def render(self, request):
		_ = Translation(request.getSession())._
		acls = ACLs(request.getSession())

		moduleManager = request.site.moduleManager
		categoryManager = request.site.categoryManager
		moduleManager.load()
		categoryManager.load()
		permitted_commands = acls.get_permitted_commands(moduleManager).values()

		modules = [
			self._module_definition(module, _)
			for module in permitted_commands
			if not module.flavors
		]
		modules.extend([
			self._flavor_definition(module, flavor, _)
			for module in permitted_commands
			for flavor in module.flavors
		])

		categories = [
			self._category_definition(category, _)
			for category in categoryManager.values()
		]

		# TODO: break API: only return modules; categories should be fetched by "/get/categories/list"
		return dict(
			categories=categories,
			modules=modules
		)
	def get_request_header(self, request, methodname):
		session = request.getSession()
		user = User(session)
		translation = Translation(session)
		acls = ACLs(session)
		return {
			'Content-Type': 'application/json',
			'Accept-Language': translation.get_language(),
			'Accept': request.getHeader('Accept', ''),
			'User-Agent': request.getHeader('User-Agent', ''),
			'Authorization': 'basic %s' % ('%s:%s' % (user.username, user.password)).encode('base64').strip(),
			'X-Forwarded-For': request.getClientIP(),
			'X-UMC-Flavor': request.getHeader('X-UMC-Flavor', ''),
			'X-User-Dn': user.userdn or '',
			'X-UMC-Method': methodname,
			'X-UMC-Acls': acls.json(),  # TODO: remove, only send filename
		}
	def render(self, request):
		session = request.getSession()
		acls = ACLs(session)
		moduleManager = request.site.moduleManager

		command = '/'.join(request.prepath[1:])

		module_name = acls.get_module_providing(moduleManager, command)
		if not module_name:
			MODULE.warn('No module provides %s' % (command))
			request.setResponseCode(BAD_REQUEST_FORBIDDEN)
			return

		MODULE.info('Checking ACLs for %s (%s)' % (command, module_name))
		if not acls.is_command_allowed(request, command):
			MODULE.warn('Command %s is not allowed' % (command))
			request.setResponseCode(BAD_REQUEST_FORBIDDEN)
			return

		methodname = acls.get_method_name(moduleManager, module_name, command)
		if not methodname:
			MODULE.warn('Command %s does not exists' % (command))
			request.setResponseCode(BAD_REQUEST_NOT_FOUND)
			return

		headers = self.get_request_header(request, methodname)
		body = self.get_request_body(request)

		CORE.info('Passing new request to module %s' % (module_name,))
		process = self.get_process(session, module_name)

		urequest = process.request(request.method, request.uri, headers, body)
		urequest.addCallback(self.respond, request)
		urequest.addErrback(self.failed_request, request)

		return NOT_DONE_YET