0002-api-expose-role-slugs-7180.patch
help/fr/api-schema.page | ||
---|---|---|
100 | 100 |
<title>Rôles</title> |
101 | 101 | |
102 | 102 |
<p> |
103 |
La liste des rôles est disponible à l'URL <code>/roles</code>. |
|
103 |
La liste des rôles est disponible à l'URL <code>/api/roles</code>.
|
|
104 | 104 |
</p> |
105 | 105 | |
106 | 106 |
<screen> |
107 | 107 |
<output style="prompt">$ </output><input>curl -H "Accept: application/json" \ |
108 |
https://www.example.net/roles</input> |
|
108 |
https://www.example.net/api/roles</input>
|
|
109 | 109 |
<output> |
110 | 110 |
{"data": |
111 | 111 |
[ |
112 | 112 |
{"id": 1, |
113 |
"text": "Gestionnaires formulaires"}, |
|
113 |
"text": "Gestionnaires formulaires", |
|
114 |
"slug": "gestionnaires-formulaires"}, |
|
114 | 115 |
{"id": 2, |
115 |
"text": "Usagers privilégiés"} |
|
116 |
"text": "Usagers privilégiés", |
|
117 |
"slug": "usagers-privilegies"} |
|
116 | 118 |
] |
117 | 119 |
} |
118 | 120 |
</output> |
tests/test_api.py | ||
---|---|---|
377 | 377 |
assert len(resp.json) == 20 |
378 | 378 |
resp = get_app(pub).get(sign_uri('/api/forms/test/list?filter=all', user=local_user)) |
379 | 379 |
assert len(resp.json) == 30 |
380 | ||
381 |
def test_roles(local_user): |
|
382 |
Role.wipe() |
|
383 |
role = Role(name='Hello World') |
|
384 |
role.store() |
|
385 | ||
386 |
resp = get_app(pub).get(sign_uri('/api/roles', user=local_user), headers={'Accept': 'application/json'}) |
|
387 |
assert resp.json['data'][0]['text'] == 'Hello World' |
|
388 |
assert resp.json['data'][0]['slug'] == 'hello-world' |
|
389 | ||
390 |
# also check old endpoint, for compatibility |
|
391 |
resp = get_app(pub).get(sign_uri('/roles', user=local_user), headers={'Accept': 'application/json'}) |
|
392 |
assert resp.json['data'][0]['text'] == 'Hello World' |
|
393 |
assert resp.json['data'][0]['slug'] == 'hello-world' |
wcs/api.py | ||
---|---|---|
17 | 17 |
import base64 |
18 | 18 |
import hmac |
19 | 19 |
import hashlib |
20 |
import json |
|
20 | 21 |
import datetime |
21 | 22 |
import urllib |
22 | 23 |
import urllib2 |
... | ... | |
28 | 29 |
from qommon.errors import AccessForbiddenError, QueryError, TraversalError |
29 | 30 | |
30 | 31 |
from wcs.formdef import FormDef |
32 |
from wcs.roles import Role |
|
31 | 33 | |
32 | 34 | |
33 | 35 |
def get_user_from_api_query_string(): |
... | ... | |
152 | 154 | |
153 | 155 | |
154 | 156 |
class ApiDirectory(Directory): |
155 |
_q_exports = ['forms', ('reverse-geocoding', 'reverse_geocoding')] |
|
157 |
_q_exports = ['forms', 'roles', ('reverse-geocoding', 'reverse_geocoding')]
|
|
156 | 158 | |
157 | 159 |
forms = ApiFormsDirectory() |
158 | 160 | |
... | ... | |
168 | 170 |
get_response().set_content_type('application/json') |
169 | 171 |
return urllib2.urlopen('%s/reverse?format=json&zoom=18&addressdetails=1&lat=%s&lon=%s' % ( |
170 | 172 |
nominatim_url, lat, lon)).read() |
173 | ||
174 |
def roles(self): |
|
175 |
get_response().set_content_type('application/json') |
|
176 |
if not (get_request().user and get_request().user.can_go_in_admin()) and \ |
|
177 |
not get_user_from_api_query_string(): |
|
178 |
raise errors.AccessForbiddenError() |
|
179 |
list_roles = [] |
|
180 |
charset = get_publisher().site_charset |
|
181 |
for role in Role.select(): |
|
182 |
list_roles.append({'text': unicode(role.name, charset), |
|
183 |
'allows_backoffice_access': role.allows_backoffice_access, |
|
184 |
'slug': role.slug, |
|
185 |
'id': role.id}) |
|
186 |
get_response().set_content_type('application/json') |
|
187 |
return json.dumps({'data': list_roles}) |
wcs/root.py | ||
---|---|---|
301 | 301 |
return json.dumps(user_info) |
302 | 302 | |
303 | 303 |
def roles(self): |
304 |
# endpoint for backward compatibility, new code should call /api/roles |
|
304 | 305 |
if not get_request().is_json(): |
305 | 306 |
return redirect('/') |
306 |
get_response().set_content_type('application/json') |
|
307 |
if not (get_request().user and get_request().user.can_go_in_admin()) and \ |
|
308 |
not get_user_from_api_query_string(): |
|
309 |
raise errors.AccessForbiddenError() |
|
310 |
list_roles = [] |
|
311 |
charset = get_publisher().site_charset |
|
312 |
for role in Role.select(): |
|
313 |
list_roles.append({'text': unicode(role.name, charset), |
|
314 |
'allows_backoffice_access': role.allows_backoffice_access, |
|
315 |
'id': role.id}) |
|
316 |
get_response().set_content_type('application/json') |
|
317 |
return json.dumps({'data': list_roles}) |
|
307 |
return self.api.roles() |
|
318 | 308 | |
319 | 309 |
def tmp_upload(self): |
320 | 310 |
results = [] |
321 |
- |