mygpo/api/__init__.py

   1 #
   2 # This file is part of my.gpodder.org.
   3 #
   4 # my.gpodder.org is free software: you can redistribute it and/or modify it
   5 # under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or (at your
   7 # option) any later version.
   8 #
   9 # my.gpodder.org is distributed in the hope that it will be useful, but
  10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
  12 # License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 from datetime import datetime
  19
  20 from django.core.exceptions import ObjectDoesNotExist
  21 from django.http import HttpResponseBadRequest, HttpResponseNotFound
  22 from django.views.decorators.csrf import csrf_exempt
  23 from django.views.decorators.cache import never_cache
  24 from django.utils.decorators import method_decorator
  25 from django.views.generic.base import View
  26
  27 from mygpo.utils import parse_request_body
  28 from mygpo.api.exceptions import ParameterMissing
  29 from mygpo.decorators import cors_origin
  30 from mygpo.api.basic_auth import require_valid_user, check_username
  31
  32
  33 import logging
  34 logger = logging.getLogger(__name__)
  35
  36
  37 class RequestException(Exception):
  38     """ Raised if the request is malfored or otherwise invalid """
  39
  40
  41 class APIView(View):
  42
  43     @method_decorator(csrf_exempt)
  44     @method_decorator(require_valid_user)
  45     @method_decorator(check_username)
  46     @method_decorator(never_cache)
  47     @method_decorator(cors_origin())
  48     def dispatch(self, *args, **kwargs):
  49         """ Dispatches request and does generic error handling """
  50         try:
  51             return super(APIView, self).dispatch(*args, **kwargs)
  52
  53         except ObjectDoesNotExist as e:
  54             return HttpResponseNotFound(str(e))
  55
  56         except (RequestException, ParameterMissing) as e:
  57             return HttpResponseBadRequest(str(e))
  58
  59     def parsed_body(self, request):
  60         """ Returns the object parsed from the JSON request body """
  61
  62         if not request.body:
  63             raise RequestException('POST data must not be empty')
  64
  65         try:
  66             # TODO: implementation of parse_request_body can be moved here
  67             # after all views using it have been refactored
  68             return parse_request_body(request)
  69         except (UnicodeDecodeError, ValueError) as e:
  70             msg = 'Could not decode request body for user {}: {}'.format(
  71                 request.user.username,
  72                 request.body.decode('ascii', errors='replace'))
  73             logger.warn(msg, exc_info=True)
  74             raise RequestException(msg)
  75
  76     def get_since(self, request):
  77         """ Returns parsed "since" GET parameter """
  78         since_ = request.GET.get('since', None)
  79
  80         if since_ is None:
  81             raise RequestException("parameter 'since' missing")
  82
  83         try:
  84             since_ = int(since_)
  85             since = datetime.fromtimestamp(since_)
  86         except ValueError:
  87             raise RequestException("'since' is not a valid timestamp")
  88
  89         if since_ < 0:
  90             raise RequestException("'since' must be a non-negative number")
  91
  92         return since