def render(self, req): if req.method != 'POST': raise server.UnsupportedMethod(('POST', )) if req.args.get('token', False): raise WebError("Do not pass 'token' as URL argument", http.BAD_REQUEST) # not using get_arg() here because we *don't* want the token # argument to work if you passed it as a GET-style argument token = None if req.fields and 'token' in req.fields: token = req.fields['token'].value.strip() if not token: raise WebError("Missing token", http.UNAUTHORIZED) if not timing_safe_compare(token, self.client.get_auth_token()): raise WebError("Invalid token", http.UNAUTHORIZED) t = get_arg(req, "t", "").strip() if not t: raise WebError("Must provide 't=' argument") if t == u'json': try: return self.post_json(req) except Exception: message, code = humanize_failure(Failure()) req.setResponseCode(code) return simplejson.dumps({"error": message}) else: raise WebError("'%s' invalid type for 't' arg" % (t, ), http.BAD_REQUEST)
def renderHTTP(self, ctx): request = IRequest(ctx) # if we were using regular twisted.web Resources (and the regular # twisted.web.server.Request object) then we could implement # render_PUT and render_GET. But Nevow's request handler # (NevowRequest.gotPageContext) goes directly to renderHTTP. Copy # some code from the Resource.render method that Nevow bypasses, to # do the same thing. m = getattr(self, 'render_' + request.method, None) if not m: raise server.UnsupportedMethod(getattr(self, 'allowedMethods', ())) return m(ctx)
def render(self, request): """This is based on the default implementation from resource.Resource that checks for the appropriate method to delegate to. It adds a default handler for arguments in a PUT request and delegation of argument parsing. The processing is pushed off onto a thread and wrapped with error handling. """ if request.method == 'PUT': # For now, assume all put requests use a simple urllib encoding. request.content.seek(0) # Since these are both lists, there is a theoretical case where # one might want to merge the lists, instead of overwriting with # the new. Not sure if that matters right now. request.args.update(http.parse_qs(request.content.read())) # FIXME: This breaks HEAD and OPTIONS handling... handler = self.handlers.get(request.method, None) if not handler: # FIXME: This may be broken, if it is supposed to get a useful # message based on available render_ methods. raise server.UnsupportedMethod(getattr(self, 'allowedMethods', ())) # Default render would just call the method here. # This is expanded to do argument checking, finish the request, # and do some error handling. d = self.check_arguments(request, handler.required_parameters, handler.optional_parameters) style = getattr(self, "output_format", None) if style is None: style = getattr(request, "output_format", None) if style is None: style = getattr(handler, "default_style", "raw") # The logger used to be set up after the session. However, # this keeps a record of the request from forming immediately # if all the sqlalchmey session threads are in use. # This will be a problem if/when we want an auditid to come # from the database, but we can revisit at that point. d = d.addCallback(lambda arguments: handler.add_logger( style=style, request=request, **arguments)) if handler.defer_to_thread: d = d.addCallback(lambda arguments: threads.deferToThread( handler.render, **arguments)) else: d = d.addCallback(lambda arguments: handler.render(**arguments)) d = d.addCallback(self.finishRender, request) d = d.addErrback(self.wrapNonInternalError, request) d = d.addErrback(self.wrapError, request) return server.NOT_DONE_YET
def render(self, request): m = getattr(self, 'render_' + request.method, None) if not m: raise server.UnsupportedMethod(getattr(self, 'allowedMethods', ())) return m(request)
def __call__(self, request, *args, **kwargs): "Creates resource object and calls appropriate method for this request." if request.method not in self.allowed_methods: raise server.UnsupportedMethod(getattr(self, 'allowed_methods', ())) return getattr(self, request.method.lower())(*args, **kwargs)