From c56e48f52e26a81d7a9f81fd74b0ea46d5434a90 Mon Sep 17 00:00:00 2001 From: "tom christie tom@tomchristie.com" Date: Thu, 30 Dec 2010 23:29:01 +0000 Subject: [PATCH] Add parsers, form validation, etc... --- src/rest/emitters.py | 16 ++- src/rest/parsers.py | 8 +- src/rest/resource.py | 111 ++++++++++++++---- src/rest/templates/emitter.html | 39 ++++++ src/rest/templatetags/__init__.pyc | Bin 163 -> 171 bytes src/rest/templatetags/urlize_quoted_links.pyc | Bin 4515 -> 4539 bytes src/testapp/urls.py | 3 +- src/testapp/views.py | 12 +- 8 files changed, 155 insertions(+), 34 deletions(-) diff --git a/src/rest/emitters.py b/src/rest/emitters.py index ee8ca57f8..ce1267232 100644 --- a/src/rest/emitters.py +++ b/src/rest/emitters.py @@ -1,9 +1,10 @@ -from django.template import Context, loader +from django.template import RequestContext, loader from django.core.handlers.wsgi import STATUS_CODE_TEXT import json class BaseEmitter(object): - def __init__(self, resource, status, headers): + def __init__(self, resource, request, status, headers): + self.request = request self.resource = resource self.status = status self.headers = headers @@ -12,16 +13,23 @@ class BaseEmitter(object): return output class TemplatedEmitter(BaseEmitter): + template = None + def emit(self, output): content = json.dumps(output, indent=4) template = loader.get_template(self.template) - context = Context({ + context = RequestContext(self.request, { 'content': content, 'status': self.status, 'reason': STATUS_CODE_TEXT.get(self.status, ''), 'headers': self.headers, 'resource_name': self.resource.__class__.__name__, - 'resource_doc': self.resource.__doc__ + 'resource_doc': self.resource.__doc__, + 'create_form': self.resource.create_form and self.resource.create_form() or None, + 'update_form': self.resource.update_form and self.resource.update_form() or None, + 'allowed_methods': self.resource.allowed_methods, + 'request': self.request, + 'resource': self.resource, }) return template.render(context) diff --git a/src/rest/parsers.py b/src/rest/parsers.py index 038065f0d..0f9144713 100644 --- a/src/rest/parsers.py +++ b/src/rest/parsers.py @@ -1,3 +1,5 @@ +import json + class BaseParser(object): def __init__(self, resource, request): self.resource = resource @@ -8,11 +10,13 @@ class BaseParser(object): class JSONParser(BaseParser): - pass + def parse(self, input): + return json.loads(input) class XMLParser(BaseParser): pass class FormParser(BaseParser): - pass + def parse(self, input): + return self.request.POST diff --git a/src/rest/resource.py b/src/rest/resource.py index 4e9c4e053..e6b41e07b 100644 --- a/src/rest/resource.py +++ b/src/rest/resource.py @@ -1,17 +1,22 @@ from django.http import HttpResponse from django.core.urlresolvers import reverse -from rest import emitters, parsers +from django.core.handlers.wsgi import STATUS_CODE_TEXT +from rest import emitters, parsers, utils from decimal import Decimal +for (key, val) in STATUS_CODE_TEXT.items(): + locals()["STATUS_%d_%s" % (key, val.replace(' ', '_'))] = key + + +class ResourceException(Exception): + def __init__(self, status, content='', headers={}): + self.status = status + self.content = content + self.headers = headers + class Resource(object): - class HTTPException(Exception): - def __init__(self, status, content, headers): - self.status = status - self.content = content - self.headers = headers - allowed_methods = ('GET',) callmap = { 'GET': 'read', 'POST': 'create', @@ -27,6 +32,12 @@ class Resource(object): 'application/xml': parsers.XMLParser, 'application/x-www-form-urlencoded': parsers.FormParser } + create_form = None + update_form = None + + METHOD_PARAM = '_method' + ACCEPT_PARAM = '_accept' + def __new__(cls, request, *args, **kwargs): self = object.__new__(cls) @@ -34,15 +45,40 @@ class Resource(object): self._request = request return self._handle_request(request, *args, **kwargs) + def __init__(self): pass + + def _determine_method(self, request): + """Determine the HTTP method that this request should be treated as, + allowing for PUT and DELETE tunneling via the _method parameter.""" + method = request.method + + if method == 'POST' and request.POST.has_key(self.METHOD_PARAM): + method = request.POST[self.METHOD_PARAM].upper() + + return method + + + def _check_method_allowed(self, method): + if not method in self.allowed_methods: + raise ResourceException(STATUS_405_METHOD_NOT_ALLOWED, + {'detail': 'Method \'%s\' not allowed on this resource.' % method}) + + if not method in self.callmap.keys(): + raise ResourceException(STATUS_501_NOT_IMPLEMENTED, + {'detail': 'Unknown or unsupported method \'%s\'' % method}) + + def _determine_parser(self, request): """Return the appropriate parser for the input, given the client's 'Content-Type' header, and the content types that this Resource knows how to parse.""" - return self.parsers.values()[0] - - # TODO: Raise 415 Unsupported media type + try: + return self.parsers[request.META['CONTENT_TYPE']] + except: + raise ResourceException(STATUS_415_UNSUPPORTED_MEDIA_TYPE, + {'detail': 'Unsupported media type'}) def _determine_emitter(self, request): """Return the appropriate emitter for the output, given the client's 'Accept' header, @@ -90,16 +126,40 @@ class Resource(object): (accept_mimetype == mimetype)): return (mimetype, emitter) - raise self.HTTPException(406, {'status': 'Not Acceptable', - 'accepts': ','.join(item[0] for item in self.emitters)}, {}) + raise ResourceException(STATUS_406_NOT_ACCEPTABLE, + {'detail': 'Could not statisfy the client\'s accepted content type', + 'accepted_types': [item[0] for item in self.emitters]}) + + + def _validate_data(self, method, data): + """If there is an appropriate form to deal with this operation, + then validate the data and return the resulting dictionary. + """ + if method == 'PUT' and self.update_form: + form = self.update_form(data) + elif method == 'POST' and self.create_form: + form = self.create_form(data) + else: + return data + + if not form.is_valid(): + raise ResourceException(STATUS_400_BAD_REQUEST, + {'detail': dict((k, map(unicode, v)) + for (k,v) in form.errors.iteritems())}) + + return form.cleaned_data def _handle_request(self, request, *args, **kwargs): - method = request.method + + # Hack to ensure PUT requests get the same form treatment as POST requests + utils.coerce_put_post(request) + + # Get the request method, allowing for PUT and DELETE tunneling + method = self._determine_method(request) try: - if not method in self.allowed_methods: - raise self.HTTPException(405, {'status': 'Method Not Allowed'}, {}) + self._check_method_allowed(method) # Parse the HTTP Request content func = getattr(self, self.callmap.get(method, '')) @@ -107,11 +167,12 @@ class Resource(object): if method in ('PUT', 'POST'): parser = self._determine_parser(request) data = parser(self, request).parse(request.raw_post_data) + data = self._validate_data(method, data) (status, ret, headers) = func(data, request.META, *args, **kwargs) - + else: (status, ret, headers) = func(request.META, *args, **kwargs) - except self.HTTPException, exc: + except ResourceException, exc: (status, ret, headers) = (exc.status, exc.content, exc.headers) headers['Allow'] = ', '.join(self.allowed_methods) @@ -119,11 +180,11 @@ class Resource(object): # Serialize the HTTP Response content try: mimetype, emitter = self._determine_emitter(request) - except self.HTTPException, exc: + except ResourceException, exc: (status, ret, headers) = (exc.status, exc.content, exc.headers) mimetype, emitter = self.emitters[0] - content = emitter(self, status, headers).emit(ret) + content = emitter(self, request, status, headers).emit(ret) # Build the HTTP Response resp = HttpResponse(content, mimetype=mimetype, status=status) @@ -134,20 +195,20 @@ class Resource(object): def _not_implemented(self, operation): resource_name = self.__class__.__name__ - return (500, {'status': 'Internal Server Error', - 'detail': '%s %s operation is permitted but has not been implemented' % (resource_name, operation)}, {}) + raise ResourceException(STATUS_500_INTERNAL_SERVER_ERROR, + {'detail': '%s operation on this resource has not been implemented' % (operation, )}) def read(self, headers={}, *args, **kwargs): - return self._not_implemented('read') + self._not_implemented('read') def create(self, data=None, headers={}, *args, **kwargs): - return self._not_implemented('create') + self._not_implemented('create') def update(self, data=None, headers={}, *args, **kwargs): - return self._not_implemented('update') + self._not_implemented('update') def delete(self, headers={}, *args, **kwargs): - return self._not_implemented('delete') + self._not_implemented('delete') def reverse(self, view, *args, **kwargs): """Return a fully qualified URI for a view, using the current request as the base URI. diff --git a/src/rest/templates/emitter.html b/src/rest/templates/emitter.html index c8ddc16df..f5d0df080 100644 --- a/src/rest/templates/emitter.html +++ b/src/rest/templates/emitter.html @@ -5,6 +5,7 @@ @@ -14,5 +15,43 @@ {% for key, val in headers.items %}{{ key }}: {{ val }} {% endfor %} {{ content|urlize_quoted_links }}{% endautoescape %} + +{% if 'GET' in allowed_methods %} +
+ Read +
+{% endif %} + +{% if 'POST' in resource.allowed_methods %} +
+
+ {% csrf_token %} + {{ create_form.as_p }} + +
+
+{% endif %} + +{% if 'PUT' in resource.allowed_methods %} +
+
+ + {% csrf_token %} + {{ create_form.as_p }} + +
+
+{% endif %} + +{% if 'DELETE' in resource.allowed_methods %} +
+
+ {% csrf_token %} + + +
+
+{% endif %} + \ No newline at end of file diff --git a/src/rest/templatetags/__init__.pyc b/src/rest/templatetags/__init__.pyc index 69527f63db4bb8a1a773f526ee26c45266f761f4..9daf8783f59b5dd51da386a34478c0670ee581e9 100644 GIT binary patch delta 42 ycmZ3?xSEme;wN4%$tx4t%q2n?7#Q?Ji&Kk=^-J<|lQW7ki%T+7^~)#vh5-O2V-8IK delta 34 qcmZ3@xR{ac;wN6N%k>l4%msWH7#Q?Ji&Kk=^-J<|^}{EIh5-P@Ukfh) diff --git a/src/rest/templatetags/urlize_quoted_links.pyc b/src/rest/templatetags/urlize_quoted_links.pyc index b49e16b67ab6eb018194b20a1a86719fba7b5a09..37e480ac4c2a4e24e2305c157146c473572a54d8 100644 GIT binary patch delta 116 zcmZ3iyjz*=;wN4%$txS#e7Ggz85kJ!LyJ?3iuFtKbCWZQGK)(xQ}xRyd+_;8P7q|> VyqUX|38$*f9(;Rn%RHCZPZT delta 88 zcmdn3yjYp-;wN6N$=w^-e7FU|85kJ!LyJ?3iuFtKbM?a~>j(yJ-p$?0giXe0^Af%S HtTO!o(iIyk diff --git a/src/testapp/urls.py b/src/testapp/urls.py index a7d430bc3..9cebd4ce3 100644 --- a/src/testapp/urls.py +++ b/src/testapp/urls.py @@ -3,5 +3,6 @@ from django.conf.urls.defaults import patterns urlpatterns = patterns('testapp.views', (r'^$', 'RootResource'), (r'^read-only$', 'ReadOnlyResource'), - (r'^mirroring-write$', 'MirroringWriteResource'), + (r'^write-only$', 'MirroringWriteResource'), + (r'^read-write$', 'ReadWriteResource'), ) diff --git a/src/testapp/views.py b/src/testapp/views.py index eca4c0ae8..3bd610ffd 100644 --- a/src/testapp/views.py +++ b/src/testapp/views.py @@ -1,5 +1,6 @@ from rest.resource import Resource - +from testapp.forms import ExampleForm + class RootResource(Resource): """This is my docstring """ @@ -7,7 +8,8 @@ class RootResource(Resource): def read(self, headers={}, *args, **kwargs): return (200, {'read-only-api': self.reverse(ReadOnlyResource), - 'write-only-api': self.reverse(MirroringWriteResource)}, {}) + 'write-only-api': self.reverse(MirroringWriteResource), + 'read-write-api': self.reverse(ReadWriteResource)}, {}) class ReadOnlyResource(Resource): @@ -28,3 +30,9 @@ class MirroringWriteResource(Resource): def create(self, data, headers={}, *args, **kwargs): return (200, data, {}) + + +class ReadWriteResource(Resource): + allowed_methods = ('GET', 'PUT', 'DELETE') + create_form = ExampleForm + update_form = ExampleForm