Beispiel #1
0
def login_user():
    try:
        cmd = frappe.local.form_dict.cmd
        method = get_attr(cmd)
        ret = frappe.call(method, **frappe.form_dict)
        return ret

    except Exception, e:
        http_status_code = getattr(e, "status_code", 500)
        message = getattr(e, "message", 500)
        report_error(http_status_code, message)
Beispiel #2
0
def login_user():
	try: 
		cmd = frappe.local.form_dict.cmd
		method = get_attr(cmd)
		ret = frappe.call(method, **frappe.form_dict)
		return ret

	except Exception, e:
		http_status_code = getattr(e, "status_code", 500)
		message = getattr(e, "message", 500)
		report_error(http_status_code,message)
Beispiel #3
0
def handle(api_config):
	"""
	Handler for `/api_name` methods
	**api_name = configured in api_hander hooks 
	### Examples:

	`/api_name/version/{methodname}` will call a whitelisted method
	
	"""
	parts = frappe.request.path[1:].split("/",5)
	method_name = version = api_name = method = None
	# return report_error(1, len(parts) >= 5 and parts[2] == "resource")
	if len(parts) <= 2:
		if parts[1] == 'login':
			frappe.local.form_dict.cmd = '.'.join(map(str,[parts[0],parts[1]]))
			frappe.local.form_dict.op = "login"
			return handler.handle()

	elif len(parts) == 4 and parts[2] == "method":
		version = parts[1]
		if not is_valid_version(version): 
			return report_error(417, "Invalid API Version")

		method_name = parts[3]
		method = '.'.join(map(str,[api_config.app_name, "versions", version, method_name]))

		frappe.local.form_dict.cmd = method
		return handler.handle()

	elif (len(parts) <= 4 or len(parts) >= 5) and parts[2] == "resource":
		version = parts[1] or ""
		
		frappe.local.form_dict.doctype = parts[3] or ""
		frappe.local.form_dict.name = parts[4] if len(parts) == 5 else ""

		if not is_valid_version(version): 
			return report_error(417, "Invalid API Version")

		method = '.'.join(map(str,[api_config.app_name, "versions", version.replace(".", "_"), "rest_api"]))
		frappe.local.form_dict.cmd = method

		if not is_valid_min_max_filters():
			return report_error(417, "Invalid Min or Max filter")
		# return report_error(417, frappe.local.form_dict)
		return handler.handle()

	else:
		#invalid url
		return report_error(417,"Invalid URL")
Beispiel #4
0
def handle():
	"""
	Handler for `/api_name` methods
	**api_name = configured in api_hander hooks 
	### Examples:

	`/api_name/version/{methodname}` will call a whitelisted method
	
	"""
	parts = frappe.request.path[1:].split("/",3)
	method_name = version = api_name = method = None

	if len(parts) <= 2:
		if parts[1] == 'login':
			frappe.local.form_dict.cmd = '.'.join(map(str,[parts[0],parts[1]]))
			frappe.local.form_dict.op = "login"
			return handler.handle()

	elif len(parts) == 3:
		api_name = parts[0]
		version = parts[1]
		method_name = parts[2]
		method = '.'.join(map(str,[api_name,"versions",version,method_name]))
		frappe.local.form_dict.cmd = method
		return handler.handle()
	else:
		#invalid url
		return report_error(417,"Invalid URL")	
Beispiel #5
0
def handle():
    """handle request"""
    cmd = frappe.local.form_dict.cmd
    op = frappe.local.form_dict.op
    method = None

    try:
        method = get_attr(cmd)
    except AttributeError, e:
        return report_error(500, "Invalid API-URL")
Beispiel #6
0
def handle():
	"""handle request"""
	cmd = frappe.local.form_dict.cmd
	op = frappe.local.form_dict.op

	try :
		method = get_attr(cmd)

	except AttributeError, e:
		return report_error(500,"Invalid API-URL")
Beispiel #7
0
def is_valid_request(is_guest=False):
    method = frappe.local.request.method
    sid = None

    if method in ["POST", "PUT"] and frappe.form_dict.data:
        try:
            data = json.loads(frappe.form_dict.data)
            sid = data.get('sid') or "Guest"
        except Exception as e:
            report_error(417, "Invalid Request")
            return False

    elif method in ["GET", "DELETE"] and frappe.form_dict:
        sid = frappe.form_dict.get("sid") or "Guest"

    else:
        report_error(417, "Input not provided")
        return False

    if not sid and is_guest is False:
        report_error(417, "sid not provided")
        return False

    try:
        frappe.form_dict["sid"] = sid or "Guest"
        loginmgr = frappe.auth.LoginManager()
    except frappe.SessionStopped, e:
        http_status_code = getattr(e, "http_status_code", 500)
        frappe.response["code"] = http_status_code
        return False
Beispiel #8
0
def manage_user():
	if frappe.local.request.method=="POST" and frappe.form_dict.data:
		data = json.loads(frappe.form_dict.data)		
		sid = data.get('sid')
		user_id = data.get('user_id')

		if not sid:
			report_error(417,"sid not provided")
			return False		

		elif sid and not user_id:
			report_error(417,"user_id not provided")
			return False

		elif sid and user_id:
			#user = frappe.db.get_value("User",{"user_id":user_id},"name")
			user = "******"
			if not user:
				report_error(417,"user_id not provided")
				return False
			else:
				try:
					frappe.form_dict["sid"] = sid 
					loginmgr = frappe.auth.LoginManager()
				except frappe.SessionStopped,e:
					http_status_code = getattr(e, "http_status_code", 500)
					frappe.response["code"] = http_status_code
					return False
		return True
Beispiel #9
0
def manage_user():
    if frappe.form_dict.data:
        data = json.loads(frappe.form_dict.data)
        sid = data.get('sid')
        user_id = data.get('user_id')

        if not sid:
            report_error(417, "sid not provided")
            return False

        elif sid and not user_id:
            report_error(417, "user_id not provided")
            return False

        elif sid and user_id:
            #user = frappe.db.get_value("User",{"user_id":user_id},"name")
            user = "******"
            if not user:
                report_error(417, "user_id not provided")
                return False
            else:
                try:
                    frappe.form_dict["sid"] = sid
                    loginmgr = frappe.auth.LoginManager()
                except frappe.SessionStopped, e:
                    http_status_code = getattr(e, "http_status_code", 500)
                    frappe.response["code"] = http_status_code
                    return False
        return True
Beispiel #10
0
def handle():
    """
	Handler for `/api_name` methods
	**api_name = configured in api_hander hooks 
	### Examples:

	`/api_name/version/{methodname}` will call a whitelisted method
	
	"""
    parts = frappe.request.path[1:].split("/", 4)
    method_name = version = api_name = method = response = None
    req_method = frappe.local.request.method

    # log_id = log_request(frappe.local.request, frappe.local.form_dict)

    if len(parts) <= 2:
        # if parts[1] == 'login':
        frappe.local.form_dict.cmd = '.'.join(map(str, [parts[0], parts[1]]))
        frappe.local.form_dict.op = parts[1]
        response = handler.handle()

    else:
        api_name = parts[0]
        version = parts[2].replace(".", "_")
        # frappe.local.form_dict.req_log_id = log_id
        if parts[3] == "method":
            method_name = parts[4]
            method = '.'.join(
                map(str, [api_name, "api.versions", version, method_name]))
            frappe.local.form_dict.cmd = method
            response = handler.handle()
        elif parts[3] == "resource":
            resource = dict(zip(["doctype", "docname"],
                                parts[4].split("/")[:]))
            method = '.'.join(map(str, [api_name, "api.resources.handle"]))

            frappe.local.form_dict.cmd = method
            frappe.local.form_dict.version = version
            frappe.local.form_dict.resource = resource
            frappe.local.form_dict.req_method = req_method

            response = handler.handle()
        else:
            response = report_error(417, "Invalid URL")

    # # log response
    # data = json.loads(response.data)
    # data.update({ "log_id":log_id })
    # response.data = json.dumps(data)
    # log_response(log_id, response.data)

    return response
Beispiel #11
0
        is_guest = True if (method in frappe.guest_methods) else False
        if is_valid_request(is_guest=is_guest):
            execute_cmd(cmd)

    return build_response("json")


def execute_cmd(cmd, async=False):
    """execute a request as python module"""
    method = get_attr(cmd)

    try:
        #check if whitelisted
        if frappe.session['user'] == 'Guest':
            if (method not in frappe.guest_methods):
                return report_error(403, "Not Allowed")

        else:
            if not method in frappe.whitelisted:
                return report_error(403, "Not Allowed")

        ret = frappe.call(method, **frappe.form_dict)

        if isinstance(ret, dict):
            for key in ret:
                frappe.response[key] = ret[key]
        else:
            frappe.response["data"] = ret

        frappe.response["code"] = 200
        frappe.response["user"] = frappe.session.user
Beispiel #12
0
		user = manage_user()
		if user:
			execute_cmd(cmd)

	return build_response("json")

def execute_cmd(cmd, async=False):
	"""execute a request as python module"""
 				
	method = get_attr(cmd)
	
	try:
		#check if whitelisted
		if frappe.session['user'] == 'Guest':
			if (method not in frappe.guest_methods):
				return report_error(403,"Not Allowed")		

		else:
			if not method in frappe.whitelisted:
				return report_error(403,"Not Allowed")
		
		ret = frappe.call(method, **frappe.form_dict)

		if isinstance(ret,dict):
			for key in ret:
				frappe.response[key] = ret[key]
		else:		
			frappe.response["data"] = ret
		frappe.response["code"] = 200		

	except Exception, e:
Beispiel #13
0
        if user:
            execute_cmd(cmd)

    return build_response("json")


def execute_cmd(cmd, async=False):
    """execute a request as python module"""

    method = get_attr(cmd)

    try:
        #check if whitelisted
        if frappe.session['user'] == 'Guest':
            if (method not in frappe.guest_methods):
                return report_error(403, "Not Allowed")

        else:
            if not method in frappe.whitelisted:
                return report_error(403, "Not Allowed")

        ret = frappe.call(method, **frappe.form_dict)

        if isinstance(ret, dict):
            for key in ret:
                frappe.response[key] = ret[key]
        else:
            frappe.response["data"] = ret
        frappe.response["code"] = 200

    except Exception, e: