| changeset | 1ffa1f42e1da |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | refactor: rework mime type comparison and clean code rest.py: accept application/* as match for application/json in non /binary_context rest path. allow defining default mime type to return when file/message is missing mime type. Make it a class variable to it can be changed from text/plain to text/markdown or whatever. extract code from determine_output_format() to create create_valid_content_types() method which returns a list of matching mime types for a given type/subtype. Eliminate mostly duplicate return statements by introducing a variable to specify valid mime types in error message. rest_common.py: Fix error messages that now return application/* as valid mime type. CHANGES.txt upgrading.txt rest.txt: top level notes and corrections. Also correct rst syntax on earlier change. |
| files |
| changeset | 05d8806b25ad |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | fix: issue2551387 - TypeError: not indexable. Fix crash due to uninitialized list element on a (Mini)FieldStorage when unexpected input is posted via wsgi. This doesn't happen when running roundup-server. It might happen under other front ends. Moved the code that sets '.list = [] if .list == None' to the main flow. Added an exception hander that logs the value of self.form if self.form.list raises an AttributeError. This exception should never happen if I understand the code correctly (but I probably don't). Fixed a number of test cases that were broken because I was calling Client and passing '[]' rather than a cgi.formStorage object. Added test cases: create a FileStorage (self.form) with .list = None. check AttributeError exception and verify logging. Problem reported and debugged by Christof Meerwald. |
| files |
| changeset | 8c1e0459b73d |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | test: issue2551253. fix test for default hash is PBKDF2-SHA512. Some rest responses include the password field which includes the hash method. |
| files |
| changeset | 818751637b77 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | fix: make rest.py still load on python2, do not test bad json It's not worth fixing the test to make it work on python2. But do define the missing JSONDecodeError as it's base class ValueError on python2. |
| files |
| changeset | 32aaf5dc562b |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | fix(REST): issue2551383; improve errors for bad json, fix PUT docs While adding fuzz testing for email addresses via REST /rest/data/user/1/address, I had an error when setting the address to the same value it currently had. Traced this to a bug in userauditor.py. Fixed the bug. Documented in upgrading.txt. While trying to track down issue, I realized invalid json was being accepted without error. So I fixed the code that parses the json and have it return an error. Also modified some tests that broke (used invalid json, or passed body (e.g. DELETE) but shouldn't have. Add tests for bad json to verify new code. Fixed test that wasn't initializing the body_file in each loop, so the test wasn't actually supplying a body. Also realised PUT documentation was not correct. Output format isn't quite like GET. Fuss tests for email address also added. |
| files |
| changeset | 5fcc1a379564 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | feat: add test download via /binary_content via dispatch - issue2551068 CI showed I missed a code path. Dispatch and format_dispatch_output did not have a test case though the /binary_content code path. Added this test and verifies the data, content-type, lack of ETag header, presence of header to prevent browser sniffing. |
| files |
| changeset | d02ce1d14acd |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | feat: issue2551068 - Provide way to retrieve file/msg data via rest endpoint. Use Allow header to change format of /binary_content endpoint. If Allow header for endpoint is not application/json, it will be matched against the mime type for the file. */*, text/* are supported and will return the native mime type if present. Changes: move */* mime type from static dict of supported types. It was hardcoded to return json only. Now it can return a matching non-json mime type for the /binary_content endpoint. Edited some errors to explicitly add */* mime type. Cleanups to use ', ' separation in lists of valid mime types rather than just space separated. Remove ETag header when sending raw content. See issue 2551375 for background. Doc added to rest.txt. Small format fix up (add dash) in CHANGES.txt. Make passing an unset/None/False accept_mime_type to format_dispatch_output a 500 error. This used to be the fallback to produce a 406 error after all processing had happened. It should no longer be possible to take that code path as all 406 errors (with valid accept_mime_types) are generated before processing takes place. Make format_dispatch_output handle output other than json/xml so it can send back binary_content data. Removed a spurious client.response_code = 400 that seems to not be used. Tests added for all code paths. Database setup for tests msg and file entry. This required a file upload test to change so it doesn't look for file1 as the link returned by the upload. Download the link and verify the data rather than verifying the link. Multiple formatting changes to error messages to make all lists of valid mime types ', ' an not just space separated. |
| files |
| changeset | 2967f37e73e4 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | refactor: issue2551289. invalid REST Accept header stops request Sending a POST, PUT (maybe PATCH) with an accept header that is not application/json or xml (if enabled) used to complete the request before throwing a 406 error. This was wrong. Now it reports an error without dispatching/processing the requested transaction. This is the first of a series of refactors of the dispatch method to make it faster and more readable by using return early pattern and extracting methods from the code. changes: The following now return 406 errors not 400 errors invalid version specified with @apiver in URL. invalid version specified with @apiver in payload body invalid version specified in accept headers as application/vnd.roundup.test-vz+json or version property Parsing the accept header returns a 400 when presented with a parameter without an = sign or other parse error. They used to return a 406 which is wrong since the header is malformed rather than having a value I can't respond to. Some error messages were made clearer. Results in the case of an error are proper json error object rather than text/plain strings. New test added for testdetermine_output_formatBadAccept that test the new method using the same test cases as for testDispatchBadAccept. I intend to extend the test coverage for determine_output_format to cover more cases. This should be a faster unit test than for dispatch. Removed .lower() calls for accept_mime_type as the input values are taken from the values in the __accepted_content_type dict which only has lower case values. |
| files |
| changeset | 8e310a7b5e09 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | issue2551131 - Return accept-patch if patch body not accepted (415 code) Now returns: Accept-Patch: application/json, application/x-www-form-urlencoded for PATCH verb. |
| files |
| changeset | 171ff2e487df |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Add @group for grouping in rest interface. Helpful for using optgroup in select boxes. |
| files |
| changeset | 03c1b7ae3a68 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | issue2551328/issue2551264 unneeded next link and total_count incorrect Fix: issue2551328 - REST results show next link if number of results is a multiple of page size. (Found by members of team 3 in the UMass-Boston CS682 Spring 2024 class.) issue2551264 - REST X-Total-Count header and @total_size count incorrect when paginated These issues arose because we retrieved the exact number of rows from the database as requested by the user using the @page_size parameter. With this changeset, we retrieve up to 10 million + 1 rows from the database. If the total number of rows exceeds 10 million, we set the total_count indicators to -1 as an invalid size. (The max number of requested rows (default 10 million +1) can be modified by the admin through interfaces.py.) By retrieving more data than necessary, we can calculate the total count by adding @page_index*@page_size to the number of rows returned by the query. Furthermore, since we return more than @page_size rows, we can determine the existence of a row at @page_size+1 and use that information to determine if a next link should be provided. Previously, a next link was returned if @page_size rows were retrieved. This change does not guarantee that the user will get @page_size rows returned. Access policy filtering occurs after the rows are returned, and discards rows inaccessible by the user. Using the current @page_index/@page_size it would be difficult to have the roundup code refetch data and make sure that a full @page_size set of rows is returned. E.G. @page_size=100 and 5 of them are dropped due to access restrictions. We then fetch 10 items and add items 1-4 and 6 (5 is inaccessible). There is no way to calculate the new database offset at: @page_index*@page_size + 6 from the URL. We would need to add an @page_offset=6 or something. This could work since the client isn't adding 1 to @page_index to get the next page. Thanks to HATEOAS, the client just uses the 'next' url. But I am not going to cross that bridge without a concrete use case. This can also be handled client side by merging a short response with the next response and re-paginating client side. Also added extra index markers to the docs to highlight use of interfaces.py. |
| files |
| changeset | be6cb2e0d471 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | feat: add support for rotating jwt keys This allows jwt_secret to have multiple ',' separated secrets. The first/leftmost should be used to sign new JWTs. All of them are used (starting from left/newest) to try to verify a JWT. If the first secret is < 32 chars in length JWTs are disabled. If any of the other secrets are < 32 chars, the configuration code causes the software to exit. This prevents insecure (too short) secrets from being used. Updated doc examples and tests. |
| files |
| changeset | 8f29e4ea05ce |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | fix: issue2551278 - datetime.datetime.utcnow deprecation. Replace calls with equivalent that produces timezone aware dates rather than naive dates. Also some flake8 fixes for test/rest_common.py. |
| files |
| changeset | 978285986b2c |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | fix: issue2551193 - Fix roundup for removal of cgi and cgitb ... standard python modules (and FieldStorage/MiniFieldStorage). Vendor cgi.py and modify imports. Details: roundup/anypy/cgi_.py import that accesses a working cgi.py. All imports dealing with cgi now use cgi_. roundup/anypy/vendored/cgi.py vendored version 2.6 of cgi.py from: https://pypi.org/project/legacy-cgi/ CHANGES.txt change note added COPYING.txt added license for cgi.py doc/rest.txt change example to use cgi_ doc/upgrading.txt doc removal and how to rework local code using cgi.py. frontends/roundup.cgi remove unneeded cgi import roundup/cgi/actions.py roundup/cgi/apache.py roundup/cgi/client.py roundup/cgi/templating.py roundup/cgi/TAL/TALGenerator.py test/db_test_base.py test/rest_common.py test/test_cgi.py remove import cgi and replace with from roundup.anypy.cgi_ import cgi test/test_actions.py test/test_templating.py modify import to get *FieldStorage test/test_admin.py test/test_hyperdbvals.py test/test_xmlrpc.py remove unneeded cgi import |
| files |
| changeset | 451232f83244 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | test: Modify testRestRateLimit test to report when system is too slow. Add an explicit check on the runtime and an error message that reports that the runtime was exceeded for the test to complete as written. testRestRateLimit requires that it finish within 3 seconds. Otherwise the number of remaining requests in the rate limit does not decrease on every call. If disk I/O is high, the anydbm version of this test can take > 3 seconds and result in a failed test. My other alternative was to measure the runtime and adjust the test to match the values that are returned. This seems like too much work and is unlikely to be an issue outside of a developers under powered system. |
| files |
| changeset | 613f822f1f24 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Support pyjwt-2.7.0 in test_bad_audience_jwt Exception raised changed format. |
| files |
| changeset | 886a5c767d7e |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Invalid REST item spec returns 404 rather than 400. A GET to /rest/data/issue/issue4 now returns a 404 rather than a 400 status code. |
| files |
| changeset | 2de72f75f2f8 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Production PBKDF rounds back to 2M, test 1k; fix empty_form (python2) |
| files |
| changeset | 6f09103a6522 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | [issue2551263] expose headers to rest clients Expose headers for with rate limiting (X-RateLimiting*, Retry-After), marking obsolete api endpoints (Sunset), and listing methods available on an endpoint (Allow). |
| files |
| changeset | 89a59e46b3af |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | improve REST interface security When using REST, we reflect the client's origin. If the wildcard '*' is used in allowed_api_origins all origins are allowed. When this is done, it also added an 'Access-Control-Allow-Credentials: true' header. This Credentials header should not be added if the site is matched only by '*'. This header should be provided only for explicit origins (e.g. https://example.org) not for the wildcard. This is now fixed for CORS preflight OPTIONS request as well as normal GET, PUT, DELETE, POST, PATCH and OPTIONS requests. A missing Access-Control-Allow-Credentials will prevent the tracker from being accessed using credentials. This prevents an unauthorized third party web site from using a user's credentials to access information in the tracker that is not publicly available. Added test for this specific case. In addition, allowed_api_origins can include explicit origins in addition to '*'. '*' must be first in the list. Also adapted numerous tests to work with these changes. Doc updates. |
| files |
| changeset | 32c6e98e5a21 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <rsc@runtux.com> |
| description | Larger delta for X-RateLimit-Reset tests These could be exceeded on a slow machine, with a higher delta this is much less likely. See issue2551202. |
| files |
| changeset | 576d630fc908 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix error status for invalid props Some places were raising AttributeError which results in a 405 (bad method) not a 400. Replace with UsageError or KeyError. Make rest.py::transitive_props run aginst a prop that has no transitive elements as well. So it will verify that assignedto exists even though it has no period like assignedto.name would. These should check properties in @fields and @sort. Also validate fields that are used as search params: ?assignedto=1 If the search prop was mispelled or incorrect, the search element was ignored as though it had not been specified. Now it returns a 400 to notify sender they sent an incorrect filter. Also remove unused statements that were originally for finding invalid props before we supported transitive props. |
| files |
| changeset | f8df7fed18f6 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | issue2551175 - Make ETag content-encoding aware. HTTP ETag headers now include a suffix (-gzip, -br, -zstd) indicating the content-encoding used to send the data per rfc7232. Validate any form of ETag by stripping a suffix (if present). |
| files |
| changeset | c505c774a94d |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Mutiple changes to REST code. Requesting an invalid attribut via rest/data/class/id/attrib used to return a 405, it now returns a 400 and a better error message. /rest/ response scans the registered endpoints rather than using a hard coded description. So new endpoints added in interfaces.py are listed. Fix a number of Allow headers that were listing invalid methods. Also when invalid method is used, report valid methods in response. Extract methods from Route list. Fix Access-Control-Allow-Methods. Add X-Requested-With to Access-Control-Allow-Headers. Add decorator openapi_doc to add openapi annotations for the rest endpoints. Added a couple of examples. Returning this info to a client is still a work in progress. |
| files |
| changeset | 1d6c986b3f72 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix test. |
| files |
| changeset | b54bb529d701 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix test. |
| files |
| changeset | 1fc765ef6379 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix 204 responses, hangs and crashes with REST. Remove Content-Type and make sure no content is returned by OPTIONS request in REST interface. In write_html set the Content-Length when response is not encoded/compressed (fixes hang due to missing content-length with unencoded data). In REST interface do not raise UsageError for invalid api version. Return json error with proper message. Fixes crash. |
| files |
| changeset | f2c31f5ec50b |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <rsc@runtux.com> |
| description | Move mocknull from test to roundup/test |
| files |
| changeset | 58817c3bf471 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <rsc@runtux.com> |
| description | Fix roundup/test Move the test-detectors in tx_Source_detector.py to roundup/test for two reasons: It's used in the memorydb convenience functions and it may be useful in other tests. Make the prefix a paramter of the convenience functions to be usable in other tests. |
| files |
| changeset | 6a69584d117e |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Remove length checks. We check list content explicitly. So the length checks are redundant. |
| files |
| changeset | ec853cef2f09 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Add test for invaild action in rest.py patch_element. |
| files |
| changeset | ea0becc9fdb9 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Test delete of class and use of @protected. |
| files |
| changeset | 323661f7c89c |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Test handling of invalid API version using Accept header. |
| files |
| changeset | a2fbd3592322 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | pyjwt 2.00 changed return type of jwt.encode from byte to str Need to change tests to only do b2s conversion if using version before 2.0.0. Note 2.0.0 drops support for python 2. Also it is not installed for the python 3.4 ci test by pip install. |
| files |
| changeset | 6ef7b66774b4 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix test. Env without xml fails due to added , |
| files |
| changeset | be8d5a8e090a |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix uncaught error when parsing rest headers, document Started this work as better docs for rest response format. But I found 406 error response was not being tested. Also there was no error for bad Content-Type. In rest.py fix uncaught exceptions due to invalid Accept or Content-Type headers. If Content-type is valid but not application/json return code 415. Document use of accept header (was only shown in examples) and support for q parameter. Describe using .xml and .json extensions to select return format for testing from browser (where setting accept header is a problem). Document 406 error code return. Document 415 error code return and acceptable content types. Previously only doc was in examples. Set up tests for 406 and 415 error codes. |
| files |
| changeset | 29c6dc8ed004 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Test handling of unset transitive link field. Test changeset p5b66c480f71f by adding a new link to issue to the user class. Without the changeset, modifying testGetTransitive to include: cgi.MiniFieldStorage('@fields', 'status,assignedto.issue') results in: {'error': {'status': 404, 'msg': IndexError('no such user None',)}} (Note this is the wrong error message, it's not user that is None, it's None value for the issue link in the user object.) With the changeset and modfying expected output to include the new field, I get a passing test with output like: { 'id': '2', 'link': base_path + 'issue/2', 'assignedto.issue': None, 'status': { 'id': '10', 'link': base_path + 'status/10' } }, Changing the schema also requires changes to the etag testing code since it uses the user object and the representation has changed. |
| files |
| changeset | 1cb2375015f0 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Enable timing stats reporting in REST interface. |
| files |
| changeset | e097ff5064b8 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <rsc@runtux.com> |
| description | Allow transitive properties in @fields in REST API These transitive properties may not cross Multilinks, e.g., when querying 'issue' the property 'messages.author' is not allowed (because 'messages' is a multilink). A multilink at the end (e.g. messages in the example) is fine. |
| files |
| changeset | a0ab2c5d1c2a |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Add test for BinaryFieldStorage. Start a test specifically for BinaryFieldStorage. |
| files |
| changeset | ea3485c67f94 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Sort accept keys to make p2 and p3 ordering the same Sort keys of self.__accepted_content_type. Keys returned in different orders in python2/3. Sorting makes testing easier. |
| files |
| changeset | 8b88fb789208 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | still trying to get testing to pass. Now crashing in test 10 at: results = self.server.dispatch('GET', "/rest/", self.empty_form) print(results) self.assertEqual(self.server.client.response_code, 200) results_dict = json.loads(b2s(results)) self.assertEqual(results_dict, expected_rest) results = self.server.dispatch('GET', "/rest/summary", self.empty_form) print(results) > self.assertEqual(self.server.client.response_code, 200) E AssertionError: 400 != 200 |
| files |
| changeset | f1191a470598 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fix test to account for mixxing dicttoxml. CI doesn't have dicttoxml installed. Make test pass with and without it installed. |
| files |
| changeset | 25a813415d59 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | issue2551069 - when unsupported type is found report type When reporting an unsupported response type, error 406, report what type is seen by the code. Allows the user to better debug the query. E.G. look at the url and see if they mistyped it (e.g. by leaving a ? out of the url), or a mispelled accept header value or .... |
| files |
| changeset | 5d0873a4de4a |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | fix rate limit headers - were ints/floats need to be strings Running under gunicorn rest requests were crashing. Not all of the values for the rate limit headers were strings. Some were numbers. This caused the header generation for wsgi to fail. Now the values are all strings. |
| files |
| changeset | 94a7669677ae |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | add permissions to control user of rest and xmlrpc API interfaces. issue2551058: Add new permissions: 'Rest Access' and 'Xmlrpc Access' to allow per-user access control to rest and xmlrpc interfaces using roles. Updated all schemas to add these new perms to all authenticated roles. Error conditions in handle_xmlrpc were not working right in manual testing. I tried to make it a little better, but I don't actually understand how the fault xmlrpc object is supposed to be used. So I may have messed something up. I'll try to ping the people who wrote the xmlrpc code to have them review. |
| files |
| changeset | 1b57d8f3eb97 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Add rudimentery experiment JSON Web Token (jwt) support issue2551061: Add rudimentary experimental support for JSON Web Tokens to allow delegation of limited access rights to third parties. See doc/rest.txt for details and intent. |
| files |
| changeset | 6630baff5f68 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <rsc@runtux.com> |
| description | Implement exact string search in REST API Now with ':=' instead of '=' an exact string match is requested. In addition we now support '~=' for a substring search. The old semantics of '=' is kept. The new syntax works for all types of properties but only makes a difference for String properties. Note that this is not yet documented, pending discussion if we want to keep this syntax. |
| files |
| changeset | 1b91e3df3fd0 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <rsc@runtux.com> |
| description | Implement transitive props for sort and filter .. in REST API. |
| files |
| changeset | 04deafac71ab |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | Ralf Schlatterbeck <rsc@runtux.com> |
| description | Implement sorting of collections in REST API |
| files |
| changeset | 9c6617857032 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Support use of duplicate rest filters keys. So URL's like: issues?title=foo&title=bar will find titles with the words foo and bar but not just foo and not just bar. Url like: issues?status=open,resolved&status=closed will find any issue with open, closed or resolved status. Original code would only use the last title or status filter erasing the earlier one. |
| files |
| changeset | bcb894bc9740 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Add test of protected values for collections and item. |
| files |
| changeset | ddb553d5618c |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Add import of cgi since import cgi was removed from exceptions in prior checkin. |
| files |
| changeset | 17b38e209307 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Test patch op=action restore; test patch add for attribute with no value. |
| files |
| changeset | fea2b6e54492 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Check /rest/data. |
| files |
| changeset | d4de45cde106 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Accept header parsing fixes. Now return first acceptable match rather than last. If not acceptable match in accept, 406 error returns list of acceptable types as text string. application/xml is listed in acceptable types only if dicttoxml is installed. Handle q > 1.0 by demoting q factor to 0.0001 making it unusable. Test cases for all this code. XML is commented out as we don't install dicttoxml.py. |
| files |
| changeset | 60299cd36670 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Basic tests for tunneling of methods via x-http-method-override. |
| files |
| changeset | 97d7faebef0a |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Test @apiver version parsing using bogus version. Test /rest, /rest/ for returned data, /rest/summary, /rest/summary/ for success and /rest/notthere, /rest/notthere/ for a 404. |
| files |
| changeset | 9c2e51aae18a |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Test to make sure version selection via accept header is parsed correctly. |
| files |
| changeset | 5cd9ac3daed7 |
|---|---|
| branch | |
| bookmark | |
| tag | |
| user | John Rouillard <rouilj@ieee.org> |
| description | Fixes for mysql and postgresql primary db. |
| files |