def fail(status_code, message=None): """Raises an API error :param status_code: HTTP Response status code :param message: error message """ reason = [status_reasons.get(status_code), message] reason = filter(None, reason) reason = reason and " - ".join(reason) or "Unknown reason" japi.fail(status_code, reason)
def login(context, request): """ Login Route Login route to authenticate a user against Plone. """ # extract the data __ac_name = request.get("__ac_name", None) __ac_password = request.get("__ac_password", None) logger.info("*** LOGIN %s ***" % __ac_name) if __ac_name is None: api.fail(400, "__ac_name is missing") if __ac_password is None: api.fail(400, "__ac_password is missing") acl_users = api.get_tool("acl_users") # XXX hard coded acl_users.credentials_cookie_auth.login() # XXX amin user won't be logged in if I use this approach # acl_users.login() # response = request.response # acl_users.updateCredentials(request, response, __ac_name, __ac_password) if api.is_anonymous(): api.fail(401, "Invalid Credentials") # return the JSON in the same format like the user route return get(context, request, username=__ac_name)
def action(context, request, action=None, resource=None, uid=None): """Various HTTP POST actions Case 1: /<uid> -> Return the full object immediately in the root of the JSON API response <Senaite-Site>/@@API/senaite/v1/<uid> Case 2: /<action>/<uid> -> The actions (update, delete) will performed on the object identified by <uid> -> The actions (create) will use the <uid> as the parent folder <Senaite-Site>/@@API/senaite/v1/<action>/<uid> Case 3: <resource>/<action> -> The "target" object will be located by a location given in the request body (uid, path, parent_path + id) -> The actions (cut, copy, update, delete) will performed on the target object -> The actions (create) will use the target object as the container <Senaite-Site>/@@API/senaite/v1/<resource>/<action> Case 4: <resource>/<action>/<uid> -> The actions (cut, copy, update, delete) will performed on the object identified by <uid> -> The actions (create) will use the <uid> as the parent folder <Senaite-Site>/@@API/senaite/v1/<resource>/<action> """ # Fetch and call the action function of the API func_name = "{}_items".format(action) action_func = getattr(api, func_name, None) if action_func is None: api.fail(500, "API has no member named '{}'".format(func_name)) portal_type = api.resource_to_portal_type(resource) items = action_func(portal_type=portal_type, uid=uid) return { "count": len(items), "items": items, "url": api.url_for("senaite.jsonapi.v1.action", action=action), }
def action(context, request, action=None, resource=None, uid=None): """Various HTTP POST actions """ # allow to set the method via the header if action is None: action = request.get_header("HTTP_X_HTTP_METHOD_OVERRIDE", "CREATE").lower() # Fetch and call the action function of the API func_name = "{}_items".format(action) action_func = getattr(api, func_name, None) if action_func is None: api.fail(500, "API has no member named '{}'".format(func_name)) portal_type = api.resource_to_portal_type(resource) items = action_func(portal_type=portal_type, uid=uid) return { "count": len(items), "items": items, "url": api.url_for("senaite.jsonapi.v1.action", action=action), }