1178
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1179 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1180 "data": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1181 "id": "12",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1182 "link": "https://.../demo/rest/data/file/12"
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1183 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1184 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1185
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1186
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1187 Other Supported Methods for Items
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1188 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1189
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1190 The method ``PUT`` is allowed on individual items, e.g.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1191 ``/data/issue/42`` On success it returns the same parameters as the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1192 respective ``GET`` method. Note that for ``PUT`` an Etag has to be
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1193 supplied, either in the request header or as an @etag parameter. An
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1194 example::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1195
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1196 curl -u admin:admin -X PUT \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1197 --header 'Referer: https://example.com/demo/' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1198 --header 'X-Requested-With: rest' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1199 --header "Content-Type: application/json" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1200 --header "Accept: application/json" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1201 --header 'If-Match: "dd41f02d6f8b4c34b439fc712b522fb3"' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1202 --data '{ "nosy": [ "1", "5" ] }' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1203 "https://example.com/demo/rest/data/issue/23"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1204
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1205 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1206 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1207 "attribute": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1208 "nosy": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1209 "1",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1210 "5"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1211 ]
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1212 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1213 "type": "issue",
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1214 "link": "https://example.com/demo/rest/data/issue/23",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1215 "id": "23"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1216 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1217 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1218
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1219 If the above command is repeated with the data attribute::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1220
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1221 --data '{ "nosy": [ "1", "5" ], "title": "This is now my title" }'
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1222
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1223 this is returned::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1224
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1225 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1226 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1227 "attribute": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1228 "title": "This is now my title"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1229 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1230 "type": "issue",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1231 "link":
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1232 "https://.../demo/rest/data/issue/23",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1233 "id": "23"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1234 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1235 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1236
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1237 Note that nosy is not in the attributes returned. It is the same as
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1238 before, so no change has happened and it is not reported.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1239 Changing both nosy and title::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1240
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1241 curl -u admin:admin -X PUT \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1242 --header 'Referer: https://.../' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1243 --header 'X-Requested-With: rest' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1244 --header "Content-Type: application/json" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1245 --header "Accept: application/json" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1246 --header 'If-Match: "8209add59a79713d64f4d1a072aef740"' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1247 --data '{ "nosy": [ "4", "5" ], "title": "This is now my new title" }' \
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1248 "https://.../demo/rest/data/issue/23"
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1249
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1250 which returns both title and nosy attributes::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1251
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1252 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1253 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1254 "attribute": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1255 "title": "This is now my new title",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1256 "nosy": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1257 "4",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1258 "5"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1259 ]
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1260 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1261 "type": "issue",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1262 "link":
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1263 "https://.../demo/rest/data/issue/23",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1264 "id": "23"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1265 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1266 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1267
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1268 Note that mixing url query parameters with payload submission doesn't
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1269 work. So using::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1270
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1271 https://.../rest/data/issue/23?@pretty=false
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1272
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1273 doesn't have the desired effect. However it can be put in the data
5895
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1274 payload::
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1275
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1276 curl -u admin:admin ...
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1277 --data '{ "nosy": [ "4", "5" ], "title": "...", "@pretty": "false" }'
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1278
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1279 produces::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1280
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1281 {"data": {"attribute": {...}, "type": "issue",
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1282 "link": "https://...", "id": "23"}}
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1283
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1284 the lines are wrapped for display purposes, in real life it's one long
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1285 line.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1286
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1287 The method ``DELETE`` is allowed on items, e.g., ``/data/issue/42``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1288 and will retire (mark as deleted) the respective item. On success it
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1289 will only return a status code. The item is still available if
5895
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1290 accessed directly by its item url. The item will not show up in
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1291 searches where it would have been matched if not retired.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1292
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1293 Finally the ``PATCH`` method can be applied to individual items, e.g.,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1294 ``/data/issue/42``. This method gets an operator ``@op=<method>``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1295 where ``<method>`` is one of ``add``, ``replace``, ``remove``. For
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1296 items, an additional operator ``action`` is supported. If no operator
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1297 is specified, the default is ``replace``. The first three operators
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1298 are self explanatory. For an ``action`` operator an ``@action_name``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1299 and optional ``@action_argsXXX`` parameters have to be
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1300 supplied. Currently there are only two actions, neither has args,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1301 namely ``retire`` and ``restore``. The ``retire`` action on an item is
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1302 the same as a ``DELETE`` method, it retires the item. The ``restore``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1303 action is the inverse of ``retire``, the item is again visible. On
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1304 success the returned value is the same as the respective ``GET``
5895
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1305 method. An example to add a user to the nosy list of an item is::
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1306
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1307 curl -u admin:admin -p -X PATCH \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1308 --header "Content-Type: application/x-www-form-urlencoded" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1309 --header "Accept: application/json" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1310 --header 'If-Match: "c6e2d81019acff1da7a2da45f93939bd"' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1311 --data-urlencode '@op=add' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1312 --data 'nosy=3' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1313 "https://.../rest/data/issue/23"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1314
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1315 which returns::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1316
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1317 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1318 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1319 "attribute": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1320 "nosy": [
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1321 "3",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1322 "4"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1323 ]
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1324 },
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1325 "type": "issue",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1326 "link": "https://.../rest/data/issue/23",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1327 "id": "23"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1328 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1329 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1330
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1331 Note that the changed values are returned so you can update
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1332 internal state in your app with the new data.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1333
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1334 The ``GET`` method on an item (e.g. ``/data/issue/43``) returns an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1335 ETag in the http header *and* the ``@etag`` value in the json
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1336 payload. When modifying a property via ``PUT`` or ``PATCH`` or
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1337 ``DELETE`` the etag value for the item must be supplied using an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1338 ``If-Match`` header. If you are using ``PUT`` or ``PATCH`` an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1339 ``@etag`` value can be supplied in the payload in place of the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1340 ``If-Match`` header.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1341
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1342 /data/\ *class*/\ *id*/\ *property* field
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1343 -----------------------------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1344
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1345 A ``GET`` method on a property (e.g. ``/data/issue/42/title``) returns the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1346 link, an ``@etag``, the type of the property (e.g. "<type str>") the id
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1347 of the item and the content of the property in ``data``.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1348
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1349 For example::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1350
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1351 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1352 "data": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1353 "link": "https://.../rest/data/issue/22/title",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1354 "data": "I need Broken PC",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1355 "type": "<class 'str'>",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1356 "id": "22",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1357 "@etag": "\"370510512b2d8fc3f98aac3d762cc7b1\""
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1358 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1359 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1360
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1361
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1362 All endpoints support an ``OPTIONS`` method for determining which
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1363 methods are allowed on a given endpoint.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1364
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1365 Message and File Content
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1366 ~~~~~~~~~~~~~~~~~~~~~~~~
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1367
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1368 Messages and files have content properties. If the data is utf-8
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1369 compatible (e.g. an email message) you can retrieve it with
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1370 rest/data/msg/11/content to obtain::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1371
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1372 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1373 "data": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1374 "id": "11",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1375 "type": "<class 'str'>",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1376 "link": "https://.../demo/rest/data/msg/11/content",
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1377 "data": "of has to who pleasure. or of account give because the
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1378 reprehenderit\neu to quisquam velit, passage, was or...",
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1379 "@etag": "\"584f82231079e349031bbb853747df1c\""
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1380 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1381 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1382
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1383 (the content property is wrapped for display, it is one long line.)
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1384
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1385 .. _binary_content property:
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1386
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1387 If the data is not representable in utf-8, you need to use the
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1388 binary_content
5930
cc6891ea1f01 issue2551067 make url into liternal not clickble.
John Rouillard <rouilj@ieee.org>
parents: 5929
diff changeset
1389 property. E.G. ``https://.../demo/rest/data/file/11/binary_content``
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1390 returns::
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1391
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1392 {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1393 "data": {
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1394 "id": "11",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1395 "type": "<class 'bytes'>",
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1396 "link": "https://.../demo/rest/data/file/11/binary_content",
5929
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
1397 "data": "b'\\x00\\x00\\x01\\x00\\x01...\\xec?\\x00\\x00'",
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1398 "@etag": "\"74276f75ef71a30a0cce62dc6a8aa1bb\""
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1399 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1400 }
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1401
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1402 (data field elided for display). You can also receive the file content
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1403 as a data stream rather than encoded. See `Getting Message and Files
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1404 Content`_.
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1405
5929
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
1406 The data is a json encoded hexidecimal representation of the data.
0368d75de544 issue2551067 corrections/cleanup.
John Rouillard <rouilj@ieee.org>
parents: 5928
diff changeset
1407
5928
fa661043fc5b issue2551067 first cut on docs for dealing with files/messages.
John Rouillard <rouilj@ieee.org>
parents: 5901
diff changeset
1408
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1409 Other Supported Methods for fields
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1410 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1411
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1412 The method ``PUT`` is allowed on a property e.g.,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1413 ``/data/issue/42/title``. On success it returns the same parameters as
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1414 the respective ``GET`` method. Note that for ``PUT`` an Etag has to be
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1415 supplied, either in the request header or as an @etag parameter.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1416 Example using multipart/form-data rather than json::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1417
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1418 curl -vs -u provisional:provisional -X PUT \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1419 --header "Accept: application/json" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1420 --data "data=Provisional" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1421 --header "If-Match: 079eba599152f3eed00567e23258fecf" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1422 --data-urlencode "@etag=079eba599152f3eed00567e23258fecf" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1423 "https://.../rest/data/user/5/realname"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1424
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1425 This example updates a leadtime field that is declared as an interval
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1426 type::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1427
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1428 curl -vs -u demo:demo -X PUT \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1429 --header "Accept: application/json" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1430 --header 'Content-Type: application/json' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1431 --header "Referer: https://.../" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1432 --header "x-requested-with: rest" \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1433 --header 'If-Match: "e2e6cc43c3475a4a3d9e5343617c11c3"' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1434 --data '{"leadtime": "2d" }' \
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1435 "https://.../rest/data/issue/10"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1436
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1437 It is also possible to call ``DELETE`` on a
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1438 property of an item, e.g., ``/data/issue/42/nosy`` to delete the nosy
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1439 list. The same effect can be achieved with a ``PUT`` request and an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1440 empty new value. This may fail if the property is required.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1441
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1442 The ``PATCH`` method can be applied to properties, e.g.,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1443 ``/data/issue/42/title``. This method gets an operator
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1444 ``@op=<method>`` where ``<method>`` is one of ``add``, ``replace``,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1445 ``remove``. If no operator is specified, the default is ``replace``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1446 which is the same as performing a PUT on the field url. ``add`` and
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
1447 ``remove`` allow adding and removing values from MultiLink
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1448 properties. This is easier than having to rewrite the entire value for
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1449 the field using the ``replace`` operator or doing a PUT to the field.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1450 On success the returned value is the same as the respective ``GET``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1451 method.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1452
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1453 The ``GET`` method on an item (e.g. ``/data/issue/43``) returns an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1454 ETag in the http header *and* the ``@etag`` value in the json
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1455 payload. When modifying a property via ``PUT`` or ``PATCH`` or
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1456 ``DELETE`` the etag value for the item must be supplied using an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1457 ``If-Match`` header. If you are using ``PUT`` or ``PATCH`` an
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1458 ``@etag`` value can be supplied in the payload in place of the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1459 ``If-Match`` header.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1460
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1461 Tunneling Methods via POST
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1462 --------------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1463
7455
f53de10ea8ea Fix grammar.
John Rouillard <rouilj@ieee.org>
parents: 7361
diff changeset
1464 If you are working through a proxy and unable to use http methods like
f53de10ea8ea Fix grammar.
John Rouillard <rouilj@ieee.org>
parents: 7361
diff changeset
1465 PUT, PATCH, or DELETE, you can use POST to perform the action. To tunnel
5854
d5aed7106ee6 Need to fix spelling.
John Rouillard <rouilj@ieee.org>
parents: 5843
diff changeset
1466 an action through POST, send the ``X-HTTP-METHOD-OVERRIDE`` header
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1467 with a value of DELETE or other capitalized HTTP verb. The body of the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1468 POST should be what you would send if you were using the method
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1469 without tunneling.
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1470
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1471 Examples and Use Cases
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1472 ======================
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1473
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1474 sample python client
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1475 --------------------
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1476
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1477 The client uses the python ``requests`` library for easier interaction
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1478 with a REST API supporting JSON encoding::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1479
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1480
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1481 >>> import requests
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1482 >>> u = 'http://user:password@tracker.example.com/demo/rest/data/'
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1483 >>> s = requests.session()
5933
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1484 >>> session.auth = ('admin', 'admin')
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1485 >>> r = s.get(u + 'issue/42/title')
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1486 >>> if r.status_code != 200:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1487 ... print("Failed: %s: %s" % (r.status_code, r.reason))
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1488 ... exit(1)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1489 >>> print (r.json() ['data']['data']
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1490 TEST Title
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1491 >>> h = {'X-Requested-With': 'rest', 'Referer': 'http://tracker.example.com/demo/'}
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1492 >>> r = s.post (u + 'issue', data = dict (title = 'TEST Issue'), headers=h)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1493 >>> if not 200 <= r.status_code <= 201:
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1494 ... print("Failed: %s: %s" % (r.status_code, r.reason))
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1495 ... exit(1)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1496 >>> print(r.json())
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1497
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1498 Retire/Restore::
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1499 >>> r = s.delete (u + 'issue/42')
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1500 >>> print (r.json())
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1501 >>> r = s.get (u + 'issue/42')
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1502 >>> etag = r.headers['ETag']
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1503 >>> print("ETag: %s" % etag)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1504 >>> etag = r.json()['data']['@etag']
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1505 >>> print("@etag: %s" % etag)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1506 >>> h = {'If-Match': etag,
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1507 ... 'X-Requested-With': 'rest',
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1508 ... 'Referer': 'http://tracker.example.com/demo/'}
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1509 >>> d = {'@op:'action', '@action_name':'retire'}
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1510 >>> r = s.patch(u + 'issue/42', data = d, headers = h)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1511 >>> print(r.json())
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1512 >>> d = {'@op:'action', '@action_name':'restore'}
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1513 >>> r = s.patch(u + 'issue/42', data = d, headers = h)
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1514 >>> print(r.json())
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1515
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1516 Note the addition of headers for: x-requested-with and referer. This
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1517 allows the request to pass the CSRF protection mechanism. You may need
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1518 to add an Origin header if this check is enabled in your tracker's
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
1519 config.ini (look for csrf_enforce_header_origin). (Note the Origin
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
1520 header check may have to be disabled if an application is making a
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1521 CORS request to the Roundup server. If you have this issue, please
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1522 contact the Roundup team using the mailing lists as this is a bug.)
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1523
6204
e77f6d00cfb9 Fix display formatting.
John Rouillard <rouilj@ieee.org>
parents: 6194
diff changeset
1524 A similar curl based retire example is to use::
5933
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1525
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1526 curl -s -u admin:admin \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1527 -H "Referer: https://tracker.example.com/demo/" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1528 -H "X-requested-with: rest" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1529 -H "Content-Type: application/json" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1530 https://tracker.example.com/demo/rest/data/status/1
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1531
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1532 to get the etag manually. Then insert the etag in the If-Match header
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1533 for this retire example::
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1534
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1535 curl -s -u admin:admin \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1536 -H "Referer: https://tracker.example.com/demo/" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1537 -H "X-requested-with: rest" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1538 -H "Content-Type: application/json" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1539 -H 'If-Match: "a502faf4d6b8e3897c4ecd66b5597571"' \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1540 --data-raw '{ "@op":"action", "@action_name": "retire" }'\
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1541 -X PATCH \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1542 https://tracker.example.com/demo/rest/data/status/1
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1543
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1544 and restore::
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1545
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1546 curl -s -u admin:admin \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1547 -H "Referer: https://tracker.example.com/demo/" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1548 -H "X-requested-with: rest" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1549 -H "Content-Type: application/json" \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1550 -H 'If-Match: "a502faf4d6b8e3897c4ecd66b5597571"' \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1551 --data-raw '{ "@op":"action", "@action_name": "restore" }'\
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1552 -X PATCH \
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1553 https://tracker.example.com/demo/rest/data/status/1
0bac8b9a0ecc Added curl based examples for retire and restore.
John Rouillard <rouilj@ieee.org>
parents: 5930
diff changeset
1554
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1555
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1556 Searches and selection
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1557 ----------------------
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1558
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1559 One difficult interface issue is selection of items from a long list.
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1560 Using multi-item selects requires loading a lot of data (e.g. consider
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1561 a selection tool to select one or more issues as in the classic
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1562 superseder field).
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1563
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1564 This can be made easier using javascript selection tools like select2,
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1565 selectize.js, chosen etc. These tools can query a remote data provider
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1566 to get a list of items for the user to select from.
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1567
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1568 Consider a multi-select box for the superseder property. Using
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1569 selectize.js (and jquery) code similar to::
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1570
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1571 $('#superseder').selectize({
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1572 valueField: 'id',
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1573 labelField: 'title',
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1574 searchField: 'title', ...
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1575 load: function(query, callback) {
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1576 if (!query.length) return callback();
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1577 $.ajax({
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1578 url: '.../rest/data/issue?@verbose=2&title='
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1579 + encodeURIComponent(query),
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1580 type: 'GET',
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1581 error: function() {callback();},
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1582 success: function(res) {
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1583 callback(res.data.collection);}
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1584
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1585 Sets up a box that a user can type the word "request" into. Then
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1586 selectize.js will use that word to generate an ajax request with the
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1587 url: ``.../rest/data/issue?@verbose=2&title=request``
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1588
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1589 This will return data like::
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1590
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1591 {
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1592 "data": {
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1593 "@total_size": 440,
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1594 "collection": [
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1595 {
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1596 "link": ".../rest/data/issue/8",
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1597 "id": "8",
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1598 "title": "Request for Power plugs"
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1599 },
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1600 {
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1601 "link": ".../rest/data/issue/27",
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1602 "id": "27",
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1603 "title": "Request for foo"
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1604 },
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1605 ...
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1606
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1607 selectize.js will look at these objects (as passed to
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1608 callback(res.data.collection)) and create a select list from the each
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1609 object showing the user the labelField (title) for each object and
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1610 associating each title with the corresponding valueField (id). The
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1611 example above has 440 issues returned from a total of 2000
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1612 issues. Only 440 had the word "request" somewhere in the title greatly
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1613 reducing the amount of data that needed to be transferred.
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1614
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1615 Similar code can be set up to search a large list of keywords using::
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1616
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1617 .../rest/data/keyword?@verbose=2&name=some
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1618
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1619 which would return: "some keyword" "awesome" "somebody" making
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1620 selections for links and multilinks much easier.
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1621
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1622 A get on a collection endpoint can include other properties. Why do we
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1623 want this? Selectize.js can set up option groups (optgroups) in the
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1624 select pulldown. So by including status in the returned data using
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1625 a url like ``https://.../rest/data/issue?@verbose=2&@fields=status``
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1626 we get::
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1627
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1628 {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1629 "link": "https://.../rest/data/issue/1001",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1630 "title": "Request for Broken PC",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1631 "id": "1001",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1632 "status": {
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1633 "link": "https://.../rest/data/status/6",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1634 "id": "6",
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1635 "name": "resolved"
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1636 }
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1637 }
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1638
5695
3e1b66c4e1e2 Update docs. Correct errors reported by setup.py build_docs. Add rest
John Rouillard <rouilj@ieee.org>
parents: 5688
diff changeset
1639 a select widget like::
5677
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1640
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1641 === New ===
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1642 A request
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1643 === Open ===
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1644 Request for bar
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1645 Request for foo
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1646
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1647 etc. can be generated. Also depending on the javascript library, other
1fa59181ce58 Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents: 5674
diff changeset
1648 fields can be used for subsearch and sorting.
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1649
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1650
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1651 Programming the REST API
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1652 ========================
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1653
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1654 You can extend the rest api for a tracker. This describes how to add
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1655 new rest end points. At some point it will also describe the rest.py
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1656 structure and implementation.
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1657
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1658 Adding new rest endpoints
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1659 -------------------------
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1660
6765
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
1661 Add or edit the file `interfaces.py`_ at the root of the tracker
5710
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1662 directory.
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1663
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1664 In that file add::
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1665
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1666 from roundup.rest import Routing, RestfulInstance, _data_decorator
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1667 from roundup.exceptions import Unauthorised
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1668
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1669 class RestfulInstance:
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1670
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1671 @Routing.route("/summary2")
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1672 @_data_decorator
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1673 def summary2(self, input):
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1674 result = { "hello": "world" }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1675 return 200, result
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1676
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1677 will make a new endpoint .../rest/summary2 that you can test with::
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1678
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1679 $ curl -X GET .../rest/summary2
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1680 {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1681 "data": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1682 "hello": "world"
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1683 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1684 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1685
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1686 Similarly appending this to interfaces.py after summary2::
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1687
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1688 # handle more endpoints
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1689 @Routing.route("/data/<:class_name>/@schema", 'GET')
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1690 def get_element_schema(self, class_name, input):
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1691 result = { "schema": {} }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1692 uid = self.db.getuid ()
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1693 if not self.db.security.hasPermission('View', uid, class_name) :
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1694 raise Unauthorised('Permission to view %s denied' % class_name)
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1695
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1696 class_obj = self.db.getclass(class_name)
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1697 props = class_obj.getprops(protected=False)
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1698 schema = result['schema']
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1699
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1700 for prop in props:
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1701 schema[prop] = { "type": repr(class_obj.properties[prop]) }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1702
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1703 return result
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1704
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1705 ..
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1706 the # comment in the example is needed to preserve indention under Class.
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1707
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1708 returns some data about the class::
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1709
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1710 $ curl -X GET .../rest/data/issue/@schema
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1711 {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1712 "schema": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1713 "keyword": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1714 "type": "<roundup.hyperdb.Multilink to \"keyword\">"
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1715 },
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1716 "title": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1717 "type": "<roundup.hyperdb.String>"
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1718 },
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1719 "files": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1720 "type": "<roundup.hyperdb.Multilink to \"file\">"
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1721 },
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1722 "status": {
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1723 "type": "<roundup.hyperdb.Link to \"status\">"
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1724 }, ...
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1725 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1726 }
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1727
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1728
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1729 Adding other endpoints (e.g. to allow an OPTIONS query against
0b79bfcb3312 Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents: 5698
diff changeset
1730 ``/data/issue/@schema``) is left as an exercise for the reader.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
1731
5883
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1732 Redefine/move rest endpoints
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1733 ----------------------------
5883
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1734
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1735 In addition to adding new endpoints, you can redefine existing
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1736 endpoints. Adding this as described above::
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1737
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1738 @Routing.route("/summary")
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1739 @_data_decorator
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1740 def summary2(self, input):
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1741 result = { "hello": "world" }
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1742 return 200, result
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1743
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1744 will return::
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1745
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1746 {
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1747 "data": {
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1748 "hello": "world"
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1749 }
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1750 }
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1751
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1752
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1753 In addition to overriding existing endpoints, you can move existing
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1754 endpoints to new locations. Adding::
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1755
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1756 @Routing.route("/data2/<:classname>")
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1757 def get_collection2(self, classname, input):
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1758 """ Remap existing function in rest.py to a new endpoint
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1759
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1760 Existing function is decorated with:
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1761
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1762 @Routing.route("/data/<:classname>")
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1763 @_data_decorator
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1764
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1765 so we need to drop @_data_decorator from this function since
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1766 we can't apply @_data_decorator twice.
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1767 """
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1768 return self.get_collection(classname, input)
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1769
5886
f4e77d446add Clarify text.
John Rouillard <rouilj@ieee.org>
parents: 5885
diff changeset
1770 will make the response at /rest/data2/<class> be the same as what is
f4e77d446add Clarify text.
John Rouillard <rouilj@ieee.org>
parents: 5885
diff changeset
1771 normally at /rest/data/<class>.
5883
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1772
da417bab5cb8 Add more programming rest interface examples. Fix broken link.
John Rouillard <rouilj@ieee.org>
parents: 5879
diff changeset
1773
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1774 Controlling Access to Backend Data
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1775 ----------------------------------
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1776
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1777 Roundup's schema is the primary access control mechanism. Roles and
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1778 Permissions provide the ability to carefully control what data can be
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1779 seen.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1780
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1781 However the templating system can access the hyperdb directly which
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1782 allows filtering to happen with admin privs escaping the standard
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1783 permissions scheme. For example access to a user's roles should be
7499
a072331c843b Change customizing to customising in all variants.
John Rouillard <rouilj@ieee.org>
parents: 7473
diff changeset
1784 limited to the user (read only) and an admin. If you have customised
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1785 your schema to implement `Restricting the list of
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1786 users that are assignable to a task <customizing.html#restricting-the-list-of-users-that-are-assignable-to-a-task>`__
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1787 so that only users with a
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1788 Developer role are allowed to be assigned to an issue, a rest end
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1789 point must be added to provide a view that exposes users with this
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1790 permission.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1791
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1792 Using the normal ``/data/user?roles=Developer`` will return all the
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1793 users in the system unless you are an admin user because most users
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1794 can't see the roles. Building on the `Adding new rest endpoints`_
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1795 section this code adds a new endpoint `/data/@permission/Developer`
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1796 that returns a list of users with the developer role::
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1797
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1798 from roundup.rest import Routing, RestfulInstance
7582
978285986b2c fix: issue2551193 - Fix roundup for removal of cgi and cgitb ...
John Rouillard <rouilj@ieee.org>
parents: 7556
diff changeset
1799 from roundup.anypy.cgi_ import MiniFieldStorage
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1800
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1801 class RestfulInstance(object):
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1802
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1803 @Routing.route("/data/@permission/Developer")
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1804 def get_role_Developer(self, input):
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1805 '''An endpoint to return a list of users with Developer
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1806 role who can be assigned to an issue.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1807
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1808 It ignores attempt to search by any property except
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1809 username and realname. It also ignores the whole @fields
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1810 specification if it specifies a property the user
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1811 can't view. Other @ query params (e.g. @page... and
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1812 @verbose) are supported.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1813
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1814 It assumes admin access rights so that the roles property
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1815 of the user can be searched. This is needed if the roles
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1816 property is not searchable/viewable by normal users. A user
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1817 who can search roles can identify users with the admin
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1818 role. So it does not respond the same as a rest/data/users
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1819 search by a non-admin user.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1820 '''
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1821 # get real user id
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1822 realuid=self.db.getuid()
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1823
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1824 def allowed_field(fs):
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1825 if fs.name in ['username', 'realname' ]:
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1826 # only allow search matches for these fields
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1827 return True
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1828 elif fs.name in [ '@fields' ]:
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1829 for prop in fs.value.split(','):
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1830 # if any property is unviewable to user, remove
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1831 # @field entry. If they can't see it for the admin
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1832 # user, don't let them see it for any user.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1833 if not self.db.security.hasPermission(
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1834 'View', realuid, 'user', property=prop,
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1835 itemid='1'):
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1836 return False
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1837 return True
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1838 elif fs.name.startswith("@"):
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1839 # allow @page..., @verbose etc.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1840 return True
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1841
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1842 # deny all other url parmeters
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1843 return False
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1844
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1845 # Cleanup input.list to prevent user from probing roles
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1846 # or viewing things the user should not be able to view.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1847 input.list[:] = [ fs for fs in input.list
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1848 if allowed_field(fs) ]
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1849
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1850 # Add the role filter required to implement the permission
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1851 # search
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1852 input.list.append(MiniFieldStorage("roles", "Developer"))
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1853
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1854 # change user to acquire permission to search roles
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1855 self.db.setCurrentUser('admin')
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1856
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1857 # Once we have cleaned up the request, pass it to
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1858 # get_collection as though /rest/data/users?... has been called
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1859 # to get @verbose and other args supported.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1860 return self.get_collection('user', input)
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1861
5895
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1862 Calling this with::
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1863
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1864 curl 'http://example.com/demo/rest/data/@permission/Developer?@fields=realname&roles=Users&@verbose=2'
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1865
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1866 produces output similar to::
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1867
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1868 {
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1869 "data": {
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1870 "collection": [
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1871 {
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1872 "username": "agent",
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1873 "link": http://example.com/demo/rest/data/user/4",
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1874 "realname": "James Bond",
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1875 "id": "4"
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1876 }
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1877 ],
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1878 "@total_size": 1
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1879 }
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1880 }
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1881
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1882 assuming user 4 is the only user with the Developer role. Note that
5895
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
1883 the url passes the ``roles=User`` filter option which is silently
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1884 ignored.
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
1885
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1886 Changing Access Roles with JSON Web Tokens
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
1887 ------------------------------------------
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1888
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1889 As discussed above Roundup's schema is the access control mechanism.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1890 However you may want to integrate a third party system with roundup.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1891 E.G. suppose you use a time tracking service that takes an issue id
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1892 and keeps a running count of how much time was spent on it. Then with
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1893 a single button push it can add the recorded time to the roundup
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1894 issue.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1895
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1896 You probably don't want to give this third party service your roundup
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1897 username and credentials. Especially if your roundup instance is under
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1898 your company's single sign on infrastructure.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1899
6165
282b611197a1 Typo fix.
John Rouillard <rouilj@ieee.org>
parents: 6090
diff changeset
1900 So what we need is a way for this third party service to impersonate
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1901 you and have access to create a roundup timelog entry (see
7353
fc88c66eb73b format fix.
John Rouillard <rouilj@ieee.org>
parents: 7282
diff changeset
1902 `<customizing.html#adding-a-time-log-to-your-issues>`_). Then add it
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1903 to the associated issue. This should happen without sharing passwords
6166
7e148e988cde Insert missing word.
John Rouillard <rouilj@ieee.org>
parents: 6165
diff changeset
1904 and without allowing the third party service to see the issue (except the
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1905 ``times`` property), user, or other information in the tracker.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1906
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1907 Enter the use of a JSON web token. Roundup has rudimentary ability to
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1908 manage JWTs and use them for authentication and authorization.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1909
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1910 There are 5 steps to set this up:
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1911
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1912 1. install pyjwt library using pip or pip3. If roundup can't find the
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1913 jwt module you will see the error ``Support for jwt disabled.``
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1914 2. create a new role that allows Create access to timelog and edit/view
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1915 access to an issues' ``times`` property.
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1916 3. add support for issuing (and validating) JWTs to the rest interface.
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1917 This uses the `Adding new rest endpoints`_ mechanism.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1918 4. configure roundup's config.ini [web] jwt_secret with at least 32
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1919 random characters of data. (You will get a message
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1920 ``Support for jwt disabled by admin.`` if it's not long enough.)
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1921 5. add an auditor to make sure that users with this role are appending
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1922 timelog links to the ``times`` property of the issue.
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1923
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1924 Create role
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
1925 ~~~~~~~~~~~
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1926
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1927 Adding this snippet of code to the tracker's ``schema.py`` should create a role with the
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1928 proper authorization::
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1929
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1930 db.security.addRole(name="User:timelog",
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1931 description="allow a user to create and append timelogs")
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1932
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1933 db.security.addPermissionToRole('User:timelog', 'Rest Access')
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1934
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1935 perm = db.security.addPermission(name='Create', klass='timelog',
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1936 description="Allow timelog creation", props_only=False)
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1937 db.security.addPermissionToRole("User:timelog", perm)
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1938
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1939 perm = db.security.addPermission(name='View', klass='issue',
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1940 properties=('id', 'times'),
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1941 description="Allow retrieving issue etag or timelog issue",
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1942 props_only=False)
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1943 db.security.addPermissionToRole("User:timelog", perm)
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1944
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1945 perm = db.security.addPermission(name='Edit', klass='issue',
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1946 properties=('id', 'times'),
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1947 description="Allow editing timelog for issue",
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1948 props_only=False)
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1949 db.security.addPermissionToRole("User:timelog", perm)
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1950
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1951 The role is named to work with the /rest/jwt/issue rest endpoint
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1952 defined below. Starting the role name with ``User:`` allows the jwt
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1953 issue code to create a token with this role if the user requesting the
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1954 role has the User role.
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1955
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1956 The role *must* have access to the issue ``id`` to retrieve the etag for
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1957 the issue. The etag is passed in the ``If-Match`` HTTP header when you
5894
45a104bb127e Fix markup.
John Rouillard <rouilj@ieee.org>
parents: 5893
diff changeset
1958 make a call to patch or update the ``times`` property of the issue.
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1959
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1960 If you use a PATCH rest call with "@op=add" to append the new timelog,
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1961 you don't need View access to the ``times`` property. If you replace the
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1962 ``times`` value, you need to read the current value of ``times`` (using
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1963 View permission), append the newly created timelog id to the (array)
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1964 value, and replace the ``times`` value.
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1965
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1966 Note that the json returned after the operation will include the new
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1967 value of the ``times`` value so your code can verify that it worked.
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1968 This does potentially leak info about the previous id's in the field.
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1969
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1970 Create rest endpoints
5898
be8524335bfa Document exact match; Transitive search
John Rouillard <rouilj@ieee.org>
parents: 5896
diff changeset
1971 ~~~~~~~~~~~~~~~~~~~~~
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1972
5892
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1973 Here is code to add to your tracker's ``interfaces.py`` (note code has
afb5705d1fe5 Updates to jwt permissions; typo fixes
John Rouillard <rouilj@ieee.org>
parents: 5888
diff changeset
1974 only been tested with python3)::
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1975
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1976 from roundup.rest import Routing, RestfulInstance, _data_decorator
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1977
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1978 class RestfulInstance(object):
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1979 @Routing.route("/jwt/issue", 'POST')
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1980 @_data_decorator
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1981 def generate_jwt(self, input):
6519
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
1982 """Create a JSON Web Token (jwt)
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
1983 """
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1984 import jwt
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1985 import datetime
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1986 from roundup.anypy.strings import b2s
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1987
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1988 # require basic auth to generate a token
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1989 # At some point we can support a refresh token.
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1990 # maybe a jwt with the "refresh": True claim generated
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1991 # using: "refresh": True in the json request payload.
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
1992
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1993 denialmsg='Token creation requires login with basic auth.'
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1994 if 'HTTP_AUTHORIZATION' in self.client.env:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1995 try:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1996 auth = self.client.env['HTTP_AUTHORIZATION']
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1997 scheme, challenge = auth.split(' ', 1)
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1998 except (ValueError, AttributeError):
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
1999 # bad format for header
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2000 raise Unauthorised(denialmsg)
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2001 if scheme.lower() != 'basic':
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2002 raise Unauthorised(denialmsg)
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2003 else:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2004 raise Unauthorised(denialmsg)
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2005
6519
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
2006 # verify we have input data.
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
2007 if not input:
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
2008 raise UsageError("Missing data payload. "
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
2009 "Verify Content-Type is sent")
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
2010
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2011 # If we reach this point we have validated that the user has
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2012 # logged in with a password using basic auth.
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2013 all_roles = list(self.db.security.role.items())
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2014 rolenames = []
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2015 for role in all_roles:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2016 rolenames.append(role[0])
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2017
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2018 user_roles = list(self.db.user.get_roles(self.db.getuid()))
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2019
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2020 claim= { 'sub': self.db.getuid(),
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2021 'iss': self.db.config.TRACKER_WEB,
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2022 'aud': self.db.config.TRACKER_WEB,
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2023 'iat': datetime.datetime.utcnow(),
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2024 }
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2025
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2026 lifetime = 0
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2027 if 'lifetime' in input:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2028 if input['lifetime'].value != 'unlimited':
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2029 try:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2030 lifetime = datetime.timedelta(seconds=int(input['lifetime'].value))
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2031 except ValueError:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2032 raise UsageError("Value 'lifetime' must be 'unlimited' or an integer to specify" +
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2033 " lifetime in seconds. Got %s."%input['lifetime'].value)
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2034 else:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2035 lifetime = datetime.timedelta(seconds=86400) # 1 day by default
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2036
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2037 if lifetime: # if lifetime = 0 make unlimited by omitting exp claim
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2038 claim['exp'] = datetime.datetime.utcnow() + lifetime
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2039
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2040 newroles = []
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2041 if 'roles' in input:
6519
22cf6ee7ad88 jwt issue example: require input data, lowercase roles
John Rouillard <rouilj@ieee.org>
parents: 6384
diff changeset
2042 for role in [ r.lower() for r in input['roles'].value ]:
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2043 if role not in rolenames:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2044 raise UsageError("Role %s is not valid."%role)
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2045 if role in user_roles:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2046 newroles.append(role)
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2047 continue
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2048 parentrole = role.split(':', 1)[0]
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2049 if parentrole in user_roles:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2050 newroles.append(role)
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2051 continue
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2052
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2053 raise UsageError("Role %s is not permitted."%role)
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2054
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2055 claim['roles'] = newroles
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2056 else:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2057 claim['roles'] = user_roles
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2058 secret = self.db.config.WEB_JWT_SECRET
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2059 myjwt = jwt.encode(claim, secret, algorithm='HS256')
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2060
6315
84655a4223c6 Update doc for jwt example to omit b2s() if pyjwt version >= 2.0.0
John Rouillard <rouilj@ieee.org>
parents: 6311
diff changeset
2061 # if jwt.__version__ >= 2.0.0 jwt.encode() returns string
84655a4223c6 Update doc for jwt example to omit b2s() if pyjwt version >= 2.0.0
John Rouillard <rouilj@ieee.org>
parents: 6311
diff changeset
2062 # not byte. So do not use b2s() with newer versions of pyjwt.
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2063 result = {"jwt": b2s(myjwt),
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2064 }
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2065
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2066 return 200, result
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2067
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2068 @Routing.route("/jwt/validate", 'GET')
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2069 @_data_decorator
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2070 def validate_jwt(self,input):
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2071 import jwt
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2072 if not 'jwt' in input:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2073 raise UsageError("jwt key must be specified")
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2074
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2075 myjwt = input['jwt'].value
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2076
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2077 secret = self.db.config.WEB_JWT_SECRET
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2078 try:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2079 result = jwt.decode(myjwt, secret,
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2080 algorithms=['HS256'],
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2081 audience=self.db.config.TRACKER_WEB,
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2082 issuer=self.db.config.TRACKER_WEB,
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2083 )
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2084 except jwt.exceptions.InvalidTokenError as err:
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2085 return 401, str(err)
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2086
5893
13f5ac918120 fix spacing on example code and typo fix.
John Rouillard <rouilj@ieee.org>
parents: 5892
diff changeset
2087 return 200, result
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2088
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2089 **Note this is sample code. Use at your own risk.** It breaks a few
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2090 rules about JWTs (e.g. it allows you to make unlimited lifetime
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2091 JWTs). If you subscribe to the concept of JWT refresh tokens, this code
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2092 will have to be changed as it will only generate JWTs with
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2093 username/password authentication.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2094
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2095 Currently use of JWTs an experiment. If this appeals to you consider
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2096 providing patches to existing code to:
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2097
7361
bc6bcffbed2a rewrite JWT future to use refresh tokens.
John Rouillard <rouilj@ieee.org>
parents: 7353
diff changeset
2098 1. create long lived refresh tokens
bc6bcffbed2a rewrite JWT future to use refresh tokens.
John Rouillard <rouilj@ieee.org>
parents: 7353
diff changeset
2099 2. record all refresh tokens created by a user
bc6bcffbed2a rewrite JWT future to use refresh tokens.
John Rouillard <rouilj@ieee.org>
parents: 7353
diff changeset
2100 3. using the record to allow refresh tokens to be revoked and
bc6bcffbed2a rewrite JWT future to use refresh tokens.
John Rouillard <rouilj@ieee.org>
parents: 7353
diff changeset
2101 ignored by the roundup core
bc6bcffbed2a rewrite JWT future to use refresh tokens.
John Rouillard <rouilj@ieee.org>
parents: 7353
diff changeset
2102 4. provide a UI page for managing/revoking refresh tokens
bc6bcffbed2a rewrite JWT future to use refresh tokens.
John Rouillard <rouilj@ieee.org>
parents: 7353
diff changeset
2103 5. provide a rest api for revoking refresh tokens
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2104
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2105 These end points can be used like::
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2106
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2107 curl -u demo -s -X POST -H "Referer: https://.../demo/" \
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2108 -H "X-requested-with: rest" \
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2109 -H "Content-Type: application/json" \
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2110 --data '{"lifetime": "3600", "roles": [ "user:timelog" ] }' \
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2111 https://.../demo/rest/JWT/issue
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2112
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2113 (note roles is a json array/list of strings not a string) to get::
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2114
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2115 {
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2116 "data": {
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2117 "JWT": "eyJ0eXAiOiJK......XxMDb-Q3oCnMpyhxPXMAk"
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2118 }
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2119 }
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2120
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2121 The JWT is shortened in the example since it's large. You can validate
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2122 a JWT to see if it's still valid using::
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2123
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2124
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2125 curl -s -H "Referer: https://.../demo/" \
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2126 -H "X-requested-with: rest" \
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2127 https://.../demo/rest/JWT/validate?JWT=eyJ0eXAiOiJK...XxMDb-Q3oCnMpyhxPXMAk
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2128
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2129 (note no login is required) which returns::
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2130
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2131 {
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2132 "data": {
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2133 "user": "3",
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2134 "roles": [
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2135 "user:timelog"
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2136 ],
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2137 "iss": "https://.../demo/",
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2138 "aud": "https://.../demo/",
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2139 "iat": 1569542404,
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2140 "exp": 1569546004
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2141 }
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2142 }
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2143
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2144
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2145 There is an issue for `thoughts on JWT credentials`_ that you can view
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2146 for ideas or add your own.
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2147
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2148 .. _thoughts on JWT credentials: https://issues.roundup-tracker.org/issue2551064
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2149
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2150 Final steps
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
2151 ~~~~~~~~~~~
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2152
5887
f4db6abf86d9 more typo fixes.
John Rouillard <rouilj@ieee.org>
parents: 5886
diff changeset
2153 See the `upgrading directions`_ on how to use the ``updateconfig``
5888
John Rouillard <rouilj@ieee.org>
parents: 5887
diff changeset
2154 command to generate an updated copy of config.ini using
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2155 roundup-admin. Then set the ``JWT_secret`` to at least 32 characters
5887
f4db6abf86d9 more typo fixes.
John Rouillard <rouilj@ieee.org>
parents: 5886
diff changeset
2156 (more is better up to 512 bits).
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2157
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2158 Writing an auditor that uses "db.user.get_roles" to see if the user
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2159 making the change has the ``user:timelog`` role, and then comparing
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2160 the original ``times`` list to the new list to verify that it is being
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2161 added to and not changed otherwise is left as an exercise for the
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2162 reader. (If you develop one, please contribute via the tracker:
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2163 https://issues.roundup-tracker.org/.)
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2164
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2165 Lastly you can create a JWT using the end point above and make a rest
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2166 call to create a new timelog entry and another call to update the
6764
32f52d14b496 Typo fixes, formatting fixes, jwt -> JWT, add link to JWT issue
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
2167 issues times property. If you have other ideas on how JWTs can be
5878
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2168 used, please share on the roundup mailing lists. See:
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2169 https://sourceforge.net/p/roundup/mailman/ for directions on
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2170 subscribing and for archives of the lists.
1b57d8f3eb97 Add rudimentery experiment JSON Web Token (jwt) support
John Rouillard <rouilj@ieee.org>
parents: 5865
diff changeset
2171
5843
da1f40b5148d issue2551050 document mechanism to allow uers limited access to
John Rouillard <rouilj@ieee.org>
parents: 5826
diff changeset
2172
5737
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2173 Creating Custom Rate Limits
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
2174 ---------------------------
5737
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2175
5738
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2176 You can replace the default rate limiter that is configured using
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2177 the tracker's ``config.ini``. You can return different rate
6674
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
2178 limits based on the user, time of day, phase of moon, request
ff8845ca305e issue2551203 - CORS and CORS preflight documentation.
John Rouillard <rouilj@ieee.org>
parents: 6630
diff changeset
2179 method (via self.client.request.command) etc.
5738
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2180
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2181 Assume you add two integer valued properties to the user
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2182 object. Let's call them ``rate_limit_interval`` and
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2183 ``rate_limit_calls``. Add code similar to this to interfaces.py
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2184 to override the default rate limiter code::
5737
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2185
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2186 from roundup.rest import RestfulInstance, RateLimit
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2187 from datetime import timedelta
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2188
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2189 def grl(self):
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2190 calls = self.db.config.WEB_API_CALLS_PER_INTERVAL
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2191 interval = self.db.config.WEB_API_INTERVAL_IN_SEC
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2192
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2193 if calls and interval: # use to disable all rate limits
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2194
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2195 uid = self.db.getuid()
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2196 class_obj = self.db.getclass('user')
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2197 node = class_obj.getnode(uid)
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2198
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2199 # set value to 0 to use WEB_API_CALLS_PER_INTERVAL
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2200 user_calls = node.__getattr__('rate_limit_calls')
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2201 # set to 0 to use WEB_API_INTERVAL_IN_SEC
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2202 user_interval = node.__getattr__('rate_limit_interval')
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2203
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2204 return RateLimit(user_calls or calls,
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2205 timedelta(seconds=(user_interval or interval)))
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2206 else:
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2207 # disable rate limiting if either parameter is 0
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2208 return None
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2209
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2210 RestfulInstance.getRateLimit = grl
07d8bbf6ee5f Add example on overriding RestfulInstance.getRateLimit from interfaces.py.
John Rouillard <rouilj@ieee.org>
parents: 5723
diff changeset
2211
5738
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2212 this should replace the default getRateLimit with the new grl
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2213 function. This new function uses values for the number of calls
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2214 and period that are specific to a user. If either is set to 0,
9777d7311bc0 Clean up the custom rate limit doc.
John Rouillard <rouilj@ieee.org>
parents: 5737
diff changeset
2215 the defaults from ``config.ini`` file are used.
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
2216
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
2217 Test Examples
7473
f8b5b0310f88 I think headings are consistant now.
John Rouillard <rouilj@ieee.org>
parents: 7455
diff changeset
2218 ~~~~~~~~~~~~~
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
2219
5895
93bbe5340d5b More typo fixes and verbatim blocks.
John Rouillard <rouilj@ieee.org>
parents: 5894
diff changeset
2220 Rate limit tests::
5723
59a3bbd3603a Expanded documentation. More examples, added sections based on each
John Rouillard <rouilj@ieee.org>
parents: 5710
diff changeset
2221
6765
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
2222 seq 1 300 | xargs -P 20 -n 1 curl --head -u user:password -si \
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
2223 https://.../rest/data/status/new | grep Remaining
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
2224
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
2225 will show you the number of remaining requests to the REST interface
b4bfbd768bc1 How to add dicttoxml at system or tracker level.
John Rouillard <rouilj@ieee.org>
parents: 6764
diff changeset
2226 for the user identified by password.
Roundup Issue Tracker: http://roundup-tracker.org/