Mercurial > p > roundup > code
annotate roundup/rest.py @ 5726:e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
as an oracle to identify when the right data has been
guessed. Identified by Joseph Myers who also suggested remediation
methods. Implemented John Rouillard.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 23 May 2019 18:56:57 -0400 |
| parents | d9a3f6957731 |
| children | 8b5171f353eb |
| rev | line source |
|---|---|
|
5557
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
1 """ |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
2 Restful API for Roundup |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
3 |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
4 This module is free software, you may redistribute it |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
5 and/or modify under the same terms as Python. |
|
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
6 """ |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
7 |
| 5602 | 8 from __future__ import print_function |
| 9 | |
| 10 try: | |
| 11 from urllib.parse import urlparse | |
| 12 except ImportError: | |
| 13 from urlparse import urlparse | |
| 5574 | 14 import os |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
15 import json |
|
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
16 import pprint |
|
5567
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
17 import sys |
|
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
18 import time |
|
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
19 import traceback |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
20 import re |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
21 |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
22 try: |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
23 # if dicttoxml installed in roundup directory, use it |
|
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
24 from .dicttoxml import dicttoxml |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
25 except ImportError: |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
26 try: |
|
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
27 # else look in sys.path |
|
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
28 from dicttoxml import dicttoxml |
|
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
29 except ImportError: |
|
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
30 # else not supported |
|
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
31 dicttoxml = None |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
32 |
|
5557
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
33 from roundup import hyperdb |
| 5596 | 34 from roundup import date |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
35 from roundup import actions |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
36 from roundup.anypy.strings import bs2b, b2s, u2s, is_us |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
37 from roundup.exceptions import * |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
38 from roundup.cgi.exceptions import * |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
39 |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
40 import hmac |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
41 |
| 5602 | 42 # Py3 compatible basestring |
| 43 try: | |
| 44 basestring | |
| 45 except NameError: | |
| 46 basestring = str | |
| 47 unicode = str | |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
48 |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
49 import logging |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
50 logger = logging.getLogger('roundup.rest') |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
51 |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
52 import roundup.anypy.random_ as random_ |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
53 if not random_.is_weak: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
54 logger.debug("Importing good random generator") |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
55 else: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
56 logger.warning("**SystemRandom not available. Using poor random generator") |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
57 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
58 import time |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
59 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
60 chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
61 |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
62 def _data_decorator(func): |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
63 """Wrap the returned data into an object.""" |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
64 def format_object(self, *args, **kwargs): |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
65 # get the data / error from function |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
66 try: |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
67 code, data = func(self, *args, **kwargs) |
| 5602 | 68 except NotFound as msg: |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
69 code = 404 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
70 data = msg |
| 5602 | 71 except IndexError as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
72 code = 404 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
73 data = msg |
| 5602 | 74 except Unauthorised as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
75 code = 403 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
76 data = msg |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
77 except (UsageError, KeyError) as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
78 code = 400 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
79 data = msg |
| 5602 | 80 except (AttributeError, Reject) as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
81 code = 405 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
82 data = msg |
| 5602 | 83 except ValueError as msg: |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
84 code = 409 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
85 data = msg |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
86 except PreconditionFailed as msg: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
87 code = 412 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
88 data = msg |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
89 except NotImplementedError: |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
90 code = 402 # nothing to pay, just a mark for debugging purpose |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
91 data = 'Method under development' |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
92 except: |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
93 exc, val, tb = sys.exc_info() |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
94 code = 400 |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
95 ts = time.ctime() |
| 5602 | 96 if getattr (self.client.request, 'DEBUG_MODE', None): |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
97 data = val |
|
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
98 else: |
|
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
99 data = '%s: An error occurred. Please check the server log' \ |
|
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
100 ' for more information.' % ts |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
101 # out to the logfile |
| 5602 | 102 print ('EXCEPTION AT', ts) |
|
5588
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
103 traceback.print_exc() |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
104 |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
105 # decorate it |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
106 self.client.response_code = code |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
107 if code >= 400: # any error require error format |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
108 result = { |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
109 'error': { |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
110 'status': code, |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
111 'msg': data |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
112 } |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
113 } |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
114 else: |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
115 result = { |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
116 'data': data |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
117 } |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
118 return result |
|
6b3a9655a7d9
Move decorator to outside of the class
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5587
diff
changeset
|
119 return format_object |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
120 |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
121 def calculate_etag (node, key, classname="Missing", id="0"): |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
122 '''given a hyperdb node generate a hashed representation of it to be |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
123 used as an etag. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
124 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
125 This code needs a __repr__ function in the Password class. This |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
126 replaces the repr(items) which would be: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
127 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
128 <roundup.password.Password instance at 0x7f3442406170> |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
129 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
130 with the string representation: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
131 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
132 {PBKDF2}10000$k4d74EDgxlbH...A |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
133 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
134 This makes the representation repeatable as the location of the |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
135 password instance is not static and we need a constant value to |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
136 calculate the etag. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
137 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
138 Note that repr() is chosen for the node rather than str() since |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
139 repr is meant to be an unambiguous representation. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
140 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
141 classname and id are used for logging only. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
142 ''' |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
143 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
144 items = node.items(protected=True) # include every item |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
145 etag = hmac.new(bs2b(repr(sorted(items)))).hexdigest() |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
146 logger.debug("object=%s%s; tag=%s; repr=%s", classname, id, |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
147 etag, repr(node.items(protected=True))) |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
148 # Quotes are part of ETag spec, normal headers don't have quotes |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
149 return '"%s"' % etag |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
150 |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
151 def check_etag (node, key, etags, classname="Missing", id="0"): |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
152 '''Take a list of etags and compare to the etag for the given node. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
153 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
154 Iterate over all supplied etags, |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
155 If a tag fails to match, return False. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
156 If at least one etag matches, return True. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
157 If all etags are None, return False. |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
158 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
159 ''' |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
160 have_etag_match=False |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
161 |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
162 node_etag = calculate_etag(node, key, classname, id) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
163 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
164 for etag in etags: |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
165 if etag is not None: |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
166 if etag != node_etag: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
167 return False |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
168 have_etag_match=True |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
169 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
170 if have_etag_match: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
171 return True |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
172 else: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
173 return False |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
174 |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
175 def obtain_etags(headers,input): |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
176 '''Get ETags value from headers or payload data''' |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
177 etags = [] |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
178 if '@etag' in input: |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
179 etags.append(input['@etag'].value); |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
180 etags.append(headers.get("If-Match", None)) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
181 return etags |
| 5596 | 182 |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
183 def parse_accept_header(accept): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
184 """ |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
185 Parse the Accept header *accept*, returning a list with 3-tuples of |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
186 [(str(media_type), dict(params), float(q_value)),] ordered by q values. |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
187 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
188 If the accept header includes vendor-specific types like:: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
189 application/vnd.yourcompany.yourproduct-v1.1+json |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
190 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
191 It will actually convert the vendor and version into parameters and |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
192 convert the content type into `application/json` so appropriate content |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
193 negotiation decisions can be made. |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
194 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
195 Default `q` for values that are not specified is 1.0 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
196 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
197 # Based on https://gist.github.com/samuraisam/2714195 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
198 # Also, based on a snipped found in this project: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
199 # https://github.com/martinblech/mimerender |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
200 """ |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
201 result = [] |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
202 for media_range in accept.split(","): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
203 parts = media_range.split(";") |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
204 media_type = parts.pop(0).strip() |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
205 media_params = [] |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
206 # convert vendor-specific content types into something useful (see |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
207 # docstring) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
208 typ, subtyp = media_type.split('/') |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
209 # check for a + in the sub-type |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
210 if '+' in subtyp: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
211 # if it exists, determine if the subtype is a vendor-specific type |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
212 vnd, sep, extra = subtyp.partition('+') |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
213 if vnd.startswith('vnd'): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
214 # and then... if it ends in something like "-v1.1" parse the |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
215 # version out |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
216 if '-v' in vnd: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
217 vnd, sep, rest = vnd.rpartition('-v') |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
218 if len(rest): |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
219 # add the version as a media param |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
220 try: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
221 version = media_params.append(('version', |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
222 rest)) |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
223 except ValueError: |
| 5596 | 224 version = 1.0 # could not be parsed |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
225 # add the vendor code as a media param |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
226 media_params.append(('vendor', vnd)) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
227 # and re-write media_type to something like application/json so |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
228 # it can be used usefully when looking up emitters |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
229 media_type = '{}/{}'.format(typ, extra) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
230 q = 1.0 |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
231 for part in parts: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
232 (key, value) = part.lstrip().split("=", 1) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
233 key = key.strip() |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
234 value = value.strip() |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
235 if key == "q": |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
236 q = float(value) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
237 else: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
238 media_params.append((key, value)) |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
239 result.append((media_type, dict(media_params), q)) |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
240 result.sort(key=lambda x: x[2], reverse=True) |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
241 return result |
|
5567
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
242 |
| 5596 | 243 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
244 class Routing(object): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
245 __route_map = {} |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
246 __var_to_regex = re.compile(r"<:(\w+)>") |
|
5715
d9a3f6957731
issue2551042 - add extra \ to \w in raw string url_to_regex. Not sure
John Rouillard <rouilj@ieee.org>
parents:
5711
diff
changeset
|
247 url_to_regex = r"([\\w.\-~!$&'()*+,;=:\%%]+)" |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
248 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
249 @classmethod |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
250 def route(cls, rule, methods='GET'): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
251 """A decorator that is used to register a view function for a |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
252 given URL rule: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
253 @self.route('/') |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
254 def index(): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
255 return 'Hello World' |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
256 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
257 rest/ will be added to the beginning of the url string |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
258 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
259 Args: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
260 rule (string): the URL rule |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
261 methods (string or tuple or list): the http method |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
262 """ |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
263 # strip the '/' character from rule string |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
264 rule = rule.strip('/') |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
265 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
266 # add 'rest/' to the rule string |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
267 if not rule.startswith('rest/'): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
268 rule = '^rest/' + rule + '$' |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
269 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
270 if isinstance(methods, basestring): # convert string to tuple |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
271 methods = (methods,) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
272 methods = set(item.upper() for item in methods) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
273 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
274 # convert a rule to a compiled regex object |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
275 # so /data/<:class>/<:id> will become |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
276 # /data/([charset]+)/([charset]+) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
277 # and extract the variable names to a list [(class), (id)] |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
278 func_vars = cls.__var_to_regex.findall(rule) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
279 rule = re.compile(cls.__var_to_regex.sub(cls.url_to_regex, rule)) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
280 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
281 # then we decorate it: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
282 # route_map[regex][method] = func |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
283 def decorator(func): |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
284 rule_route = cls.__route_map.get(rule, {}) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
285 func_obj = { |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
286 'func': func, |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
287 'vars': func_vars |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
288 } |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
289 for method in methods: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
290 rule_route[method] = func_obj |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
291 cls.__route_map[rule] = rule_route |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
292 return func |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
293 return decorator |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
294 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
295 @classmethod |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
296 def execute(cls, instance, path, method, input): |
| 5679 | 297 # format the input, note that we may not lowercase the path |
| 298 # here, URL parameters are case-sensitive | |
| 299 path = path.strip('/') | |
|
5622
2a7d23a098ca
Make @Routing.route('/') decoration work. This decoration matches
John Rouillard <rouilj@ieee.org>
parents:
5621
diff
changeset
|
300 if path == 'rest': |
|
2a7d23a098ca
Make @Routing.route('/') decoration work. This decoration matches
John Rouillard <rouilj@ieee.org>
parents:
5621
diff
changeset
|
301 # allow handler to be called for /rest/ |
|
2a7d23a098ca
Make @Routing.route('/') decoration work. This decoration matches
John Rouillard <rouilj@ieee.org>
parents:
5621
diff
changeset
|
302 path = 'rest/' |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
303 method = method.upper() |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
304 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
305 # find the rule match the path |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
306 # then get handler match the method |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
307 for path_regex in cls.__route_map: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
308 match_obj = path_regex.match(path) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
309 if match_obj: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
310 try: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
311 func_obj = cls.__route_map[path_regex][method] |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
312 except KeyError: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
313 raise Reject('Method %s not allowed' % method) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
314 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
315 # retrieve the vars list and the function caller |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
316 list_vars = func_obj['vars'] |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
317 func = func_obj['func'] |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
318 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
319 # zip the varlist into a dictionary, and pass it to the caller |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
320 args = dict(zip(list_vars, match_obj.groups())) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
321 args['input'] = input |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
322 return func(instance, **args) |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
323 raise NotFound('Nothing matches the given URI') |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
324 |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
325 |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
326 class RestfulInstance(object): |
| 5582 | 327 """The RestfulInstance performs REST request from the client""" |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
328 |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
329 __default_patch_op = "replace" # default operator for PATCH method |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
330 __accepted_content_type = { |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
331 "application/json": "json", |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
332 "*/*": "json", |
|
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
333 "application/xml": "xml" |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
334 } |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
335 __default_accept_type = "json" |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
336 |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
337 __default_api_version = 1 |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
338 __supported_api_versions = [ 1 ] |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
339 |
|
5687
83037aaf3b9d
Move definition/initialization of api_version into the class and out
John Rouillard <rouilj@ieee.org>
parents:
5686
diff
changeset
|
340 |
|
83037aaf3b9d
Move definition/initialization of api_version into the class and out
John Rouillard <rouilj@ieee.org>
parents:
5686
diff
changeset
|
341 api_version = None |
|
83037aaf3b9d
Move definition/initialization of api_version into the class and out
John Rouillard <rouilj@ieee.org>
parents:
5686
diff
changeset
|
342 |
|
5568
edab9daa8015
Make objects returned by REST follow the standard
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5567
diff
changeset
|
343 def __init__(self, client, db): |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
344 self.client = client |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
345 self.db = db |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
346 self.translator = client.translator |
| 5604 | 347 # This used to be initialized from client.instance.actions which |
| 348 # would include too many actions that do not make sense in the | |
| 349 # REST-API context, so for now we only permit the retire and | |
| 350 # restore actions. | |
| 351 self.actions = dict (retire = actions.Retire, restore = actions.Restore) | |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
352 |
|
5616
aa4c271514ae
Original code generated url's using a harcoded protocol and took the
John Rouillard <rouilj@ieee.org>
parents:
5604
diff
changeset
|
353 # note TRACKER_WEB ends in a / |
|
aa4c271514ae
Original code generated url's using a harcoded protocol and took the
John Rouillard <rouilj@ieee.org>
parents:
5604
diff
changeset
|
354 self.base_path = '%srest' % (self.db.config.TRACKER_WEB) |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
355 self.data_path = self.base_path + '/data' |
|
5569
2718aeb55ffa
Add base_path to generate uri
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5568
diff
changeset
|
356 |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
357 def props_from_args(self, cl, args, itemid=None, skip_protected=True): |
| 5582 | 358 """Construct a list of properties from the given arguments, |
| 359 and return them after validation. | |
| 360 | |
| 361 Args: | |
| 362 cl (string): class object of the resource | |
| 363 args (list): the submitted form of the user | |
| 364 itemid (string, optional): itemid of the object | |
| 365 | |
| 366 Returns: | |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
367 dict: dictionary of validated properties excluding |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
368 protected properties if strip_protected=True. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
369 |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
370 Raises: UsageError if property does not exist and is not |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
371 prefixed with @ indicating it's a meta variable. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
372 |
| 5582 | 373 |
| 374 """ | |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
375 unprotected_class_props = cl.properties.keys() |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
376 protected_class_props = [ p for p in |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
377 list(cl.getprops(protected=True)) |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
378 if p not in unprotected_class_props ] |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
379 props = {} |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
380 # props = dict.fromkeys(class_props, None) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
381 |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
382 if not args: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
383 raise UsageError("No properties found.") |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
384 |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
385 for arg in args: |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
386 key = arg.name |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
387 value = arg.value |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
388 if key.startswith('@'): |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
389 # meta setting, not db property setting/reference |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
390 continue |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
391 if key in protected_class_props: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
392 # Skip protected props as a convenience. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
393 # Allows user to get object with all props, |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
394 # change one prop, submit entire object |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
395 # without having to remove any protected props |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
396 # FIXME: Enhancement: raise error if value of prop |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
397 # doesn't match db entry. In this case assume user |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
398 # is really trying to set value. Another possibility is |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
399 # they have an old copy of the data and it has been |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
400 # updated. In the update case, we want etag validation |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
401 # to generate the exception to reduce confusion. I think |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
402 # etag validation occurs before this function is called but |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
403 # I am not positive. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
404 if skip_protected: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
405 continue |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
406 elif key not in unprotected_class_props: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
407 # report bad props as this is an error. |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
408 raise UsageError("Property %s not found in class %s"%(key, |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
409 cl.classname)) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
410 props[key] = self.prop_from_arg(cl, key, value, itemid) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
411 |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
412 return props |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
413 |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
414 def prop_from_arg(self, cl, key, value, itemid=None): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
415 """Construct a property from the given argument, |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
416 and return them after validation. |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
417 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
418 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
419 cl (string): class object of the resource |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
420 key (string): attribute key |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
421 value (string): attribute value |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
422 itemid (string, optional): itemid of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
423 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
424 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
425 value: value of validated properties |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
426 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
427 """ |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
428 prop = None |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
429 if isinstance(key, unicode): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
430 try: |
| 5602 | 431 x = key.encode('ascii') |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
432 except UnicodeEncodeError: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
433 raise UsageError( |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
434 'argument %r is not a valid ascii keyword' % key |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
435 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
436 if value: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
437 try: |
| 5602 | 438 prop = hyperdb.rawToHyperdb(self.db, cl, itemid, key, value) |
| 439 except hyperdb.HyperdbValueError as msg: | |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
440 raise UsageError(msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
441 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
442 return prop |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
443 |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
444 def error_obj(self, status, msg, source=None): |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
445 """Return an error object""" |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
446 self.client.response_code = status |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
447 result = { |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
448 'error': { |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
449 'status': status, |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
450 'msg': msg |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
451 } |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
452 } |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
453 if source is not None: |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
454 result['error']['source'] = source |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
455 |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
456 return result |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
457 |
|
5595
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
458 def patch_data(self, op, old_val, new_val): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
459 """Perform patch operation based on old_val and new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
460 |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
461 Args: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
462 op (string): PATCH operation: add, replace, remove |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
463 old_val: old value of the property |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
464 new_val: new value of the property |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
465 |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
466 Returns: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
467 result (string): value after performed the operation |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
468 """ |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
469 # add operation: If neither of the value is None, use the other one |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
470 # Otherwise, concat those 2 value |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
471 if op == 'add': |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
472 if old_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
473 result = new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
474 elif new_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
475 result = old_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
476 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
477 result = old_val + new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
478 # Replace operation: new value is returned |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
479 elif op == 'replace': |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
480 result = new_val |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
481 # Remove operation: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
482 # if old_val is not a list/dict, change it to None |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
483 # if old_val is a list/dict, but the parameter is empty, |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
484 # change it to none |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
485 # if old_val is a list/dict, and parameter is not empty |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
486 # proceed to remove the values from parameter from the list/dict |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
487 elif op == 'remove': |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
488 if isinstance(old_val, list): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
489 if new_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
490 result = [] |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
491 elif isinstance(new_val, list): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
492 result = [x for x in old_val if x not in new_val] |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
493 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
494 if new_val in old_val: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
495 old_val.remove(new_val) |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
496 elif isinstance(old_val, dict): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
497 if new_val is None: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
498 result = {} |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
499 elif isinstance(new_val, dict): |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
500 for x in new_val: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
501 old_val.pop(x, None) |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
502 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
503 old_val.pop(new_val, None) |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
504 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
505 result = None |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
506 else: |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
507 raise UsageError('PATCH Operation %s is not allowed' % op) |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
508 |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
509 return result |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
510 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
511 def raise_if_no_etag(self, class_name, item_id, input): |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
512 class_obj = self.db.getclass(class_name) |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
513 if not check_etag(class_obj.getnode(item_id), |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
514 self.db.config.WEB_SECRET_KEY, |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
515 obtain_etags(self.client.request.headers, input), |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
516 class_name, |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
517 item_id): |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
518 raise PreconditionFailed( |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
519 "If-Match is missing or does not match." |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
520 " Retrieve asset and retry modification if valid.") |
|
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
521 |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
522 def format_item(self, node, item_id, props=None, verbose=1): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
523 ''' display class obj as requested by verbose and |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
524 props. |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
525 ''' |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
526 uid = self.db.getuid() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
527 class_name = node.cl.classname |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
528 if self.api_version == None: |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
529 version = self.__default_api_version |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
530 else: |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
531 version = self.api_version |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
532 |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
533 result = {} |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
534 try: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
535 # pn = propname |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
536 for pn in sorted(props): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
537 prop = props[pn] |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
538 if not self.db.security.hasPermission( |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
539 'View', uid, class_name, pn, item_id |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
540 ): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
541 continue |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
542 v = getattr(node, pn) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
543 if isinstance (prop, (hyperdb.Link, hyperdb.Multilink)): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
544 linkcls = self.db.getclass (prop.classname) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
545 cp = '%s/%s/' % (self.data_path, prop.classname) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
546 if verbose and v: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
547 if isinstance(v, type([])): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
548 r = [] |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
549 for id in v: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
550 d = dict(id = id, link = cp + id) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
551 if verbose > 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
552 label = linkcls.labelprop() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
553 d [label] = linkcls.get(id, label) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
554 r.append(d) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
555 result[pn] = r |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
556 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
557 result[pn] = dict(id = v, link = cp + v) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
558 if verbose > 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
559 label = linkcls.labelprop() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
560 result[pn][label] = linkcls.get(v, label) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
561 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
562 result[pn] = v |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
563 elif isinstance (prop, hyperdb.String) and pn == 'content': |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
564 # Do not show the (possibly HUGE) content prop |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
565 # unless very verbose, we display the standard |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
566 # download link instead |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
567 if verbose < 3: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
568 u = self.db.config.TRACKER_WEB |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
569 p = u + '%s%s/' % (class_name, node.id) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
570 result[pn] = dict(link = p) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
571 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
572 result[pn] = v |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
573 elif isinstance(prop, hyperdb.Password): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
574 if v != None: # locked users like anonymous have None |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
575 result[pn] = "[password hidden scheme %s]"%v.scheme |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
576 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
577 # Don't divulge it's a locked account. Choose most |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
578 # secure as default. |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
579 result[pn] = "[password hidden scheme PBKDF2]" |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
580 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
581 result[pn] = v |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
582 except KeyError as msg: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
583 raise UsageError("%s field not valid" % msg) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
584 |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
585 return result |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
586 |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
587 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
588 @Routing.route("/data/<:class_name>", 'GET') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
589 @_data_decorator |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
590 def get_collection(self, class_name, input): |
| 5582 | 591 """GET resource from class URI. |
| 592 | |
| 593 This function returns only items have View permission | |
| 594 class_name should be valid already | |
| 595 | |
| 596 Args: | |
| 597 class_name (string): class name of the resource (Ex: issue, msg) | |
| 598 input (list): the submitted form of the user | |
| 599 | |
| 600 Returns: | |
| 601 int: http status code 200 (OK) | |
| 602 list: list of reference item in the class | |
| 603 id: id of the object | |
| 604 link: path to the object | |
| 605 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
606 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
607 raise NotFound('Class %s not found' % class_name) |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
608 |
|
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
609 uid = self.db.getuid() |
|
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
610 |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
611 if not self.db.security.hasPermission( |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
612 'View', uid, class_name |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
613 ): |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
614 raise Unauthorised('Permission to view %s denied' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
615 |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
616 class_obj = self.db.getclass(class_name) |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
617 class_path = '%s/%s/' % (self.data_path, class_name) |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
618 |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
619 # Handle filtering and pagination |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
620 filter_props = {} |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
621 page = { |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
622 'size': None, |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
623 'index': 1 # setting just size starts at page 1 |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
624 } |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
625 verbose = 1 |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
626 display_props = {} |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
627 for form_field in input.value: |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
628 key = form_field.name |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
629 value = form_field.value |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
630 if key.startswith("@page_"): # serve the paging purpose |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
631 key = key[6:] |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
632 value = int(value) |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
633 page[key] = value |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
634 elif key == "@verbose": |
|
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
635 verbose = int (value) |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
636 elif key == "@fields" or key == "@attrs": |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
637 f = value.split(",") |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
638 if len(f) == 1: |
|
5682
e8ac82b8d074
Fix parse of @fields/@attrs with : as separator. Add tests @verbose and @fields.
John Rouillard <rouilj@ieee.org>
parents:
5681
diff
changeset
|
639 f=value.split(":") |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
640 for i in f: |
|
5681
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
641 try: |
|
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
642 display_props[i] = class_obj.properties[i] |
|
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
643 except KeyError as err: |
|
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
644 raise UsageError("Failed to find property '%s' " |
|
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
645 "for class %s."%(i, class_name)) |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
646 elif key.startswith("@"): |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
647 # ignore any unsupported/previously handled control key |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
648 # like @apiver |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
649 pass |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
650 else: # serve the filter purpose |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
651 try: |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
652 prop = class_obj.getprops()[key] |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
653 except KeyError: |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
654 raise UsageError("Field %s is not valid for %s class."%( |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
655 key, class_name)) |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
656 # We drop properties without search permission silently |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
657 # This reflects the current behavior of other roundup |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
658 # interfaces |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
659 if not self.db.security.hasSearchPermission( |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
660 uid, class_name, key |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
661 ): |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
662 continue |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
663 if isinstance (prop, (hyperdb.Link, hyperdb.Multilink)): |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
664 vals = [] |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
665 linkcls = self.db.getclass (prop.classname) |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
666 for p in value.split(","): |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
667 if prop.try_id_parsing and p.isdigit(): |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
668 vals.append(p) |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
669 else: |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
670 vals.append(linkcls.lookup(p)) |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
671 filter_props[key] = vals |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
672 else: |
|
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
673 filter_props[key] = value |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
674 if not filter_props: |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
675 obj_list = class_obj.list() |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
676 else: |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
677 obj_list = class_obj.filter(None, filter_props) |
|
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
678 |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
679 # Sort list as specified by sortorder |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
680 # This is more useful for things where there is an |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
681 # explicit order. E.G. status has an order that is |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
682 # roughly the progression of the issue through |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
683 # the states so open is before closed. |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
684 obj_list.sort() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
685 |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
686 # add verbose elements. 2 and above get identifying label. |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
687 if verbose > 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
688 lp = class_obj.labelprop() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
689 display_props[lp] = class_obj.properties[lp] |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
690 |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
691 # extract result from data |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
692 result={} |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
693 result['collection']=[] |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
694 for item_id in obj_list: |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
695 if self.db.security.hasPermission( |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
696 'View', uid, class_name, itemid=item_id): |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
697 r = {'id': item_id, 'link': class_path + item_id} |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
698 if display_props: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
699 r.update(self.format_item(class_obj.getnode(item_id), |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
700 item_id, |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
701 props=display_props, |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
702 verbose=verbose)) |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
703 result['collection'].append(r) |
|
5677
1fa59181ce58
Add support for @verbose=2 to a GET on a collection object. Using this
John Rouillard <rouilj@ieee.org>
parents:
5674
diff
changeset
|
704 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
705 result_len = len(result['collection']) |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
706 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
707 # pagination - page_index from 1...N |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
708 if page['size'] is not None: |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
709 page_start = max((page['index']-1) * page['size'], 0) |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
710 page_end = min(page_start + page['size'], result_len) |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
711 result['collection'] = result['collection'][page_start:page_end] |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
712 result['@links'] = {} |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
713 for rel in ('next', 'prev', 'self'): |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
714 if rel == 'next': |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
715 # if current index includes all data, continue |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
716 if page['index']*page['size'] > result_len: continue |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
717 index=page['index']+1 |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
718 if rel == 'prev': |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
719 if page['index'] <= 1: continue |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
720 index=page['index']-1 |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
721 if rel == 'self': index=page['index'] |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
722 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
723 result['@links'][rel] = [] |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
724 result['@links'][rel].append({ |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
725 'rel': rel, |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
726 'uri': "%s/%s?@page_index=%s&"%(self.data_path, |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
727 class_name,index) \ |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
728 + '&'.join([ "%s=%s"%(field.name,field.value) \ |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
729 for field in input.value \ |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
730 if field.name != "@page_index"]) }) |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
731 |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
732 result['@total_size'] = result_len |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
733 self.client.setHeader("X-Count-Total", str(result_len)) |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
734 return 200, result |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
735 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
736 @Routing.route("/data/<:class_name>/<:item_id>", 'GET') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
737 @_data_decorator |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
738 def get_element(self, class_name, item_id, input): |
| 5582 | 739 """GET resource from object URI. |
| 740 | |
| 741 This function returns only properties have View permission | |
| 742 class_name and item_id should be valid already | |
| 743 | |
| 744 Args: | |
| 745 class_name (string): class name of the resource (Ex: issue, msg) | |
| 746 item_id (string): id of the resource (Ex: 12, 15) | |
| 5678 | 747 or (if the class has a key property) this can also be |
| 748 the key name, e.g. class_name = status, item_id = 'open' | |
| 5582 | 749 input (list): the submitted form of the user |
| 750 | |
| 751 Returns: | |
| 752 int: http status code 200 (OK) | |
| 753 dict: a dictionary represents the object | |
| 754 id: id of the object | |
| 755 type: class name of the object | |
| 756 link: link to the object | |
| 757 attributes: a dictionary represent the attributes of the object | |
| 758 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
759 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
760 raise NotFound('Class %s not found' % class_name) |
| 5678 | 761 class_obj = self.db.getclass(class_name) |
| 762 uid = self.db.getuid() | |
| 763 # If it's not numeric it is a key | |
| 764 if item_id.isdigit(): | |
| 5679 | 765 itemid = item_id |
| 5678 | 766 else: |
| 767 keyprop = class_obj.getkey() | |
| 768 try: | |
| 769 k, v = item_id.split('=', 1) | |
| 770 if k != keyprop: | |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
771 raise UsageError ("Field %s is not key property"%k) |
| 5678 | 772 except ValueError: |
| 773 v = item_id | |
| 774 pass | |
| 775 if not self.db.security.hasPermission( | |
| 776 'View', uid, class_name, itemid=item_id, property=keyprop | |
| 777 ): | |
| 778 raise Unauthorised( | |
| 779 'Permission to view %s%s.%s denied' | |
| 780 % (class_name, item_id, keyprop) | |
| 781 ) | |
| 5679 | 782 itemid = class_obj.lookup(v) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
783 if not self.db.security.hasPermission( |
| 5679 | 784 'View', uid, class_name, itemid=itemid |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
785 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
786 raise Unauthorised( |
| 5679 | 787 'Permission to view %s%s denied' % (class_name, itemid) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
788 ) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
789 |
| 5679 | 790 node = class_obj.getnode(itemid) |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
791 etag = calculate_etag(node, self.db.config.WEB_SECRET_KEY, |
|
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
792 class_name, itemid) |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
793 props = None |
|
5638
7e3cceec3f4f
Allow client to access read only/protected properties like creator,
John Rouillard <rouilj@ieee.org>
parents:
5636
diff
changeset
|
794 protected=False |
|
5661
b08a308c273b
Better display for Link/Multilink and content
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5660
diff
changeset
|
795 verbose=1 |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
796 for form_field in input.value: |
|
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
797 key = form_field.name |
|
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
798 value = form_field.value |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
799 if key == "@fields" or key == "@attrs": |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
800 if props is None: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
801 props = {} |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
802 # support , or : separated elements |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
803 f=value.split(",") |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
804 if len(f) == 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
805 f=value.split(":") |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
806 for i in f: |
|
5681
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
807 try: |
|
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
808 props[i] = class_obj.properties[i] |
|
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
809 except KeyError as err: |
|
6457fd696a43
Handle bad property name in @fields/@attrs. Raise exception and
John Rouillard <rouilj@ieee.org>
parents:
5680
diff
changeset
|
810 raise UsageError("Failed to find property '%s' for class %s."%(i, class_name)) |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
811 elif key == "@protected": |
|
5638
7e3cceec3f4f
Allow client to access read only/protected properties like creator,
John Rouillard <rouilj@ieee.org>
parents:
5636
diff
changeset
|
812 # allow client to request read only |
|
7e3cceec3f4f
Allow client to access read only/protected properties like creator,
John Rouillard <rouilj@ieee.org>
parents:
5636
diff
changeset
|
813 # properties like creator, activity etc. |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
814 # used only if no @fields/@attrs |
|
5638
7e3cceec3f4f
Allow client to access read only/protected properties like creator,
John Rouillard <rouilj@ieee.org>
parents:
5636
diff
changeset
|
815 protected = value.lower() == "true" |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
816 elif key == "@verbose": |
|
5661
b08a308c273b
Better display for Link/Multilink and content
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5660
diff
changeset
|
817 verbose = int (value) |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
818 |
|
5661
b08a308c273b
Better display for Link/Multilink and content
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5660
diff
changeset
|
819 result = {} |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
820 if props is None: |
|
5661
b08a308c273b
Better display for Link/Multilink and content
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5660
diff
changeset
|
821 props = class_obj.getprops(protected=protected) |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
822 else: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
823 if verbose > 1: |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
824 lp = class_obj.labelprop() |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
825 props[lp] = class_obj.properties[lp] |
|
5598
be81e8cca38c
Added the ability to limit returned fields by GET
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5597
diff
changeset
|
826 |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
827 result = { |
| 5679 | 828 'id': itemid, |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
829 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
830 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5680
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
831 'attributes': self.format_item(node, itemid, props=props, |
|
f77209ddd579
Refactored REST code that formats an item for display. A GET on
John Rouillard <rouilj@ieee.org>
parents:
5679
diff
changeset
|
832 verbose=verbose), |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
833 '@etag': etag |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
834 } |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
835 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
836 self.client.setHeader("ETag", etag) |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
837 return 200, result |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
838 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
839 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'GET') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
840 @_data_decorator |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
841 def get_attribute(self, class_name, item_id, attr_name, input): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
842 """GET resource from attribute URI. |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
843 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
844 This function returns only attribute has View permission |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
845 class_name should be valid already |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
846 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
847 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
848 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
849 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
850 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
851 input (list): the submitted form of the user |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
852 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
853 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
854 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
855 list: a dictionary represents the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
856 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
857 type: class name of the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
858 link: link to the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
859 data: data of the requested attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
860 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
861 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
862 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
863 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
864 'View', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
865 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
866 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
867 'Permission to view %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
868 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
869 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
870 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
871 class_obj = self.db.getclass(class_name) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
872 node = class_obj.getnode(item_id) |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
873 etag = calculate_etag(node, self.db.config.WEB_SECRET_KEY, |
|
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5715
diff
changeset
|
874 class_name, item_id) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
875 data = node.__getattr__(attr_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
876 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
877 'id': item_id, |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
878 'type': str(type(data)), |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
879 'link': "%s/%s/%s/%s" % |
|
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
880 (self.data_path, class_name, item_id, attr_name), |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
881 'data': data, |
|
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
882 '@etag': etag |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
883 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
884 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
885 self.client.setHeader("ETag", etag) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
886 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
887 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
888 @Routing.route("/data/<:class_name>", 'POST') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
889 @_data_decorator |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
890 def post_collection(self, class_name, input): |
| 5582 | 891 """POST a new object to a class |
| 892 | |
| 893 If the item is successfully created, the "Location" header will also | |
| 894 contain the link to the created object | |
| 895 | |
| 896 Args: | |
| 897 class_name (string): class name of the resource (Ex: issue, msg) | |
| 898 input (list): the submitted form of the user | |
| 899 | |
| 900 Returns: | |
| 901 int: http status code 201 (Created) | |
| 902 dict: a reference item to the created object | |
| 903 id: id of the object | |
| 904 link: path to the object | |
| 905 """ | |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
906 return self.post_collection_inner(class_name, input) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
907 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
908 @Routing.route("/data/<:class_name>/@poe", 'POST') |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
909 @_data_decorator |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
910 def post_once_exactly_collection(self, class_name, input): |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
911 otks=self.db.Otk |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
912 poe_key = ''.join([random_.choice(chars) for x in range(40)]) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
913 while otks.exists(u2s(poe_key)): |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
914 poe_key = ''.join([random_.choice(chars) for x in range(40)]) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
915 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
916 try: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
917 lifetime=int(input['lifetime'].value) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
918 except KeyError as e: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
919 lifetime=30 * 60 # 30 minutes |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
920 except ValueError as e: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
921 raise UsageError("Value 'lifetime' must be an integer specify lifetime in seconds. Got %s."%input['lifetime'].value) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
922 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
923 if lifetime > 3600 or lifetime < 1: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
924 raise UsageError("Value 'lifetime' must be between 1 second and 1 hour (3600 seconds). Got %s."%input['lifetime'].value) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
925 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
926 try: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
927 # if generic tag exists, we don't care about the value |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
928 is_generic=input['generic'] |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
929 # we generate a generic POE token |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
930 is_generic=True |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
931 except KeyError as e: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
932 is_generic=False |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
933 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
934 # a POE must be used within lifetime (30 minutes default). |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
935 # Default OTK lifetime is 1 week. So to make different |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
936 # lifetime, take current time, subtract 1 week and add |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
937 # lifetime. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
938 ts = time.time() - (60 * 60 * 24 * 7) + lifetime |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
939 if is_generic: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
940 otks.set(u2s(poe_key), uid=self.db.getuid(), |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
941 __timestamp=ts ) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
942 else: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
943 otks.set(u2s(poe_key), uid=self.db.getuid(), |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
944 class_name=class_name, |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
945 __timestamp=ts ) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
946 otks.commit() |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
947 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
948 return 200, { 'link': '%s/%s/@poe/%s'%(self.data_path, class_name, poe_key), |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
949 'expires' : ts + (60 * 60 * 24 * 7) } |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
950 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
951 @Routing.route("/data/<:class_name>/@poe/<:post_token>", 'POST') |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
952 @_data_decorator |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
953 def post_once_exactly_collection(self, class_name, post_token, input): |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
954 otks=self.db.Otk |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
955 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
956 # remove expired keys so we don't use an expired key |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
957 otks.clean() |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
958 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
959 if not otks.exists(u2s(post_token)): |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
960 # Don't log this failure. Would allow attackers to fill |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
961 # logs. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
962 raise UsageError("POE token '%s' not valid."%post_token) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
963 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
964 # find out what user owns the key |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
965 user = otks.get(u2s(post_token), 'uid', default=None) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
966 # find out what class it was meant for |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
967 cn = otks.get(u2s(post_token), 'class_name', default=None) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
968 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
969 # Invalidate the key as it has been used. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
970 otks.destroy(u2s(post_token)) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
971 otks.commit() |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
972 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
973 # verify the same user that requested the key is the user |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
974 # using the key. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
975 if user != self.db.getuid(): |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
976 # Tell the roundup admin that there is an issue |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
977 # as the key got compromised. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
978 logger.warn( |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
979 'Post Once key owned by user%s was denied. Used by user%s',user, self.db.getuid() |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
980 ) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
981 # Should we indicate to user that the token is invalid |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
982 # because they are not the user who owns the key? It could |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
983 # be a logic bug in the application. But I assume that |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
984 # the key has been stolen and we don't want to tip our hand. |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
985 raise UsageError("POE token '%s' not valid."%post_token) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
986 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
987 if cn != class_name and cn != None: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
988 raise UsageError("POE token '%s' not valid for %s, was generated for class %s"%(post_token, class_name, cn)) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
989 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
990 # handle this as though they POSTed to /rest/data/class |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
991 return self.post_collection_inner(class_name, input) |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
992 |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
993 def post_collection_inner(self, class_name, input): |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
994 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
995 raise NotFound('Class %s not found' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
996 if not self.db.security.hasPermission( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
997 'Create', self.db.getuid(), class_name |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
998 ): |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
999 raise Unauthorised('Permission to create %s denied' % class_name) |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1000 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1001 class_obj = self.db.getclass(class_name) |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1002 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1003 # convert types |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1004 props = self.props_from_args(class_obj, input.value) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1005 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1006 # check for the key property |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1007 key = class_obj.getkey() |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1008 if key and key not in props: |
| 5576 | 1009 raise UsageError("Must provide the '%s' property." % key) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1010 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1011 for key in props: |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1012 if not self.db.security.hasPermission( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1013 'Create', self.db.getuid(), class_name, property=key |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1014 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1015 raise Unauthorised( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1016 'Permission to create %s.%s denied' % (class_name, key) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1017 ) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1018 |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1019 # do the actual create |
|
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1020 try: |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
1021 item_id = class_obj.create(**props) |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1022 self.db.commit() |
| 5602 | 1023 except (TypeError, IndexError, ValueError) as message: |
| 5576 | 1024 raise ValueError(message) |
| 5602 | 1025 except KeyError as msg: |
| 5576 | 1026 raise UsageError("Must provide the %s property." % msg) |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
1027 |
|
5573
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1028 # set the header Location |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1029 link = '%s/%s/%s' % (self.data_path, class_name, item_id) |
|
5573
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1030 self.client.setHeader("Location", link) |
|
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1031 |
|
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1032 # set the response body |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1033 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1034 'id': item_id, |
|
5573
89ae4ef34efe
Handle response header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5572
diff
changeset
|
1035 'link': link |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1036 } |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1037 return 201, result |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1038 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1039 @Routing.route("/data/<:class_name>/<:item_id>", 'PUT') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1040 @_data_decorator |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1041 def put_element(self, class_name, item_id, input): |
| 5582 | 1042 """PUT a new content to an object |
| 1043 | |
| 1044 Replace the content of the existing object | |
| 1045 | |
| 1046 Args: | |
| 1047 class_name (string): class name of the resource (Ex: issue, msg) | |
| 1048 item_id (string): id of the resource (Ex: 12, 15) | |
| 1049 input (list): the submitted form of the user | |
| 1050 | |
| 1051 Returns: | |
| 1052 int: http status code 200 (OK) | |
| 1053 dict: a dictionary represents the modified object | |
| 1054 id: id of the object | |
| 1055 type: class name of the object | |
| 1056 link: link to the object | |
| 1057 attributes: a dictionary represent only changed attributes of | |
| 1058 the object | |
| 1059 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1060 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1061 raise NotFound('Class %s not found' % class_name) |
| 5564 | 1062 class_obj = self.db.getclass(class_name) |
| 1063 | |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1064 props = self.props_from_args(class_obj, input.value, item_id) |
| 5602 | 1065 for p in props: |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1066 if not self.db.security.hasPermission( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1067 'Edit', self.db.getuid(), class_name, p, item_id |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1068 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1069 raise Unauthorised( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1070 'Permission to edit %s of %s%s denied' % |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1071 (p, class_name, item_id) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1072 ) |
| 5564 | 1073 try: |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1074 self.raise_if_no_etag(class_name, item_id, input) |
| 5564 | 1075 result = class_obj.set(item_id, **props) |
| 1076 self.db.commit() | |
| 5602 | 1077 except (TypeError, IndexError, ValueError) as message: |
| 5576 | 1078 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1079 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1080 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1081 # and changing invalid keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1082 raise UsageError(message) |
| 5564 | 1083 |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1084 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1085 'id': item_id, |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1086 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1087 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1088 'attribute': result |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1089 } |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1090 return 200, result |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1091 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1092 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PUT') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1093 @_data_decorator |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1094 def put_attribute(self, class_name, item_id, attr_name, input): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1095 """PUT an attribute to an object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1096 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1097 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1098 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1099 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1100 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1101 input (list): the submitted form of the user |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1102 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1103 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1104 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1105 dict:a dictionary represents the modified object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1106 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1107 type: class name of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1108 link: link to the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1109 attributes: a dictionary represent only changed attributes of |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1110 the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1111 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1112 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1113 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1114 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1115 'Edit', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1116 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1117 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1118 'Permission to edit %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1119 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1120 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1121 class_obj = self.db.getclass(class_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1122 props = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1123 attr_name: self.prop_from_arg( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1124 class_obj, attr_name, input['data'].value, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1125 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1126 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1127 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1128 try: |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1129 self.raise_if_no_etag(class_name, item_id, input) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1130 result = class_obj.set(item_id, **props) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1131 self.db.commit() |
| 5602 | 1132 except (TypeError, IndexError, ValueError) as message: |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1133 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1134 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1135 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1136 # and changing invalid keys |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1137 raise AttributeError(message) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1138 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1139 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1140 'id': item_id, |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1141 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1142 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1143 'attribute': result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1144 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1145 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1146 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1147 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1148 @Routing.route("/data/<:class_name>", 'DELETE') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1149 @_data_decorator |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1150 def delete_collection(self, class_name, input): |
| 5604 | 1151 """DELETE (retire) all objects in a class |
| 1152 There is currently no use-case, so this is disabled and | |
| 1153 always returns Unauthorised. | |
| 5582 | 1154 |
| 1155 Args: | |
| 1156 class_name (string): class name of the resource (Ex: issue, msg) | |
| 1157 input (list): the submitted form of the user | |
| 1158 | |
| 1159 Returns: | |
| 1160 int: http status code 200 (OK) | |
| 1161 dict: | |
| 1162 status (string): 'ok' | |
| 1163 count (int): number of deleted objects | |
| 1164 """ | |
| 5604 | 1165 raise Unauthorised('Deletion of a whole class disabled') |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1166 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1167 raise NotFound('Class %s not found' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1168 if not self.db.security.hasPermission( |
| 5604 | 1169 'Retire', self.db.getuid(), class_name |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1170 ): |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1171 raise Unauthorised('Permission to delete %s denied' % class_name) |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1172 |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1173 class_obj = self.db.getclass(class_name) |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1174 for item_id in class_obj.list(): |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1175 if not self.db.security.hasPermission( |
| 5604 | 1176 'Retire', self.db.getuid(), class_name, itemid=item_id |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1177 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1178 raise Unauthorised( |
| 5604 | 1179 'Permission to retire %s %s denied' % (class_name, item_id) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1180 ) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1181 |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1182 count = len(class_obj.list()) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1183 for item_id in class_obj.list(): |
| 5604 | 1184 class_obj.retire (item_id) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1185 |
|
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1186 self.db.commit() |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1187 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1188 'status': 'ok', |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1189 'count': count |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1190 } |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1191 |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1192 return 200, result |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1193 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1194 @Routing.route("/data/<:class_name>/<:item_id>", 'DELETE') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1195 @_data_decorator |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1196 def delete_element(self, class_name, item_id, input): |
| 5604 | 1197 """DELETE (retire) an object in a class |
| 5582 | 1198 |
| 1199 Args: | |
| 1200 class_name (string): class name of the resource (Ex: issue, msg) | |
| 1201 item_id (string): id of the resource (Ex: 12, 15) | |
| 1202 input (list): the submitted form of the user | |
| 1203 | |
| 1204 Returns: | |
| 1205 int: http status code 200 (OK) | |
| 1206 dict: | |
| 1207 status (string): 'ok' | |
| 1208 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1209 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1210 raise NotFound('Class %s not found' % class_name) |
| 5604 | 1211 class_obj = self.db.classes [class_name] |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1212 if not self.db.security.hasPermission( |
| 5604 | 1213 'Retire', self.db.getuid(), class_name, itemid=item_id |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1214 ): |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1215 raise Unauthorised( |
| 5604 | 1216 'Permission to retire %s %s denied' % (class_name, item_id) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1217 ) |
|
5563
9a1614ff752d
Implement delete collection
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5562
diff
changeset
|
1218 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1219 self.raise_if_no_etag(class_name, item_id, input) |
| 5604 | 1220 class_obj.retire (item_id) |
|
5562
70df783c4c0b
Cleanup, fixed a bug with delete action
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5561
diff
changeset
|
1221 self.db.commit() |
|
5570
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1222 result = { |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1223 'status': 'ok' |
|
8431a872b008
Response is now following the design format
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5569
diff
changeset
|
1224 } |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1225 |
|
5572
c4c88466da69
Added successful response status code
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5571
diff
changeset
|
1226 return 200, result |
|
5559
3d80e7752783
Added POST and DELETE
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5558
diff
changeset
|
1227 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1228 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'DELETE') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1229 @_data_decorator |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1230 def delete_attribute(self, class_name, item_id, attr_name, input): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1231 """DELETE an attribute in a object by setting it to None or empty |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1232 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1233 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1234 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1235 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1236 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1237 input (list): the submitted form of the user |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1238 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1239 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1240 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1241 dict: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1242 status (string): 'ok' |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1243 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1244 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1245 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1246 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1247 'Edit', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1248 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1249 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1250 'Permission to delete %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1251 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1252 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1253 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1254 class_obj = self.db.getclass(class_name) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1255 if attr_name not in class_obj.getprops(protected=False): |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1256 if attr_name in class_obj.getprops(protected=True): |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1257 raise AttributeError("Attribute '%s' can not be deleted " \ |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1258 "for class %s."%(attr_name, class_name)) |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1259 else: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1260 raise UsageError("Attribute '%s' not valid for class %s."%( |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1261 attr_name, class_name)) |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1262 if attr_name in class_obj.get_required_props(): |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1263 raise UsageError("Attribute '%s' is required by class %s and can not be deleted."%( |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1264 attr_name, class_name)) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1265 props = {} |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1266 prop_obj = class_obj.get(item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1267 if isinstance(prop_obj, list): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1268 props[attr_name] = [] |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1269 else: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1270 props[attr_name] = None |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1271 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1272 try: |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1273 self.raise_if_no_etag(class_name, item_id, input) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1274 class_obj.set(item_id, **props) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1275 self.db.commit() |
| 5602 | 1276 except (TypeError, IndexError, ValueError) as message: |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1277 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1278 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1279 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1280 # and changing invalid keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1281 raise UsageError(message) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1282 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1283 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1284 'status': 'ok' |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1285 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1286 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1287 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1288 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1289 @Routing.route("/data/<:class_name>/<:item_id>", 'PATCH') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1290 @_data_decorator |
|
5561
7aa7f779198b
Split all rest action into 2 type
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5560
diff
changeset
|
1291 def patch_element(self, class_name, item_id, input): |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1292 """PATCH an object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1293 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1294 Patch an element using 3 operators |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1295 ADD : Append new value to the object's attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1296 REPLACE: Replace object's attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1297 REMOVE: Clear object's attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1298 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1299 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1300 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1301 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1302 input (list): the submitted form of the user |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1303 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1304 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1305 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1306 dict: a dictionary represents the modified object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1307 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1308 type: class name of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1309 link: link to the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1310 attributes: a dictionary represent only changed attributes of |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1311 the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1312 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1313 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1314 raise NotFound('Class %s not found' % class_name) |
|
5580
d5a54b1851aa
Add default op action for Patch
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5579
diff
changeset
|
1315 try: |
|
5660
d8d2b7724292
First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5659
diff
changeset
|
1316 op = input['@op'].value.lower() |
|
5580
d5a54b1851aa
Add default op action for Patch
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5579
diff
changeset
|
1317 except KeyError: |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
1318 op = self.__default_patch_op |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1319 class_obj = self.db.getclass(class_name) |
|
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1320 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1321 self.raise_if_no_etag(class_name, item_id, input) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1322 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1323 # if patch operation is action, call the action handler |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1324 action_args = [class_name + item_id] |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1325 if op == 'action': |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1326 # extract action_name and action_args from form fields |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1327 for form_field in input.value: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1328 key = form_field.name |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1329 value = form_field.value |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
1330 if key == "@action_name": |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1331 name = value |
|
5659
1e51a709431c
Make Searching work in REST API
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5658
diff
changeset
|
1332 elif key.startswith('@action_args'): |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1333 action_args.append(value) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1334 |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1335 if name in self.actions: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1336 action_type = self.actions[name] |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1337 else: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1338 raise UsageError( |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1339 'action "%s" is not supported %s' % |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1340 (name, ','.join(self.actions.keys())) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1341 ) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1342 action = action_type(self.db, self.translator) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1343 result = action.execute(*action_args) |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1344 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1345 result = { |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1346 'id': item_id, |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1347 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1348 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1349 'result': result |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1350 } |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1351 else: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1352 # else patch operation is processing data |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1353 props = self.props_from_args(class_obj, input.value, item_id, |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1354 skip_protected=False) |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1355 |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1356 required_props = class_obj.get_required_props() |
| 5602 | 1357 for prop in props: |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1358 if not self.db.security.hasPermission( |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1359 'Edit', self.db.getuid(), class_name, prop, item_id |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1360 ): |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1361 raise Unauthorised( |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1362 'Permission to edit %s of %s%s denied' % |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1363 (prop, class_name, item_id) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1364 ) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1365 if op == 'remove' and prop in required_props: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1366 raise UsageError( |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1367 "Attribute '%s' is required by class %s " |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1368 "and can not be removed."%(prop, class_name) |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1369 ) |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1370 |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1371 props[prop] = self.patch_data( |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1372 op, class_obj.get(item_id, prop), props[prop] |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1373 ) |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1374 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1375 try: |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1376 result = class_obj.set(item_id, **props) |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1377 self.db.commit() |
| 5602 | 1378 except (TypeError, IndexError, ValueError) as message: |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1379 raise ValueError(message) |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1380 |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1381 result = { |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1382 'id': item_id, |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1383 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1384 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5599
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1385 'attribute': result |
|
a76d88673375
Added Patch operator 'action'
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5598
diff
changeset
|
1386 } |
|
5578
c2214d0c9df8
Added PATCH an element
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5577
diff
changeset
|
1387 return 200, result |
|
5557
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
1388 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1389 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PATCH') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1390 @_data_decorator |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1391 def patch_attribute(self, class_name, item_id, attr_name, input): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1392 """PATCH an attribute of an object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1393 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1394 Patch an element using 3 operators |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1395 ADD : Append new value to the attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1396 REPLACE: Replace attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1397 REMOVE: Clear attribute |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1398 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1399 Args: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1400 class_name (string): class name of the resource (Ex: issue, msg) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1401 item_id (string): id of the resource (Ex: 12, 15) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1402 attr_name (string): attribute of the resource (Ex: title, nosy) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1403 input (list): the submitted form of the user |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1404 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1405 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1406 int: http status code 200 (OK) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1407 dict: a dictionary represents the modified object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1408 id: id of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1409 type: class name of the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1410 link: link to the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1411 attributes: a dictionary represent only changed attributes of |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1412 the object |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1413 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1414 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1415 raise NotFound('Class %s not found' % class_name) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1416 try: |
|
5660
d8d2b7724292
First attempt at REST-API documentation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5659
diff
changeset
|
1417 op = input['@op'].value.lower() |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1418 except KeyError: |
|
5593
344b6a87dac6
Added support to print error
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5591
diff
changeset
|
1419 op = self.__default_patch_op |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1420 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1421 if not self.db.security.hasPermission( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1422 'Edit', self.db.getuid(), class_name, attr_name, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1423 ): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1424 raise Unauthorised( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1425 'Permission to edit %s%s %s denied' % |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1426 (class_name, item_id, attr_name) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1427 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1428 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1429 prop = attr_name |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1430 class_obj = self.db.getclass(class_name) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1431 if attr_name not in class_obj.getprops(protected=False): |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1432 if attr_name in class_obj.getprops(protected=True): |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1433 raise AttributeError("Attribute '%s' can not be updated " \ |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1434 "for class %s."%(attr_name, class_name)) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1435 |
|
5674
6dc4dba1c225
REST: Use If-Match header for incoming requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5669
diff
changeset
|
1436 self.raise_if_no_etag(class_name, item_id, input) |
|
5630
07abc8d36940
Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents:
5622
diff
changeset
|
1437 |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1438 props = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1439 prop: self.prop_from_arg( |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1440 class_obj, prop, input['data'].value, item_id |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1441 ) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1442 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1443 |
|
5595
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
1444 props[prop] = self.patch_data( |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
1445 op, class_obj.get(item_id, prop), props[prop] |
|
65caddd54da2
Handle operation for patch separately
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5594
diff
changeset
|
1446 ) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1447 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1448 try: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1449 result = class_obj.set(item_id, **props) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1450 self.db.commit() |
| 5602 | 1451 except (TypeError, IndexError, ValueError) as message: |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1452 raise ValueError(message) |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1453 except KeyError as message: |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1454 # key error returned for changing protected keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1455 # and changing invalid keys |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1456 raise UsageError(message) |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1457 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1458 result = { |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1459 'id': item_id, |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1460 'type': class_name, |
|
5600
e2c74d8121f3
Update resource links
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5599
diff
changeset
|
1461 'link': '%s/%s/%s' % (self.data_path, class_name, item_id), |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1462 'attribute': result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1463 } |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1464 return 200, result |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1465 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1466 @Routing.route("/data/<:class_name>", 'OPTIONS') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1467 @_data_decorator |
| 5575 | 1468 def options_collection(self, class_name, input): |
| 5582 | 1469 """OPTION return the HTTP Header for the class uri |
| 1470 | |
| 1471 Returns: | |
| 1472 int: http status code 204 (No content) | |
| 1473 body (string): an empty string | |
| 1474 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1475 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1476 raise NotFound('Class %s not found' % class_name) |
| 5702 | 1477 self.client.setHeader( |
| 1478 "Allow", | |
| 1479 "OPTIONS, GET, POST" | |
| 1480 ) | |
| 5575 | 1481 return 204, "" |
| 1482 | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1483 @Routing.route("/data/<:class_name>/<:item_id>", 'OPTIONS') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1484 @_data_decorator |
| 5575 | 1485 def options_element(self, class_name, item_id, input): |
| 5582 | 1486 """OPTION return the HTTP Header for the object uri |
| 1487 | |
| 1488 Returns: | |
| 1489 int: http status code 204 (No content) | |
| 1490 body (string): an empty string | |
| 1491 """ | |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1492 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1493 raise NotFound('Class %s not found' % class_name) |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1494 self.client.setHeader( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1495 "Accept-Patch", |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1496 "application/x-www-form-urlencoded, multipart/form-data" |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1497 ) |
| 5702 | 1498 self.client.setHeader( |
| 1499 "Allow", | |
| 1500 "OPTIONS, GET, PUT, DELETE, PATCH" | |
| 1501 ) | |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1502 return 204, "" |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1503 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1504 @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'OPTIONS') |
|
5587
cb2b320fde16
Added decorator to handle formatting output data
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5584
diff
changeset
|
1505 @_data_decorator |
|
5584
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1506 def option_attribute(self, class_name, item_id, attr_name, input): |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1507 """OPTION return the HTTP Header for the attribute uri |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1508 |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1509 Returns: |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1510 int: http status code 204 (No content) |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1511 body (string): an empty string |
|
53098db851f2
Added attribute URI handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5583
diff
changeset
|
1512 """ |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1513 if class_name not in self.db.classes: |
|
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1514 raise NotFound('Class %s not found' % class_name) |
| 5702 | 1515 class_obj = self.db.getclass(class_name) |
| 1516 if attr_name in class_obj.getprops(protected=False): | |
| 1517 self.client.setHeader( | |
| 1518 "Accept-Patch", | |
| 1519 "application/x-www-form-urlencoded, multipart/form-data" | |
| 1520 ) | |
| 1521 self.client.setHeader( | |
| 1522 "Allow", | |
| 1523 "OPTIONS, GET, PUT, DELETE, PATCH" | |
| 1524 ) | |
| 1525 elif attr_name in class_obj.getprops(protected=True): | |
| 1526 # It must match a protected prop. These can't be written. | |
| 1527 self.client.setHeader( | |
| 1528 "Allow", | |
| 1529 "OPTIONS, GET" | |
| 1530 ) | |
| 1531 else: | |
| 1532 raise NotFound('Attribute %s not valid for Class %s' %( | |
| 1533 attr_name,class_name)) | |
| 5575 | 1534 return 204, "" |
| 1535 | |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1536 @Routing.route("/") |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1537 @_data_decorator |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1538 def describe(self, input): |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1539 """Describe the rest endpoint""" |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1540 result = { |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1541 "default_version": self.__default_api_version, |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1542 "supported_versions": self.__supported_api_versions, |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1543 "links": [ { "uri": self.base_path +"/summary", |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1544 "rel": "summary"}, |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1545 { "uri": self.base_path, |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1546 "rel": "self"}, |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1547 { "uri": self.base_path + "/data", |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1548 "rel": "data"} |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1549 ] |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1550 } |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1551 |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1552 return 200, result |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1553 |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1554 @Routing.route("/data") |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1555 @_data_decorator |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1556 def data(self, input): |
| 5658 | 1557 """Describe the subelements of data |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1558 |
| 5658 | 1559 One entry for each class the user may view |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1560 """ |
| 5658 | 1561 result = {} |
| 1562 uid = self.db.getuid () | |
| 1563 for cls in sorted (self.db.classes) : | |
| 1564 if self.db.security.hasPermission('View', uid, cls) : | |
| 1565 result [cls] = dict(link = self.base_path + '/data/' + cls) | |
|
5632
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1566 return 200, result |
|
a29a8dae2095
Initial implementation of function to return data for / and /data
John Rouillard <rouilj@ieee.org>
parents:
5631
diff
changeset
|
1567 |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1568 @Routing.route("/summary") |
| 5596 | 1569 @_data_decorator |
| 1570 def summary(self, input): | |
| 1571 """Get a summary of resource from class URI. | |
| 1572 | |
| 1573 This function returns only items have View permission | |
| 1574 class_name should be valid already | |
| 1575 | |
| 1576 Args: | |
| 1577 class_name (string): class name of the resource (Ex: issue, msg) | |
| 1578 input (list): the submitted form of the user | |
| 1579 | |
| 1580 Returns: | |
| 1581 int: http status code 200 (OK) | |
| 1582 list: | |
| 1583 """ | |
| 1584 if not self.db.security.hasPermission( | |
| 1585 'View', self.db.getuid(), 'issue' | |
| 1586 ) and not self.db.security.hasPermission( | |
| 1587 'View', self.db.getuid(), 'status' | |
| 1588 ) and not self.db.security.hasPermission( | |
| 1589 'View', self.db.getuid(), 'issue' | |
| 1590 ): | |
| 1591 raise Unauthorised('Permission to view summary denied') | |
| 1592 | |
| 1593 old = date.Date('-1w') | |
| 1594 | |
| 1595 created = [] | |
| 1596 summary = {} | |
| 1597 messages = [] | |
| 1598 | |
| 1599 # loop through all the recently-active issues | |
| 1600 for issue_id in self.db.issue.filter(None, {'activity': '-1w;'}): | |
| 1601 num = 0 | |
| 1602 status_name = self.db.status.get( | |
| 1603 self.db.issue.get(issue_id, 'status'), | |
| 1604 'name' | |
| 1605 ) | |
| 1606 issue_object = { | |
| 1607 'id': issue_id, | |
|
5621
39dbe83643c0
Fix path of links in /rest/summary.
John Rouillard <rouilj@ieee.org>
parents:
5620
diff
changeset
|
1608 'link': self.base_path + '/data/issue/' + issue_id, |
| 5596 | 1609 'title': self.db.issue.get(issue_id, 'title') |
| 1610 } | |
| 1611 for x, ts, uid, action, data in self.db.issue.history(issue_id): | |
| 1612 if ts < old: | |
| 1613 continue | |
| 1614 if action == 'create': | |
| 1615 created.append(issue_object) | |
| 1616 elif action == 'set' and 'messages' in data: | |
| 1617 num += 1 | |
| 1618 summary.setdefault(status_name, []).append(issue_object) | |
| 1619 messages.append((num, issue_object)) | |
| 1620 | |
|
5668
a4bb88a1a643
A fix for https://issues.roundup-tracker.org/issue2551034
John Rouillard <rouilj@ieee.org>
parents:
5662
diff
changeset
|
1621 sorted(messages, key=lambda tup: tup[0], reverse=True) |
| 5596 | 1622 |
| 1623 result = { | |
| 1624 'created': created, | |
| 1625 'summary': summary, | |
| 1626 'most_discussed': messages[:10] | |
| 1627 } | |
| 1628 | |
| 1629 return 200, result | |
| 1630 | |
|
5556
d75aa88c2a99
Added RestInstance and calling rest from client.py
Chau Nguyen <dangchau1991@yahoo.com>
parents:
diff
changeset
|
1631 def dispatch(self, method, uri, input): |
| 5582 | 1632 """format and process the request""" |
| 5574 | 1633 # if X-HTTP-Method-Override is set, follow the override method |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1634 headers = self.client.request.headers |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1635 # Never allow GET to be an unsafe operation (i.e. data changing). |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1636 # User must use POST to "tunnel" DELETE, PUT, OPTIONS etc. |
|
5650
e8ca7072c629
Fix Python 3 issues in REST code.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5646
diff
changeset
|
1637 override = headers.get('X-HTTP-Method-Override') |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1638 output = None |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1639 if override: |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1640 if method.upper() != 'GET': |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1641 logger.debug( |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1642 'Method overridden from %s to %s', method, override) |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1643 method = override |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1644 else: |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1645 output = self.error_obj(400, |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1646 "X-HTTP-Method-Override: %s can not be used with GET method. Use Post instead." % override) |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1647 logger.info( |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1648 'Ignoring X-HTTP-Method-Override for GET request on %s', |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1649 uri) |
| 5574 | 1650 |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
1651 # parse Accept header and get the content type |
|
5650
e8ca7072c629
Fix Python 3 issues in REST code.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5646
diff
changeset
|
1652 accept_header = parse_accept_header(headers.get('Accept')) |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
1653 accept_type = "invalid" |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
1654 for part in accept_header: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
1655 if part[0] in self.__accepted_content_type: |
|
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
1656 accept_type = self.__accepted_content_type[part[0]] |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1657 # Version order: |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1658 # 1) accept header version=X specifier |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1659 # application/vnd.x.y; version=1 |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1660 # 2) from type in accept-header type/subtype-vX |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1661 # application/vnd.x.y-v1 |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1662 # 3) from @apiver in query string to make browser |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1663 # use easy |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1664 # This code handles 1 and 2. Set api_version to none |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1665 # to trigger @apiver parsing below |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1666 # Places that need the api_version info should |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1667 # use default if version = None |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1668 try: |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1669 self.api_version = int(part[1]['version']) |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1670 except KeyError: |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1671 self.api_version = None |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1672 except ValueError: |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1673 msg=( "Unrecognized version: %s. " |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1674 "See /rest without specifying version " |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1675 "for supported versions."%( |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1676 part[1]['version'])) |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1677 output = self.error_obj(400, msg) |
|
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1678 |
| 5574 | 1679 # get the request format for response |
|
5685
4b4885f0c6ad
Set up basic framework for handling versioning of interface.
John Rouillard <rouilj@ieee.org>
parents:
5682
diff
changeset
|
1680 # priority : extension from uri (/rest/data/issue.json), |
| 5574 | 1681 # header (Accept: application/json, application/xml) |
| 1682 # default (application/json) | |
| 5602 | 1683 ext_type = os.path.splitext(urlparse(uri).path)[1][1:] |
|
5594
864cf6cb5790
Added ability to parse HTTP accept header
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5593
diff
changeset
|
1684 data_type = ext_type or accept_type or self.__default_accept_type |
| 5574 | 1685 |
|
5617
38b7c4693d9a
Original code supported setting accept type to json (or other
John Rouillard <rouilj@ieee.org>
parents:
5616
diff
changeset
|
1686 if ( ext_type ): |
|
38b7c4693d9a
Original code supported setting accept type to json (or other
John Rouillard <rouilj@ieee.org>
parents:
5616
diff
changeset
|
1687 # strip extension so uri make sense |
|
5619
1c9208fa9127
Make sure a commentis a comment.
John Rouillard <rouilj@ieee.org>
parents:
5618
diff
changeset
|
1688 # .../issue.json -> .../issue |
|
5617
38b7c4693d9a
Original code supported setting accept type to json (or other
John Rouillard <rouilj@ieee.org>
parents:
5616
diff
changeset
|
1689 uri = uri[:-( len(ext_type) + 1 )] |
|
38b7c4693d9a
Original code supported setting accept type to json (or other
John Rouillard <rouilj@ieee.org>
parents:
5616
diff
changeset
|
1690 |
| 5582 | 1691 # add access-control-allow-* to support CORS |
| 5574 | 1692 self.client.setHeader("Access-Control-Allow-Origin", "*") |
|
5581
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1693 self.client.setHeader( |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1694 "Access-Control-Allow-Headers", |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1695 "Content-Type, Authorization, X-HTTP-Method-Override" |
|
30793a435185
Code convention improved
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5580
diff
changeset
|
1696 ) |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1697 self.client.setHeader( |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1698 "Allow", |
| 5702 | 1699 "OPTIONS, GET, POST, PUT, DELETE, PATCH" |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1700 ) |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1701 self.client.setHeader( |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1702 "Access-Control-Allow-Methods", |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1703 "HEAD, OPTIONS, GET, PUT, DELETE, PATCH" |
|
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1704 ) |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1705 # Is there an input.value with format json data? |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1706 # If so turn it into an object that emulates enough |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1707 # of the FieldStorge methods/props to allow a response. |
|
5650
e8ca7072c629
Fix Python 3 issues in REST code.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5646
diff
changeset
|
1708 content_type_header = headers.get('Content-Type', None) |
|
5655
207e0f5d551c
Merge in non-conflicting changes from ba67e397f063
John Rouillard <rouilj@ieee.org>
diff
changeset
|
1709 # python2 is str type, python3 is bytes |
|
207e0f5d551c
Merge in non-conflicting changes from ba67e397f063
John Rouillard <rouilj@ieee.org>
diff
changeset
|
1710 if type(input.value) in ( str, bytes ) and content_type_header: |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1711 parsed_content_type_header = content_type_header |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1712 # the structure of a content-type header |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1713 # is complex: mime-type; options(charset ...) |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1714 # for now we just accept application/json. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1715 # FIXME there should be a function: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1716 # parse_content_type_header(content_type_header) |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1717 # that returns a tuple like the Accept header parser. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1718 # Then the test below could use: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1719 # parsed_content_type_header[0].lower() == 'json' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1720 # That way we could handle stuff like: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1721 # application/vnd.roundup-foo+json; charset=UTF8 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1722 # for example. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1723 if content_type_header.lower() == "application/json": |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1724 try: |
|
5655
207e0f5d551c
Merge in non-conflicting changes from ba67e397f063
John Rouillard <rouilj@ieee.org>
diff
changeset
|
1725 input = SimulateFieldStorageFromJson(b2s(input.value)) |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1726 except ValueError as msg: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1727 output = self.error_obj(400, msg) |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1728 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1729 # check for pretty print |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1730 try: |
|
5701
fabb12ba9466
Change pretty url parameter to @pretty to stop collision with field name.
John Rouillard <rouilj@ieee.org>
parents:
5691
diff
changeset
|
1731 pretty_output = not input['@pretty'].value.lower() == "false" |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1732 except KeyError: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1733 pretty_output = True |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1734 |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1735 # check for @apiver in query string |
|
5711
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1736 msg=( "Unrecognized version: %s. " |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1737 "See /rest without specifying version " |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1738 "for supported versions." ) |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1739 try: |
|
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1740 if not self.api_version: |
|
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1741 self.api_version = int(input['@apiver'].value) |
|
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1742 except KeyError: |
|
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1743 self.api_version = None |
|
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1744 except ValueError: |
|
5711
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1745 output = self.error_obj(400, msg%input['@apiver'].value) |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1746 |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1747 # by this time the API version is set. Error if we don't |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1748 # support it? |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1749 if self.api_version is None: |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1750 # FIXME: do we need to raise an error if client did not specify |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1751 # version? This may be a good thing to require. Note that: |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1752 # Accept: application/json; version=1 may not be legal but.... |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1753 # Use default if not specified for now. |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1754 self.api_version = self.__default_api_version |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1755 elif self.api_version not in self.__supported_api_versions: |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1756 raise UsageError(msg%self.api_version) |
|
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1757 |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
1758 # sadly del doesn't work on FieldStorage which can be the type of |
|
5711
aea2cc142c1b
Added some more rest testing and make sure api version is valid.
John Rouillard <rouilj@ieee.org>
parents:
5710
diff
changeset
|
1759 # input. So we have to ignore keys starting with @ at other |
|
5691
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
1760 # places in the code. |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
1761 # else: |
|
dbf422a8cff7
Add error handling. @apiver was being processed as a search
John Rouillard <rouilj@ieee.org>
parents:
5690
diff
changeset
|
1762 # del(input['@apiver']) |
|
5686
eb51c0d9c9bf
Move @apiver version extraction code after the input is parsed for
John Rouillard <rouilj@ieee.org>
parents:
5685
diff
changeset
|
1763 |
| 5582 | 1764 # Call the appropriate method |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1765 try: |
|
5620
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1766 # If output was defined by a prior error |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1767 # condition skip call |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1768 if not output: |
|
5f8e6034427c
Do not honor the X-HTTP-Method-Override if the original method used
John Rouillard <rouilj@ieee.org>
parents:
5619
diff
changeset
|
1769 output = Routing.execute(self, uri, method, input) |
| 5602 | 1770 except NotFound as msg: |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1771 output = self.error_obj(404, msg) |
| 5602 | 1772 except Reject as msg: |
|
5597
de9933cfcfc4
Added routing decorator
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5596
diff
changeset
|
1773 output = self.error_obj(405, msg) |
|
5567
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
1774 |
|
5590
4d8746c73fdb
Change the way core function is called
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5589
diff
changeset
|
1775 # Format the content type |
|
5591
a25d79e874cb
Added filtering and pagination
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5590
diff
changeset
|
1776 if data_type.lower() == "json": |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1777 self.client.setHeader("Content-Type", "application/json") |
|
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1778 if pretty_output: |
|
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1779 indent = 4 |
| 5574 | 1780 else: |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1781 indent = None |
|
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1782 output = RoundupJSONEncoder(indent=indent).encode(output) |
|
5631
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
1783 elif data_type.lower() == "xml" and dicttoxml: |
|
a5c890d308c3
Add simple support for xml output if the third party dict2xml.py module
John Rouillard <rouilj@ieee.org>
parents:
5630
diff
changeset
|
1784 self.client.setHeader("Content-Type", "application/xml") |
|
5707
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1785 if 'error' in output: |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1786 # capture values in error with types unsupported |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1787 # by dicttoxml e.g. an exception, into something it |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1788 # can handle |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1789 import numbers |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1790 import collections |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1791 for key,val in output['error'].items(): |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1792 if isinstance(val, numbers.Number) or type(val) in \ |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1793 (str, unicode): |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1794 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1795 elif hasattr(val, 'isoformat'): # datetime |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1796 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1797 elif type(val) == bool: |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1798 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1799 elif isinstance(val, dict): |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1800 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1801 elif isinstance(val, collections.Iterable): |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1802 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1803 elif val is None: |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1804 pass |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1805 else: |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1806 output['error'][key] = str(val) |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1807 |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1808 output = '<?xml version="1.0" encoding="UTF-8" ?>\n' + \ |
|
f9a762678af6
Change some 400 errors to 405 (method not allowed) errors where user is
John Rouillard <rouilj@ieee.org>
parents:
5705
diff
changeset
|
1809 b2s(dicttoxml(output, root=False)) |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1810 else: |
|
5705
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1811 # FIXME?? consider moving this earlier. We should |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1812 # error out before doing any work if we can't |
|
457fc482e6b1
Method PUT: ignore specification of protected properties which can not
John Rouillard <rouilj@ieee.org>
parents:
5702
diff
changeset
|
1813 # display acceptable output. |
|
5589
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1814 self.client.response_code = 406 |
|
5a2de4c19109
Fix an indentation bug
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5588
diff
changeset
|
1815 output = "Content type is not accepted by client" |
|
5557
213a56c91471
Implement getting resource from database
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5556
diff
changeset
|
1816 |
|
5639
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1817 # Make output json end in a newline to |
|
f576957cbb1f
Add support for prev/next/self links when returning paginated results.
John Rouillard <rouilj@ieee.org>
parents:
5638
diff
changeset
|
1818 # separate from following text in logs etc.. |
|
5653
ba67e397f063
Fix string/bytes issues under python 3.
John Rouillard <rouilj@ieee.org>
parents:
5646
diff
changeset
|
1819 return bs2b(output + "\n") |
|
5566
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1820 |
|
5567
1af57f9d5bf7
Added exception Handling
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5566
diff
changeset
|
1821 |
|
5566
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1822 class RoundupJSONEncoder(json.JSONEncoder): |
| 5582 | 1823 """RoundupJSONEncoder overrides the default JSONEncoder to handle all |
| 1824 types of the object without returning any error""" | |
|
5566
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1825 def default(self, obj): |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1826 try: |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1827 result = json.JSONEncoder.default(self, obj) |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1828 except TypeError: |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1829 result = str(obj) |
|
2830793d1510
Added RoundupJSONEncoder
Chau Nguyen <dangchau1991@yahoo.com>
parents:
5565
diff
changeset
|
1830 return result |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1831 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1832 class SimulateFieldStorageFromJson(): |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1833 ''' |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1834 The internals of the rest interface assume the data was sent as |
|
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1835 application/x-www-form-urlencoded. So we should have a |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1836 FieldStorage and MiniFieldStorage structure. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1837 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1838 However if we want to handle json data, we need to: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1839 1) create the Fieldstorage/MiniFieldStorage structure |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1840 or |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1841 2) simultate the interface parts of FieldStorage structure |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1842 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1843 To do 2, create a object that emulates the: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1844 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1845 object['prop'].value |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1846 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1847 references used when accessing a FieldStorage structure. |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1848 |
|
5690
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
1849 That's what this class does with all names and values as native |
|
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
1850 strings. Note that json is UTF-8, so we convert any unicode to |
|
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
1851 string. |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1852 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1853 ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1854 def __init__(self, json_string): |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1855 ''' Parse the json string into an internal dict. ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1856 def raise_error_on_constant(x): |
|
5644
b4d7588c74a4
Make exception raising work on python 3.
John Rouillard <rouilj@ieee.org>
parents:
5643
diff
changeset
|
1857 raise ValueError("Unacceptable number: %s"%x) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1858 try: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1859 self.json_dict = json.loads(json_string, |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1860 parse_constant = raise_error_on_constant) |
|
5710
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1861 self.value = [ self.FsValue(index, self.json_dict[index]) for index in self.json_dict.keys() ] |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1862 except ValueError as e: |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1863 self.json_dict = {} |
|
0b79bfcb3312
Add support for making an idempotent POST. This allows retrying a POST
John Rouillard <rouilj@ieee.org>
parents:
5707
diff
changeset
|
1864 self.value = None |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1865 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1866 class FsValue: |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1867 '''Class that does nothing but response to a .value property ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1868 def __init__(self, name, val): |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1869 self.name=u2s(name) |
|
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1870 if is_us(val): |
|
5690
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
1871 # handle most common type first |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1872 self.value=u2s(val) |
|
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1873 elif type(val) == type([]): |
|
5690
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
1874 # then lists of strings |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1875 self.value = [ u2s(v) for v in val ] |
|
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1876 else: |
|
5690
4aae822e2cb4
Added a few comments and a test that fails with the pre-patched code
John Rouillard <rouilj@ieee.org>
parents:
5689
diff
changeset
|
1877 # then stringify anything else (int, float) |
|
5689
2c516d113620
Fix encoding for incoming json requests
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5687
diff
changeset
|
1878 self.value = str(val) |
|
5643
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1879 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1880 def __getitem__(self, index): |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1881 '''Return an FsValue created from the value of self.json_dict[index] |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1882 ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1883 return self.FsValue(index, self.json_dict[index]) |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1884 |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1885 def __contains__(self, index): |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1886 ''' implement: 'foo' in DICT ''' |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1887 return index in self.json_dict |
|
a60cbbcc9309
Added support for accepting application/json payload in addition to
John Rouillard <rouilj@ieee.org>
parents:
5639
diff
changeset
|
1888 |