Mercurial > p > roundup > code
comparison doc/rest.txt @ 5883:da417bab5cb8
Add more programming rest interface examples. Fix broken link.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 29 Sep 2019 22:01:09 -0400 |
| parents | 94a7669677ae |
| children | 30b76c165ee6 |
comparison
equal
deleted
inserted
replaced
| 5881:9938c40e03bc | 5883:da417bab5cb8 |
|---|---|
| 1232 | 1232 |
| 1233 | 1233 |
| 1234 Adding other endpoints (e.g. to allow an OPTIONS query against | 1234 Adding other endpoints (e.g. to allow an OPTIONS query against |
| 1235 ``/data/issue/@schema``) is left as an exercise for the reader. | 1235 ``/data/issue/@schema``) is left as an exercise for the reader. |
| 1236 | 1236 |
| 1237 Redefine/move rest endpoints | |
| 1238 ============================ | |
| 1239 | |
| 1240 In addition to adding new endpoints, you can redefine existing | |
| 1241 endpoints. Adding this as described above:: | |
| 1242 | |
| 1243 @Routing.route("/summary") | |
| 1244 @_data_decorator | |
| 1245 def summary2(self, input): | |
| 1246 result = { "hello": "world" } | |
| 1247 return 200, result | |
| 1248 | |
| 1249 will return:: | |
| 1250 | |
| 1251 { | |
| 1252 "data": { | |
| 1253 "hello": "world" | |
| 1254 } | |
| 1255 } | |
| 1256 | |
| 1257 | |
| 1258 In addition to overriding existing endpoints, you can move existing | |
| 1259 endpoints to new locations. Adding:: | |
| 1260 | |
| 1261 @Routing.route("/data2/<:classname>") | |
| 1262 def get_collection2(self, classname, input): | |
| 1263 """ Remap existing function in rest.py to a new endpoint | |
| 1264 | |
| 1265 Existing function is decorated with: | |
| 1266 | |
| 1267 @Routing.route("/data/<:classname>") | |
| 1268 @_data_decorator | |
| 1269 | |
| 1270 so we need to drop @_data_decorator from this function since | |
| 1271 we can't apply @_data_decorator twice. | |
| 1272 """ | |
| 1273 return self.get_collection(classname, input) | |
| 1274 | |
| 1275 will move the response that normally happens at /rest/data/<class> to | |
| 1276 /rest/data/<class>. | |
| 1277 | |
| 1278 | |
| 1237 Controlling Access to Backend Data | 1279 Controlling Access to Backend Data |
| 1238 ================================== | 1280 ================================== |
| 1239 | 1281 |
| 1240 Roundup's schema is the primary access control mechanism. Roles and | 1282 Roundup's schema is the primary access control mechanism. Roles and |
| 1241 Permissions provide the ability to carefully control what data can be | 1283 Permissions provide the ability to carefully control what data can be |
| 1566 } | 1608 } |
| 1567 | 1609 |
| 1568 Final steps | 1610 Final steps |
| 1569 ^^^^^^^^^^^ | 1611 ^^^^^^^^^^^ |
| 1570 | 1612 |
| 1571 See the `upgrading documentation`__ on how to regenerate an updated copy of | 1613 See the `upgrading directions`_ on how to use the ``updateconfig`` to |
| 1572 config.ini using roundup-admin. Then set the ``jwt_secret`` to at | 1614 generate an updated copy of config.ini using roundup-admin. Then set |
| 1573 least 32 characters (more is better up to 512 bits). | 1615 the ``jwt_secret`` to at least 32 characters (more is better up to 512 |
| 1616 bits). | |
| 1574 | 1617 |
| 1575 Writing an auditor that uses "db.user.get_roles" to see if the user | 1618 Writing an auditor that uses "db.user.get_roles" to see if the user |
| 1576 making the change has the ``user:timelog`` role, and then comparing | 1619 making the change has the ``user:timelog`` role, and then comparing |
| 1577 the original ``times`` list to the new list to verify that it is being | 1620 the original ``times`` list to the new list to verify that it is being |
| 1578 added to and not changed otherwise is left as an exercise for the | 1621 added to and not changed otherwise is left as an exercise for the |