def get(self, request, *args, **kwargs):
'''
Get a list of all posts related to a request. Returns just the post id and title. Must pass in id through the
path as follows:
/controllers/blog/label/posts/{id}/
Only one id will be considered or an exception will be thrown.
Json returned will be of the following:
[
{
"id" : <id>,
"title" : <title>
}, ...
]
'''
if not args:
return err("Did not provide an id to lookup.")
try:
lbl = Label.objects.get(name=args[0][:-1])
except ObjectDoesNotExist:
return err("Label {} does not exist.".format(args[0]))
posts = lbl.posts.values("id", "title")
return oresp(request, json.dumps([post for post in posts]))
def post(self, request, *args, **kwargs):
'''
Log the person in. Login requires the following json to work:
{
"email" : "<email>",
"password" : "<password>"
}
'''
try:
session_id = authenticate(request)
resp = oresp(request)
resp.set_cookie("sessionid", session_id, max_age=30)
return resp
except (KeyError, ValueError) as e:
return err(e)
except AuthenticationError as ae:
return err(ae, 401)
def post(self, request, *args, **kwargs):
'''
Creates a new poster. The poster object should be of the following json type:
{
"email" : "<email>",
"password" : "<password>"
}
'''
j = load(read(request))
try:
p = User.objects.create_user(**j)
return resp(request, (p, ))
except IntegrityError as ie:
return err(ie)
def get(self, request, *args, **kwargs):
'''
Get all the posters in the system. The first arg should be the email or the primary key of the
user to use
'''
if args[0] is not None:
if args[0].isdigit():
return resp(request,
User.objects.filter(id=args[0]),
fields=self.fields)
else:
return resp(request,
User.objects.filter(email=args[0]),
fields=self.fields)
elif request.user.level >= 4:
return resp(request, User.objects.all(), fields=self.fields)
else:
return err(
"Your level of {} is not allowed to see all users.".format(
User.get_level_name(request.user.level)), 403)
def delete(self, request, *args, **kwargs):
'''
Delete an entity. This is a no payload endpoint where you can delete either in bulk by adding
doing one of the three things:
1) a single entity: .../entity/<id>/ where you just add one id in the path
2) multiple entities: .../entity/<id>/<id2>/.../ where you add as many ids as you want in the path
3) leave the args blank and add query param with at least one query param called ids as follows:
ids=1,2,3,4,5
note that the ids are a csv.
Note that the GET argument can also be used to help narrow down from the list of ids those that
contain other query attributes. Note that these query attributes need to have the names of the model
fields, just like in getting objects.
'''
args = args[0].split('/')[:-1]
if not args:
if "ids" not in request.GET:
return err("Did not contain any valid ids to delete.")
ids = request.GET.get("ids").split(',')
reqDict = {
field: request.GET[field]
for field in self.model._meta.get_all_field_names()
if field in request.GET
}
deletes = self.model.objects.filter(id__in=ids, **reqDict)
elif len(args) == 1:
deletes = self.model.objects.get(id=args[0])
else:
deletes = self.model.objects.filter(id__in=args)
deletes.delete()
return oresp(request)