def login_user():
try:
cmd = frappe.local.form_dict.cmd
method = get_attr(cmd)
ret = frappe.call(method, **frappe.form_dict)
return ret
except Exception, e:
http_status_code = getattr(e, "status_code", 500)
message = getattr(e, "message", 500)
report_error(http_status_code, message)
def login_user(): try: cmd = frappe.local.form_dict.cmd method = get_attr(cmd) ret = frappe.call(method, **frappe.form_dict) return ret except Exception, e: http_status_code = getattr(e, "status_code", 500) message = getattr(e, "message", 500) report_error(http_status_code,message)
def handle(api_config):
"""
Handler for `/api_name` methods
**api_name = configured in api_hander hooks
### Examples:
`/api_name/version/{methodname}` will call a whitelisted method
"""
parts = frappe.request.path[1:].split("/",5)
method_name = version = api_name = method = None
# return report_error(1, len(parts) >= 5 and parts[2] == "resource")
if len(parts) <= 2:
if parts[1] == 'login':
frappe.local.form_dict.cmd = '.'.join(map(str,[parts[0],parts[1]]))
frappe.local.form_dict.op = "login"
return handler.handle()
elif len(parts) == 4 and parts[2] == "method":
version = parts[1]
if not is_valid_version(version):
return report_error(417, "Invalid API Version")
method_name = parts[3]
method = '.'.join(map(str,[api_config.app_name, "versions", version, method_name]))
frappe.local.form_dict.cmd = method
return handler.handle()
elif (len(parts) <= 4 or len(parts) >= 5) and parts[2] == "resource":
version = parts[1] or ""
frappe.local.form_dict.doctype = parts[3] or ""
frappe.local.form_dict.name = parts[4] if len(parts) == 5 else ""
if not is_valid_version(version):
return report_error(417, "Invalid API Version")
method = '.'.join(map(str,[api_config.app_name, "versions", version.replace(".", "_"), "rest_api"]))
frappe.local.form_dict.cmd = method
if not is_valid_min_max_filters():
return report_error(417, "Invalid Min or Max filter")
# return report_error(417, frappe.local.form_dict)
return handler.handle()
else:
#invalid url
return report_error(417,"Invalid URL")
def handle():
"""
Handler for `/api_name` methods
**api_name = configured in api_hander hooks
### Examples:
`/api_name/version/{methodname}` will call a whitelisted method
"""
parts = frappe.request.path[1:].split("/",3)
method_name = version = api_name = method = None
if len(parts) <= 2:
if parts[1] == 'login':
frappe.local.form_dict.cmd = '.'.join(map(str,[parts[0],parts[1]]))
frappe.local.form_dict.op = "login"
return handler.handle()
elif len(parts) == 3:
api_name = parts[0]
version = parts[1]
method_name = parts[2]
method = '.'.join(map(str,[api_name,"versions",version,method_name]))
frappe.local.form_dict.cmd = method
return handler.handle()
else:
#invalid url
return report_error(417,"Invalid URL")
def handle():
"""handle request"""
cmd = frappe.local.form_dict.cmd
op = frappe.local.form_dict.op
method = None
try:
method = get_attr(cmd)
except AttributeError, e:
return report_error(500, "Invalid API-URL")
def handle(): """handle request""" cmd = frappe.local.form_dict.cmd op = frappe.local.form_dict.op try : method = get_attr(cmd) except AttributeError, e: return report_error(500,"Invalid API-URL")
def is_valid_request(is_guest=False):
method = frappe.local.request.method
sid = None
if method in ["POST", "PUT"] and frappe.form_dict.data:
try:
data = json.loads(frappe.form_dict.data)
sid = data.get('sid') or "Guest"
except Exception as e:
report_error(417, "Invalid Request")
return False
elif method in ["GET", "DELETE"] and frappe.form_dict:
sid = frappe.form_dict.get("sid") or "Guest"
else:
report_error(417, "Input not provided")
return False
if not sid and is_guest is False:
report_error(417, "sid not provided")
return False
try:
frappe.form_dict["sid"] = sid or "Guest"
loginmgr = frappe.auth.LoginManager()
except frappe.SessionStopped, e:
http_status_code = getattr(e, "http_status_code", 500)
frappe.response["code"] = http_status_code
return False
def manage_user():
if frappe.local.request.method=="POST" and frappe.form_dict.data:
data = json.loads(frappe.form_dict.data)
sid = data.get('sid')
user_id = data.get('user_id')
if not sid:
report_error(417,"sid not provided")
return False
elif sid and not user_id:
report_error(417,"user_id not provided")
return False
elif sid and user_id:
#user = frappe.db.get_value("User",{"user_id":user_id},"name")
user = "******"
if not user:
report_error(417,"user_id not provided")
return False
else:
try:
frappe.form_dict["sid"] = sid
loginmgr = frappe.auth.LoginManager()
except frappe.SessionStopped,e:
http_status_code = getattr(e, "http_status_code", 500)
frappe.response["code"] = http_status_code
return False
return True
def manage_user():
if frappe.form_dict.data:
data = json.loads(frappe.form_dict.data)
sid = data.get('sid')
user_id = data.get('user_id')
if not sid:
report_error(417, "sid not provided")
return False
elif sid and not user_id:
report_error(417, "user_id not provided")
return False
elif sid and user_id:
#user = frappe.db.get_value("User",{"user_id":user_id},"name")
user = "******"
if not user:
report_error(417, "user_id not provided")
return False
else:
try:
frappe.form_dict["sid"] = sid
loginmgr = frappe.auth.LoginManager()
except frappe.SessionStopped, e:
http_status_code = getattr(e, "http_status_code", 500)
frappe.response["code"] = http_status_code
return False
return True
def handle():
"""
Handler for `/api_name` methods
**api_name = configured in api_hander hooks
### Examples:
`/api_name/version/{methodname}` will call a whitelisted method
"""
parts = frappe.request.path[1:].split("/", 4)
method_name = version = api_name = method = response = None
req_method = frappe.local.request.method
# log_id = log_request(frappe.local.request, frappe.local.form_dict)
if len(parts) <= 2:
# if parts[1] == 'login':
frappe.local.form_dict.cmd = '.'.join(map(str, [parts[0], parts[1]]))
frappe.local.form_dict.op = parts[1]
response = handler.handle()
else:
api_name = parts[0]
version = parts[2].replace(".", "_")
# frappe.local.form_dict.req_log_id = log_id
if parts[3] == "method":
method_name = parts[4]
method = '.'.join(
map(str, [api_name, "api.versions", version, method_name]))
frappe.local.form_dict.cmd = method
response = handler.handle()
elif parts[3] == "resource":
resource = dict(zip(["doctype", "docname"],
parts[4].split("/")[:]))
method = '.'.join(map(str, [api_name, "api.resources.handle"]))
frappe.local.form_dict.cmd = method
frappe.local.form_dict.version = version
frappe.local.form_dict.resource = resource
frappe.local.form_dict.req_method = req_method
response = handler.handle()
else:
response = report_error(417, "Invalid URL")
# # log response
# data = json.loads(response.data)
# data.update({ "log_id":log_id })
# response.data = json.dumps(data)
# log_response(log_id, response.data)
return response
is_guest = True if (method in frappe.guest_methods) else False
if is_valid_request(is_guest=is_guest):
execute_cmd(cmd)
return build_response("json")
def execute_cmd(cmd, async=False):
"""execute a request as python module"""
method = get_attr(cmd)
try:
#check if whitelisted
if frappe.session['user'] == 'Guest':
if (method not in frappe.guest_methods):
return report_error(403, "Not Allowed")
else:
if not method in frappe.whitelisted:
return report_error(403, "Not Allowed")
ret = frappe.call(method, **frappe.form_dict)
if isinstance(ret, dict):
for key in ret:
frappe.response[key] = ret[key]
else:
frappe.response["data"] = ret
frappe.response["code"] = 200
frappe.response["user"] = frappe.session.user
user = manage_user()
if user:
execute_cmd(cmd)
return build_response("json")
def execute_cmd(cmd, async=False):
"""execute a request as python module"""
method = get_attr(cmd)
try:
#check if whitelisted
if frappe.session['user'] == 'Guest':
if (method not in frappe.guest_methods):
return report_error(403,"Not Allowed")
else:
if not method in frappe.whitelisted:
return report_error(403,"Not Allowed")
ret = frappe.call(method, **frappe.form_dict)
if isinstance(ret,dict):
for key in ret:
frappe.response[key] = ret[key]
else:
frappe.response["data"] = ret
frappe.response["code"] = 200
except Exception, e:
if user:
execute_cmd(cmd)
return build_response("json")
def execute_cmd(cmd, async=False):
"""execute a request as python module"""
method = get_attr(cmd)
try:
#check if whitelisted
if frappe.session['user'] == 'Guest':
if (method not in frappe.guest_methods):
return report_error(403, "Not Allowed")
else:
if not method in frappe.whitelisted:
return report_error(403, "Not Allowed")
ret = frappe.call(method, **frappe.form_dict)
if isinstance(ret, dict):
for key in ret:
frappe.response[key] = ret[key]
else:
frappe.response["data"] = ret
frappe.response["code"] = 200
except Exception, e:
