def post_bulk(self):
new, errors = [], []
for entry in self.payload.payloads:
if entry.type != self._view.plural:
raise exceptions.IncorrectParameter('data.type', self._view.plural, entry.type)
try:
new.append(self._view.create(entry._raw['data'], self.current_user))
except KeyError as e:
new.append(None)
# TODO take KeyError into account
errors.append(exceptions.MalformedData().serialize())
except (TypeError, ValueError):
new.append(None)
errors.append(exceptions.MalformedData().serialize())
except exceptions.JamException as e:
new.append(None)
errors.append(e.serialize())
else:
errors.append(None)
self.write({
'data': [self.serialize(n) for n in new],
'errors': errors
})
self.set_status(http.client.CREATED)
async def post(self):
try:
data = self.json['data']
except (TypeError, ValueError, KeyError):
raise exceptions.MalformedData()
if data.get('type') != 'users':
raise exceptions.IncorrectParameter('data.type', 'users', data.get('type', 'null'))
if not isinstance(data.get('attributes'), dict):
raise exceptions.InvalidParameterType('data.attributes', 'dict', type(data.get('type')))
try:
provider = driver.DriverManager(
namespace='jam.auth.providers',
name=data['attributes'].pop('provider'),
invoke_on_load=True,
).driver
except (KeyError, driver.NoMatches):
raise exceptions.BadRequest(detail='Unknown provider')
user = await provider.authenticate(self.current_user, data['attributes'])
self.write({'data': {
'id': user.uid,
'type': 'users',
'attributes': {
'id': user.id,
'type': user.type,
'provider': user.provider,
'token': user.token.decode(),
# 'refreshable': provider.refreshable, #TODO Implement refreshing
}
}})
def sanitize(data):
def keys(dict_obj):
for key, value in dict_obj.items():
yield key
if not isinstance(value, (tuple, list)):
value = [value]
for sub in value:
if isinstance(sub, dict):
yield from keys(sub)
for key in keys(data):
if '.' in key or key.startswith('$'):
raise exceptions.MalformedData()
def create(self, payload, user):
id = self.validate_id(str(bson.ObjectId()) if payload.get('id') is None else payload['id'])
creator = user.uid
if 'user' in self._collection.plugins and self._collection.plugin('user').created_is_owner:
creator = 'jam-{}:{}-{}'.format(self._namespace.ref, self._collection.ref, id)
if 'meta' in payload:
if (user.permissions & Permissions.ADMIN) != Permissions.ADMIN:
raise exceptions.Forbidden('ADMIN permission is request to alter metadata')
creator = payload['meta'].get('created-by', user.uid)
try:
return self._collection.create(id, payload['attributes'], creator)
except KeyError:
raise exceptions.MalformedData()
def create(self, payload, user):
id = self.validate_id(
str(bson.ObjectId()
) if payload.get('id') is None else payload['id'])
creator = user.uid
if 'meta' in payload:
if (user.permissions & Permissions.ADMIN) != Permissions.ADMIN:
raise exceptions.Forbidden(
'ADMIN permission is request to alter metadata')
creator = payload['meta'].get('created-by', user.uid)
try:
return self._collection.create(id, payload['attributes'], creator)
except KeyError:
raise exceptions.MalformedData()
def json(self):
try:
return json.loads(self.request.body.decode())
except ValueError:
raise exceptions.MalformedData()