You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1477 lines
50 KiB
1477 lines
50 KiB
package NGCP::Panel::Role::API;
|
|
|
|
use Sipwise::Base;
|
|
|
|
use parent qw/NGCP::Panel::Role::Journal/;
|
|
|
|
use NGCP::Panel::Utils::Generic qw(:all);
|
|
use boolean qw(true);
|
|
use Safe::Isa qw($_isa);
|
|
use Storable qw();
|
|
use JSON qw();
|
|
use JSON::Pointer;
|
|
use JSON::Pointer::Exception qw();
|
|
use HTTP::Status qw(:constants);
|
|
use Scalar::Util qw/blessed/;
|
|
use DateTime::Format::HTTP qw();
|
|
use DateTime::Format::RFC3339 qw();
|
|
use Types::Standard qw(InstanceOf);
|
|
use Regexp::Common qw(delimited); # $RE{delimited}
|
|
use Encode qw( encode_utf8 );
|
|
|
|
use HTTP::Headers::Util qw(split_header_words);
|
|
use Data::Compare;
|
|
use Data::HAL qw();
|
|
use Data::HAL::Link qw();
|
|
use NGCP::Panel::Utils::ValidateJSON qw();
|
|
use NGCP::Panel::Utils::Journal qw();
|
|
|
|
#It is expected to work for all our 3 common cases:
|
|
#1. Body is the plain json data
|
|
#2. Multipart/form data with resource in "json" form field, and some uploads
|
|
#3. Some media data uploaded in request body, resource data passed as the query parameters
|
|
sub get_valid_data{
|
|
my ($self, %params) = @_;
|
|
|
|
my ($data,$resource,$non_json_data);
|
|
|
|
my $c = $params{c};
|
|
my $method = $params{method} // uc($c->request->method);
|
|
my $media_type = $params{media_type};
|
|
my $resource_media_type = $params{resource_media_type};#for rare specific cases, like text/csv
|
|
|
|
return unless $self->forbid_link_header($c);
|
|
|
|
if ($method =~ /^(GET|PUT|POST)$/) {
|
|
$resource_media_type //= 'application/json';
|
|
} elsif ($method eq 'PATCH') {
|
|
$resource_media_type //= 'application/json-patch+json';
|
|
}
|
|
return unless $self->valid_media_type($c, $media_type);
|
|
|
|
if ($method =~ /^(PUT|PATCH)$/) {
|
|
my $id = $params{id};
|
|
return unless $self->valid_id($c, $id);
|
|
}
|
|
|
|
my ($json_raw,$json_decoded);
|
|
if ($c->req->headers->content_type eq 'multipart/form-data') {
|
|
return unless $self->require_uploads($c);
|
|
$json_raw = encode_utf8($c->req->param('json'));
|
|
} elsif ($c->req->headers->content_type eq 'application/json'
|
|
&& 'GET' ne $method) {
|
|
return unless $self->require_body($c);
|
|
#overwrite for the first variant of the dual upload
|
|
$resource_media_type = 'application/json';
|
|
$json_raw = $c->stash->{body};
|
|
} else {
|
|
if ('GET' ne $method) {
|
|
return unless $self->require_body($c);
|
|
$data = $c->stash->{body};
|
|
}
|
|
$resource = $c->req->query_params;
|
|
$non_json_data = 1;
|
|
}
|
|
|
|
if ($resource_media_type eq 'application/json' ||
|
|
$resource_media_type eq 'application/json-patch+json' ) {
|
|
|
|
$json_raw //= $data;
|
|
|
|
return unless $self->require_wellformed_json($c, $resource_media_type, $json_raw);
|
|
if ($c->req->headers->content_type eq 'multipart/form-data') {
|
|
$json_decoded = JSON::from_json($json_raw, { utf8 => 0 });
|
|
} else {
|
|
$json_decoded = JSON::from_json($json_raw, { utf8 => 1 });
|
|
}
|
|
if ($method eq 'PATCH') {
|
|
my $ops = $params{ops} // [qw/replace copy/];
|
|
return unless $self->require_valid_patch($c, $json_decoded, $ops);
|
|
}
|
|
return unless $self->get_uploads($c, $json_decoded, $params{uploads}, $params{form});
|
|
$resource = $json_decoded;
|
|
$non_json_data = 0;
|
|
}
|
|
|
|
return ($resource, $data, $non_json_data);
|
|
}
|
|
|
|
#method to take any informative input, i.e.
|
|
# - json body,
|
|
# - json part of multiform
|
|
# - request_params
|
|
sub get_info_data {
|
|
my ($self, $c) = @_;
|
|
my $ctype = $self->get_content_type($c) // '';
|
|
my $resource = $c->request->params;
|
|
my ($resource_json,$resource_json_raw) = (undef,'');
|
|
if ('multipart/form-data' eq $ctype) {
|
|
$resource_json = $c->req->param('json');
|
|
delete $resource->{json};
|
|
} elsif ('application/json' eq $ctype) {
|
|
$resource_json_raw = $c->stash->{body};
|
|
}
|
|
if($resource_json_raw){
|
|
$resource_json = JSON::from_json($resource_json_raw, { utf8 => 1 });
|
|
}
|
|
{
|
|
#check that we don't provide different data via different request type
|
|
my @common_keys = map { exists $resource->{$_} ? $_ : () }keys %$resource_json;
|
|
my (%resource_sub,%resource_json_sub);
|
|
@resource_sub{@common_keys} = @{$resource}{@common_keys};
|
|
@resource_json_sub{@common_keys} = @{$resource_json}{@common_keys};
|
|
if(!Compare(\%resource_sub,\%resource_json_sub)){
|
|
return;
|
|
}
|
|
}
|
|
return {%$resource,%$resource_json};
|
|
}
|
|
|
|
sub get_valid_post_data {
|
|
my ($self, %params) = @_;
|
|
|
|
my $c = $params{c};
|
|
my $media_type = $params{media_type};
|
|
my $json = $self->get_valid_raw_post_data(%params);
|
|
return unless $self->valid_media_type($c, $media_type);
|
|
return unless $self->require_preference($c);
|
|
return unless $self->require_wellformed_json($c, $media_type, $json);
|
|
|
|
return JSON::from_json($json, { utf8 => 1 });
|
|
}
|
|
|
|
sub get_valid_raw_post_data {
|
|
my ($self, %params) = @_;
|
|
|
|
my $c = $params{c};
|
|
my $media_type = $params{media_type};
|
|
|
|
return unless $self->forbid_link_header($c);
|
|
return unless $self->valid_media_type($c, $media_type);
|
|
return unless $self->require_body($c);
|
|
return $c->stash->{body};
|
|
}
|
|
|
|
sub get_valid_put_data {
|
|
my ($self, %params) = @_;
|
|
|
|
my $c = $params{c};
|
|
my $media_type = $params{media_type};
|
|
my $json = $self->get_valid_raw_put_data(%params);
|
|
return unless $json;
|
|
return unless $self->require_wellformed_json($c, $media_type, $json);
|
|
return JSON::from_json($json, { utf8 => 1 });
|
|
}
|
|
|
|
sub get_valid_raw_put_data {
|
|
my ($self, %params) = @_;
|
|
|
|
my $c = $params{c};
|
|
my $media_type = $params{media_type};
|
|
my $id = $params{id};
|
|
|
|
return unless $self->valid_id($c, $id);
|
|
return unless $self->forbid_link_header($c);
|
|
return unless $self->valid_media_type($c, $media_type);
|
|
return unless $self->require_body($c);
|
|
return $c->stash->{body};
|
|
}
|
|
|
|
sub get_valid_patch_data {
|
|
my ($self, %params) = @_;
|
|
|
|
my $c = $params{c};
|
|
my $media_type = $params{media_type};
|
|
my $id = $params{id};
|
|
my $ops = $params{ops} // [qw/replace copy/];
|
|
|
|
return unless $self->valid_id($c, $id);
|
|
return unless $self->forbid_link_header($c);
|
|
return unless $self->valid_media_type($c, $media_type);
|
|
return unless $self->require_body($c);
|
|
my $json = $c->stash->{body};
|
|
return unless $self->require_wellformed_json($c, $media_type, $json);
|
|
return unless $self->require_valid_patch($c, $json, $ops);
|
|
|
|
return $json;
|
|
}
|
|
|
|
sub check_reload {
|
|
my ($self, $c, $resource) = @_;
|
|
my ($sip, $xmpp) = (1,1);
|
|
|
|
if (delete $resource->{_skip_sip_reload} || $c->config->{features}->{debug}) {
|
|
$sip = 0;
|
|
$c->log->debug("skipping SIP reload");
|
|
}
|
|
if (delete $resource->{_skip_xmpp_reload} || $c->config->{features}->{debug}) {
|
|
$xmpp = 0;
|
|
$c->log->debug("skipping XMPP reload");
|
|
}
|
|
|
|
return ($sip, $xmpp);
|
|
}
|
|
|
|
sub validate_form {
|
|
my ($self, %params) = @_;
|
|
|
|
my $c = $params{c};
|
|
my $resource = $params{resource};
|
|
my $form = $params{form};
|
|
my $run = $params{run} // 1;
|
|
my $form_params = $params{form_params} // {};
|
|
|
|
my $exceptions = [
|
|
grep {m/_id$/} map {"".$_->name} $form->fields
|
|
];
|
|
|
|
|
|
my @normalized = ();
|
|
|
|
# move {xxx_id} into {xxx}{id} for FormHandler
|
|
foreach my $key(keys %{ $resource } ) {
|
|
my $skip_normalize = grep {/^$key$/} @{ $exceptions };
|
|
if($key =~ /^(.+)_id$/ && !$skip_normalize && !exists $resource->{$1}) {
|
|
push @normalized, $1;
|
|
$resource->{$1}{id} = delete $resource->{$key};
|
|
}
|
|
}
|
|
|
|
# remove unknown keys and prepare resource
|
|
my %fields;
|
|
foreach($form->fields){
|
|
$fields{$_->name} = $_;
|
|
}
|
|
$self->validate_fields($c, $resource, \%fields, $run);
|
|
|
|
if($run) {
|
|
# check keys/vals
|
|
$form->process(params => $resource, posted => 1, %{$form_params} );
|
|
unless($form->validated) {
|
|
my $e = join '; ', map {
|
|
my $in = (defined $_->input && ref $_->input eq 'HASH' && exists $_->input->{id}) ? $_->input->{id} : ($_->input // '');
|
|
$in //= '';
|
|
sprintf 'field=\'%s\', input=\'%s\', errors=\'%s\'',
|
|
($_->parent->$_isa('HTML::FormHandler::Field') ? $_->parent->name . '_' : '') . $_->name,
|
|
$in,
|
|
join('', @{ $_->errors })
|
|
} $form->error_fields;
|
|
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Validation failed. $e");
|
|
return;
|
|
}
|
|
}
|
|
|
|
# move {xxx}{id} back into {xxx_id} for DB
|
|
foreach my $key(@normalized) {
|
|
next unless(exists $resource->{$key});
|
|
$resource->{$key . '_id'} = defined($resource->{$key}{id}) ?
|
|
int($resource->{$key}{id}) :
|
|
$resource->{$key}{id};
|
|
delete $resource->{$key};
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub validate_fields {
|
|
my ($self, $c, $resource, $fields, $run) = @_;
|
|
|
|
for my $k (keys %{ $resource }) {
|
|
#if($resource->{$k}->$_isa('JSON::XS::Boolean') || $resource->{$k}->$_isa('JSON::PP::Boolean')) {
|
|
if($resource->{$k}->$_isa('JSON::PP::Boolean')) {
|
|
$resource->{$k} = $resource->{$k} ? 1 : 0;
|
|
}
|
|
unless(exists $fields->{$k}) {
|
|
delete $resource->{$k};
|
|
next;
|
|
}
|
|
if($run){
|
|
#Prepare resource for the PATCH considering readonly fields.
|
|
#PATCH is supposed to take full item content and so will get readonly fields into resource too. And apply patch.
|
|
#It leads to the situation when we may try to change some not existing fields in the DB
|
|
#All readonly fields are considered as representation only and should never be applied.
|
|
if($fields->{$k}->readonly) {
|
|
delete $resource->{$k};
|
|
next;
|
|
}
|
|
}
|
|
$resource->{$k} = DateTime::Format::RFC3339->format_datetime($resource->{$k})
|
|
if $resource->{$k}->$_isa('DateTime');
|
|
$resource->{$k} = $resource->{$k} + 0
|
|
if(defined $resource->{$k} && (
|
|
$fields->{$k}->$_isa('HTML::FormHandler::Field::Integer') ||
|
|
$fields->{$k}->$_isa('HTML::FormHandler::Field::Money') ||
|
|
$fields->{$k}->$_isa('HTML::FormHandler::Field::Float')) &&
|
|
(is_int($resource->{$k}) || is_decimal($resource->{$k})));
|
|
|
|
if (defined $resource->{$k} &&
|
|
$fields->{$k}->$_isa('HTML::FormHandler::Field::Repeatable') &&
|
|
"ARRAY" eq ref $resource->{$k}) {
|
|
my ($subfield_instance) = $fields->{$k}->fields;
|
|
if ($subfield_instance) {
|
|
my %subfields = map { $_->name => $_ } $subfield_instance->fields;
|
|
for my $elem (@{ $resource->{$k} }) {
|
|
$self->validate_fields($c, $elem, \%subfields, $run);
|
|
}
|
|
}
|
|
}
|
|
|
|
# only do this for converting back from obj to hal
|
|
# otherwise it breaks db fields with the \0 and \1 notation
|
|
unless($run) {
|
|
$resource->{$k} = $resource->{$k} ? JSON::true : JSON::false
|
|
if(defined $resource->{$k} &&
|
|
$fields->{$k}->$_isa('HTML::FormHandler::Field::Boolean'));
|
|
}
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub error {
|
|
my ($self, $c, $code, $message) = @_;
|
|
|
|
$c->log->error("error $code - $message"); # TODO: user, trace etc
|
|
|
|
$c->response->content_type('application/json');
|
|
$c->response->status($code);
|
|
$c->response->body(JSON::to_json({ code => $code, message => $message })."\n");
|
|
$c->stash(api_error_message => $message);
|
|
return;
|
|
}
|
|
|
|
sub forbid_link_header {
|
|
my ($self, $c) = @_;
|
|
return 1 unless $c->request->header('Link');
|
|
$self->error($c, HTTP_BAD_REQUEST, "The request must not contain 'Link' headers. Instead assert relationships in the entity body.");
|
|
return;
|
|
}
|
|
|
|
sub get_content_type {
|
|
my ($self, $c, $media_type) = @_;
|
|
my $ctype = $c->request->header('Content-Type');
|
|
$ctype =~ s/;\s+boundary.+$// if $ctype;
|
|
return $ctype;
|
|
}
|
|
|
|
sub valid_media_type {
|
|
my ($self, $c, $media_type) = @_;
|
|
|
|
my $ctype = $self->get_content_type($c);
|
|
my $type;
|
|
if(ref $media_type eq "ARRAY") {
|
|
$type = join ' or ', @{ $media_type };
|
|
return 1 if $ctype && grep { $ctype eq $_ } @{$media_type};
|
|
} else {
|
|
$type = $media_type;
|
|
return 1 if($ctype && index($ctype, $media_type) == 0);
|
|
}
|
|
$self->error($c, HTTP_UNSUPPORTED_MEDIA_TYPE, "Unsupported media type '" . ($ctype // 'undefined') . "', accepting $type only.");
|
|
return;
|
|
}
|
|
|
|
sub require_body {
|
|
my ($self, $c) = @_;
|
|
return 1 if length $c->stash->{body};
|
|
$self->error($c, HTTP_BAD_REQUEST, "This request is missing a message body.");
|
|
return;
|
|
}
|
|
sub require_uploads {
|
|
my ($self, $c) = @_;
|
|
return 1 if $c->req->upload || $self->get_config('backward_allow_empty_upload');
|
|
$self->error($c, HTTP_BAD_REQUEST, "This multipart/form-data request is missing upload part.");
|
|
return;
|
|
}
|
|
|
|
# returns Catalyst::Request::Upload
|
|
sub get_upload {
|
|
my ($self, $c, $field, $required) = @_;
|
|
my $upload = $c->req->upload($field);
|
|
return $upload if $upload;
|
|
if($required){
|
|
$self->error($c, HTTP_BAD_REQUEST, "This request is missing the upload part '$field' in body.");
|
|
}
|
|
return;
|
|
}
|
|
|
|
sub get_uploads {
|
|
my ($self, $c, $json, $uploads, $form) = @_;
|
|
my (@upload_fields, %mime_types);
|
|
if(!$uploads || ('ARRAY' ne ref $uploads && 'HASH' ne ref $uploads ) ){
|
|
return;
|
|
}elsif('ARRAY' eq ref $uploads){
|
|
@upload_fields = @$uploads;
|
|
}elsif('HASH' eq ref $uploads){
|
|
@upload_fields = keys %$uploads;
|
|
%mime_types = %$uploads;
|
|
}
|
|
my $ft;
|
|
foreach my $field (@upload_fields){
|
|
my $required = $form ? $form->field($field)->required : 1;
|
|
my $upload = $self->get_upload($c, $field, $required);
|
|
if(!$upload && !$required){
|
|
next;
|
|
}
|
|
$json->{$field} = $upload;
|
|
if($mime_types{$field}){
|
|
$ft //= File::Type->new();
|
|
my $mime_type = $ft->mime_type($json->{$field}->slurp);
|
|
if('ARRAY' ne ref $mime_types{$field}){
|
|
$mime_types{$field} = [$mime_types{$field}];
|
|
}
|
|
if(!grep {$_ eq $mime_type} @{$mime_types{$field}}){
|
|
$self->error($c, HTTP_UNSUPPORTED_MEDIA_TYPE, "Unsupported media type '" . ($mime_type // 'undefined') . "' for the $field, accepting ".join(" or ", @{$mime_types{$field}})." only.");
|
|
return 0;
|
|
}
|
|
}
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
sub require_preference {
|
|
my ($self, $c) = @_;
|
|
my $prefer_default = 'minimal';
|
|
return $prefer_default unless $c->request->header('Prefer');
|
|
my $ngcp_ua_header = $c->request->header("NGCP-UserAgent") // '';
|
|
my @preference = grep { 'return' eq $_->[0] } split_header_words($c->request->header('Prefer'));
|
|
return $preference[0][1]
|
|
if 1 == @preference && $preference[0][1] =~ /^(minimal|representation)$/;
|
|
return $preference[0][1]
|
|
if 1 == @preference && $preference[0][1] eq 'internal' &&
|
|
$ngcp_ua_header eq "NGCP::API::Client";
|
|
return $prefer_default;
|
|
}
|
|
|
|
sub require_wellformed_json {
|
|
my ($self, $c, $media_type, $patch) = @_;
|
|
my $ret;
|
|
try {
|
|
NGCP::Panel::Utils::ValidateJSON->new($patch);
|
|
$ret = 1;
|
|
} catch($e) {
|
|
chomp $e;
|
|
$self->error($c, HTTP_BAD_REQUEST, "The entity is not a well-formed '$media_type' document. $e");
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
sub allowed_methods_filtered {
|
|
my ($self, $c) = @_;
|
|
if($c->user->read_only) {
|
|
my @methods = ();
|
|
foreach my $m(@{ $self->allowed_methods }) {
|
|
next unless $m =~ /^(GET|HEAD|OPTIONS)$/;
|
|
push @methods, $m;
|
|
}
|
|
return \@methods;
|
|
} else {
|
|
return $self->allowed_methods;
|
|
}
|
|
}
|
|
#
|
|
#old:
|
|
#sub config_allowed_roles {
|
|
# return [qw/admin subscriber /];
|
|
#}
|
|
#
|
|
#also possible:
|
|
#sub config_allowed_roles {
|
|
# return {
|
|
# 'Default' => [qw/admin reseller subscriberadmin/],
|
|
# #GET will use default
|
|
# 'POST' => [qw/admin reseller/],
|
|
# 'PUT' => [qw/admin reseller/],
|
|
# 'PATCH' => [qw/admin reseller/],
|
|
# 'Journal' => [qw/admin/],
|
|
# };
|
|
#}
|
|
#
|
|
#sub config_allowed_roles {
|
|
# return [ [qw/admin subscriber/], [qw/admin/] ];
|
|
# #where [qw/admin/] - is Journal roles spec
|
|
#}
|
|
#
|
|
|
|
sub config_allowed_roles {
|
|
return [qw/admin reseller/];
|
|
}
|
|
|
|
sub get_allowed_roles {
|
|
my($self, $roles_config_in, $method) = @_;
|
|
|
|
my $roles_config = $roles_config_in // $self->config_allowed_roles;
|
|
my ($allowed_roles_default, $allowed_roles_journal, $allowed_roles_per_methods);
|
|
|
|
if('HASH' eq ref $roles_config){
|
|
$allowed_roles_default = delete $roles_config->{Default};
|
|
$allowed_roles_per_methods = {map {
|
|
$_ => $roles_config->{$_} // $allowed_roles_default,
|
|
} @{ $self->allowed_methods }, 'Journal' };
|
|
}else{
|
|
$allowed_roles_default = 'ARRAY' eq ref $roles_config ? $roles_config : [$self->config_allowed_roles];
|
|
if ('ARRAY' eq ref $roles_config->[0]) {
|
|
$allowed_roles_default = $roles_config->[0];
|
|
$allowed_roles_journal = $roles_config->[1] // $allowed_roles_default;
|
|
}
|
|
$allowed_roles_per_methods = {map {
|
|
$_ => $allowed_roles_default,
|
|
} @{ $self->allowed_methods }};
|
|
$allowed_roles_per_methods->{Journal} = $allowed_roles_journal;
|
|
}
|
|
return $method ? $allowed_roles_per_methods->{$method} : $allowed_roles_per_methods;
|
|
}
|
|
|
|
|
|
# sub allowed_methods {
|
|
# my ($self) = @_;
|
|
# #my $meta = $self->meta;
|
|
# #my @allow;
|
|
# #for my $method ($meta->get_method_list) {
|
|
# # push @allow, $meta->get_method($method)->name
|
|
# # if $meta->get_method($method)->can('attributes') &&
|
|
# # grep { 'Allow' eq $_ } @{ $meta->get_method($method)->attributes };
|
|
# #}
|
|
# #return [sort @allow];
|
|
# return $self->attributed_methods('Allow');
|
|
# }
|
|
|
|
# sub attributed_methods {
|
|
# my ($self,$attribute) = @_;
|
|
# my $meta = $self->meta;
|
|
# my @attributed;
|
|
# for my $method ($meta->get_method_list) {
|
|
# push @attributed, $meta->get_method($method)->name
|
|
# if $meta->get_method($method)->can('attributes') &&
|
|
# grep { $attribute eq $_ } @{ $meta->get_method($method)->attributes };
|
|
# }
|
|
# return [sort @attributed];
|
|
# }
|
|
|
|
sub valid_id {
|
|
my ($self, $c, $id) = @_;
|
|
return 1 if is_int($id);
|
|
$self->error($c, HTTP_BAD_REQUEST, "Invalid id in request URI");
|
|
return;
|
|
}
|
|
|
|
sub valid_uuid {
|
|
my ($self, $c, $uuid) = @_;
|
|
return 1 if $uuid =~ /^[a-f0-9\-]+$/;
|
|
$self->error($c, HTTP_BAD_REQUEST, "Invalid uuid in request URI");
|
|
return;
|
|
}
|
|
|
|
sub require_valid_patch {
|
|
my ($self, $c, $json, $ops) = @_;
|
|
|
|
my $valid_ops = {
|
|
'replace' => { 'path' => 1, 'value' => 1 },
|
|
'copy' => { 'from' => 1, 'path' => 1 },
|
|
'remove' => { 'path' => 1 },
|
|
'add' => { 'path' => 1, 'value' => 1 },
|
|
'test' => { 'path' => 1, 'value' => 1 },
|
|
'move' => { 'from' => 1, 'path' => 1 },
|
|
};
|
|
for my $o(keys %{ $valid_ops }) {
|
|
unless(grep { /^$o$/ } @{ $ops }) {
|
|
delete $valid_ops->{$o};
|
|
}
|
|
}
|
|
|
|
my $patch = JSON::from_json($json, { utf8 => 1 });
|
|
unless(ref $patch eq "ARRAY") {
|
|
$self->error($c, HTTP_BAD_REQUEST, "Body for PATCH must be an array.");
|
|
return;
|
|
}
|
|
foreach my $elem(@{ $patch }) {
|
|
unless(ref $elem eq "HASH") {
|
|
$self->error($c, HTTP_BAD_REQUEST, "Array in body of PATCH must only contain hashes.");
|
|
return;
|
|
}
|
|
unless(exists $elem->{op}) {
|
|
$self->error($c, HTTP_BAD_REQUEST, "PATCH element must have an 'op' field.");
|
|
return;
|
|
}
|
|
unless(exists $valid_ops->{$elem->{op}}) {
|
|
$self->error($c, HTTP_BAD_REQUEST, "Invalid PATCH op '$elem->{op}', must be one of " . (join(', ', map { "'".$_."'" } keys %{ $valid_ops }) ));
|
|
return;
|
|
}
|
|
my $tmpelem = Storable::dclone($elem);
|
|
my $tmpops = Storable::dclone($valid_ops);
|
|
my $op = delete $tmpelem->{op};
|
|
foreach my $k(keys %{ $tmpelem }) {
|
|
unless(exists $tmpops->{$op}->{$k}) {
|
|
$self->error($c, HTTP_BAD_REQUEST, "Invalid PATCH key '$k' for op '$op', must be one of " . (join(', ', map { "'".$_."'" } keys %{ $valid_ops->{$op} }) ));
|
|
return;
|
|
}
|
|
delete $tmpops->{$op}->{$k};
|
|
}
|
|
if(keys %{ $tmpops->{$op} }) {
|
|
$self->error($c, HTTP_BAD_REQUEST, "Missing PATCH keys ". (join(', ', map { "'".$_."'" } keys %{ $tmpops->{$op} }) ) . " for op '$op'");
|
|
return;
|
|
}
|
|
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
sub item_by_id_valid {
|
|
my ($self, $c, $id) = @_;
|
|
return unless $self->valid_id($c, $id);
|
|
my $item = $self->item_by_id($c, $id);
|
|
return unless $self->resource_exists($c, $self->item_name => $item);
|
|
return $item;
|
|
}
|
|
|
|
sub resource_exists {
|
|
my ($self, $c, $entity_name, $resource) = @_;
|
|
return 1 if $resource;
|
|
$self->error($c, HTTP_NOT_FOUND, "Entity '$entity_name' not found.");
|
|
return;
|
|
}
|
|
|
|
sub paginate_order_collection {
|
|
my ($self, $c, $items) = @_;
|
|
my $params = {
|
|
page => $c->request->params->{page} // 1,
|
|
rows => $c->request->params->{rows} // 10,
|
|
order_by => $c->request->params->{order_by},
|
|
direction => $c->request->params->{order_by_direction} // "asc",
|
|
};
|
|
my($total_count, $item_rs);
|
|
if('ARRAY' eq ref $items){
|
|
($total_count, $item_rs) = $self->paginate_order_collection_array($c, $items, $params);
|
|
}else{
|
|
($total_count, $item_rs) = $self->paginate_order_collection_rs($c, $items, $params);
|
|
}
|
|
return ($total_count, $item_rs);
|
|
}
|
|
|
|
sub paginate_order_collection_array {
|
|
my ($self, $c, $items, $params) = @_;
|
|
my($page,$rows,$order_by,$direction) = @$params{qw/page rows order_by direction/};
|
|
my $total_count = scalar @$items;
|
|
if(defined $order_by ){
|
|
if(defined $order_by && defined $direction && (lc($direction) eq 'desc') ){
|
|
$items = [sort { $b->{$order_by} cmp $a->{$order_by} } @$items];
|
|
}else{
|
|
$items = [sort { $a->{$order_by} cmp $b->{$order_by} } @$items];
|
|
}
|
|
}
|
|
$items = [splice(@$items, ( $page - 1 )*$rows, $rows) ];
|
|
return ($total_count, $items);
|
|
}
|
|
|
|
sub dont_count_collection_total {
|
|
my ($self, $c) = @_;
|
|
my $no_count = defined $c->req->query_params->{no_count} ? $c->req->query_params->{no_count} : 0;
|
|
if ( !$no_count || ($no_count ne 'true' && $no_count ne '1' ) ) {
|
|
$no_count = 0;
|
|
} else {
|
|
$no_count = 1;
|
|
}
|
|
return $no_count;
|
|
}
|
|
|
|
sub define_collection_infinite_pager {
|
|
my ($self, $c, $items_count, $item_rs, $rows_on_page, $no_count) = @_;
|
|
$no_count //= $self->dont_count_collection_total($c);
|
|
if (! defined $c->stash->{collection_infinite_pager_stop}) {
|
|
#$item_rs->pager->entries_on_this_page leads to the count query
|
|
my $entries_on_this_page = $items_count // $item_rs->count;
|
|
$c->stash->{collection_infinite_pager_stop} = (( $entries_on_this_page < $rows_on_page ) and $no_count );
|
|
}
|
|
}
|
|
|
|
sub paginate_order_collection_rs {
|
|
my ($self, $c, $item_rs, $params) = @_;
|
|
my($page,$rows,$order_by,$direction) = @$params{qw/page rows order_by direction/};
|
|
|
|
my $result_class = $item_rs->result_class();
|
|
|
|
my $total_count;
|
|
my $no_count = $self->dont_count_collection_total($c);
|
|
if ( !$no_count ) {
|
|
$total_count = int($item_rs->count);
|
|
}
|
|
|
|
$item_rs = $item_rs->search(undef, {
|
|
page => $page,
|
|
rows => $rows,
|
|
});
|
|
$self->define_collection_infinite_pager($c, undef, $item_rs, $rows, $no_count);
|
|
|
|
if ($order_by && ((my $explicit = ($self->can('order_by_cols') && exists $self->order_by_cols()->{$order_by})) or $item_rs->result_source->has_column($order_by))) {
|
|
my $col = ($explicit ? $self->order_by_cols()->{$order_by} : $item_rs->current_source_alias . '.' . $order_by);
|
|
if (lc($direction) eq 'desc') {
|
|
$item_rs = $item_rs->search(undef, {
|
|
order_by => {-desc => $col},
|
|
});
|
|
$c->log->debug("ordering by $col DESC");
|
|
} else {
|
|
$item_rs = $item_rs->search(undef, {
|
|
order_by => "$col",
|
|
});
|
|
$c->log->debug("ordering by $col");
|
|
}
|
|
}
|
|
my $result_class_after = $item_rs->result_class();
|
|
if($result_class ne $result_class_after){
|
|
$item_rs->result_class($result_class);
|
|
}
|
|
|
|
return ($total_count, $item_rs);
|
|
}
|
|
|
|
sub collection_nav_links {
|
|
my ($self, $c, $page, $rows, $total_count, $path, $params) = @_;
|
|
|
|
$path //= $c->request->path;
|
|
$params //= $c->request->params;
|
|
|
|
my $params_default = $self->get_mandatory_params($c, 'collection');
|
|
$params = {
|
|
'HASH' eq ref $params_default ? %$params_default : (),
|
|
#$params has priority
|
|
'HASH' eq ref $params ? %{ $params } : ()
|
|
}; #copy
|
|
delete @{$params}{'page', 'rows'};
|
|
my $rest_params = join( '&', map {"$_=".(defined $params->{$_} ? $params->{$_} : '');} keys %{$params});
|
|
$rest_params = $rest_params ? "&$rest_params" : "";
|
|
|
|
my @links = (Data::HAL::Link->new(relation => 'self', href => sprintf('/%s?page=%s&rows=%s%s', $path, $page, $rows, $rest_params)));
|
|
|
|
if ( (! defined $total_count
|
|
&& ! $c->stash->{collection_infinite_pager_stop} )
|
|
|| ( defined $total_count && ($total_count / $rows) > $page ) ) {
|
|
|
|
push @links, Data::HAL::Link->new(relation => 'next', href => sprintf('/%s?page=%d&rows=%d%s', $path, $page + 1, $rows, $rest_params));
|
|
}
|
|
if ($page > 1) {
|
|
push @links, Data::HAL::Link->new(relation => 'prev', href => sprintf('/%s?page=%d&rows=%d%s', $path, $page - 1, $rows, $rest_params));
|
|
}
|
|
return @links;
|
|
}
|
|
|
|
sub apply_patch {
|
|
my ($self, $c, $entity, $json, $optional_field_code_ref) = @_;
|
|
my $patch = JSON::decode_json($json);
|
|
try {
|
|
for my $op (@{ $patch }) {
|
|
my $coderef = JSON::Pointer->can($op->{op});
|
|
die "invalid op '".$op->{op}."' despite schema validation" unless $coderef;
|
|
for ($op->{op}) {
|
|
if ('add' eq $_ or 'replace' eq $_) {
|
|
try {
|
|
$entity = $coderef->('JSON::Pointer', $entity, $op->{path}, $op->{value});
|
|
} catch($pe) {
|
|
if (defined $optional_field_code_ref && ref $optional_field_code_ref eq 'CODE') {
|
|
if (blessed $pe and $pe->isa('JSON::Pointer::Exception') && $pe->code == JSON::Pointer::Exception->ERROR_POINTER_REFERENCES_NON_EXISTENT_VALUE) {
|
|
&$optional_field_code_ref(substr($op->{path},1),$entity,$op);
|
|
$entity = $coderef->('JSON::Pointer', $entity, $op->{path}, $op->{value});
|
|
}
|
|
} else {
|
|
die($pe); #->rethrow;
|
|
}
|
|
}
|
|
} elsif ('remove' eq $_) {
|
|
try {
|
|
$entity = $coderef->('JSON::Pointer', $entity, $op->{path});
|
|
} catch($pe) {
|
|
if (defined $optional_field_code_ref && ref $optional_field_code_ref eq 'CODE') {
|
|
if (blessed $pe and $pe->isa('JSON::Pointer::Exception') && $pe->code == JSON::Pointer::Exception->ERROR_POINTER_REFERENCES_NON_EXISTENT_VALUE) {
|
|
&$optional_field_code_ref(substr($op->{path},1),$entity);
|
|
$entity = $coderef->('JSON::Pointer', $entity, $op->{path});
|
|
}
|
|
} else {
|
|
die($pe); #->rethrow;
|
|
}
|
|
}
|
|
} elsif ('move' eq $_ or 'copy' eq $_) {
|
|
try {
|
|
$entity = $coderef->('JSON::Pointer', $entity, $op->{from}, $op->{path});
|
|
} catch($pe) {
|
|
if (defined $optional_field_code_ref && ref $optional_field_code_ref eq 'CODE') {
|
|
if (blessed $pe and $pe->isa('JSON::Pointer::Exception') && $pe->code == JSON::Pointer::Exception->ERROR_POINTER_REFERENCES_NON_EXISTENT_VALUE) {
|
|
&$optional_field_code_ref(substr($op->{path},1),$entity);
|
|
$entity = $coderef->('JSON::Pointer', $entity, $op->{from}, $op->{path});
|
|
}
|
|
} else {
|
|
die($pe); #->rethrow;
|
|
}
|
|
}
|
|
} elsif ('test' eq $_) {
|
|
try {
|
|
die "test failed - path: $op->{path} value: $op->{value}\n"
|
|
unless $coderef->('JSON::Pointer', $entity, $op->{path}, $op->{value});
|
|
} catch($pe) {
|
|
if (defined $optional_field_code_ref && ref $optional_field_code_ref eq 'CODE') {
|
|
if (blessed $pe and $pe->isa('JSON::Pointer::Exception') && $pe->code == JSON::Pointer::Exception->ERROR_POINTER_REFERENCES_NON_EXISTENT_VALUE) {
|
|
&$optional_field_code_ref(substr($op->{path},1),$entity);
|
|
die "test failed - path: $op->{path} value: $op->{value}\n"
|
|
unless $coderef->('JSON::Pointer', $entity, $op->{path}, $op->{value});
|
|
}
|
|
} else {
|
|
die($pe); #->rethrow;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} catch($e) {
|
|
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "The entity could not be processed: $e");
|
|
return;
|
|
}
|
|
return $entity;
|
|
}
|
|
|
|
#sub apply_fake_time {
|
|
# my ($self, $c) = @_;
|
|
# if (exists $ENV{API_FAKE_CLIENT_TIME} && $ENV{API_FAKE_CLIENT_TIME}) {
|
|
# my $date = $c->request->header('Date');
|
|
# if ($date) {
|
|
# my $dt = NGCP::Panel::Utils::DateTime::from_rfc1123_string($date);
|
|
# if ($dt) {
|
|
# NGCP::Panel::Utils::DateTime::set_fake_time($dt->epoch);
|
|
# $c->stash->{is_fake_time} = 1;
|
|
# $c->log('using date header to fake system time: ' . NGCP::Panel::Utils::DateTime::to_string(NGCP::Panel::Utils::DateTime::current_local));
|
|
# return;
|
|
# }
|
|
# }
|
|
# NGCP::Panel::Utils::DateTime::set_fake_time();
|
|
# $c->stash->{is_fake_time} = 0;
|
|
# $c->log('resetting faked system time: ' . NGCP::Panel::Utils::DateTime::to_string(NGCP::Panel::Utils::DateTime::current_local));
|
|
# }
|
|
#}
|
|
|
|
#sub reset_fake_time {
|
|
# my ($self, $c) = @_;
|
|
# if (exists $ENV{API_FAKE_CLIENT_TIME} && $ENV{API_FAKE_CLIENT_TIME} && $c->stash->{fake_time}) {
|
|
# NGCP::Panel::Utils::DateTime::set_fake_time();
|
|
# $c->stash->{fake_time} = 0;
|
|
# $c->log('resetting faked system time: ' . NGCP::Panel::Utils::DateTime::to_string(NGCP::Panel::Utils::DateTime::current_local));
|
|
# }
|
|
#}
|
|
|
|
sub set_body {
|
|
my ($self, $c) = @_;
|
|
$c->stash->{body} = $c->request->body ? (do { local $/ = undef; $c->request->body->getline }) : '';
|
|
}
|
|
|
|
sub log_request {
|
|
my ($self, $c) = @_;
|
|
|
|
NGCP::Panel::Utils::Message::info(
|
|
c => $c,
|
|
type => 'api_request',
|
|
log => $c->stash->{'body'},
|
|
);
|
|
}
|
|
|
|
sub log_response {
|
|
my ($self, $c) = @_;
|
|
|
|
# TODO: should be put a UUID to stash in log_request and use it here to correlate
|
|
# req/res lines?
|
|
$c->forward(qw(Controller::Root render));
|
|
$c->response->content_type('')
|
|
if $c->response->content_type =~ qr'text/html'; # stupid RenderView getting in the way
|
|
my $rc = '';
|
|
if (@{ $c->error }) {
|
|
my $msg = join ', ', @{ $c->error };
|
|
$rc = NGCP::Panel::Utils::Message::error(
|
|
c => $c,
|
|
type => 'api_response',
|
|
log => $msg,
|
|
);
|
|
$self->error($c, HTTP_INTERNAL_SERVER_ERROR, "Internal Server Error");
|
|
$c->clear_errors;
|
|
}
|
|
my ($response_body, $params_data) = $self->filter_log_response(
|
|
$c,
|
|
$c->response->body,
|
|
$c->request->parameters,
|
|
);
|
|
NGCP::Panel::Utils::Message::info(
|
|
c => $c,
|
|
type => 'api_response',
|
|
log => $response_body,
|
|
data => $params_data,
|
|
);
|
|
}
|
|
|
|
|
|
#sub item_rs {}
|
|
sub item_rs {
|
|
my ($self, @orig_params) = @_;
|
|
my $item_rs = $self->_item_rs(@orig_params);
|
|
return unless($item_rs);
|
|
|
|
if ($self->can('query_params')) {
|
|
return $self->apply_query_params($orig_params[0],$self->query_params,$item_rs);
|
|
}
|
|
|
|
return $item_rs;
|
|
}
|
|
|
|
sub apply_query_params {
|
|
|
|
my ($self,$c,$query_params,$item_rs) = @_;
|
|
# no query params defined in collection controller
|
|
unless(@{ $query_params }) {
|
|
return $item_rs;
|
|
}
|
|
|
|
foreach my $param(_get_sorted_query_params($c,$query_params)) {
|
|
my @p = grep { $_->{param} eq $param } @{ $query_params };
|
|
#todo: we can generate default filters for all item_rs fields here
|
|
#the only reason not to do this is a security
|
|
next unless($p[0]->{query} || $p[0]->{query_type} || $p[0]->{new_rs}); # skip "dummy" query parameters
|
|
my $q = $c->req->query_params->{$param}; # TODO: arrayref?
|
|
$q =~ s/\*/\%/g;
|
|
$q = undef if $q eq "NULL"; # IS NULL translation
|
|
if(@p) {
|
|
if (defined $p[0]->{new_rs}) {
|
|
#compose fresh rs based on current, to support set operations with filters:
|
|
$item_rs = $p[0]->{new_rs}($c,$q,$item_rs);
|
|
} elsif (defined $p[0]->{query} || defined $p[0]->{query_type}) {
|
|
#regular chaining:
|
|
my($sub_where,$sub_attributes) = $self->get_query_callbacks(\@p);
|
|
$item_rs = $item_rs->search($sub_where->($q,$c), $sub_attributes->($q,$c));
|
|
}
|
|
}
|
|
}
|
|
#use DBIx::Class::Helper::ResultSet::Explain qw();
|
|
#use Data::Dumper;
|
|
#$c->log->debug(Dumper(DBIx::Class::Helper::ResultSet::Explain::explain($item_rs)));
|
|
return $item_rs;
|
|
}
|
|
|
|
sub _get_sorted_query_params {
|
|
|
|
my ($c,$query_params) = @_;
|
|
#use Data::Dumper;
|
|
#$c->log->debug('request params: ' . Dumper($c->req->query_params));
|
|
#$c->log->debug('request param keys: ' . Dumper(keys %{$c->req->query_params}));
|
|
#$c->log->debug('supported filters: ' . Dumper($query_params));
|
|
my %query_params_map = ();
|
|
if (defined $query_params) {
|
|
foreach my $param (@$query_params) {
|
|
if (exists $param->{param} and defined $param->{param}) {
|
|
$query_params_map{$param->{param}} = $param;
|
|
}
|
|
}
|
|
}
|
|
#$c->log->debug('supported filter map: ' . Dumper(\%query_params_map));
|
|
my @sorted = sort {
|
|
(exists $query_params_map{$a} and exists $query_params_map{$a}->{new_rs}) <=> (exists $query_params_map{$b} and exists $query_params_map{$b}->{new_rs});
|
|
} keys %{$c->req->query_params};
|
|
#$c->log->debug('request params: ' . Dumper($c->req->query_params));
|
|
#$c->log->debug('request params sorted: ' . Dumper(\@sorted));
|
|
return @sorted;
|
|
|
|
}
|
|
|
|
sub get_query_callbacks{
|
|
my ($self, $query_param_spec) = @_;
|
|
#while believe that there is only one parameter
|
|
my @p = @$query_param_spec;
|
|
my($sub_where,$sub_attributes);
|
|
if($p[0]->{query_type}){
|
|
if('string_like' eq $p[0]->{query_type}){
|
|
$sub_where = sub {my ($q, $c) = @_; { $p[0]->{param} => { like => $q } };};
|
|
}elsif('string_eq' eq $p[0]->{query_type}){
|
|
$sub_where = sub {my ($q, $c) = @_; { $p[0]->{param} => $q };};
|
|
}
|
|
}
|
|
if($p[0]->{query}){
|
|
$sub_where //= $p[0]->{query}->{first};
|
|
$sub_attributes = $p[0]->{query}->{second};
|
|
}
|
|
$sub_attributes //= sub {};
|
|
return ($sub_where,$sub_attributes);
|
|
}
|
|
|
|
sub delay_commit {
|
|
my ($self, $c, $guard) = @_;
|
|
my $allow_delay_commit = 0;
|
|
my $cfg = $c->config->{api_debug_opts};
|
|
$allow_delay_commit = ((defined $cfg->{allow_delay_commit}) && $cfg->{allow_delay_commit} ? 1 : 0) if defined $cfg;
|
|
if ($allow_delay_commit) {
|
|
my $delay = $c->request->header('X-Delay-Commit'); #('Expect');
|
|
if ($delay && $delay =~ /\d+/ && $delay > 0 && $delay < 500) {
|
|
$c->log->debug('using X-Delay-Commit header to delay db commit for ' . $delay . ' seconds');
|
|
sleep($delay);
|
|
}
|
|
}
|
|
$guard->commit();
|
|
}
|
|
|
|
#---------------- Entities staff
|
|
sub get_config {
|
|
my ($self, $key) = @_;
|
|
if ($key) {
|
|
return $self->config->{$key};
|
|
}
|
|
return $self->config;
|
|
}
|
|
|
|
sub get_item_config {
|
|
my ($self) = shift;
|
|
if ('collection' eq $self->get_config('interface_type')) {
|
|
my $item_obj_name = $self;
|
|
$item_obj_name =~s/=HASH.*$//;
|
|
$item_obj_name .= 'Item';
|
|
if ($item_obj_name->can('get_config')) {
|
|
return $item_obj_name->get_config(@_);
|
|
}
|
|
}
|
|
}
|
|
|
|
sub get_collection_config {
|
|
my ($self) = shift;
|
|
if ('item' eq $self->get_config('interface_type')) {
|
|
my $collection_obj_name = $self;
|
|
$collection_obj_name =~s/=HASH.*$//;
|
|
$collection_obj_name =~ s/Item$//;
|
|
if ($collection_obj_name->can('get_config')) {
|
|
return $collection_obj_name->get_config(@_);
|
|
}
|
|
}
|
|
}
|
|
|
|
#---------------- default methods
|
|
|
|
sub hal_from_item {
|
|
my ($self, $c, $item, $form, $params) = @_;
|
|
if(!$form){
|
|
($form) = $self->get_form($c);
|
|
}
|
|
my $resource = $self->resource_from_item($c, $item, $form, $params);
|
|
$resource = $self->process_hal_resource($c, $item, $resource, $form, $params);
|
|
return unless $resource;
|
|
my $links = $self->hal_links($c, $item, $resource, $form, $params) // [];
|
|
my $hal = Data::HAL->new(
|
|
links => [
|
|
Data::HAL::Link->new(
|
|
relation => 'curies',
|
|
href => 'http://purl.org/sipwise/ngcp-api/#rel-{rel}',
|
|
name => 'ngcp',
|
|
templated => true,
|
|
),
|
|
Data::HAL::Link->new(
|
|
relation => 'collection',
|
|
href => $self->apply_mandatory_parameters($c, 'collection', sprintf(
|
|
"/api/%s/",
|
|
$self->resource_name
|
|
), $item, $resource, $params)),
|
|
Data::HAL::Link->new(relation => 'profile', href => 'http://purl.org/sipwise/ngcp-api/'),
|
|
Data::HAL::Link->new(
|
|
relation => 'self',
|
|
href => $self->apply_mandatory_parameters($c, 'item', sprintf(
|
|
"%s%s",
|
|
$self->dispatch_path,
|
|
$self->get_item_id($c, $item)
|
|
), $item, $resource, $params),
|
|
),
|
|
Data::HAL::Link->new(
|
|
relation => "ngcp:".$self->resource_name,
|
|
href => $self->apply_mandatory_parameters($c, 'item', sprintf(
|
|
"/api/%s/%s",
|
|
$self->resource_name,
|
|
$self->get_item_id($c, $item)
|
|
), $item, $resource, $params)
|
|
),
|
|
@$links,
|
|
$self->get_journal_relation_link($self->get_item_id($c, $item)),
|
|
],
|
|
relation => 'ngcp:'.$self->resource_name,
|
|
);
|
|
if (!$self->get_config('dont_validate_hal')) {
|
|
if($form){
|
|
$self->validate_form(
|
|
c => $c,
|
|
resource => $resource,
|
|
form => $form,
|
|
run => 0,
|
|
);
|
|
}
|
|
}
|
|
$resource->{id} = $self->get_item_id($c, $item);
|
|
$resource = $self->post_process_hal_resource($c, $item, $resource, $form);
|
|
$hal->resource({%$resource});
|
|
return $hal;
|
|
}
|
|
|
|
sub get_mandatory_params {
|
|
my ($self, $c, $href_type, $item, $resource, $params) = @_;
|
|
#href type - item or collection
|
|
|
|
my $mandatory_parameters = $c->stash->{mandatory_parameters};
|
|
if ($mandatory_parameters) {
|
|
#we will not set stash->{mandatory_parameters} here, this is reserved for well validated parameters
|
|
return $mandatory_parameters;
|
|
}
|
|
my $mandatory_params_config;
|
|
if ($self->get_config('interface_type') eq $href_type) {
|
|
$mandatory_params_config = $self->get_config('mandatory_parameters');
|
|
} elsif ($href_type eq 'collection') {
|
|
$mandatory_params_config = $self->get_collection_config('mandatory_parameters');
|
|
} elsif ($href_type eq 'item') {
|
|
$mandatory_params_config = $self->get_item_config('mandatory_parameters');
|
|
}
|
|
if ($mandatory_params_config) {
|
|
#mandatory params config will always look as:
|
|
#HashRef {
|
|
# policy (e.g. - all, any, single) => { parameter_name => {type info,validator and other}}
|
|
# OR policy (e.g. - all, any, single) => [/mandatory params/]
|
|
#}
|
|
my $request_data = $self->get_info_data($c);
|
|
my $resource = {
|
|
'HASH' eq ref $resource ? %$resource : (),
|
|
#overwrite from specially created source
|
|
'HASH' eq ref $params ? %$params : (),
|
|
};
|
|
$mandatory_parameters = {
|
|
map { $resource->{$_}
|
|
? ( $_ => $resource->{$_} )
|
|
: ( $request_data->{$_}
|
|
? ( $_ => $request_data->{$_} )
|
|
: () ) }
|
|
map { 'ARRAY' eq ref $_ ? ( @$_ ) : ( keys %$_ ) }
|
|
values %$mandatory_params_config
|
|
};
|
|
}
|
|
return $mandatory_parameters;
|
|
}
|
|
|
|
sub apply_mandatory_parameters {
|
|
my ($self, $c, $href_type, $href, $item, $resource, $params) = @_;
|
|
#href type - item or collection
|
|
my $mandatory_parameters = $self->get_mandatory_params($c, $href_type, $item, $resource, $params);
|
|
if ($mandatory_parameters) {
|
|
my $mandatory_params_str = join('&', map {
|
|
$_.'='.$mandatory_parameters->{$_}
|
|
} keys %$mandatory_parameters );
|
|
return $href.( $mandatory_params_str ? (($href !~ /\?/) ? '?' : '&').$mandatory_params_str : '' );
|
|
}
|
|
return $href;
|
|
}
|
|
|
|
sub update_item {
|
|
my ($self, $c, $item, $old_resource, $resource, $form, $params) = @_;
|
|
my $process_extras;
|
|
($form, $process_extras) = @{$params}{qw/form process_extras/}; # TODO: form can be passed twice?
|
|
|
|
$old_resource //= $self->resource_from_item($c, $item, $form);
|
|
$process_extras //= {};
|
|
if(!$form){
|
|
($form) = $self->get_form($c, 'edit');
|
|
}
|
|
|
|
if($form){
|
|
last unless $self->pre_process_form_resource($c, $item, $old_resource, $resource, $form, $process_extras);
|
|
return unless $self->validate_form(
|
|
c => $c,
|
|
resource => $resource,
|
|
form => $form,
|
|
);
|
|
return unless $resource;
|
|
}
|
|
|
|
return unless $self->process_form_resource($c, $item, $old_resource, $resource, $form, $process_extras);
|
|
return unless $resource;
|
|
return unless $self->check_duplicate($c, $item, $old_resource, $resource, $form, $process_extras);
|
|
return unless $self->check_resource($c, $item, $old_resource, $resource, $form, $process_extras);
|
|
|
|
$item = $self->update_item_model($c, $item, $old_resource, $resource, $form, $process_extras);
|
|
|
|
return $item, $form, $process_extras;
|
|
}
|
|
|
|
sub update_item_model{
|
|
my($self, $c, $item, $old_resource, $resource, $form, $process_extras) = @_;
|
|
$item->update($resource);
|
|
return $item;
|
|
}
|
|
#---------------- /default methods
|
|
|
|
#------ dummy & default accessors methods
|
|
|
|
sub query_params {
|
|
return [
|
|
];
|
|
}
|
|
|
|
sub _set_config{
|
|
return {};
|
|
}
|
|
|
|
sub check_duplicate{
|
|
my($self, $c, $item, $old_resource, $resource, $form) = @_;
|
|
return 1;
|
|
}
|
|
|
|
sub check_resource{
|
|
my($self, $c, $item, $old_resource, $resource, $form) = @_;
|
|
return 1;
|
|
}
|
|
|
|
#pre_process_form_resource, process_form_resource - added as method for custom preparation form data,like:
|
|
# my $ft = File::Type->new();
|
|
# my $content_type = $ft->mime_type(${$process_extras->{binary_ref}});
|
|
# if($type eq 'mac') {
|
|
# $resource->{mac_image} = ${$process_extras->{binary_ref}};
|
|
# $resource->{mac_image_type} = $content_type;
|
|
# } else {
|
|
# $resource->{front_image} = ${$process_extras->{binary_ref}};
|
|
# $resource->{front_image_type} = $content_type;
|
|
# }
|
|
#
|
|
#etc. Method still can be used as exit point, if form data processing can be performed due to incorrect input data
|
|
#used in update_item
|
|
sub pre_process_form_resource {
|
|
my($self, $c, $item, $old_resource, $resource, $form) = @_;
|
|
return $resource;
|
|
}
|
|
|
|
sub process_form_resource {
|
|
my($self, $c, $item, $old_resource, $resource, $form) = @_;
|
|
return $resource;
|
|
}
|
|
|
|
|
|
#process_hal_resource is rarely used method, which intnded to transform somehow db resource data to the hal we want
|
|
#something like:
|
|
#$resource{contract_id} = delete $resource{peering_contract_id};
|
|
#used at least in hal_from_item
|
|
sub process_hal_resource {
|
|
my($self, $c, $item, $resource, $form) = @_;
|
|
return $resource;
|
|
}
|
|
|
|
sub post_process_hal_resource {
|
|
my($self, $c, $item, $resource, $form) = @_;
|
|
return $resource;
|
|
}
|
|
|
|
sub hal_links {
|
|
my($self, $c, $item, $resource, $form) = @_;
|
|
return [];
|
|
}
|
|
|
|
sub get_form {
|
|
my($self, $c) = @_;
|
|
return ;
|
|
}
|
|
|
|
sub get_list{
|
|
my ($self) = shift;
|
|
return $self->item_rs(@_);
|
|
}
|
|
|
|
sub get_item_id{
|
|
my($self, $c, $item, $resource, $form, $params) = @_;
|
|
return int(blessed $item ? $item->id : $item->{id});
|
|
}
|
|
|
|
sub item_by_id {
|
|
my ($self, $c, $id) = @_;
|
|
my $item_rs = $self->item_rs($c);
|
|
return $item_rs->find($id);
|
|
}
|
|
|
|
sub resource_from_item{
|
|
my($self, $c, $item) = @_;
|
|
my $res;
|
|
if('HASH' eq ref $item){
|
|
$res = $item;
|
|
}else{
|
|
$res = { $item->get_inflated_columns };
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
|
|
sub post_process_commit{
|
|
my($self, $c, $action, $item, $old_resource, $resource, $form, $process_extras) = @_;
|
|
return;
|
|
}
|
|
|
|
sub validate_request {
|
|
my ($self, $c) = @_;
|
|
return 1;
|
|
}
|
|
|
|
#------ /dummy & default accessors methods
|
|
|
|
sub check_transaction_control{
|
|
my ($self, $c, $action, $step, %params) = @_;
|
|
my $res = 1;
|
|
my $transaction_config = $self->get_config('own_transaction_control');
|
|
if (!$transaction_config) {
|
|
$res = 1;
|
|
} else {
|
|
if ($transaction_config->{ALL}) {
|
|
$res = 0;
|
|
} elsif ( ('HASH' eq ref $transaction_config->{$action} && $transaction_config->{$action}->{$step} )
|
|
|| $transaction_config->{$action}) {
|
|
$res = 0;
|
|
}
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
sub get_transaction_control{
|
|
my $self = shift;
|
|
my($c, $action, $step, %params) = @_;
|
|
my $schema = $params{schema} // $c->model('DB');
|
|
$action //= uc $c->request->method;
|
|
$step //= 'init';
|
|
if($self->check_transaction_control($c, $action, $step, %params)){
|
|
#todo: put it into class variables?
|
|
my $til_config = $self->get_config('set_transaction_isolation');
|
|
if ($til_config) {
|
|
my $transaction_isolation_level =
|
|
( (length $til_config > 1 )
|
|
&& lc $til_config ne 'default' )
|
|
? $til_config
|
|
: 'READ COMMITTED';
|
|
$c->model('DB')->set_transaction_isolation($transaction_isolation_level);
|
|
}
|
|
$c->stash->{transaction_quard} = $schema->txn_scope_guard;
|
|
return $c->stash->{transaction_quard};
|
|
}
|
|
return;
|
|
}
|
|
|
|
sub complete_transaction{
|
|
my $self = shift;
|
|
my($c, $action, $step, %params) = @_;
|
|
my $schema = $params{schema} // $c->model('DB');
|
|
my $guard = $params{guard} // $c->stash->{transaction_quard};
|
|
$action //= uc $c->request->method;
|
|
$step //= 'commit';
|
|
if($self->check_transaction_control($c, $action, $step, %params)){
|
|
$guard->commit;
|
|
$c->stash->{transaction_quard} = undef;
|
|
}
|
|
return;
|
|
}
|
|
|
|
# $response_body can only be modified as a string due to its nature of being the raw response body
|
|
sub filter_log_response {
|
|
my ($self, $c, $response_body, $params_data) = @_;
|
|
|
|
return ($response_body, $params_data);
|
|
}
|
|
#------ accessors ---
|
|
|
|
sub resource_name{
|
|
return $_[0]->config->{resource_name};
|
|
}
|
|
|
|
#need it for sub config, when config is not defined yet, so we just format known resource_name properly
|
|
sub dispatch_path{
|
|
return '/api/'.($_[0]->resource_name // $_[1]).'/';
|
|
}
|
|
|
|
sub relation {
|
|
my $self = shift;
|
|
return 'http://purl.org/sipwise/ngcp-api/#rel-'.$_[0]->resource_name;
|
|
}
|
|
|
|
sub item_name{
|
|
return $_[0]->config->{item_name};
|
|
}
|
|
|
|
sub allowed_methods{
|
|
return $_[0]->config->{allowed_methods};
|
|
}
|
|
|
|
#------ /accessors ---
|
|
sub return_representation{
|
|
my($self, $c, %params) = @_;
|
|
my($hal, $response, $item, $preference, $form) = @params{qw/hal response item preference form/};
|
|
|
|
$preference //= $self->require_preference($c);
|
|
return unless $preference;
|
|
$hal //= $self->hal_from_item($c, $item, $form, \%params);
|
|
$response //= HTTP::Response->new(HTTP_OK, undef, HTTP::Headers->new(
|
|
$hal->http_headers,
|
|
), $hal->as_json);
|
|
|
|
if ('minimal' eq $preference) {
|
|
$c->response->status(HTTP_NO_CONTENT);
|
|
$c->response->header(Preference_Applied => 'return=minimal');
|
|
$c->response->body(q());
|
|
} else {
|
|
$c->response->headers($response->headers);
|
|
$c->response->header(Preference_Applied => 'return=representation');
|
|
$c->response->body($response->content);
|
|
}
|
|
}
|
|
|
|
sub return_representation_post{
|
|
my($self, $c, %params) = @_;
|
|
my($hal, $response, $item, $preference, $form) = @params{qw/hal response item preference form/};
|
|
|
|
$preference //= $self->require_preference($c);
|
|
return unless $preference;
|
|
|
|
$c->response->status(HTTP_CREATED);
|
|
|
|
if ($item) {
|
|
$hal //= $self->hal_from_item($c, $item, $form, \%params);
|
|
$response //= HTTP::Response->new(HTTP_OK, undef, HTTP::Headers->new(
|
|
$hal->http_headers,
|
|
), $hal->as_json);
|
|
my ($self_hal_link) = grep { $_->relation->as_string eq 'self' } @{$hal->links};
|
|
$c->response->header( Location => $self_hal_link->href->as_string );
|
|
}
|
|
|
|
if ('minimal' eq $preference || !$response) {
|
|
$c->response->body(q());
|
|
}else{
|
|
$c->response->body($response->content);
|
|
}
|
|
}
|
|
|
|
|
|
sub return_csv{
|
|
my($self,$c) = @_;
|
|
try{
|
|
my $filename = $self->check_create_csv($c);
|
|
return unless $filename;
|
|
$c->response->header ('Content-Disposition' => "attachment; filename=\"$filename\"");
|
|
$c->response->content_type('text/csv');
|
|
$c->response->status(200);
|
|
$self->create_csv($c);
|
|
$c->response->body(q());
|
|
}catch($e){
|
|
$self->error($c, HTTP_BAD_REQUEST, $e);
|
|
}
|
|
}
|
|
|
|
sub return_requested_type {
|
|
my ($self, $c, $id, $item) = @_;
|
|
try{
|
|
my($data_ref,$mime_type,$filename) = $self->get_item_binary_data($c, $id, $item);
|
|
$filename //= $self->item_name.''.$self->get_item_id($c, $item);
|
|
$mime_type //= 'application/octet-stream' ;
|
|
|
|
if(!$data_ref){
|
|
return;
|
|
}
|
|
$c->response->header ('Content-Disposition' => 'attachment; filename="' . $filename . '"');
|
|
$c->response->content_type( $mime_type );
|
|
$c->response->body($$data_ref);
|
|
}catch($e){
|
|
$self->error($c, HTTP_BAD_REQUEST, $e);
|
|
}
|
|
}
|
|
|
|
1;
|
|
# vim: set tabstop=4 expandtab:
|