def __call__(self, request, *args, **kwargs): # Check if we're in read only mode if (self.read_only == True and request.method not in HTTP_READ_ONLY_METHODS): return api_error("the API is in read only mode for maintenance") # Addd requests to kwargs kwargs.update(request.REQUEST) if hasattr(self, request.method): result = getattr(self, request.method)(request, *args, **kwargs) # Use introspection to handle HEAD requests elif request.method == 'HEAD'and hasattr(self, 'GET'): result = self.GET(request) result.content = "" # Use introspection to handle OPTIONS requests elif request.method == 'OPTIONS': available_methods = set(HTTP_METHODS) & set(dir(self)) result["Accept"] = ",".join(available_methods) else: result = api_error( "Resource does not support {0} for this method".format( request.method)) result.status_code = 405 # if supress_error_codes is set make all response codes 200 if "suppress_response_codes" in request.REQUEST: result.status_code = 200 return result
def __call__(self, request, *args, **kwargs): # Check if we're in read only mode if (self.read_only == True and request.method not in HTTP_READ_ONLY_METHODS): return api_error("the API is in read only mode for maintenance") # Addd requests to kwargs kwargs.update(request.REQUEST) if hasattr(self, request.method): result = getattr(self, request.method)(request, *args, **kwargs) # Use introspection to handle HEAD requests elif request.method == 'HEAD' and hasattr(self, 'GET'): result = self.GET(request) result.content = "" # Use introspection to handle OPTIONS requests elif request.method == 'OPTIONS': available_methods = set(HTTP_METHODS) & set(dir(self)) result["Accept"] = ",".join(available_methods) else: result = api_error( "Resource does not support {0} for this method".format( request.method)) result.status_code = 405 # if supress_error_codes is set make all response codes 200 if "suppress_response_codes" in request.REQUEST: result.status_code = 200 return result
def __call__(self, request, *args, **kwargs): # Add the request user to the class, this allows certain django decorators to work if hasattr(request, 'user'): self.user = request.user # Check if we're in read only mode if (self.read_only is True and request.method not in HTTP_READ_ONLY_METHODS): return api_error("the API is in read only mode for maintenance") if request.method == "PUT": query_dict = django.http.QueryDict(request.body) request.PUT = { k: v for k, v in query_dict.items()} kwargs.update(request.PUT) # Addd requests to kwargs kwargs.update(request.REQUEST) # Build our response object response = django.http.HttpResponse() # See if we have an 'Origin:' header in the request. If so, this is # a CORS (cross-orgin resource sharing) request. # See http://enable-cors.org/ origin_is_allowed = False if 'HTTP_ORIGIN' in request.META: # Make sure the given origin is allowed if not self._origin_is_allowed(request.META['HTTP_ORIGIN']): # If the origin is not allowed to make the request then we # return an empty 200 response. This will make the cross # origin request fail on the client side. return response origin_is_allowed = True # If we had an 'Origin:' header with a valid origin and the request # used the OPTIONS method, then we'll add the proper Access-Control # headers to the response. if origin_is_allowed and request.method == 'OPTIONS': response['Access-Control-Allow-Origin'] = ( request.META['HTTP_ORIGIN'] ) response['Access-Control-Allow-Methods'] = ( ",".join(CORS_SHARING_ALLOWED_METHODS) ) response['Access-Control-Allow-Headers'] = ( ",".join(CORS_SHARING_ALLOWED_HEADERS) ) # Allows cross-origin cookie access response['Access-Control-Allow-Credentials'] = 'true' # Allow the client to cache the pre-flight response for up to a day response['Access-Control-Max-Age'] = 86400 return response if hasattr(self, request.method): response = getattr(self, request.method)(request, *args, **kwargs) # Explicitly type check here because type errors further # down are harder to diagnose if type(response) is None: raise TypeError( "{0} returned None, should have returned a response object".format( request.method ) ) # Use introspection to handle HEAD requests elif request.method == 'HEAD' and hasattr(self, 'GET'): response = self.GET(request, *args, **kwargs) response.content = "" else: response = api_error( "Resource does not support {0} for this method".format( request.method ) ) response.status_code = 405 # if supress_error_codes is set make all response codes 200 if "suppress_response_codes" in request.REQUEST: response.status_code = 200 # If we are responding to a valid CORS request we must add the # Access-Control-Allow-Origin header if origin_is_allowed: response['Access-Control-Allow-Origin'] = request.META['HTTP_ORIGIN'] response['Access-Control-Allow-Credentials'] = 'true' # At this point if we have a json response and a param of format with the value of html # Convert the response to an html response with the content in the body of the page if request.REQUEST.get("format") == "html" and response['Content-Type'] == "application/json": json_formatted = json.dumps(json.loads(response.content), indent=4) response = django.http.HttpResponse("<html><body><pre>{0}</pre></body></html>".format( json_formatted, )) # Return the response return response
def __call__(self, request, *args, **kwargs): # Check if we're in read only mode if (self.read_only is True and request.method not in HTTP_READ_ONLY_METHODS): return api_error("the API is in read only mode for maintenance") if request.method == "PUT": query_dict = django.http.QueryDict(request.body) request.PUT = {k: v for k, v in query_dict.items()} kwargs.update(request.PUT) # Addd requests to kwargs kwargs.update(request.REQUEST) # Build our response object response = django.http.HttpResponse() # See if we have an 'Origin:' header in the request. If so, this is # a CORS (cross-orgin resource sharing) request. # See http://enable-cors.org/ origin_is_allowed = False if 'HTTP_ORIGIN' in request.META: # Make sure the given origin is allowed if not self._origin_is_allowed(request.META['HTTP_ORIGIN']): # If the origin is not allowed to make the request then we # return an empty 200 response. This will make the cross # origin request fail on the client side. return response origin_is_allowed = True # If we had an 'Origin:' header with a valid origin and the request # used the OPTIONS method, then we'll add the proper Access-Control # headers to the response. if origin_is_allowed and request.method == 'OPTIONS': response['Access-Control-Allow-Origin'] = ( request.META['HTTP_ORIGIN']) response['Access-Control-Allow-Methods'] = ( ",".join(CORS_SHARING_ALLOWED_METHODS)) response['Access-Control-Allow-Headers'] = ( ",".join(CORS_SHARING_ALLOWED_HEADERS)) # Allows cross-origin cookie access response['Access-Control-Allow-Credentials'] = 'true' # Allow the client to cache the pre-flight response for up to a day response['Access-Control-Max-Age'] = 86400 return response if hasattr(self, request.method): response = getattr(self, request.method)(request, *args, **kwargs) # Explicitly type check here because type errors further # down are harder to diagnose if type(response) is None: raise TypeError( "{0} returned None, should have returned a response object" .format(request.method)) # Use introspection to handle HEAD requests elif request.method == 'HEAD' and hasattr(self, 'GET'): response = self.GET(request, *args, **kwargs) response.content = "" else: response = api_error( "Resource does not support {0} for this method".format( request.method)) response.status_code = 405 # if supress_error_codes is set make all response codes 200 if "suppress_response_codes" in request.REQUEST: response.status_code = 200 # If we are responding to a valid CORS request we must add the # Access-Control-Allow-Origin header if origin_is_allowed: response['Access-Control-Allow-Origin'] = request.META[ 'HTTP_ORIGIN'] response['Access-Control-Allow-Credentials'] = 'true' return response