def delete_instance(request=False,
model=False,
lookup_field=False,
lookup_value=False):
if not (request and model and lookup_field and lookup_value):
return error("Invalid request")
log_request("delete by", model, lookup_field, lookup_value)
required_method_type = "POST"
if not check_method_type(request, required_method_type):
return invalid_method(required_method_type)
parsed_body = json.loads(request.body.decode('utf-8'))
if not parsed_body:
return False
if 'api_key' in parsed_body:
admin = check_api_key(parsed_body['api_key'])
else:
admin = False
if not admin:
return error('Admin only action')
instance = find_single_instance(model, lookup_field, lookup_value, admin)
if not instance:
return error("Can't find in db.")
instance.delete()
return JsonResponse({'success': True})
def get_instance(request=False,
model=False,
lookup_field=False,
lookup_value=False):
if not (request and model and lookup_field and lookup_value):
return error("Invalid request")
# Log the request
log_request('get', model, lookup_field, lookup_value)
# Limit response to these fields:
allowed_fields = getattr(model, 'allowed_fields', ['id'])
# get API Key:
api_key_qs = request.GET.get('api_key', False)
if api_key_qs:
api_key = bleach.clean(api_key_qs)
else:
api_key = False
# Admin True or False based on api_key
admin = check_api_key(api_key)
# Check that request uses "GET" method else return error
required_method_type = "GET"
if not check_method_type(request, required_method_type):
return invalid_method(required_method_type)
# Get single queryset from db else return error
instance = find_single_instance(model, lookup_field, lookup_value, admin)
instance_dict = single_instance_to_dict(instance,
request=request,
allowed_fields=allowed_fields)
if instance_dict:
response = {
get_model_name(model, singular=True): instance_dict,
'admin': admin
}
return JsonResponse(response, safe=False)
else:
return error("Can't find in db.")
def new_person(request):
required_method_type = "POST"
if not check_method_type(request, required_method_type):
return invalid_method(required_method_type)
try:
parsed_body = json.loads(request.body.decode('utf-8'))
except:
return error('no body')
for field in Person.required_fields:
if field not in parsed_body:
return error('mising fields')
if 'api_key' in parsed_body:
admin = check_api_key(parsed_body['api_key'])
else:
admin = False
if not admin:
return error('Admin only action')
parsed_body['hashed_password'] = bcrypt.hashpw(
parsed_body['password'].encode('utf-8'), bcrypt.gensalt())
try:
del parsed_body['password']
del parsed_body['api_key']
except KeyError:
return error('cant delete')
person = Person(**parsed_body)
try:
person.save()
except:
print('ERROR: Can\'t create person.')
print(sys.exc_info())
return error('Can\'t create person.')
return JsonResponse(Person.admin_view(person))
def new_instance(request=False, model=False):
if not (request and model):
return error("Invalid Request")
log_request("new", model, 'new', '')
# Limit to/Require these fields:
allowed_fields = getattr(model, 'allowed_fields', ['id'])
required_fields = getattr(model, 'required_fields', [])
required_method_type = "POST"
if not check_method_type(request, required_method_type):
return invalid_method(required_method_type)
parsed_body = json.loads(request.body.decode('utf-8'))
if not parsed_body:
return False
if 'api_key' in parsed_body:
admin = check_api_key(parsed_body['api_key'])
else:
admin = False
if not admin:
return error('Admin only action')
request_dict = check_for_required_and_allowed_fields(
model, parsed_body, required_fields, allowed_fields)
if not request_dict:
return error("Invalid request")
object_instance = save_object_instance(model, request_dict)
if not object_instance:
return error("Error saving object")
instance_dict = dict_from_single_object(object_instance, allowed_fields)
instance_dict["success"] = True
return JsonResponse(instance_dict, safe=False)
def edit_instance(request=False,
model=False,
lookup_field=False,
lookup_value=False):
if not (request and model and lookup_field and lookup_value):
return error("Invalid request")
log_request("edit", model, lookup_field, lookup_value)
# Limit to/require these fields:
allowed_fields = getattr(model, 'allowed_fields', ['id'])
required_fields = getattr(model, 'required_fields', [])
required_method_type = "POST"
if not check_method_type(request, required_method_type):
return invalid_method(required_method_type)
parsed_body = json.loads(request.body.decode('utf-8'))
if not parsed_body:
return False
if 'api_key' in parsed_body:
admin = check_api_key(parsed_body['api_key'])
else:
admin = False
if not admin:
return error('Admin only action')
## No required fields because they might not be changing
request_dict = check_for_required_and_allowed_fields(
model, parsed_body, [], allowed_fields)
if not request_dict:
return error("No body in request or incorrect fields")
instance = find_single_instance(model, lookup_field, lookup_value, admin)
if not instance:
return error("Can't find in db.")
primary_key_field = model._meta.pk.name
request_dict[primary_key_field] = instance.pk
# Update each property in the instance that is different in the request_dict
for i in request_dict:
if getattr(instance, i) != request_dict[i]:
try:
setattr(instance, i, request_dict[i])
except:
return error('Error updating instance')
# Now check for required_fields
for i in required_fields:
if not getattr(instance, i):
return error('Error updating instance')
instance.save()
if not instance:
return error("Error saving object")
updated_instance_dict = dict_from_single_object(instance, allowed_fields)
if not updated_instance_dict:
return error("Error generating response")
updated_instance_dict["success"] = True
print(updated_instance_dict)
return JsonResponse(updated_instance_dict, safe=False)
def new(request):
print(request.method + ": " + request.path)
if request.method == "GET":
return invalid_method("POST")
elif request.method == "POST":
return upload_file(request)