Mercurial > p > roundup > code

view roundup/actions.py @ 5632:a29a8dae2095

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Initial implementation of function to return data for / and /data endpoints under /rest/. /rest/ returns: 1) default_version of the interface and supported_version array 2) list of links with rel and uri properties that indicate what assets are available under /rest. E.g. /rest/data /data returns: a list of possible assets (e.g. issue, user, keyword, status) and links for accessing those assets. E.G. { "data": { "keyword": { "link": "https://example.net/demo/rest/data/keyword" }, "user": { "link": "https://example.net/demo/rest/data/user" }, ... } } Both of these are currently hand coded. Others will be doing more development on the rest interface. These two examples are meant to spark discussion on what the payloads returned by the rest interface should look like and give some ideas around HATEOAS.
author John Rouillard <rouilj@ieee.org>
date Fri, 01 Mar 2019 23:24:40 -0500
parents ed02a1e0aa5d
children 48a1f919f894
line wrap: on
line source

#
# Copyright (C) 2009 Stefan Seefeld
# All rights reserved.
# For license terms see the file COPYING.txt.
# Actions used in REST and XMLRPC APIs
#

from roundup.exceptions import Unauthorised
from roundup import hyperdb
from roundup.i18n import _

class Action:
    def __init__(self, db, translator):
        self.db = db
        self.translator = translator

    def handle(self, *args):
        """Action handler procedure"""
        raise NotImplementedError

    def execute(self, *args):
        """Execute the action specified by this object."""

        self.permission(*args)
        return self.handle(*args)


    def permission(self, *args):
        """Check whether the user has permission to execute this action.

        If not, raise Unauthorised."""

        pass


    def gettext(self, msgid):
        """Return the localized translation of msgid"""
        return self.translator.gettext(msgid)


    _ = gettext


class PermCheck(Action):
    def permission(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)
        perm = self.db.security.hasPermission

        if not perm('Retire', self.db.getuid(), classname=classname
                   , itemid=itemid):
            raise Unauthorised(self._('You do not have permission to retire '
                                      'or restore the %(classname)s class.')
                                      %locals())

class Retire(PermCheck):

    def handle(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)

        # make sure we don't try to retire admin or anonymous
        if (classname == 'user' and
            self.db.user.get(itemid, 'username') in ('admin', 'anonymous')):
            raise ValueError(self._(
                'You may not retire the admin or anonymous user'))

        # do the retire
        self.db.getclass(classname).retire(itemid)
        self.db.commit()


class Restore(PermCheck):

    def handle(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)

        # do the restore
        self.db.getclass(classname).restore(itemid)
        self.db.commit()
Roundup Issue Tracker: http://roundup-tracker.org/