105
98
# TODO: Check Content-Type and implement multipart/form-data.
107
100
opargs = dict(cgi.parse_qsl(data, keep_blank_values=1))
108
outjson = self._named_operation(req, opargs)
102
opname = opargs['ivle.op']
103
del opargs['ivle.op']
105
raise BadRequest('No named operation specified.')
108
op = getattr(self, opname)
109
except AttributeError:
110
raise BadRequest('Invalid named operation.')
112
if not hasattr(op, '_rest_api_callable') or \
113
not op._rest_api_callable:
114
raise BadRequest('Invalid named operation.')
116
self.authorize_method(req, op)
118
# Find any missing arguments, except for the first two (self, req)
119
(args, vaargs, varkw, defaults) = inspect.getargspec(op)
122
# To find missing arguments, we eliminate the provided arguments
123
# from the set of remaining function signature arguments. If the
124
# remaining signature arguments are in the args[-len(defaults):],
126
unspec = set(args) - set(opargs.keys())
127
if unspec and not defaults:
128
raise BadRequest('Missing arguments: ' + ', '.join(unspec))
130
unspec = [k for k in unspec if k not in args[-len(defaults):]]
133
raise BadRequest('Missing arguments: ' + ', '.join(unspec))
135
# We have extra arguments if the are no match args in the function
136
# signature, AND there is no **.
137
extra = set(opargs.keys()) - set(args)
138
if extra and not varkw:
139
raise BadRequest('Extra arguments: ' + ', '.join(extra))
141
outjson = op(req, **opargs)
110
143
req.content_type = self.content_type
111
self.write_json(req, outjson)
113
#This is a separate function to allow additional data to be passed through
114
def write_json(self, req, outjson):
115
144
if outjson is not None:
116
145
req.write(cjson.encode(outjson))
119
def _named_operation(self, req, opargs, readonly=False):
121
opname = opargs['ivle.op']
122
del opargs['ivle.op']
124
raise BadRequest('No named operation specified.')
127
op = getattr(self, opname)
128
except AttributeError:
129
raise BadRequest('Invalid named operation.')
131
if not hasattr(op, '_rest_api_callable') or \
132
not op._rest_api_callable:
133
raise BadRequest('Invalid named operation.')
135
if readonly and op._rest_api_write_operation:
136
raise BadRequest('POST required for write operation.')
138
self.authorize_method(req, op)
140
# Find any missing arguments, except for the first two (self, req)
141
(args, vaargs, varkw, defaults) = inspect.getargspec(op)
144
# To find missing arguments, we eliminate the provided arguments
145
# from the set of remaining function signature arguments. If the
146
# remaining signature arguments are in the args[-len(defaults):],
148
unspec = set(args) - set(opargs.keys())
149
if unspec and not defaults:
150
raise BadRequest('Missing arguments: ' + ', '.join(unspec))
152
unspec = [k for k in unspec if k not in args[-len(defaults):]]
155
raise BadRequest('Missing arguments: ' + ', '.join(unspec))
157
# We have extra arguments if the are no match args in the function
158
# signature, AND there is no **.
159
extra = set(opargs.keys()) - set(args)
160
if extra and not varkw:
161
raise BadRequest('Extra arguments: ' + ', '.join(extra))
163
return op(req, **opargs)
166
class XHTMLRESTView(GenshiLoaderMixin, JSONRESTView):
167
"""A special type of RESTView which takes enhances the standard JSON
168
with genshi XHTML functions.
170
XHTMLRESTViews should have a template, which is rendered using their
171
context. This is returned in the JSON as 'html'"""
173
ctx = genshi.template.Context()
175
def render_fragment(self):
176
if self.template is None:
177
raise NotImplementedError()
179
rest_template = os.path.join(os.path.dirname(
180
inspect.getmodule(self).__file__), self.template)
181
tmpl = self._loader.load(rest_template)
183
return tmpl.generate(self.ctx).render('xhtml', doctype='xhtml')
185
# This renders the template and adds it to the json
186
def write_json(self, req, outjson):
187
outjson["html"] = self.render_fragment()
188
req.write(cjson.encode(outjson))
191
class _named_operation(object):
148
class named_operation(object):
192
149
'''Declare a function to be accessible to HTTP users via the REST API.
194
def __init__(self, write_operation, permission):
195
self.write_operation = write_operation
151
def __init__(self, permission):
196
152
self.permission = permission
198
154
def __call__(self, func):
199
155
func._rest_api_callable = True
200
func._rest_api_write_operation = self.write_operation
201
156
func._rest_api_permission = self.permission
204
write_operation = functools.partial(_named_operation, True)
205
read_operation = functools.partial(_named_operation, False)
207
159
class require_permission(object):
208
160
'''Declare the permission required for use of a method via the REST API.