Mercurial Repository: p/roundup/code: roundup/rest.py comparison

comparison roundup/rest.py @ 5597:de9933cfcfc4 REST-rebased

Added routing decorator committer: Ralf Schlatterbeck <rsc@runtux.com>

author	Chau Nguyen <dangchau1991@yahoo.com>
date	Wed, 30 Jan 2019 10:26:35 +0100
parents	55fa81de6a57
children	be81e8cca38c

comparison

equal deleted inserted replaced

-:55fa81de6a57
+:de9933cfcfc4
 import json
 import pprint
 import sys
 import time
 import traceback
-import xml
+import re
 from roundup import hyperdb
 from roundup import date
 from roundup.exceptions import *
+from roundup.cgi.exceptions import *
 def _data_decorator(func):
 """Wrap the returned data into an object."""
 def format_object(self, *args, **kwargs):
 # get the data / error from function
 try:
 code, data = func(self, *args, **kwargs)
+except NotFound, msg:
+code = 404
+data = msg
 except IndexError, msg:
 code = 404
 data = msg
 except Unauthorised, msg:
 code = 403
 result.append((media_type, dict(media_params), q))
 result.sort(lambda x, y: -cmp(x[2], y[2]))
 return result
+class Routing(object):
+__route_map = {}
+__var_to_regex = re.compile(r"<:(\w+)>")
+url_to_regex = r"([\w.\-~!$&'()*+,;=:@\%%]+)"
+@classmethod
+def route(cls, rule, methods='GET'):
+"""A decorator that is used to register a view function for a
+given URL rule:
+@self.route('/')
+def index():
+return 'Hello World'
+rest/ will be added to the beginning of the url string
+Args:
+rule (string): the URL rule
+methods (string or tuple or list): the http method
+"""
+# strip the '/' character from rule string
+rule = rule.strip('/')
+# add 'rest/' to the rule string
+if not rule.startswith('rest/'):
+rule = '^rest/' + rule + '$'
+if isinstance(methods, basestring):  # convert string to tuple
+methods = (methods,)
+methods = set(item.upper() for item in methods)
+# convert a rule to a compiled regex object
+# so /data/<:class>/<:id> will become
+#    /data/([charset]+)/([charset]+)
+# and extract the variable names to a list [(class), (id)]
+func_vars = cls.__var_to_regex.findall(rule)
+rule = re.compile(cls.__var_to_regex.sub(cls.url_to_regex, rule))
+# then we decorate it:
+# route_map[regex][method] = func
+def decorator(func):
+rule_route = cls.__route_map.get(rule, {})
+func_obj = {
+'func': func,
+'vars': func_vars
+}
+for method in methods:
+rule_route[method] = func_obj
+cls.__route_map[rule] = rule_route
+return func
+return decorator
+@classmethod
+def execute(cls, instance, path, method, input):
+# format the input
+path = path.strip('/').lower()
+method = method.upper()
+# find the rule match the path
+# then get handler match the method
+for path_regex in cls.__route_map:
+match_obj = path_regex.match(path)
+if match_obj:
+try:
+func_obj = cls.__route_map[path_regex][method]
+except KeyError:
+raise Reject('Method %s not allowed' % method)
+# retrieve the vars list and the function caller
+list_vars = func_obj['vars']
+func = func_obj['func']
+# zip the varlist into a dictionary, and pass it to the caller
+args = dict(zip(list_vars, match_obj.groups()))
+args['input'] = input
+return func(instance, **args)
+raise NotFound('Nothing matches the given URI')
 class RestfulInstance(object):
 """The RestfulInstance performs REST request from the client"""
 __default_patch_op = "replace"  # default operator for PATCH method
 __accepted_content_type = {
 else:
 raise UsageError('PATCH Operation %s is not allowed' % op)
 return result
+@Routing.route("/data/<:class_name>", 'GET')
 @_data_decorator
 def get_collection(self, class_name, input):
 """GET resource from class URI.
 This function returns only items have View permission
 int: http status code 200 (OK)
 list: list of reference item in the class
 id: id of the object
 link: path to the object
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'View', self.db.getuid(), class_name
 ):
 raise Unauthorised('Permission to view %s denied' % class_name)
 result = result[page_start:page_end]
 self.client.setHeader("X-Count-Total", str(len(result)))
 return 200, result
+@Routing.route("/data/<:class_name>/<:item_id>", 'GET')
 @_data_decorator
 def get_element(self, class_name, item_id, input):
 """GET resource from object URI.
 This function returns only properties have View permission
 id: id of the object
 type: class name of the object
 link: link to the object
 attributes: a dictionary represent the attributes of the object
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'View', self.db.getuid(), class_name, itemid=item_id
 ):
 raise Unauthorised(
 'Permission to view %s%s denied' % (class_name, item_id)
 'attributes': dict(result)
 }
 return 200, result
+@Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'GET')
 @_data_decorator
 def get_attribute(self, class_name, item_id, attr_name, input):
 """GET resource from attribute URI.
 This function returns only attribute has View permission
 id: id of the object
 type: class name of the attribute
 link: link to the attribute
 data: data of the requested attribute
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'View', self.db.getuid(), class_name, attr_name, item_id
 ):
 raise Unauthorised(
 'Permission to view %s%s %s denied' %
 'data': data
 }
 return 200, result
+@Routing.route("/data/<:class_name>", 'POST')
 @_data_decorator
 def post_collection(self, class_name, input):
 """POST a new object to a class
 If the item is successfully created, the "Location" header will also
 int: http status code 201 (Created)
 dict: a reference item to the created object
 id: id of the object
 link: path to the object
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'Create', self.db.getuid(), class_name
 ):
 raise Unauthorised('Permission to create %s denied' % class_name)
 'id': item_id,
 'link': link
 }
 return 201, result
-@_data_decorator
+@Routing.route("/data/<:class_name>/<:item_id>", 'PUT')
-def post_element(self, class_name, item_id, input):
-"""POST to an object of a class is not allowed"""
-raise Reject('POST to an item is not allowed')
-@_data_decorator
-def post_attribute(self, class_name, item_id, attr_name, input):
-"""POST to an attribute of an object is not allowed"""
-raise Reject('POST to an attribute is not allowed')
-@_data_decorator
-def put_collection(self, class_name, input):
-"""PUT a class is not allowed"""
-raise Reject('PUT a class is not allowed')
 @_data_decorator
 def put_element(self, class_name, item_id, input):
 """PUT a new content to an object
 Replace the content of the existing object
 type: class name of the object
 link: link to the object
 attributes: a dictionary represent only changed attributes of
 the object
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 class_obj = self.db.getclass(class_name)
 props = self.props_from_args(class_obj, input.value, item_id)
 for p in props.iterkeys():
 if not self.db.security.hasPermission(
 'link': self.base_path + class_name + item_id,
 'attribute': result
 }
 return 200, result
+@Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PUT')
 @_data_decorator
 def put_attribute(self, class_name, item_id, attr_name, input):
 """PUT an attribute to an object
 Args:
 type: class name of the object
 link: link to the object
 attributes: a dictionary represent only changed attributes of
 the object
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'Edit', self.db.getuid(), class_name, attr_name, item_id
 ):
 raise Unauthorised(
 'Permission to edit %s%s %s denied' %
 'attribute': result
 }
 return 200, result
+@Routing.route("/data/<:class_name>", 'DELETE')
 @_data_decorator
 def delete_collection(self, class_name, input):
 """DELETE all objects in a class
 Args:
 int: http status code 200 (OK)
 dict:
 status (string): 'ok'
 count (int): number of deleted objects
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'Delete', self.db.getuid(), class_name
 ):
 raise Unauthorised('Permission to delete %s denied' % class_name)
 'count': count
 }
 return 200, result
+@Routing.route("/data/<:class_name>/<:item_id>", 'DELETE')
 @_data_decorator
 def delete_element(self, class_name, item_id, input):
 """DELETE an object in a class
 Args:
 Returns:
 int: http status code 200 (OK)
 dict:
 status (string): 'ok'
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'Delete', self.db.getuid(), class_name, itemid=item_id
 ):
 raise Unauthorised(
 'Permission to delete %s %s denied' % (class_name, item_id)
 'status': 'ok'
 }
 return 200, result
+@Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'DELETE')
 @_data_decorator
 def delete_attribute(self, class_name, item_id, attr_name, input):
 """DELETE an attribute in a object by setting it to None or empty
 Args:
 Returns:
 int: http status code 200 (OK)
 dict:
 status (string): 'ok'
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 if not self.db.security.hasPermission(
 'Edit', self.db.getuid(), class_name, attr_name, item_id
 ):
 raise Unauthorised(
 'Permission to delete %s%s %s denied' %
 'status': 'ok'
 }
 return 200, result
-@_data_decorator
+@Routing.route("/data/<:class_name>/<:item_id>", 'PATCH')
-def patch_collection(self, class_name, input):
-"""PATCH a class is not allowed"""
-raise Reject('PATCH a class is not allowed')
 @_data_decorator
 def patch_element(self, class_name, item_id, input):
 """PATCH an object
 Patch an element using 3 operators
 type: class name of the object
 link: link to the object
 attributes: a dictionary represent only changed attributes of
 the object
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 try:
 op = input['op'].value.lower()
 except KeyError:
 op = self.__default_patch_op
 class_obj = self.db.getclass(class_name)
 'link': self.base_path + class_name + item_id,
 'attribute': result
 }
 return 200, result
+@Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PATCH')
 @_data_decorator
 def patch_attribute(self, class_name, item_id, attr_name, input):
 """PATCH an attribute of an object
 Patch an element using 3 operators
 type: class name of the object
 link: link to the object
 attributes: a dictionary represent only changed attributes of
 the object
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 try:
 op = input['op'].value.lower()
 except KeyError:
 op = self.__default_patch_op
 'link': self.base_path + class_name + item_id,
 'attribute': result
 }
 return 200, result
+@Routing.route("/data/<:class_name>", 'OPTIONS')
 @_data_decorator
 def options_collection(self, class_name, input):
 """OPTION return the HTTP Header for the class uri
 Returns:
 int: http status code 204 (No content)
 body (string): an empty string
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 return 204, ""
+@Routing.route("/data/<:class_name>/<:item_id>", 'OPTIONS')
 @_data_decorator
 def options_element(self, class_name, item_id, input):
 """OPTION return the HTTP Header for the object uri
 Returns:
 int: http status code 204 (No content)
 body (string): an empty string
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 self.client.setHeader(
 "Accept-Patch",
 "application/x-www-form-urlencoded, multipart/form-data"
 )
 return 204, ""
+@Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'OPTIONS')
 @_data_decorator
 def option_attribute(self, class_name, item_id, attr_name, input):
 """OPTION return the HTTP Header for the attribute uri
 Returns:
 int: http status code 204 (No content)
 body (string): an empty string
 """
+if class_name not in self.db.classes:
+raise NotFound('Class %s not found' % class_name)
 self.client.setHeader(
 "Accept-Patch",
 "application/x-www-form-urlencoded, multipart/form-data"
 )
 return 204, ""
+@Routing.route("/summary")
 @_data_decorator
 def summary(self, input):
 """Get a summary of resource from class URI.
 This function returns only items have View permission
 self.client.setHeader(
 "Access-Control-Allow-Methods",
 "HEAD, OPTIONS, GET, PUT, DELETE, PATCH"
 )
-# PATH is split to multiple pieces
-# 0 - rest
-# 1 - data
-# 2 - resource
-# 3 - attribute
-uri_split = uri.lower().split("/")
 # Call the appropriate method
-if len(uri_split) == 2 and uri_split[1] == 'summary':
+try:
-output = self.summary(input)
+output = Routing.execute(self, uri, method, input)
-elif 4 >= len(uri_split) > 2 and uri_split[1] == 'data':
+except NotFound, msg:
-resource_uri = uri_split[2]
+output = self.error_obj(404, msg)
-try:
+except Reject, msg:
-class_name, item_id = hyperdb.splitDesignator(resource_uri)
+output = self.error_obj(405, msg)
-except hyperdb.DesignatorError:
-class_name = resource_uri
-item_id = None
-if class_name not in self.db.classes:
-output = self.error_obj(404, "Not found")
-elif item_id is None:
-if len(uri_split) == 3:
-output = getattr(
-self, "%s_collection" % method.lower()
-)(class_name, input)
-else:
-output = self.error_obj(404, "Not found")
-else:
-if len(uri_split) == 3:
-output = getattr(
-self, "%s_element" % method.lower()
-)(class_name, item_id, input)
-else:
-output = getattr(
-self, "%s_attribute" % method.lower()
-)(class_name, item_id, uri_split[3], input)
-else:
-output = self.error_obj(404, "Not found")
 # Format the content type
 if data_type.lower() == "json":
 self.client.setHeader("Content-Type", "application/json")
 if pretty_output:

Mercurial > p > roundup > code

comparison roundup/rest.py @ 5597:de9933cfcfc4 REST-rebased