Merge pull request #2 from zhangchunlin/master

TommyLemon · web-flow · commit 78c6b532f4e1 · 2018-12-19T09:35:24.000+08:00
add post support in apijson;add APIJSON_MODELS and APIJSON_REQUESTS f…
diff --git a/demo/apps/apijson_demo/models.py b/demo/apps/apijson_demo/models.py
@@ -14,6 +14,7 @@ class Moment(Model):
     user_id = Reference("user")
     date = Field(datetime.datetime, auto_now_add=True)
     content = Field(TEXT)
+    picture_list = Field(JSON, default=[])
 
 class Comment(Model):
     user_id = Reference("user")
diff --git a/demo/apps/apijson_demo/settings.ini b/demo/apps/apijson_demo/settings.ini
@@ -2,3 +2,23 @@
 privacy = 'apijson_demo.models.Privacy'
 comment = 'apijson_demo.models.Comment'
 moment = 'apijson_demo.models.Moment'
+
+[APIJSON_MODELS]
+moment = {
+    "user_id_field" : "user_id",
+    "rbac_get" : {
+        "roles" : ["OWNER"]
+    },
+    "rbac_post" : {
+        "roles" : ["OWNER"]
+    }
+}
+
+[APIJSON_REQUESTS]
+moment = {
+     "moment": {
+         "ADD" :{"@role": ["OWNER"]},
+         "DISALLOW" : ["id"],
+         "NECESSARY" : ["content"]
+     }
+}
diff --git a/demo/apps/apijson_demo/templates/index.html b/demo/apps/apijson_demo/templates/index.html
@@ -82,7 +82,7 @@
                 url: vm.tab2url[vm.tab_current],
                 data: vm.request_data,
                 success: function (data) {
-                    vm.response_data = JSON.stringify(data,null,2)
+                    vm.response_data = JSON.stringify(data,null,4)
                     vm.can_post = false
                 }
             })
diff --git a/demo/apps/apijson_demo/views.py b/demo/apps/apijson_demo/views.py
@@ -49,15 +49,15 @@ def index():
 
     request_post = [
         {
-            "label":"Add record",
+            "label":"Add new moment",
             "value":'''{
-    "Moment": {
+    "moment": {
         "content": "new moment for test",
-        "pictureList": [
+        "picture_list": [
             "http://static.oschina.net/uploads/user/48/96331_50.jpg"
         ]
     },
-    "tag": "Moment"
+    "@tag": "moment"
 }''',
         },
     ]
diff --git a/uliweb_apijson/apijson/views.py b/uliweb_apijson/apijson/views.py
@@ -253,4 +253,62 @@ def _filter_owner(self,model,model_setting,q):
         return owner_filtered,q
 
     def post(self):
+        tag = self.request_data.get("@tag")
+        for key in self.request_data:
+            if key[0]!="@":
+                rsp = self._post_one(key,tag)
+                if rsp:
+                    return rsp
+                else:
+                    #only accept one table
+                    return json(self.rdict)
         return json(self.rdict)
+
+    def _post_one(self,key,tag):
+        tag = tag or key
+        modelname = key
+        params = self.request_data[key]
+
+        try:
+            model = getattr(models,modelname)
+            model_setting = settings.APIJSON_MODELS.get(modelname,{})
+            request_setting_tag = settings.APIJSON_REQUESTS.get(tag,{})
+            user_id_field = model_setting.get("user_id_field")
+        except ModelNotFound as e:
+            log.error("try to find model '%s' but not found: '%s'"%(modelname,e))
+            return json({"code":400,"msg":"model '%s' not found"%(modelname)})
+        
+
+        request_setting = request_setting_tag.get(modelname,{})
+        ADD = request_setting.get("ADD")
+        permission_check_ok = False
+        if ADD:
+            _role = ADD.get("@role")
+            if _role:
+                for r in _role:
+                    if r == "OWNER":
+                        if request.user:
+                            permission_check_ok = True
+                        if user_id_field:
+                            params[user_id_field] = request.user.id
+        if not permission_check_ok:
+            return json({"code":400,"msg":"no permission"})
+
+        DISALLOW = request_setting.get("DISALLOW")
+        if DISALLOW:
+            for field in DISALLOW:
+                if field in params:
+                    log.error("request '%s' disallow '%s'"%(tag,field))
+                    return json({"code":400,"msg":"request '%s' disallow '%s'"%(tag,field)})
+
+        obj = model(**params)
+        ret = obj.save()
+        obj_dict = obj.to_dict(convert=False)
+        if ret:
+            obj_dict["code"] = 200
+            obj_dict["message"] = "success"
+        else:
+            obj_dict["code"] = 400
+            obj_dict["message"] = "fail"
+
+        self.rdict[key] = obj_dict

Original file line number	Diff line number	Diff line change
`@@ -82,7 +82,7 @@`
`82`	`82`	`url: vm.tab2url[vm.tab_current],`
`83`	`83`	`data: vm.request_data,`
`84`	`84`	`success: function (data) {`
`85`		`- vm.response_data = JSON.stringify(data,null,2)`
	`85`	`+ vm.response_data = JSON.stringify(data,null,4)`
`86`	`86`	`vm.can_post = false`
`87`	`87`	`}`
`88`	`88`	`})`
Original file line number	Diff line number	Diff line change
`@@ -49,15 +49,15 @@ def index():`
`49`	`49`
`50`	`50`	`request_post = [`
`51`	`51`	`{`
`52`		`- "label":"Add record",`
	`52`	`+ "label":"Add new moment",`
`53`	`53`	`"value":'''{`
`54`		`- "Moment": {`
	`54`	`+ "moment": {`
`55`	`55`	`"content": "new moment for test",`
`56`		`- "pictureList": [`
	`56`	`+ "picture_list": [`
`57`	`57`	`"http://static.oschina.net/uploads/user/48/96331_50.jpg"`
`58`	`58`	`]`
`59`	`59`	`},`
`60`		`- "tag": "Moment"`
	`60`	`+ "@tag": "moment"`
`61`	`61`	`}''',`
`62`	`62`	`},`
`63`	`63`	`]`