def delete_items(portal_type=None, uid=None, endpoint=None, **kw): """ delete items 1. If the uid is given, we can ignore the request body and delete the object with the given uid (if the uid was valid). 2. If no uid is given, the user wants to delete more than one item. => go through each item and extract the uid. Delete it afterwards. // we should do this kind of transaction base. So if we can not get an // object for an uid, no item will be deleted. 3. we could check if the portal_type matches, just to be sure the user wants to delete the right content. """ # disable CSRF req.disable_csrf_protection() # try to find the requested objects objects = find_objects(uid=uid) # We don't want to delete the portal object if filter(lambda o: is_root(o), objects): fail(400, "Can not delete the portal object") results = [] for obj in objects: # We deactivate only! deactivate_object(obj) info = IInfo(obj)() results.append(info) if not results: fail(404, "No Objects could be found") return results
def delete_items(portal_type=None, uid=None, endpoint=None, **kw): """ delete items 1. If the uid is given, we can ignore the request body and delete the object with the given uid (if the uid was valid). 2. If no uid is given, the user wants to delete more than one item. => go through each item and extract the uid. Delete it afterwards. // we should do this kind of transaction base. So if we can not get an // object for an uid, no item will be deleted. 3. we could check if the portal_type matches, just to be sure the user wants to delete the right content. """ # disable CSRF req.disable_csrf_protection() # try to find the requested objects objects = find_objects(uid=uid) # We don't want to delete the portal object if filter(lambda o: is_root(o), objects): fail(400, "Can not delete the portal object") results = [] for obj in objects: # We deactivate only! deactivate_object(obj) info = IInfo(obj)() results.append(info) if not results: fail(404, "No Objects could be found") return results
def create_items(portal_type=None, uid=None, endpoint=None, **kw): """ create items 1. If the uid is given, get the object and create the content in there (assumed that it is folderish) 2. If the uid is 0, the target folder is assumed the portal. 3. If there is no uid given, the payload is checked for either a key - `parent_uid` specifies the *uid* of the target folder - `parent_path` specifies the *physical path* of the target folder """ # import pdb;pdb.set_trace() # disable CSRF req.disable_csrf_protection() # destination where to create the content container = uid and api.get_object_by_uid(uid) or None # extract the data from the request records = req.get_request_data() results = [] for record in records: # get the portal_type if portal_type is None: # try to fetch the portal type out of the request data portal_type = record.pop("portal_type", None) # check if it is allowed to create the portal_type if not is_creation_allowed(portal_type): fail(401, "Creation of '{}' is not allowed".format(portal_type)) if container is None: # find the container for content creation container = find_target_container(portal_type, record) # Check if we have a container and a portal_type if not all([container, portal_type]): fail(400, "Please provide a container path/uid and portal_type") # create the object and pass in the record data obj = create_object(container, portal_type, **record) if type(obj) is list: results.extend(obj) else: results.append(obj) if not results: fail(400, "No Objects could be created") return make_items_for(results, endpoint=endpoint)
def create_items(portal_type=None, uid=None, endpoint=None, **kw): """ create items 1. If the uid is given, get the object and create the content in there (assumed that it is folderish) 2. If the uid is 0, the target folder is assumed the portal. 3. If there is no uid given, the payload is checked for either a key - `parent_uid` specifies the *uid* of the target folder - `parent_path` specifies the *physical path* of the target folder """ # disable CSRF req.disable_csrf_protection() # destination where to create the content container = uid and get_object_by_uid(uid) or None # extract the data from the request records = req.get_request_data() results = [] for record in records: # get the portal_type if portal_type is None: # try to fetch the portal type out of the request data portal_type = record.pop("portal_type", None) # check if it is allowed to create the portal_type if not is_creation_allowed(portal_type): fail(401, "Creation of '{}' is not allowed".format(portal_type)) if container is None: # find the container for content creation container = find_target_container(portal_type, record) # Check if we have a container and a portal_type if not all([container, portal_type]): fail(400, "Please provide a container path/uid and portal_type") # create the object and pass in the record data obj = create_object(container, portal_type, **record) results.append(obj) if not results: fail(400, "No Objects could be created") return make_items_for(results, endpoint=endpoint)
def update_items(portal_type=None, uid=None, endpoint=None, **kw): """ update items 1. If the uid is given, the user wants to update the object with the data given in request body 2. If no uid is given, the user wants to update a bunch of objects. -> each record contains either an UID, path or parent_path + id """ # disable CSRF req.disable_csrf_protection() # the data to update records = req.get_request_data() # we have an uid -> try to get an object for it obj = get_object_by_uid(uid) if obj: record = records[0] # ignore other records if we got an uid obj = update_object_with_data(obj, record) return make_items_for([obj], endpoint=endpoint) # no uid -> go through the record items results = [] for record in records: obj = get_object_by_record(record) # no object found for this record if obj is None: continue # update the object with the given record data obj = update_object_with_data(obj, record) results.append(obj) if not results: fail(400, "No Objects could be updated") return make_items_for(results, endpoint=endpoint)
def update_items(portal_type=None, uid=None, endpoint=None, **kw): """ update items 1. If the uid is given, the user wants to update the object with the data given in request body 2. If no uid is given, the user wants to update a bunch of objects. -> each record contains either an UID, path or parent_path + id """ # disable CSRF req.disable_csrf_protection() # the data to update records = req.get_request_data() # we have an uid -> try to get an object for it obj = get_object_by_uid(uid) if obj: record = records[0] # ignore other records if we got an uid obj = update_object_with_data(obj, record) return make_items_for([obj], endpoint=endpoint) # no uid -> go through the record items results = [] for record in records: obj = get_object_by_record(record) # no object found for this record if obj is None: continue # update the object with the given record data obj = update_object_with_data(obj, record) results.append(obj) if not results: fail(400, "No Objects could be updated") return make_items_for(results, endpoint=endpoint)