def __call__(self, request, *args, **kwargs):
# Check if we're in read only mode
if (self.read_only == True
and request.method not in HTTP_READ_ONLY_METHODS):
return api_error("the API is in read only mode for maintenance")
# Addd requests to kwargs
kwargs.update(request.REQUEST)
if hasattr(self, request.method):
result = getattr(self, request.method)(request, *args, **kwargs)
# Use introspection to handle HEAD requests
elif request.method == 'HEAD'and hasattr(self, 'GET'):
result = self.GET(request)
result.content = ""
# Use introspection to handle OPTIONS requests
elif request.method == 'OPTIONS':
available_methods = set(HTTP_METHODS) & set(dir(self))
result["Accept"] = ",".join(available_methods)
else:
result = api_error(
"Resource does not support {0} for this method".format(
request.method))
result.status_code = 405
# if supress_error_codes is set make all response codes 200
if "suppress_response_codes" in request.REQUEST:
result.status_code = 200
return result
def __call__(self, request, *args, **kwargs):
# Check if we're in read only mode
if (self.read_only == True
and request.method not in HTTP_READ_ONLY_METHODS):
return api_error("the API is in read only mode for maintenance")
# Addd requests to kwargs
kwargs.update(request.REQUEST)
if hasattr(self, request.method):
result = getattr(self, request.method)(request, *args, **kwargs)
# Use introspection to handle HEAD requests
elif request.method == 'HEAD' and hasattr(self, 'GET'):
result = self.GET(request)
result.content = ""
# Use introspection to handle OPTIONS requests
elif request.method == 'OPTIONS':
available_methods = set(HTTP_METHODS) & set(dir(self))
result["Accept"] = ",".join(available_methods)
else:
result = api_error(
"Resource does not support {0} for this method".format(
request.method))
result.status_code = 405
# if supress_error_codes is set make all response codes 200
if "suppress_response_codes" in request.REQUEST:
result.status_code = 200
return result
def __call__(self, request, *args, **kwargs):
# Add the request user to the class, this allows certain django decorators to work
if hasattr(request, 'user'):
self.user = request.user
# Check if we're in read only mode
if (self.read_only is True
and request.method not in HTTP_READ_ONLY_METHODS):
return api_error("the API is in read only mode for maintenance")
if request.method == "PUT":
query_dict = django.http.QueryDict(request.body)
request.PUT = {
k: v
for k, v
in query_dict.items()}
kwargs.update(request.PUT)
# Addd requests to kwargs
kwargs.update(request.REQUEST)
# Build our response object
response = django.http.HttpResponse()
# See if we have an 'Origin:' header in the request. If so, this is
# a CORS (cross-orgin resource sharing) request.
# See http://enable-cors.org/
origin_is_allowed = False
if 'HTTP_ORIGIN' in request.META:
# Make sure the given origin is allowed
if not self._origin_is_allowed(request.META['HTTP_ORIGIN']):
# If the origin is not allowed to make the request then we
# return an empty 200 response. This will make the cross
# origin request fail on the client side.
return response
origin_is_allowed = True
# If we had an 'Origin:' header with a valid origin and the request
# used the OPTIONS method, then we'll add the proper Access-Control
# headers to the response.
if origin_is_allowed and request.method == 'OPTIONS':
response['Access-Control-Allow-Origin'] = (
request.META['HTTP_ORIGIN']
)
response['Access-Control-Allow-Methods'] = (
",".join(CORS_SHARING_ALLOWED_METHODS)
)
response['Access-Control-Allow-Headers'] = (
",".join(CORS_SHARING_ALLOWED_HEADERS)
)
# Allows cross-origin cookie access
response['Access-Control-Allow-Credentials'] = 'true'
# Allow the client to cache the pre-flight response for up to a day
response['Access-Control-Max-Age'] = 86400
return response
if hasattr(self, request.method):
response = getattr(self, request.method)(request, *args, **kwargs)
# Explicitly type check here because type errors further
# down are harder to diagnose
if type(response) is None:
raise TypeError(
"{0} returned None, should have returned a response object".format(
request.method
)
)
# Use introspection to handle HEAD requests
elif request.method == 'HEAD' and hasattr(self, 'GET'):
response = self.GET(request, *args, **kwargs)
response.content = ""
else:
response = api_error(
"Resource does not support {0} for this method".format(
request.method
)
)
response.status_code = 405
# if supress_error_codes is set make all response codes 200
if "suppress_response_codes" in request.REQUEST:
response.status_code = 200
# If we are responding to a valid CORS request we must add the
# Access-Control-Allow-Origin header
if origin_is_allowed:
response['Access-Control-Allow-Origin'] = request.META['HTTP_ORIGIN']
response['Access-Control-Allow-Credentials'] = 'true'
# At this point if we have a json response and a param of format with the value of html
# Convert the response to an html response with the content in the body of the page
if request.REQUEST.get("format") == "html" and response['Content-Type'] == "application/json":
json_formatted = json.dumps(json.loads(response.content), indent=4)
response = django.http.HttpResponse("<html><body><pre>{0}</pre></body></html>".format(
json_formatted,
))
# Return the response
return response
def __call__(self, request, *args, **kwargs):
# Check if we're in read only mode
if (self.read_only is True
and request.method not in HTTP_READ_ONLY_METHODS):
return api_error("the API is in read only mode for maintenance")
if request.method == "PUT":
query_dict = django.http.QueryDict(request.body)
request.PUT = {k: v for k, v in query_dict.items()}
kwargs.update(request.PUT)
# Addd requests to kwargs
kwargs.update(request.REQUEST)
# Build our response object
response = django.http.HttpResponse()
# See if we have an 'Origin:' header in the request. If so, this is
# a CORS (cross-orgin resource sharing) request.
# See http://enable-cors.org/
origin_is_allowed = False
if 'HTTP_ORIGIN' in request.META:
# Make sure the given origin is allowed
if not self._origin_is_allowed(request.META['HTTP_ORIGIN']):
# If the origin is not allowed to make the request then we
# return an empty 200 response. This will make the cross
# origin request fail on the client side.
return response
origin_is_allowed = True
# If we had an 'Origin:' header with a valid origin and the request
# used the OPTIONS method, then we'll add the proper Access-Control
# headers to the response.
if origin_is_allowed and request.method == 'OPTIONS':
response['Access-Control-Allow-Origin'] = (
request.META['HTTP_ORIGIN'])
response['Access-Control-Allow-Methods'] = (
",".join(CORS_SHARING_ALLOWED_METHODS))
response['Access-Control-Allow-Headers'] = (
",".join(CORS_SHARING_ALLOWED_HEADERS))
# Allows cross-origin cookie access
response['Access-Control-Allow-Credentials'] = 'true'
# Allow the client to cache the pre-flight response for up to a day
response['Access-Control-Max-Age'] = 86400
return response
if hasattr(self, request.method):
response = getattr(self, request.method)(request, *args, **kwargs)
# Explicitly type check here because type errors further
# down are harder to diagnose
if type(response) is None:
raise TypeError(
"{0} returned None, should have returned a response object"
.format(request.method))
# Use introspection to handle HEAD requests
elif request.method == 'HEAD' and hasattr(self, 'GET'):
response = self.GET(request, *args, **kwargs)
response.content = ""
else:
response = api_error(
"Resource does not support {0} for this method".format(
request.method))
response.status_code = 405
# if supress_error_codes is set make all response codes 200
if "suppress_response_codes" in request.REQUEST:
response.status_code = 200
# If we are responding to a valid CORS request we must add the
# Access-Control-Allow-Origin header
if origin_is_allowed:
response['Access-Control-Allow-Origin'] = request.META[
'HTTP_ORIGIN']
response['Access-Control-Allow-Credentials'] = 'true'
return response
