Amendments on the merge

plone · May 19, 2016 · aa0c5cf · aa0c5cf
1 parent 174f502
commit aa0c5cf
Show file tree

Hide file tree

Showing 10 changed files with 160 additions and 64 deletions.
diff --git a/docs/source/_json/actions.json b/docs/source/_json/actions.json
@@ -1,4 +1,4 @@
-GET /plone/actions_
+GET /plone/@actions
 Accept: application/json
 
 HTTP 200 OK

diff --git a/docs/source/_json/components_breadcrumbs.json b/docs/source/_json/components_breadcrumbs.json
@@ -1,4 +1,4 @@
-GET /plone/front-page/components_/breadcrumbs
+GET /plone/front-page/@components/breadcrumbs
 Accept: application/json
 
 HTTP 200 OK

diff --git a/docs/source/_json/components_navigation.json b/docs/source/_json/components_navigation.json
@@ -1,4 +1,4 @@
-GET /plone/components_/navigation
+GET /plone/@components/navigation
 Accept: application/json
 
 HTTP 200 OK
@@ -9,12 +9,16 @@ content-type: application/json
     "data": {
       "items": [
         {
-          "title": "News", 
-          "url": "http://plone/news"
+          "title": "Home", 
+          "url": "http://localhost:55001/plone"
         }, 
         {
-          "title": "Events", 
-          "url": "http://plone/events"
+          "title": "Test Folder", 
+          "url": "http://localhost:55001/plone/robot-test-folder"
+        }, 
+        {
+          "title": "Welcome to Plone", 
+          "url": "http://localhost:55001/plone/front-page"
         }
       ]
     }, 

diff --git a/docs/source/_json/frame_object.json b/docs/source/_json/frame_object.json
@@ -5,11 +5,10 @@ HTTP 200 OK
 content-type: application/json
 
 {
-  "@context": "http://www.w3.org/ns/hydra/context.jsonld", 
   "@id": "http://localhost:55001/plone/front-page", 
   "@type": "Document", 
   "actions": {
-    "@id": "http://localhost:55001/plone/front-page/actions_/"
+    "@id": "http://localhost:55001/plone/front-page/@actions/"
   }, 
   "fields": {
     "UID": "1f699ffa110e45afb1ba502f75f7ec33", 
@@ -25,6 +24,7 @@ content-type: application/json
     "effective": null, 
     "exclude_from_nav": false, 
     "expires": null, 
+    "id": "front-page", 
     "language": "", 
     "modified": "2016-01-21T01:24:11+00:00", 
     "parent": {
@@ -46,9 +46,9 @@ content-type: application/json
   }, 
   "template": "index", 
   "versions": {
-    "@id": "http://localhost:55001/plone/front-page/versions_/"
+    "@id": "http://localhost:55001/plone/front-page/@versions/"
   }, 
   "workflow": {
-    "@id": "http://localhost:55001/plone/front-page/workflow_/"
+    "@id": "http://localhost:55001/plone/front-page/@workflow/"
   }
 }
diff --git a/docs/source/_json/login.json b/docs/source/_json/login.json
@@ -1,4 +1,4 @@
-POST /plone/login_
+POST /plone/@login
 Accept: application/json
 
 {"username": "admin", "password": "admin"}
@@ -8,5 +8,5 @@ content-type: application/json
 
 {
   "success": true, 
-  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiZnVsbG5hbWUiOiJGb28gYmFyIiwiZXhwaXJlcyI6MTQ2MzU0MDkzNS4wMjYyNzgsInR5cGUiOiJKV1QiLCJhbGdvcml0aG0iOiJIUzI1NiJ9.jhNWjzVg6OIWUVGu6Z4Svy6-5E-VM6aK-Sw6ZJHbdVE"
+  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiZnVsbG5hbWUiOiJGb28gYmFyIiwiZXhwaXJlcyI6MTQ2MzcyMDQ3OC44Mzc4NiwidHlwZSI6IkpXVCIsImFsZ29yaXRobSI6IkhTMjU2In0.OaiLGRuN93P64dh6-avRDXHsDGPCKwsgPis-6a2v2QQ"
 }
diff --git a/docs/source/_json/theme.json b/docs/source/_json/theme.json
@@ -1,4 +1,4 @@
-GET /plone/theme_?resource=%2Fstyle%2Fmain.css
+GET /plone/@theme?resource=%2Fstyle%2Fmain.css
 Accept: application/json
 
 HTTP 200 OK

diff --git a/docs/source/additional-endpoints.rst b/docs/source/additional-endpoints.rst
@@ -12,48 +12,6 @@ These are mocked endpoints for use during the Barcelona 2016 Sprint.
    not intended for actual use, but instead serve as a skeleton to flesh out
    different aspects of the API during the Barcelona 2016 sprint.
 
-
-Registry
-========
-
-Registry records can be addressed by using the fully qualified dotted name of
-the registry record to be read/written as the ``:name`` parameter.
-
-Reading registry records
-------------------------
-
-Reading a single record:
-
-.. code::
-
-  GET /:portal/registry_/:name HTTP/1.1
-  Host: localhost:8080
-  Accept: application/json
-
-Example:
-
-.. literalinclude:: _json/registry_get.json
-   :language: js
-
-Updating registry records
--------------------------
-
-Updating an existing record:
-
-.. code::
-
-  PUT /:portal/registry_/ HTTP/1.1
-  Host: localhost:8080
-  Accept: application/json
-
-  {name: value}
-
-Example:
-
-.. literalinclude:: _json/registry_update.json
-   :language: js
-
-
 Theme
 ========
 
@@ -62,7 +20,7 @@ Requesting for overridden resources
 
 .. code::
 
-  GET /:portal/theme_ HTTP/1.1
+  GET /:portal/@theme HTTP/1.1
   Host: localhost:8080
   Accept: application/json
 
@@ -80,7 +38,7 @@ Get the required component(s)
 
 .. code::
 
- GET /:portal/components_/:[id,] HTTP/1.1
+ GET /:portal/@components/:[id,] HTTP/1.1
  Host: localhost:8080
  Accept: application/json
 
@@ -102,7 +60,7 @@ Get the available actions for the given context
 
 .. code::
 
- GET /:path/actions_ HTTP/1.1
+ GET /:path/@actions HTTP/1.1
  Host: localhost:8080
  Accept: application/json
 
@@ -135,7 +93,7 @@ Login
 
 .. code::
 
- POST /:path/login_ HTTP/1.1
+ POST /:path/@login HTTP/1.1
  Host: localhost:8080
  Accept: application/json
 

diff --git a/docs/source/index.rst b/docs/source/index.rst
@@ -24,6 +24,7 @@ Contents
    searching
    content-negotiation
    types
+   additional-endpoints
    customization
 
 .. include:: ../../README.rst

diff --git a/src/plone/restapi/services/content/get.py b/src/plone/restapi/services/content/get.py
@@ -34,11 +34,10 @@ def _frame_response_object(self, serialized_content):
         context_url = self.context.absolute_url()
 
         doc['template'] = 'index'
-        doc['versions'] = {'@id': '/'.join((context_url, 'versions_/'))}
-        doc['workflow'] = {'@id': '/'.join((context_url, 'workflow_/'))}
-        doc['actions'] = {'@id': '/'.join((context_url, 'actions_/'))}
+        doc['versions'] = {'@id': '/'.join((context_url, '@versions/'))}
+        doc['workflow'] = {'@id': '/'.join((context_url, '@workflow/'))}
+        doc['actions'] = {'@id': '/'.join((context_url, '@actions/'))}
 
-        doc['@context'] = serialized_content.pop('@context')
         doc['@id'] = serialized_content.pop('@id')
         doc['@type'] = serialized_content.pop('@type')
 

diff --git a/src/plone/restapi/tests/test_documentation_mocks.py b/src/plone/restapi/tests/test_documentation_mocks.py
@@ -0,0 +1,134 @@
+# -*- coding: utf-8 -*-
+from DateTime import DateTime
+from plone.app.testing import setRoles
+from plone.app.testing import SITE_OWNER_NAME
+from plone.app.testing import SITE_OWNER_PASSWORD
+from plone.app.testing import TEST_USER_ID
+from plone.app.textfield.value import RichTextValue
+from plone.restapi.testing import PLONE_RESTAPI_DX_FUNCTIONAL_TESTING
+from plone.restapi.testing import RelativeSession
+from plone.testing.z2 import Browser
+from plone.uuid.interfaces import IMutableUUID
+
+import json
+import os
+import unittest2 as unittest
+
+
+REQUEST_HEADER_KEYS = [
+    'accept'
+]
+
+RESPONSE_HEADER_KEYS = [
+    'content-type',
+    'allow',
+]
+
+base_path = os.path.join(
+    os.path.dirname(__file__),
+    '..',
+    '..',
+    '..',
+    '..',
+    'docs/source/_json'
+)
+
+
+def save_response_for_documentation(filename, response):
+    f = open('{}/{}'.format(base_path, filename), 'w')
+    request = response.request
+    request_contents = '{} {}\n'.format(
+        request.method,
+        request.path_url,
+    )
+
+    for key, value in request.headers.items():
+        if key.lower() in REQUEST_HEADER_KEYS:
+            request_contents += '{}: {}\n'.format(key, value)
+
+    if request.body:
+        request_contents += '\n{}\n'.format(request.body)
+
+    f.write(request_contents)
+    f.write('\n')
+
+    f.write('HTTP {} {}\n'.format(response.status_code, response.reason))
+    for key, value in response.headers.items():
+        if key.lower() in RESPONSE_HEADER_KEYS:
+            f.write('{}: {}\n'.format(key.lower(), value))
+    f.write('\n')
+    f.write(response.content)
+    f.close()
+
+
+class TestTraversal(unittest.TestCase):
+
+    layer = PLONE_RESTAPI_DX_FUNCTIONAL_TESTING
+
+    def setUp(self):
+        self.app = self.layer['app']
+        self.request = self.layer['request']
+        self.portal = self.layer['portal']
+        self.portal_url = self.portal.absolute_url()
+
+        self.api_session = RelativeSession(self.portal_url)
+        self.api_session.headers.update({'Accept': 'application/json'})
+        self.api_session.auth = (SITE_OWNER_NAME, SITE_OWNER_PASSWORD)
+
+        setRoles(self.portal, TEST_USER_ID, ['Manager'])
+        self.portal.invokeFactory('Document', id='front-page')
+        self.document = self.portal['front-page']
+        self.document.title = u"Welcome to Plone"
+        self.document.description = \
+            u"Congratulations! You have successfully installed Plone."
+        self.document.text = RichTextValue(
+            u"If you're seeing this instead of the web site you were " +
+            u"expecting, the owner of this web site has just installed " +
+            u"Plone. Do not contact the Plone Team or the Plone mailing " +
+            u"lists about this.",
+            'text/plain',
+            'text/html'
+        )
+        self.document.creation_date = DateTime('2016-01-21T01:14:48+00:00')
+        IMutableUUID(self.document).set('1f699ffa110e45afb1ba502f75f7ec33')
+        self.document.reindexObject()
+        self.document.modification_date = DateTime('2016-01-21T01:24:11+00:00')
+        import transaction
+        transaction.commit()
+        self.browser = Browser(self.app)
+        self.browser.handleErrors = False
+        self.browser.addHeader(
+            'Authorization',
+            'Basic %s:%s' % (SITE_OWNER_NAME, SITE_OWNER_PASSWORD,)
+        )
+
+    def test_documentation_theme(self):
+        query = {'resource': '/style/main.css'}
+        response = self.api_session.get('/@theme', params=query)
+        save_response_for_documentation('theme.json', response)
+
+    def test_documentation_components_navigation(self):
+        response = self.api_session.get('/@components/navigation')
+        save_response_for_documentation(
+            'components_navigation.json', response)
+
+    def test_documentation_components_breadcrumbs(self):
+        response = self.api_session.get('/front-page/@components/breadcrumbs')
+        save_response_for_documentation(
+            'components_breadcrumbs.json', response)
+
+    def test_documentation_actions(self):
+        response = self.api_session.get('/@actions')
+        save_response_for_documentation('actions.json', response)
+
+    def test_documentation_frame_object(self):
+        response = self.api_session.get(
+            self.document.absolute_url() + '?frame=object')
+        save_response_for_documentation('frame_object.json', response)
+
+    def test_documentation_login(self):
+        response = self.api_session.post('/@login', data=json.dumps({
+            'username': 'admin',
+            'password': 'admin'
+        }))
+        save_response_for_documentation('login.json', response)