def copy_items(portal_type=None, uid=None, endpoint=None, **kw):
""" copy items
"""
# disable CSRF
req.disable_csrf_protection()
# try to find the requested objects
objects = find_objects(uid=uid)
# No objects could be found, bail out
if not objects:
fail(404, "No Objects could be found")
# We support only to copy a single object
if len(objects) > 1:
fail(400, "Can only copy one object at a time")
# We don't want to copy the portal object
if filter(lambda o: is_root(o), objects):
fail(400, "Can not copy the portal object")
# cut the object
obj = objects[0]
request = req.getRequest()
obj.aq_parent.manage_copyObjects(obj.getId(), REQUEST=request)
request.response.setHeader("Content-Type", "application/json")
info = IInfo(obj)()
return [info]
def update_sharing_for(brain_or_object, sharing):
"""Perform a sharing update
:param brain_or_object: A single catalog brain or content object
:type brain_or_object: ATContentType/DexterityContentType/CatalogBrain
:param sharing: The sharing dictionary as returned from the API
:type sharing: dict
:returns: change status
:rtype: boolean
"""
obj = get_object(brain_or_object)
view = get_sharing_view_for(obj)
# 1. Update inherit settings for this object
inherit = sharing.get("inherit", _marker)
if inherit is not _marker:
view.update_inherit(inherit)
def fix_role_settings(settings):
# transform the roles to be compatible with the sharing views API
roles = settings.get("roles", {})
settings["roles"] = [k for (k, v) in roles.items() if v]
return settings
# 2. Prepare data for the sharing view API
role_settings = sharing.get("role_settings", [])
settings = map(fix_role_settings, role_settings)
# disable CSRF
req.disable_csrf_protection()
# 3. Update sharing settings
return view.update_role_settings(settings)
def delete_items(portal_type=None, uid=None, endpoint=None, **kw):
""" delete items
1. If the uid is given, we can ignore the request body and delete the
object with the given uid (if the uid was valid).
2. If no uid is given, the user wants to delete more than one item.
=> go through each item and extract the uid. Delete it afterwards.
// we should do this kind of transaction base. So if we can not get an
// object for an uid, no item will be deleted.
3. we could check if the portal_type matches, just to be sure the user
wants to delete the right content.
"""
# disable CSRF
req.disable_csrf_protection()
# try to find the requested objects
objects = find_objects(uid=uid)
# We don't want to delete the portal object
if filter(lambda o: is_root(o), objects):
fail(400, "Can not delete the portal object")
results = []
for obj in objects:
info = IInfo(obj)()
info["deleted"] = delete_object(obj)
results.append(info)
if not results:
fail(404, "No Objects could be found")
return results
def update_sharing_for(brain_or_object, sharing):
"""Perform a sharing update
:param brain_or_object: A single catalog brain or content object
:type brain_or_object: ATContentType/DexterityContentType/CatalogBrain
:param sharing: The sharing dictionary as returned from the API
:type sharing: dict
:returns: change status
:rtype: boolean
"""
obj = get_object(brain_or_object)
view = get_sharing_view_for(obj)
# 1. Update inherit settings for this object
inherit = sharing.get("inherit", _marker)
if inherit is not _marker:
view.update_inherit(inherit)
def fix_role_settings(settings):
# transform the roles to be compatible with the sharing views API
roles = settings.get("roles", {})
settings["roles"] = [k for (k, v) in roles.items() if v]
return settings
# 2. Prepare data for the sharing view API
role_settings = sharing.get("role_settings", [])
settings = map(fix_role_settings, role_settings)
# disable CSRF
req.disable_csrf_protection()
# 3. Update sharing settings
return view.update_role_settings(settings)
def create_items(portal_type=None, uid=None, endpoint=None, **kw):
""" create items
1. If the uid is given, get the object and create the content in there
(assumed that it is folderish)
2. If the uid is 0, the target folder is assumed the portal.
3. If there is no uid given, the payload is checked for either a key
- `parent_uid` specifies the *uid* of the target folder
- `parent_path` specifies the *physical path* of the target folder
"""
# disable CSRF
req.disable_csrf_protection()
# destination where to create the content
container = uid and get_object_by_uid(uid) or None
# extract the data from the request
records = req.get_request_data()
results = []
for record in records:
if container is None:
# find the container for content creation
container = find_target_container(record)
if portal_type is None:
# try to fetch the portal type out of the request data
portal_type = record.pop("portal_type", None)
# Check if we have a container and a portal_type
if not all([container, portal_type]):
fail(400, "Please provide a container path/uid and portal_type")
# create the object and pass in the record data
obj = create_object(container, portal_type, **record)
results.append(obj)
if not results:
fail(400, "No Objects could be created")
return make_items_for(results, endpoint=endpoint)
def update_items(portal_type=None, uid=None, endpoint=None, **kw):
""" update items
1. If the uid is given, the user wants to update the object with the data
given in request body
2. If no uid is given, the user wants to update a bunch of objects.
-> each record contains either an UID, path or parent_path + id
"""
# disable CSRF
req.disable_csrf_protection()
# the data to update
records = req.get_request_data()
# we have an uid -> try to get an object for it
obj = get_object_by_uid(uid)
if obj:
record = records[0] # ignore other records if we got an uid
obj = update_object_with_data(obj, record)
return make_items_for([obj], endpoint=endpoint)
# no uid -> go through the record items
results = []
for record in records:
obj = get_object_by_record(record)
# no object found for this record
if obj is None:
continue
# update the object with the given record data
obj = update_object_with_data(obj, record)
results.append(obj)
if not results:
fail(400, "No Objects could be updated")
return make_items_for(results, endpoint=endpoint)
def paste_items(portal_type=None, uid=None, endpoint=None, **kw):
""" paste items
"""
# disable CSRF
req.disable_csrf_protection()
# try to find the requested objects
objects = find_objects(uid=uid)
# No objects could be found, bail out
if not objects:
fail(404, "No Objects could be found")
# check if the cookie is there
cookie = req.get_cookie("__cp")
if cookie is None:
fail(400, "No data found to paste")
# We support only to copy a single object
if len(objects) > 1:
fail(400, "Can only paste to one location")
# cut the object
obj = objects[0]
# paste the object
results = obj.manage_pasteObjects(cookie)
out = []
for result in results:
new_id = result.get("new_id")
pasted = obj.get(new_id)
if pasted:
out.append(IInfo(pasted)())
return out