|Version 50 (modified by 12 years ago) ( diff ),|
Table of Contents
The S3RESTController class implements a generic RESTful interface for database resources in S3.
This class is instantiated as the global callable s3rest object, which will be used by the shn_rest_controller() wrapper function.
s3rest can be configured dynamically, and can easily be used to build RESTful controllers throughout the application.
Important: an s3rest instance is created per request and must not be stored or referenced by static objects to avoid memory leaks!
The default method handlers of s3rest (provided by the shn_rest_controller() wrapper) implement CRUD (create, read, update, delete) in all major representations, including the capabilities of S3XRC to use in-line XSLT for export and import of XML and JSON formats.
Instead of the web2py request object, s3rest uses the S3RESTRequest class (described below) to represent the current REST request. Other than web2py/request, the S3RESTRequest of the current call is not a global object, but gets passed as argument when calling REST method handlers.
It is critical to understand how RESTful requests work.
A RESTful requests has two components:
- the URL addresses the resource
- the HTTP method determines the action to be taken with that resource, which is either of:
- GET, PUT, POST or DELETE
A resource in this terminology is either of:
- a database table or one or more records in that table
- a combination of tables or records (so called "compound" or "joined" resources)
- a function in the application related to one of the above resource types
Functions as resources in RESTful requests are to be understood and addressed as "sub"-resources of their respective primary resource.
The finally executed response action depends on the HTTP/method and on the type of resource addressed by the URL, e.g.
- if the method is "GET" and the resource addressed is a database table, then the response will be a list of the records in that table
- if the method is "PUT" and the resource addressed is a record in a table, then the response will be an update of that record with the data from the request body
CRUD Method Handlers
The default method handlers for each of CRUD+S are implemented in models/01_crud.py:
- shn_read(jr, attr)
- shn_list(jr, attr)
- shn_create(jr, attr)
- shn_update(jr, attr)
- shn_delete(jr, attr)
- shn_search(jr, attr)
- shn_options(jr, attr)
- import_xml(jr, attr)
- import_json(jr, attr)
where jr is the current S3RESTRequest, and attr contains all further arguments passed to the REST controller.
You can override these defaults at any time by
- action is the name of the action, i.e. one of 'read', 'list', 'create', 'update', 'delete', 'search', 'options', 'import_xml' or 'import_json'
- handler is the handler function/lambda
You can also add resource-specific custom methods by:
s3xrc.model.set_method(module, resource, method, action)
- module is the module prefix of a resource
- resource is the name of the resource (without prefix)
- method is a string representing the name of the method (e.g. "search_simple")
- action is the method handler function/lambda
The action method has to take the same arguments as the default handlers: jr (S3RESTRequest) and attr.
Pre- and Post-Hooks
You can hook in a preprocessing function into the REST controller (as response.s3.prep) which will be called after the controller has parsed the request, but before it gets actually executed - with the current S3RESTRequest as argument (which includes the primary resource record, if any).
This allows you to easily make changes to resource settings (e.g. access control, list fields etc.), or even to the REST controller configuration (e.g. custom methods) depending on the request type, its parameters or the addressed resource, without having to parse the web2py request manually. You can even bypass the execution of the request and thus hook in your own REST controller - with the advantage that you don't need to parse the request anymore.
NB: Hooks should be added at the top of your controller function (right after your resource is defined, especially pre-processing hooks. e.g.,
def template(): """ RESTlike CRUD controller """ resource = "template" def _prep(jr): crud.settings.create_next = URL(r=request, f="series", args=["create"]) crud.settings.update_next = URL(r=request, f="series", args=["create"]) #TODO: NB this needs to be re-worked! return True response.s3.prep = _prep ....
A simple example:
Original code fragment:
if len(request.args) == 0: # List View - reduce fields to declutter table.message.readable = Fals table.categories.readable = False table.verified_details.readable = False table.actioned_details.readable = False response.s3.pagination = True #enable SSPag here! return shn_rest_controller(module, resource, listadd=False)
Using the pre-processor hook instead:
def log_prep(jr): if jr.representation=="html" and \ jr.method is None and \ jr.component is None: # Log listing - reduce fields to declutter table.message.readable = False table.categories.readable = False table.verified_details.readable = False table.actioned_details.readable = False return True response.s3.prep = log_prep response.s3.pagination = True #enable SSPag here! return shn_rest_controller(module, resource, listadd=False)
The return value of the preprocessor function can simply be True, in which case the REST request will be executed as usual. Returning False would lead to a HTTP400 "Invalid Request" exception being raised.
The return value of the preprocessor function can also be a dict for more granular control - containing the following elements (all optional):
- success: boolean (default: True)
- output: dict (default: None)
- bypass: boolean (default: False)
If bypass is True, then the REST controller does not execute the request (the post-hook is executed, though). output must not be None in this case - it will be returned from the REST controller.
If success is False, and output is not None, then the REST controller does not execute the request, but just returns "output" (post-hook will not be executed in this case).
If success is False and output is None, a HTTP400 "Invalid Request" will be raised instead.
In most cases, you will just return "True" - in some cases you might want to raise an error, e.g.:
response.error = "This request cannot be executed" return dict( success=False, output=dict(title="My Pagetitle", item="Sorry, no data..."))
There is also a post-processing hook (response.s3.postp) that allows you to execute something directly after the REST request has been executed, but before the shn_rest_controller returns. The post-hook function will be called with the current S3RESTRequest and the output dict of its execution as arguments.
Important: S3RESTRequest instances are generated per request and must not be stored or referenced by static or global objects to avoid memory leaks!
Attributes of the S3RESTRequest
The following attributes are set during initialisation of an S3RESTRequest object, no further call is required.
|rc||the resource controller object (S3XRC)|
|request||the original web2py request (Storage)|
|session||the current session (Storage)|
|representation||the current representation of this request (string, lowercase)|
|http||the HTTP method of this request (string, always uppercase!)|
|extension||the extension found in the original request (string, lowercase)|
|method||the method of the request if not HTTP (string, always lowercase)|
|custom_action||the custom method handler for the request (function or lambda)|
Primary Resource Attributes
|prefix||the prefix (=module name) of the requested resource (string)|
|name||the name of the requested resource, without prefix (string)|
|tablename||the name of the primary table (string)|
|table||the primary table (Table)|
|id||the ID of the primary record (int)|
|record||the primary record (Row)|
Component Resource Attributes
|component||the requested component, if any (ObjectComponent)|
|pkey||the primary key of the Resource/Component join (string)|
|fkey||the foreign key of the Resource/Component join (string)|
|component_name||the name of the component without prefix (string)|
|component_id||the ID of the component record as of the request, if any (int)|
|multiple||Flag indicating that multiple component records are allowed (boolean)|
|error||the last error message (string)|
|invalid||Flag indicating this request as invalid (boolean)|
|badmethod||Flag indicating a bad method error (boolean)|
|badrecord||Flag indicating a invalid record ID error (boolean)|
|badrequest||Flag indicating an unqualified request error (boolean)|
- prefix, name, tablename, table and attr of the component
- attr contains:
- multiple Multiple-flag
- editable, deletable and listadd
- list_fields, rss, main and extra
- onaccept, onvalidation, delete_onaccept and delete_onvalidation
- methods: set_attr() and get_attr()
Methods of the S3RESTRequest
- returns the URL of the current request
- returns the URL of a HTTP GET request for the same resource
- returns the URL of the current request with the primary record ID replaced by the string literal '[id]'
other(method=None, record_id=None, representation=None)
- returns the URL of a request with another method and record ID, but for the same resource
- returns the target table of the current request as tuple of (prefix, name, table, tablename)
export_xml(permit=None, audit=None, template=None, filterby=None, pretty_print=False)
- exports the requested resources as XML
export_json(permit=None, audit=None, template=None, filterby=None, pretty_print=False)
- exports the requested resources as JSON
import_xml(tree, permit=None, audit=None, onvalidation=None, onaccept=None)
- import the requested resources from the given ElementTree
- exports the options of a field (or all fields) in the resource as XML
- exports the options of a field (or all fields) in the resource as JSON