def maybe_redirect_to(self, request, form, **kw):
redirect_to = self.redirect_url(request)
if redirect_to:
return Json({
'success': True,
'redirect': redirect_to
}).http_response(request)
else:
return Json(form.tojson()).http_response(request)
def get(self, request):
'''Get all routes grouped in sections.
This is the only method available for the router base route.'''
if request.response.content_type in JSON_CONTENT_TYPES:
json = Json(as_list=True)
for name, section in mapping_iterator(self.sections):
json.append(OrderedDict((('name', name),
('routes', section.json(request)))))
return json.http_response(request)
else:
raise HttpException(status=415)
def get(self, request):
'''Get all routes grouped in sections.
This is the only method available for the router base route.'''
if request.response.content_type in JSON_CONTENT_TYPES:
json = Json(as_list=True)
for name, section in mapping_iterator(self.sections):
json.append(
OrderedDict(
(('name', name), ('routes', section.json(request)))))
return json.http_response(request)
else:
raise HttpException(status=415)
def logout_response(self, request, user):
'''Logout and create a new session
'''
if user.is_authenticated():
request.cache.user = self.anonymous()
request.cache.session = self.create_session(request)
return Json({'success': True}).http_response(request)
def post(self, request):
'''Create a new model
'''
model = self.model(request.app)
if not model.form:
raise MethodNotAllowed
self.check_model_permission(request, rest.CREATE)
columns = model.columns_with_permission(request, rest.CREATE)
columns = model.column_fields(columns, 'name')
data, files = request.data_and_files()
form = model.form(request, data=data, files=files)
if form.is_valid():
# At the moment, we silently drop any data
# for columns the user doesn't have update access to,
# like they don't exist
filtered_data = {k: v for k, v in form.cleaned_data.items() if
k in columns}
with model.session(request) as session:
try:
instance = model.create_model(request, filtered_data,
session=session)
except DataError as exc:
odm.logger.exception('Could not create model')
form.add_error_message(str(exc))
data = form.tojson()
else:
data = model.serialise(request, instance)
request.response.status_code = 201
else:
data = form.tojson()
return Json(data).http_response(request)
def get(self, request):
'''Simply list test urls
'''
data = {}
for router in self.routes:
data[router.name] = request.absolute_uri(router.path())
return Json(data).http_response(request)
def render_file(self, request, path='', as_response=False):
if path.endswith('/'):
path = '%sindex' % path
model = self.model(request.app)
content = self.get_content(request, path)
backend = request.cache.auth_backend
if backend.has_permission(request, model.name, rest.READ):
response = request.response
response.content_type = content.content_type
if content.content_type == 'text/html':
#
# Update with context from this router
content._meta.update(self.context(request) or ())
if response.content_type == 'application/json':
data = content.json(request)
if as_response:
return Json(data).http_response(request)
else:
return data
else:
html = content.html(request)
if as_response:
return self.html_response(request, html)
else:
return html
elif as_response:
response.content_type = content.content_type
response.content = content.raw(request)
return response
else:
return content.raw(request)
raise PermissionDenied
def post(self, request):
self.data = request.data_and_files()[0]
host = request.get_host()
proto = request.uri.split(':', 1)[0]
name_list = self.data.getlist('name')
path_list = self.data.getlist('path')
size_list = self.data.getlist('size')
md5_list = self.data.getlist('md5')
response = []
for name, path, size, md5 in zip(name_list, path_list, size_list,
md5_list):
_hex = uuid4().hex
destination_dir = self.get_destination_dir(_hex)
filename = self.get_filename(name, _hex)
source = Path(path)
destination = destination_dir.joinpath(filename)
source.rename(destination)
url = self.get_url(proto, host, destination)
content_type = guess_type(url)[0] or ''
response.append({
'url': url,
'type': content_type,
'name': name,
'size': size,
'md5': md5
})
return Json(response).http_response(request)
async def post(self, request):
data = await as_coroutine(request.body_data())
if self.secret:
try:
self.validate(request)
except HttpException:
raise
except Exception as exc:
exc = str(exc)
request.logger.exception(exc)
raise BadRequest(exc)
event = request.get('HTTP_X_GITHUB_EVENT')
if self.handle_payload:
try:
data = await self.handle_payload(request, event, data)
except HttpException:
raise
except Exception as exc:
exc = str(exc)
request.logger.exception(exc)
raise BadRequest(exc)
else:
data = dict(success=True, event=event)
return Json(data).http_response(request)
def reset(self, request):
if request.method == 'OPTIONS':
request.app.fire('on_preflight', request, methods=['POST'])
return request.response
key = request.urlargs['key']
try:
user = request.cache.auth_backend.get_user(request, auth_key=key)
except AuthenticationError:
user = None
form = self.reset_form(request, data=request.body_data())
valid = form.is_valid()
if not user:
form.add_error_message('The link is no longer valid')
result = form.tojson()
elif valid:
auth = request.cache.auth_backend
password = form.cleaned_data['password']
if auth.set_password(request, user, password):
result = dict(message='Password successfully changed',
success=True)
else:
result = dict(error='Could not change password')
auth.confirm_auth_key(request, key)
else:
result = form.tojson()
return Json(result).http_response(request)
def signup(self, request):
'''Handle signup post data
If :attr:`.create_user_form` form is None, raise a 404 error.
A succesful response is returned by the backend
:meth:`.signup_response` method.
'''
if not self.create_user_form:
raise Http404
user = request.cache.user
if user.is_authenticated():
raise MethodNotAllowed
form = self.create_user_form(request, data=request.body_data())
if form.is_valid():
data = form.cleaned_data
auth_backend = request.cache.auth_backend
try:
user = auth_backend.create_user(request, **data)
return auth_backend.signup_response(request, user)
except AuthenticationError as e:
form.add_error_message(str(e))
return Json(form.tojson()).http_response(request)
def mailing_list(self, request):
'''Add a given email to a mailing list
'''
user = request.cache.user
data = request.body_data()
if user.is_authenticated():
raise MethodNotAllowed
form = EmailForm(request, data=data)
if form.is_valid():
email = form.cleaned_data['email']
odm = request.app.odm()
topic = request.config['GENERAL_MAILING_LIST_TOPIC']
with odm.begin() as session:
q = session.query(odm.mailinglist).filter_by(email=email,
topic=topic)
if not q.count():
entry = odm.mailinglist(email=email, topic=topic)
session.add(entry)
request.response.status_code = 201
result = {'message': ('Email %s added to mailing list'
% email)}
else:
result = {'message': ('Email %s already in mailing list'
% email)}
else:
result = form.tojson()
return Json(result).http_response(request)
def get_pulsar(self, request):
data = [
'pulsar',
pulsar.JAPANESE,
pulsar.CHINESE,
pulsar.HINDI
]
return Json(data).http_response(request)
def info(self, request):
response = request.response
self.info_cache(response.headers)
self.origin(request)
return Json({'websocket': request.config['WEBSOCKET_AVAILABLE'],
'origins': ['*:*'],
'entropy': randint(0, sys.maxsize)}
).http_response(request)
def challenge_digest_auth(self, request):
auth = request.get('http.authorization')
if auth and auth.authenticated(request.environ, **request.urlargs):
return Json({
'authenticated': True,
'username': auth.username
}).http_response(request)
raise wsgi.HttpAuthenticate('digest', qop=[request.urlargs['qop']])
def json_collection(self, request, info):
columns = info.columns
objs = []
formatter = self.json_format
for elem in info.data:
obj = self.extract_column_data(request, elem, columns, formatter)
objs.append(OrderedDict(self.column_to_name(obj, info.pretty)))
return Json(objs)
def get(self, request):
backend = request.cache.auth_backend
if backend.has_permission(request, self.model, rest.READ):
limit = self.limit(request)
offset = self.offset(request)
text = self.query(request)
data = self.collection(request, limit, offset, text)
return Json(data).http_response(request)
raise PermissionDenied
def read(self, request):
'''Read an instance
'''
instance = self.manager.get(request, request.urlargs['id'])
if not instance:
raise Http404
url = request.absolute_uri()
data = self.manager.instance_data(request, instance, url=url)
return Json(data).http_response(request)
def queries(self, request):
'''Multiple Database Queries'''
queries = self.get_queries(request)
worlds = []
with self.mapper.begin() as session:
for _ in range(queries):
world = session.query(World).get(randint(1, MAXINT))
worlds.append(self.get_json(world))
return Json(worlds).http_response(request)
def signup_response(self, request, user):
'''handle the response to a signup request
'''
auth_backend = request.cache.auth_backend
auth_key = auth_backend.create_auth_key(request, user)
if auth_key:
email = self.send_email_confirmation(request, user, auth_key)
request.response.status_code = 201
data = dict(email=email, registration=auth_key)
return Json(data).http_response(request)
def read_update_delete(self, request):
if request.method == 'OPTIONS':
request.app.fire('on_preflight', request)
return request.response
model = self.model(request.app)
odm = request.app.odm()
with odm.begin() as session:
instance = self.get_instance(request, session=session)
if request.method == 'GET':
self.check_model_permission(request, rest.READ)
data = model.serialise(request, instance)
elif request.method == 'HEAD':
self.check_model_permission(request, rest.READ)
return request.response
elif request.method in ('POST', 'PUT'):
form_class = model.updateform
if not form_class:
raise MethodNotAllowed
self.check_model_permission(request, rest.UPDATE)
columns = model.columns_with_permission(request, rest.UPDATE)
columns = model.column_fields(columns, 'name')
data, files = request.data_and_files()
form = form_class(request, data=data, files=files,
previous_state=instance)
if form.is_valid(exclude_missing=True):
# At the moment, we silently drop any data
# for columns the user doesn't have update access to,
# like they don't exist
filtered_data = {k: v for k, v in form.cleaned_data.items()
if k in columns}
instance = model.update_model(request, instance,
filtered_data)
data = model.serialise(request, instance)
else:
data = form.tojson()
elif request.method == 'DELETE':
self.check_model_permission(request, rest.DELETE)
model.delete_model(request, instance)
request.response.status_code = 204
return request.response
else:
raise MethodNotAllowed
return Json(data).http_response(request)
def get(self, request):
app = request.app
src = app.template_full_path(self.index_template)
content = self.read_file(app, src, 'index', False)
data = content.json(request)
html_router = self.html_router
data['api_url'] = app.site_url(self.relative_path(request))
urlparams = content.urlparams(html_router.route.variables)
path = html_router.path(**urlparams)
data['html_url'] = app.site_url(normpath(path))
return Json(data).http_response(request)
def updates(self, request):
'''Multiple updates'''
queries = self.get_queries(request)
worlds = []
for _ in range(queries):
with self.mapper.begin() as session:
world = session.query(World).get(randint(1, MAXINT))
world.randomNumber = randint(1, MAXINT)
session.add(world)
worlds.append(self.get_json(world))
return Json(worlds).http_response(request)
def logout(request):
'''Logout a user
'''
form = Form(request, data=request.body_data() or {})
if form.is_valid():
user = request.cache.user
auth_backend = request.cache.auth_backend
return auth_backend.logout_response(request, user)
else:
return Json(form.tojson()).http_response(request)
def get(self, request):
app = request.app
response = request.response
content = self.get_content(request)
# Get the JSON representation of the resource
data = content.json(request)
if data:
html_router = self.html_router
urlargs = request.urlargs
# The index page
if urlargs.get('path') == 'index':
urlargs['path'] = ''
data['api_url'] = app.site_url(self.relative_path(request))
html = html_router.get_route(html_router.childname('view'))
urlparams = content.urlparams(html.route.variables)
path = html.path(**urlparams)
data['html_url'] = app.site_url(normpath(path))
return Json(data).http_response(request)
else:
raise Unsupported
return Json(data).http_response(request)
def partials(self, request):
'''Serve pages when in ui.router mode
'''
path = request.urlargs.get('path', '')
bits = path.split('.')
name = bits['']
page = None
if self.manager:
page = self.manager(request, name)
if not page:
raise Http404
return Json(page.to_dict()).http_response(request)
async def _async_put(self, request):
headers = self.getheaders(request)
data = {'method': request.method,
'headers': headers,
'pulsar': self.pulsar_info(request),
'args': MultiValueDict(),
'files': MultiValueDict()}
request.cache.response_data = data
await request.data_and_files(stream=partial(self.stream, request))
data['args'] = dict(data['args'])
data['files'] = dict(data['files'])
return Json(data).http_response(request)
def query_response(self, request, query, limit=None, offset=None,
text=None, sortby=None, max_limit=None, **params):
limit = self.limit(request, limit, max_limit)
offset = self.offset(request, offset)
text = self.search_text(request, text)
sortby = request.url_data.get('sortby', sortby)
query = self.filter(request, query, text, params)
total = query.count()
query = self.sortby(request, query, sortby)
data = query.limit(limit).offset(offset).all()
data = self.serialise(request, data, **params)
data = request.app.pagination(request, data, total, limit, offset)
return Json(data).http_response(request)
def post(self, request):
'''Handle post data
'''
user = request.cache.user
if not user.is_authenticated():
raise MethodNotAllowed
form = self.fclass(request, data=request.body_data())
if form.is_valid():
auth = request.cache.auth_backend
password = form.cleaned_data['password']
auth.set_password(user, password)
return self.maybe_redirect_to(request, form, user=user)
return Json(form.tojson()).http_response(request)
def metadata(self, request):
'''Model metadata
'''
if request.method == 'OPTIONS':
request.app.fire('on_preflight', request)
return request.response
backend = request.cache.auth_backend
model = self.model(request.app)
if backend.has_permission(request, model.name, rest.READ):
meta = model.meta(request)
return Json(meta).http_response(request)
raise PermissionDenied
def jsonform(self, request):
form = self.get_form_layout(request)
if not form:
raise Http404
method = self.form_method or 'post'
action = self.form_action
if hasattr(action, '__call__'):
action = action(request)
if not action:
action = request.full_path()
data = form(request).as_dict(action=action,
enctype=self.form_enctype,
method=method)
return Json(data).http_response(request)