Merge pull request #29 from postatum/94075102_update_many

Split BaseView._params into query and json params

nefertari/authentication/views.py

@@ -16,7 +16,8 @@ def register(self):
         """ Register new user by POSTing all required data.
 
         """
-        user, created = self._model_class.create_account(self._params)
+        user, created = self._model_class.create_account(
+            self._json_params)
 
         if not created:
             raise JHTTPConflict('Looks like you already have an account.')
@@ -26,14 +27,15 @@ def register(self):
         return JHTTPOk('Registered', headers=headers)
 
     def login(self, **params):
-        self._params.update(params)
-        next = self._params.get('next', '')
+        self._json_params.update(params)
+        next = self._query_params.get('next', '')
         login_url = self.request.route_url('login')
         if next.startswith(login_url):
             next = ''  # never use the login form itself as next
 
-        unauthorized_url = self._params.get('unauthorized', None)
-        success, user = self._model_class.authenticate_by_password(self._params)
+        unauthorized_url = self._query_params.get('unauthorized', None)
+        success, user = self._model_class.authenticate_by_password(
+            self._json_params)
 
         if success:
             id_field = user.id_field()
@@ -51,7 +53,7 @@ def login(self, **params):
             raise JHTTPNotFound('User not found')
 
     def logout(self):
-        next = self._params.get('next')
+        next = self._query_params.get('next')
         headers = forget(self.request)
         if next:
             return JHTTPFound(location=next, headers=headers)
@@ -71,7 +73,7 @@ def register(self):
         User's `Authorization` header value is returned in `WWW-Authenticate`
         header.
         """
-        user, created = self._model_class.create_account(self._params)
+        user, created = self._model_class.create_account(self._json_params)
 
         if not created:
             raise JHTTPConflict('Looks like you already have an account.')
@@ -85,9 +87,9 @@ def claim_token(self, **params):
         User's `Authorization` header value is returned in `WWW-Authenticate`
         header.
         """
-        self._params.update(params)
+        self._json_params.update(params)
         success, self.user = self._model_class.authenticate_by_password(
-            self._params)
+            self._json_params)
 
         if success:
             headers = remember(self.request, self.user.username)

nefertari/view.py

@@ -87,22 +87,38 @@ def convert_dotted(params):
 
         return params
 
-    def __init__(self, context, request, _params={}):
+    def __init__(self, context, request, _query_params={}, _json_params={}):
+        """ Prepare data to be used across the view and run init methods.
+
+        Each view has these dicts on data:
+          :_query_params: Params from a query string
+          :_json_params: Request JSON data. Is populated only for
+              PUT, PATCH, POST methods
+          :_params: Join of _query_params and _json_params
+
+        On methods tunneling, _json_params contains the same data as
+        _query_params.
+        """
         self.context = context
         self.request = request
-        self._params = dictset(_params or request.params.mixed())
+        self._query_params = dictset(_query_params or request.params.mixed())
+        self._json_params = dictset(_json_params)
 
         ctype = request.content_type
         if request.method in ['POST', 'PUT', 'PATCH']:
             if ctype == 'application/json':
                 try:
-                    self._params.update(request.json)
+                    self._json_params.update(request.json)
                 except simplejson.JSONDecodeError:
                     log.error(
                         "Expecting JSON. Received: '{}'. Request: {} {}".format(
                             request.body, request.method, request.url))
 
-            self._params = BaseView.convert_dotted(self._params)
+            self._json_params = BaseView.convert_dotted(self._json_params)
+            self._query_params = BaseView.convert_dotted(self._query_params)
+
+        self._params = self._query_params.copy()
+        self._params.update(self._json_params)
 
         # dict of the callables {'action':[callable1, callable2..]}
         # as name implies, before calls are executed before the action is called
@@ -135,17 +151,16 @@ def set_public_limits(self):
             wrappers.set_public_limits(self)
 
     def convert_ids2objects(self):
-        """ Convert object IDs from `self._params` to objects if needed.
+        """ Convert object IDs from `self._json_params` to objects if needed.
 
         Only IDs tbat belong to relationship field of `self._model_class`
         are converted.
         """
-
         if not self._model_class:
             log.info("%s has no model defined" % self.__class__.__name__)
             return
 
-        for field in self._params.keys():
+        for field in self._json_params.keys():
             if not engine.is_relationship_field(field, self._model_class):
                 continue
             model_cls = engine.relationship_cls(field, self._model_class)
@@ -236,26 +251,10 @@ def subrequest(self, url, params={}, method='GET'):
         return self.request.invoke_subrequest(req)
 
     def needs_confirmation(self):
-        return '__confirmation' not in self._params
-
-    def delete_many(self, **kw):
-        if not self._model_class:
-            log.error("%s _model_class in invalid: %s" % (
-                self.__class__.__name__, self._model_class))
-            raise JHTTPBadRequest
-
-        objs = self._model_class.get_collection(**self._params)
-
-        if self.needs_confirmation():
-            return objs
-
-        count = self._model_class.count(objs)
-        self._model_class._delete_many(objs)
-        return JHTTPOk("Deleted %s %s objects" % (
-            count, self._model_class.__name__))
+        return '__confirmation' not in self._query_params
 
     def id2obj(self, name, model, id_field=None, setdefault=None):
-        if name not in self._params:
+        if name not in self._json_params:
             return
 
         if id_field is None:
@@ -273,11 +272,11 @@ def _get_object(id_):
                     raise JHTTPBadRequest('id2obj: Object %s not found' % id_)
                 return obj
 
-        ids = self._params[name]
+        ids = self._json_params[name]
         if isinstance(ids, list):
-            self._params[name] = [_get_object(_id) for _id in ids]
+            self._json_params[name] = [_get_object(_id) for _id in ids]
         else:
-            self._params[name] = _get_object(ids)
+            self._json_params[name] = _get_object(ids)
 
 
 def key_error_view(context, request):

nefertari/wrappers.py

@@ -123,6 +123,8 @@ def __init__(self, request):
         self.request = request
 
     def _filter_fields(self, data):
+        if '_type' not in data:
+            return data
         try:
             model_cls = engine.get_document_cls(data['_type'])
         except ValueError as ex:
@@ -151,6 +153,8 @@ def _filter_fields(self, data):
 
     def __call__(self, **kwargs):
         result = kwargs['result']
+        if not isinstance(result, dict):
+            return result
         data = result.get('data', result)
 
         if data:
@@ -305,9 +309,9 @@ def set_public_limits(view):
         'public_max_limit', 100))
 
     try:
-        _limit = int(view._params.get('_limit', 20))
-        _page = int(view._params.get('_page', 0))
-        _start = int(view._params.get('_start', 0))
+        _limit = int(view._query_params.get('_limit', 20))
+        _page = int(view._query_params.get('_page', 0))
+        _start = int(view._query_params.get('_start', 0))
 
         view.add_after_call('index', set_total(view.request, total=public_max),
                             pos=0)
@@ -317,4 +321,4 @@ def set_public_limits(view):
 
     _start = _start or _page * _limit
     if _start + _limit > public_max:
-        view._params['_limit'] = max((public_max - _start), 0)
+        view._query_params['_limit'] = max((public_max - _start), 0)