Mercurial > p > roundup > code
view roundup/actions.py @ 5650:e8ca7072c629
Fix Python 3 issues in REST code.
* Need to use .get not .getheader for HTTP headers (see hg commit
fec18298ae02, "Python 3 preparation: HTTP headers handling in
roundup_server.py.").
* Need to use key not cmp with sort (see hg commit 3fa026621f69,
"Python 3 preparation: comparisons.").
* dispatch output must be bytes, not str, otherwise writing it to the
socket (e.g. in roundup-server) will fail.
This fixes issues shown up attempting to access the REST interface
with a browser with Python 3 (as opposed to with the Roundup
testsuite, which also has known REST issues with Python 3).
| author | Joseph Myers <jsm@polyomino.org.uk> |
|---|---|
| date | Sun, 17 Mar 2019 16:25:36 +0000 |
| parents | ed02a1e0aa5d |
| children | 48a1f919f894 |
line wrap: on
line source
# # Copyright (C) 2009 Stefan Seefeld # All rights reserved. # For license terms see the file COPYING.txt. # Actions used in REST and XMLRPC APIs # from roundup.exceptions import Unauthorised from roundup import hyperdb from roundup.i18n import _ class Action: def __init__(self, db, translator): self.db = db self.translator = translator def handle(self, *args): """Action handler procedure""" raise NotImplementedError def execute(self, *args): """Execute the action specified by this object.""" self.permission(*args) return self.handle(*args) def permission(self, *args): """Check whether the user has permission to execute this action. If not, raise Unauthorised.""" pass def gettext(self, msgid): """Return the localized translation of msgid""" return self.translator.gettext(msgid) _ = gettext class PermCheck(Action): def permission(self, designator): classname, itemid = hyperdb.splitDesignator(designator) perm = self.db.security.hasPermission if not perm('Retire', self.db.getuid(), classname=classname , itemid=itemid): raise Unauthorised(self._('You do not have permission to retire ' 'or restore the %(classname)s class.') %locals()) class Retire(PermCheck): def handle(self, designator): classname, itemid = hyperdb.splitDesignator(designator) # make sure we don't try to retire admin or anonymous if (classname == 'user' and self.db.user.get(itemid, 'username') in ('admin', 'anonymous')): raise ValueError(self._( 'You may not retire the admin or anonymous user')) # do the retire self.db.getclass(classname).retire(itemid) self.db.commit() class Restore(PermCheck): def handle(self, designator): classname, itemid = hyperdb.splitDesignator(designator) # do the restore self.db.getclass(classname).restore(itemid) self.db.commit()