def json_method_not_allowed(methods): # type: (List[text_type]) -> text_type resp = HttpResponseNotAllowed(methods) resp.content = ujson.dumps({"result": "error", "msg": "Method Not Allowed", "allowed_methods": methods}) return resp
def json_method_not_allowed(methods): # type: (List[Text]) -> Text resp = HttpResponseNotAllowed(methods) resp.content = force_bytes(ujson.dumps({"result": "error", "msg": "Method Not Allowed", "allowed_methods": methods})) return resp
def json_method_not_allowed(methods): # type: (List[Text]) -> HttpResponseNotAllowed resp = HttpResponseNotAllowed(methods) resp.content = force_bytes(ujson.dumps({"result": "error", "msg": "Method Not Allowed", "allowed_methods": methods})) return resp
def json_method_not_allowed(methods: List[str]) -> HttpResponseNotAllowed: resp = HttpResponseNotAllowed(methods) resp.content = orjson.dumps({ "result": "error", "msg": "Method Not Allowed", "allowed_methods": methods }) return resp
def json_method_not_allowed(methods: List[Text]) -> HttpResponseNotAllowed: resp = HttpResponseNotAllowed(methods) resp.content = ujson.dumps({"result": "error", "msg": "Method Not Allowed", "allowed_methods": methods}).encode() return resp
def pid(request, noid, type): '''REST API access to PURLs and ARKs. On GET, returns information about the PURL or ARK requested by id and type. Accessing an ARK or PURL will return all information associated with that pid. In order to allow accessing and updating the unqualified (for an ARK) or default (for a PURL) target, the pid url must NOT include a trailing slash. Attempting to access a PURL pid as an ARK or vice versa will result in a 404. Example urls:: http://pid.emory.edu/ark/8g3sq - info for ARK and all targets http://pid.emory.edu/purl/127zr - info for PURL and target On PUT, update a PURL or ARK. Update values should be in the request body as JSON. The following values are supported: * **domain** - domain, in URI resource format, e.g. http://pid.emory.edu/domains/1/ * **name** - label or title * **external_system_id** - external system name * **external_system_key** - key or identifier in the specified external system * **policy** - policy by name (to specify a different policy from the default domain policy) Updating target information (resolve URI, active, proxy) is not currently supported via PUT on the Ark or Purl that the target belongs to; you must PUT the new data to the target itself-- see :meth:`target`. ''' methods = ['GET', 'PUT'] if request.method == 'DELETE': # *explicitly* disallow delete, since it will never be supported for pids response = HttpResponseNotAllowed(methods) response.content = '''ARKs and PURLs cannot be deleted. If no longer in use, you may mark the target(s) as inactive, which will prevent them from being resolved.''' return response # find the requested pid for view or update if request.method in methods: pid = get_object_or_404(Pid, pid__exact=noid, type=type.title()) if request.method == 'PUT': if not request.user.is_authenticated(): # 401 unauthorized - not logged in or invalid credentials return HttpResponseUnauthorized(BASIC_AUTH_REALM) elif not request.user.has_perm('pid.change_pid'): # 403 Forbidden - logged in but insufficient permissions return HttpResponseForbidden() # content should be posted in request body as JSON content_type = 'application/json' try: if request.META['CONTENT_TYPE'] != content_type: raise BadRequest("Unsupported content type '%s'; please use a supported format: %s" \ % (request.META['CONTENT_TYPE'], content_type)) # parse the request body as JSON data = json.loads(request.body) # TODO: figure out how to take advantage of overlap in create_pid logic # update any pid properties that are specified if 'domain' in data: # domain should be passed in as resource URI pid.domain = _domain_from_uri(data['domain']) if 'name' in data: pid.name = data['name'] if 'external_system_id' in data: # if external system id is set and not empty, find and update if data['external_system_id']: try: pid.ext_system = ExtSystem.objects.get( name=data['external_system_id']) except ObjectDoesNotExist: raise BadRequest("External System '%s' not found" % data['external_system_id']) # otherwise, clear external system else: pid.ext_system = None if 'external_system_key' in data: pid.ext_system_key = data['external_system_key'] if 'policy' in data: # if policy is set and not empty, find and update if data['policy']: try: pid.policy = Policy.objects.get(title=data['policy']) except ObjectDoesNotExist: raise BadRequest("Policy '%s' not found" % request.POST['policy']) # otherwise, clear policy else: pid.policy = None # NOTE: currently does not supporting target URI or info # It might be nice to allow updating one target specified by qualifier, # or perhaps only primary/default target, (roughly parallel to pid creation) # HOWEVER, that complicates things: # - should specifying active=True/False at this level apply to one # target or ALL targets? # - if the requested target does not exist, do we create it? # set current user as editor pid.editor = request.user pid.save() _log_rest_action(request, pid, CHANGE, 'Updated pid:%s via rest api' % unicode(pid)) except BadRequest as err: # return a response with status code 400, Bad Request return HttpResponseBadRequest('Error: %s' % err) # successful PUT can return 200 Ok or 204 No Content # in this case, on success, return the updated pid with status 200 # -- fall through to common GET/PUT display logic # common logic for GET and successful PUT: return pid info as JSON if request.method == 'GET' or request.method == 'PUT': json_data = json_serializer.encode(pid_data(pid, request)) return HttpResponse(json_data, content_type='application/json') # if request method is not GET or PUT, return 405 method not allowed return HttpResponseNotAllowed(methods)
def pid(request, noid, type): """REST API access to PURLs and ARKs. On GET, returns information about the PURL or ARK requested by id and type. Accessing an ARK or PURL will return all information associated with that pid. In order to allow accessing and updating the unqualified (for an ARK) or default (for a PURL) target, the pid url must NOT include a trailing slash. Attempting to access a PURL pid as an ARK or vice versa will result in a 404. Example urls:: http://pid.emory.edu/ark/8g3sq - info for ARK and all targets http://pid.emory.edu/purl/127zr - info for PURL and target On PUT, update a PURL or ARK. Update values should be in the request body as JSON. The following values are supported: * **domain** - domain, in URI resource format, e.g. http://pid.emory.edu/domains/1/ * **name** - label or title * **external_system_id** - external system name * **external_system_key** - key or identifier in the specified external system * **policy** - policy by name (to specify a different policy from the default domain policy) Updating target information (resolve URI, active, proxy) is not currently supported via PUT on the Ark or Purl that the target belongs to; you must PUT the new data to the target itself-- see :meth:`target`. """ methods = ["GET", "PUT"] if request.method == "DELETE": # *explicitly* disallow delete, since it will never be supported for pids response = HttpResponseNotAllowed(methods) response.content = """ARKs and PURLs cannot be deleted. If no longer in use, you may mark the target(s) as inactive, which will prevent them from being resolved.""" return response # find the requested pid for view or update if request.method in methods: pid = get_object_or_404(Pid, pid__exact=noid, type=type.title()) if request.method == "PUT": if not request.user.is_authenticated(): # 401 unauthorized - not logged in or invalid credentials return HttpResponseUnauthorized(BASIC_AUTH_REALM) elif not request.user.has_perm("pid.change_pid"): # 403 Forbidden - logged in but insufficient permissions return HttpResponseForbidden() # content should be posted in request body as JSON content_type = "application/json" try: if request.META["CONTENT_TYPE"] != content_type: raise BadRequest( "Unsupported content type '%s'; please use a supported format: %s" % (request.META["CONTENT_TYPE"], content_type) ) # parse the request body as JSON data = json.loads(request.body) # TODO: figure out how to take advantage of overlap in create_pid logic # update any pid properties that are specified if "domain" in data: # domain should be passed in as resource URI pid.domain = _domain_from_uri(data["domain"]) if "name" in data: pid.name = data["name"] if "external_system_id" in data: # if external system id is set and not empty, find and update if data["external_system_id"]: try: pid.ext_system = ExtSystem.objects.get(name=data["external_system_id"]) except ObjectDoesNotExist: raise BadRequest("External System '%s' not found" % data["external_system_id"]) # otherwise, clear external system else: pid.ext_system = None if "external_system_key" in data: pid.ext_system_key = data["external_system_key"] if "policy" in data: # if policy is set and not empty, find and update if data["policy"]: try: pid.policy = Policy.objects.get(title=data["policy"]) except ObjectDoesNotExist: raise BadRequest("Policy '%s' not found" % request.POST["policy"]) # otherwise, clear policy else: pid.policy = None # NOTE: currently does not supporting target URI or info # It might be nice to allow updating one target specified by qualifier, # or perhaps only primary/default target, (roughly parallel to pid creation) # HOWEVER, that complicates things: # - should specifying active=True/False at this level apply to one # target or ALL targets? # - if the requested target does not exist, do we create it? # set current user as editor pid.editor = request.user pid.save() _log_rest_action(request, pid, CHANGE, "Updated pid:%s via rest api" % unicode(pid)) except BadRequest as err: # return a response with status code 400, Bad Request return HttpResponseBadRequest("Error: %s" % err) # successful PUT can return 200 Ok or 204 No Content # in this case, on success, return the updated pid with status 200 # -- fall through to common GET/PUT display logic # common logic for GET and successful PUT: return pid info as JSON if request.method == "GET" or request.method == "PUT": json_data = json_serializer.encode(pid_data(pid, request)) return HttpResponse(json_data, content_type="application/json") # if request method is not GET or PUT, return 405 method not allowed return HttpResponseNotAllowed(methods)