def json_method_not_allowed(methods):
# type: (List[text_type]) -> text_type
resp = HttpResponseNotAllowed(methods)
resp.content = ujson.dumps({"result": "error",
"msg": "Method Not Allowed",
"allowed_methods": methods})
return resp
def json_method_not_allowed(methods):
# type: (List[Text]) -> Text
resp = HttpResponseNotAllowed(methods)
resp.content = force_bytes(ujson.dumps({"result": "error",
"msg": "Method Not Allowed",
"allowed_methods": methods}))
return resp
def json_method_not_allowed(methods):
# type: (List[Text]) -> HttpResponseNotAllowed
resp = HttpResponseNotAllowed(methods)
resp.content = force_bytes(ujson.dumps({"result": "error",
"msg": "Method Not Allowed",
"allowed_methods": methods}))
return resp
def json_method_not_allowed(methods: List[str]) -> HttpResponseNotAllowed:
resp = HttpResponseNotAllowed(methods)
resp.content = orjson.dumps({
"result": "error",
"msg": "Method Not Allowed",
"allowed_methods": methods
})
return resp
def json_method_not_allowed(methods: List[Text]) -> HttpResponseNotAllowed:
resp = HttpResponseNotAllowed(methods)
resp.content = ujson.dumps({"result": "error",
"msg": "Method Not Allowed",
"allowed_methods": methods}).encode()
return resp
def pid(request, noid, type):
'''REST API access to PURLs and ARKs.
On GET, returns information about the PURL or ARK requested by id and type.
Accessing an ARK or PURL will return all information associated with that
pid. In order to allow accessing and updating the unqualified (for an ARK)
or default (for a PURL) target, the pid url must NOT include a trailing slash.
Attempting to access a PURL pid as an ARK or vice versa will result in a 404.
Example urls::
http://pid.emory.edu/ark/8g3sq - info for ARK and all targets
http://pid.emory.edu/purl/127zr - info for PURL and target
On PUT, update a PURL or ARK. Update values should be in the request body
as JSON. The following values are supported:
* **domain** - domain, in URI resource format, e.g.
http://pid.emory.edu/domains/1/
* **name** - label or title
* **external_system_id** - external system name
* **external_system_key** - key or identifier in the specified external
system
* **policy** - policy by name (to specify a different policy from the
default domain policy)
Updating target information (resolve URI, active, proxy) is not currently
supported via PUT on the Ark or Purl that the target belongs to; you must PUT
the new data to the target itself-- see :meth:`target`.
'''
methods = ['GET', 'PUT']
if request.method == 'DELETE':
# *explicitly* disallow delete, since it will never be supported for pids
response = HttpResponseNotAllowed(methods)
response.content = '''ARKs and PURLs cannot be deleted.
If no longer in use, you may mark the target(s) as inactive, which will prevent
them from being resolved.'''
return response
# find the requested pid for view or update
if request.method in methods:
pid = get_object_or_404(Pid, pid__exact=noid, type=type.title())
if request.method == 'PUT':
if not request.user.is_authenticated():
# 401 unauthorized - not logged in or invalid credentials
return HttpResponseUnauthorized(BASIC_AUTH_REALM)
elif not request.user.has_perm('pid.change_pid'):
# 403 Forbidden - logged in but insufficient permissions
return HttpResponseForbidden()
# content should be posted in request body as JSON
content_type = 'application/json'
try:
if request.META['CONTENT_TYPE'] != content_type:
raise BadRequest("Unsupported content type '%s'; please use a supported format: %s" \
% (request.META['CONTENT_TYPE'], content_type))
# parse the request body as JSON
data = json.loads(request.body)
# TODO: figure out how to take advantage of overlap in create_pid logic
# update any pid properties that are specified
if 'domain' in data:
# domain should be passed in as resource URI
pid.domain = _domain_from_uri(data['domain'])
if 'name' in data:
pid.name = data['name']
if 'external_system_id' in data:
# if external system id is set and not empty, find and update
if data['external_system_id']:
try:
pid.ext_system = ExtSystem.objects.get(
name=data['external_system_id'])
except ObjectDoesNotExist:
raise BadRequest("External System '%s' not found" %
data['external_system_id'])
# otherwise, clear external system
else:
pid.ext_system = None
if 'external_system_key' in data:
pid.ext_system_key = data['external_system_key']
if 'policy' in data:
# if policy is set and not empty, find and update
if data['policy']:
try:
pid.policy = Policy.objects.get(title=data['policy'])
except ObjectDoesNotExist:
raise BadRequest("Policy '%s' not found" %
request.POST['policy'])
# otherwise, clear policy
else:
pid.policy = None
# NOTE: currently does not supporting target URI or info
# It might be nice to allow updating one target specified by qualifier,
# or perhaps only primary/default target, (roughly parallel to pid creation)
# HOWEVER, that complicates things:
# - should specifying active=True/False at this level apply to one
# target or ALL targets?
# - if the requested target does not exist, do we create it?
# set current user as editor
pid.editor = request.user
pid.save()
_log_rest_action(request, pid, CHANGE,
'Updated pid:%s via rest api' % unicode(pid))
except BadRequest as err:
# return a response with status code 400, Bad Request
return HttpResponseBadRequest('Error: %s' % err)
# successful PUT can return 200 Ok or 204 No Content
# in this case, on success, return the updated pid with status 200
# -- fall through to common GET/PUT display logic
# common logic for GET and successful PUT: return pid info as JSON
if request.method == 'GET' or request.method == 'PUT':
json_data = json_serializer.encode(pid_data(pid, request))
return HttpResponse(json_data, content_type='application/json')
# if request method is not GET or PUT, return 405 method not allowed
return HttpResponseNotAllowed(methods)
def pid(request, noid, type):
"""REST API access to PURLs and ARKs.
On GET, returns information about the PURL or ARK requested by id and type.
Accessing an ARK or PURL will return all information associated with that
pid. In order to allow accessing and updating the unqualified (for an ARK)
or default (for a PURL) target, the pid url must NOT include a trailing slash.
Attempting to access a PURL pid as an ARK or vice versa will result in a 404.
Example urls::
http://pid.emory.edu/ark/8g3sq - info for ARK and all targets
http://pid.emory.edu/purl/127zr - info for PURL and target
On PUT, update a PURL or ARK. Update values should be in the request body
as JSON. The following values are supported:
* **domain** - domain, in URI resource format, e.g.
http://pid.emory.edu/domains/1/
* **name** - label or title
* **external_system_id** - external system name
* **external_system_key** - key or identifier in the specified external
system
* **policy** - policy by name (to specify a different policy from the
default domain policy)
Updating target information (resolve URI, active, proxy) is not currently
supported via PUT on the Ark or Purl that the target belongs to; you must PUT
the new data to the target itself-- see :meth:`target`.
"""
methods = ["GET", "PUT"]
if request.method == "DELETE":
# *explicitly* disallow delete, since it will never be supported for pids
response = HttpResponseNotAllowed(methods)
response.content = """ARKs and PURLs cannot be deleted.
If no longer in use, you may mark the target(s) as inactive, which will prevent
them from being resolved."""
return response
# find the requested pid for view or update
if request.method in methods:
pid = get_object_or_404(Pid, pid__exact=noid, type=type.title())
if request.method == "PUT":
if not request.user.is_authenticated():
# 401 unauthorized - not logged in or invalid credentials
return HttpResponseUnauthorized(BASIC_AUTH_REALM)
elif not request.user.has_perm("pid.change_pid"):
# 403 Forbidden - logged in but insufficient permissions
return HttpResponseForbidden()
# content should be posted in request body as JSON
content_type = "application/json"
try:
if request.META["CONTENT_TYPE"] != content_type:
raise BadRequest(
"Unsupported content type '%s'; please use a supported format: %s"
% (request.META["CONTENT_TYPE"], content_type)
)
# parse the request body as JSON
data = json.loads(request.body)
# TODO: figure out how to take advantage of overlap in create_pid logic
# update any pid properties that are specified
if "domain" in data:
# domain should be passed in as resource URI
pid.domain = _domain_from_uri(data["domain"])
if "name" in data:
pid.name = data["name"]
if "external_system_id" in data:
# if external system id is set and not empty, find and update
if data["external_system_id"]:
try:
pid.ext_system = ExtSystem.objects.get(name=data["external_system_id"])
except ObjectDoesNotExist:
raise BadRequest("External System '%s' not found" % data["external_system_id"])
# otherwise, clear external system
else:
pid.ext_system = None
if "external_system_key" in data:
pid.ext_system_key = data["external_system_key"]
if "policy" in data:
# if policy is set and not empty, find and update
if data["policy"]:
try:
pid.policy = Policy.objects.get(title=data["policy"])
except ObjectDoesNotExist:
raise BadRequest("Policy '%s' not found" % request.POST["policy"])
# otherwise, clear policy
else:
pid.policy = None
# NOTE: currently does not supporting target URI or info
# It might be nice to allow updating one target specified by qualifier,
# or perhaps only primary/default target, (roughly parallel to pid creation)
# HOWEVER, that complicates things:
# - should specifying active=True/False at this level apply to one
# target or ALL targets?
# - if the requested target does not exist, do we create it?
# set current user as editor
pid.editor = request.user
pid.save()
_log_rest_action(request, pid, CHANGE, "Updated pid:%s via rest api" % unicode(pid))
except BadRequest as err:
# return a response with status code 400, Bad Request
return HttpResponseBadRequest("Error: %s" % err)
# successful PUT can return 200 Ok or 204 No Content
# in this case, on success, return the updated pid with status 200
# -- fall through to common GET/PUT display logic
# common logic for GET and successful PUT: return pid info as JSON
if request.method == "GET" or request.method == "PUT":
json_data = json_serializer.encode(pid_data(pid, request))
return HttpResponse(json_data, content_type="application/json")
# if request method is not GET or PUT, return 405 method not allowed
return HttpResponseNotAllowed(methods)
