aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--requirements.txt1
-rw-r--r--src/web/views/api/v3/__init__.py4
-rw-r--r--src/web/views/api/v3/article.py21
-rw-r--r--src/web/views/api/v3/common.py51
-rw-r--r--src/web/views/api/v3/feed.py30
5 files changed, 74 insertions, 33 deletions
diff --git a/requirements.txt b/requirements.txt
index b63daf74..f4cc2bc2 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -14,6 +14,7 @@ Flask-Login
Flask-Principal
Flask-WTF
Flask-RESTful
+Flask-Restless
Flask-Babel
Flask-SSLify
Flask-Migrate
diff --git a/src/web/views/api/v3/__init__.py b/src/web/views/api/v3/__init__.py
index 76aa1f19..04dd28ad 100644
--- a/src/web/views/api/v3/__init__.py
+++ b/src/web/views/api/v3/__init__.py
@@ -1,3 +1,3 @@
-from web.views.api.v3 import article
+from web.views.api.v3 import article, feed
-__all__ = ['article']
+__all__ = ['article', 'feed']
diff --git a/src/web/views/api/v3/article.py b/src/web/views/api/v3/article.py
index ebd15d24..1f6e757a 100644
--- a/src/web/views/api/v3/article.py
+++ b/src/web/views/api/v3/article.py
@@ -1,14 +1,29 @@
+from flask.ext.login import current_user
from web import models
from bootstrap import application, manager
+from web.controllers import ArticleController
+from web.views.api.v3.common import AbstractProcessor
from web.views.api.v3.common import url_prefix, auth_func
-from web.views.api.v3.common import get_single_preprocessor, get_many_preprocessor
+class ArticleProcessor(AbstractProcessor):
+ def get_single_preprocessor(self, instance_id=None, **kw):
+ # Check if the user is authorized to modify the specified
+ # instance of the model.
+ contr = ArticleController(current_user.id)
+ article = contr.get(id=instance_id)
+ if not self.is_authorized_to_modify(current_user, article):
+ raise ProcessingException(description='Not Authorized', code=401)
+
+
+article_processor = ArticleProcessor()
blueprint_article = manager.create_api_blueprint(models.Article,
url_prefix=url_prefix,
methods=['GET', 'POST', 'PUT', 'DELETE'],
- preprocessors=dict(GET_SINGLE=[auth_func, get_single_preprocessor],
- GET_MANY=[auth_func, get_many_preprocessor],
+ preprocessors=dict(GET_SINGLE=[auth_func,
+ article_processor.get_single_preprocessor],
+ GET_MANY=[auth_func,
+ article_processor.get_many_preprocessor],
PUT_SINGLE=[auth_func],
POST=[auth_func],
DELETE=[auth_func]))
diff --git a/src/web/views/api/v3/common.py b/src/web/views/api/v3/common.py
index 1d546b64..4234a91a 100644
--- a/src/web/views/api/v3/common.py
+++ b/src/web/views/api/v3/common.py
@@ -5,13 +5,8 @@ from werkzeug.exceptions import NotFound
from web.controllers import ArticleController, UserController
from web.views.common import login_user_bundle
-
url_prefix = '/api/v3'
-
-def is_authorized_to_modify(user, obj):
- return user.id == obj.user_id
-
def auth_func(*args, **kw):
if request.authorization:
ucontr = UserController()
@@ -29,26 +24,26 @@ def auth_func(*args, **kw):
if not current_user.is_authenticated:
raise ProcessingException(description='Not authenticated!', code=401)
-def get_single_preprocessor(instance_id=None, **kw):
- # Check if the user is authorized to modify the specified
- # instance of the model.
- contr = ArticleController(current_user.id)
- article = contr.get(id=instance_id)
- if not is_authorized_to_modify(current_user, article):
- raise ProcessingException(description='Not Authorized',
- code=401)
-
-def get_many_preprocessor(search_params=None, **kw):
- """Accepts a single argument, `search_params`, which is a dictionary
- containing the search parameters for the request.
-
- """
- filt = dict(name="user_id",
- op="eq",
- val=current_user.id)
-
- # Check if there are any filters there already.
- if "filters" not in search_params:
- search_params["filters"] = []
-
- search_params["filters"].append(filt)
+class AbstractProcessor():
+
+ def is_authorized_to_modify(self, user, obj):
+ return user.id == obj.user_id
+
+ def get_single_preprocessor(self, instance_id=None, **kw):
+ # Check if the user is authorized to modify the specified
+ # instance of the model.
+ pass
+
+ def get_many_preprocessor(self, search_params=None, **kw):
+ """Accepts a single argument, `search_params`, which is a dictionary
+ containing the search parameters for the request.
+ """
+ filt = dict(name="user_id",
+ op="eq",
+ val=current_user.id)
+
+ # Check if there are any filters there already.
+ if "filters" not in search_params:
+ search_params["filters"] = []
+
+ search_params["filters"].append(filt)
diff --git a/src/web/views/api/v3/feed.py b/src/web/views/api/v3/feed.py
new file mode 100644
index 00000000..ef1b415f
--- /dev/null
+++ b/src/web/views/api/v3/feed.py
@@ -0,0 +1,30 @@
+from flask.ext.login import current_user
+from web import models
+from bootstrap import application, manager
+from web.controllers import FeedController
+from web.views.api.v3.common import AbstractProcessor
+from web.views.api.v3.common import url_prefix, auth_func
+
+class FeedProcessor(AbstractProcessor):
+ def get_single_preprocessor(self, instance_id=None, **kw):
+ # Check if the user is authorized to modify the specified
+ # instance of the model.
+ contr = FeedController(current_user.id)
+ feed = contr.get(id=instance_id)
+ if not self.is_authorized_to_modify(current_user, feed):
+ raise ProcessingException(description='Not Authorized', code=401)
+
+
+feed_processor = FeedProcessor()
+
+blueprint_feed = manager.create_api_blueprint(models.Feed,
+ url_prefix=url_prefix,
+ methods=['GET', 'POST', 'PUT', 'DELETE'],
+ preprocessors=dict(GET_SINGLE=[auth_func,
+ feed_processor.get_single_preprocessor],
+ GET_MANY=[auth_func,
+ feed_processor.get_many_preprocessor],
+ PUT_SINGLE=[auth_func],
+ POST=[auth_func],
+ DELETE=[auth_func]))
+application.register_blueprint(blueprint_feed)
bgstack15