def login_user(): try: cmd = frappe.local.form_dict.cmd method = get_attr(cmd) ret = frappe.call(method, **frappe.form_dict) return ret except Exception, e: http_status_code = getattr(e, "status_code", 500) message = getattr(e, "message", 500) report_error(http_status_code, message)
def login_user(): try: cmd = frappe.local.form_dict.cmd method = get_attr(cmd) ret = frappe.call(method, **frappe.form_dict) return ret except Exception, e: http_status_code = getattr(e, "status_code", 500) message = getattr(e, "message", 500) report_error(http_status_code,message)
def handle(api_config): """ Handler for `/api_name` methods **api_name = configured in api_hander hooks ### Examples: `/api_name/version/{methodname}` will call a whitelisted method """ parts = frappe.request.path[1:].split("/",5) method_name = version = api_name = method = None # return report_error(1, len(parts) >= 5 and parts[2] == "resource") if len(parts) <= 2: if parts[1] == 'login': frappe.local.form_dict.cmd = '.'.join(map(str,[parts[0],parts[1]])) frappe.local.form_dict.op = "login" return handler.handle() elif len(parts) == 4 and parts[2] == "method": version = parts[1] if not is_valid_version(version): return report_error(417, "Invalid API Version") method_name = parts[3] method = '.'.join(map(str,[api_config.app_name, "versions", version, method_name])) frappe.local.form_dict.cmd = method return handler.handle() elif (len(parts) <= 4 or len(parts) >= 5) and parts[2] == "resource": version = parts[1] or "" frappe.local.form_dict.doctype = parts[3] or "" frappe.local.form_dict.name = parts[4] if len(parts) == 5 else "" if not is_valid_version(version): return report_error(417, "Invalid API Version") method = '.'.join(map(str,[api_config.app_name, "versions", version.replace(".", "_"), "rest_api"])) frappe.local.form_dict.cmd = method if not is_valid_min_max_filters(): return report_error(417, "Invalid Min or Max filter") # return report_error(417, frappe.local.form_dict) return handler.handle() else: #invalid url return report_error(417,"Invalid URL")
def handle(): """ Handler for `/api_name` methods **api_name = configured in api_hander hooks ### Examples: `/api_name/version/{methodname}` will call a whitelisted method """ parts = frappe.request.path[1:].split("/",3) method_name = version = api_name = method = None if len(parts) <= 2: if parts[1] == 'login': frappe.local.form_dict.cmd = '.'.join(map(str,[parts[0],parts[1]])) frappe.local.form_dict.op = "login" return handler.handle() elif len(parts) == 3: api_name = parts[0] version = parts[1] method_name = parts[2] method = '.'.join(map(str,[api_name,"versions",version,method_name])) frappe.local.form_dict.cmd = method return handler.handle() else: #invalid url return report_error(417,"Invalid URL")
def handle(): """handle request""" cmd = frappe.local.form_dict.cmd op = frappe.local.form_dict.op method = None try: method = get_attr(cmd) except AttributeError, e: return report_error(500, "Invalid API-URL")
def handle(): """handle request""" cmd = frappe.local.form_dict.cmd op = frappe.local.form_dict.op try : method = get_attr(cmd) except AttributeError, e: return report_error(500,"Invalid API-URL")
def is_valid_request(is_guest=False): method = frappe.local.request.method sid = None if method in ["POST", "PUT"] and frappe.form_dict.data: try: data = json.loads(frappe.form_dict.data) sid = data.get('sid') or "Guest" except Exception as e: report_error(417, "Invalid Request") return False elif method in ["GET", "DELETE"] and frappe.form_dict: sid = frappe.form_dict.get("sid") or "Guest" else: report_error(417, "Input not provided") return False if not sid and is_guest is False: report_error(417, "sid not provided") return False try: frappe.form_dict["sid"] = sid or "Guest" loginmgr = frappe.auth.LoginManager() except frappe.SessionStopped, e: http_status_code = getattr(e, "http_status_code", 500) frappe.response["code"] = http_status_code return False
def manage_user(): if frappe.local.request.method=="POST" and frappe.form_dict.data: data = json.loads(frappe.form_dict.data) sid = data.get('sid') user_id = data.get('user_id') if not sid: report_error(417,"sid not provided") return False elif sid and not user_id: report_error(417,"user_id not provided") return False elif sid and user_id: #user = frappe.db.get_value("User",{"user_id":user_id},"name") user = "******" if not user: report_error(417,"user_id not provided") return False else: try: frappe.form_dict["sid"] = sid loginmgr = frappe.auth.LoginManager() except frappe.SessionStopped,e: http_status_code = getattr(e, "http_status_code", 500) frappe.response["code"] = http_status_code return False return True
def manage_user(): if frappe.form_dict.data: data = json.loads(frappe.form_dict.data) sid = data.get('sid') user_id = data.get('user_id') if not sid: report_error(417, "sid not provided") return False elif sid and not user_id: report_error(417, "user_id not provided") return False elif sid and user_id: #user = frappe.db.get_value("User",{"user_id":user_id},"name") user = "******" if not user: report_error(417, "user_id not provided") return False else: try: frappe.form_dict["sid"] = sid loginmgr = frappe.auth.LoginManager() except frappe.SessionStopped, e: http_status_code = getattr(e, "http_status_code", 500) frappe.response["code"] = http_status_code return False return True
def handle(): """ Handler for `/api_name` methods **api_name = configured in api_hander hooks ### Examples: `/api_name/version/{methodname}` will call a whitelisted method """ parts = frappe.request.path[1:].split("/", 4) method_name = version = api_name = method = response = None req_method = frappe.local.request.method # log_id = log_request(frappe.local.request, frappe.local.form_dict) if len(parts) <= 2: # if parts[1] == 'login': frappe.local.form_dict.cmd = '.'.join(map(str, [parts[0], parts[1]])) frappe.local.form_dict.op = parts[1] response = handler.handle() else: api_name = parts[0] version = parts[2].replace(".", "_") # frappe.local.form_dict.req_log_id = log_id if parts[3] == "method": method_name = parts[4] method = '.'.join( map(str, [api_name, "api.versions", version, method_name])) frappe.local.form_dict.cmd = method response = handler.handle() elif parts[3] == "resource": resource = dict(zip(["doctype", "docname"], parts[4].split("/")[:])) method = '.'.join(map(str, [api_name, "api.resources.handle"])) frappe.local.form_dict.cmd = method frappe.local.form_dict.version = version frappe.local.form_dict.resource = resource frappe.local.form_dict.req_method = req_method response = handler.handle() else: response = report_error(417, "Invalid URL") # # log response # data = json.loads(response.data) # data.update({ "log_id":log_id }) # response.data = json.dumps(data) # log_response(log_id, response.data) return response
is_guest = True if (method in frappe.guest_methods) else False if is_valid_request(is_guest=is_guest): execute_cmd(cmd) return build_response("json") def execute_cmd(cmd, async=False): """execute a request as python module""" method = get_attr(cmd) try: #check if whitelisted if frappe.session['user'] == 'Guest': if (method not in frappe.guest_methods): return report_error(403, "Not Allowed") else: if not method in frappe.whitelisted: return report_error(403, "Not Allowed") ret = frappe.call(method, **frappe.form_dict) if isinstance(ret, dict): for key in ret: frappe.response[key] = ret[key] else: frappe.response["data"] = ret frappe.response["code"] = 200 frappe.response["user"] = frappe.session.user
user = manage_user() if user: execute_cmd(cmd) return build_response("json") def execute_cmd(cmd, async=False): """execute a request as python module""" method = get_attr(cmd) try: #check if whitelisted if frappe.session['user'] == 'Guest': if (method not in frappe.guest_methods): return report_error(403,"Not Allowed") else: if not method in frappe.whitelisted: return report_error(403,"Not Allowed") ret = frappe.call(method, **frappe.form_dict) if isinstance(ret,dict): for key in ret: frappe.response[key] = ret[key] else: frappe.response["data"] = ret frappe.response["code"] = 200 except Exception, e:
if user: execute_cmd(cmd) return build_response("json") def execute_cmd(cmd, async=False): """execute a request as python module""" method = get_attr(cmd) try: #check if whitelisted if frappe.session['user'] == 'Guest': if (method not in frappe.guest_methods): return report_error(403, "Not Allowed") else: if not method in frappe.whitelisted: return report_error(403, "Not Allowed") ret = frappe.call(method, **frappe.form_dict) if isinstance(ret, dict): for key in ret: frappe.response[key] = ret[key] else: frappe.response["data"] = ret frappe.response["code"] = 200 except Exception, e: