Simplify decoration.

Use common responseSupport which adds all expected headers and supports anonymous access, so OPTIONS can be simplified.

Simplify decoration.
Use common responseSupport which adds all expected headers and supports anonymous access, so OPTIONS can be simplified.
9574074f · Łukasz Nowak · a5585d85 · 9574074f
Commit 9574074f authored May 03, 2012 by Łukasz Nowak
Show whitespace changes
Inline Side-by-side

Showing with 26 additions and 36 deletions

master/product/Vifib/Tool/VifibRestApiV1Tool.py master/product/Vifib/Tool/VifibRestApiV1Tool.py +26 -36

No files found.
--- a/master/product/Vifib/Tool/VifibRestApiV1Tool.py
+++ b/master/product/Vifib/Tool/VifibRestApiV1Tool.py
@@ -39,22 +39,17 @@ import xml_marshaller
 import json
 import transaction
-def jsonResponse(fn):
+def responseSupport(anonymous=False):
-  def wrapper(self, *args, **kwargs):
+  def outer(fn):
-    self.REQUEST.response.setHeader('Content-Type', 'application/json')
-    return fn(self, *args, **kwargs)
-  wrapper.__doc__ = fn.__doc__
-  return wrapper
-def responseSupport(fn):
    def wrapper(self, *args, **kwargs):
      response = self.REQUEST.response
+      response.setHeader('Content-Type', 'application/json')
      response.setHeader('Access-Control-Allow-Headers',
        self.REQUEST.getHeader('Access-Control-Allow-Headers'))
      response.setHeader('Access-Control-Allow-Origin', '*')
      response.setHeader('Access-Control-Allow-Methods', 'DELETE, PUT, POST, '
        'GET, OPTIONS')
-    if getSecurityManager().getUser().getId() is None:
+      if not anonymous and getSecurityManager().getUser().getId() is None:
        # force login
        response.setStatus(401)
        response.setHeader('WWW-Authenticate', 'Bearer realm="%s"'%
@@ -65,18 +60,14 @@ def responseSupport(fn):
      return fn(self, *args, **kwargs)
    wrapper.__doc__ = fn.__doc__
    return wrapper
+  return outer
 class GenericPublisher(Implicit):
+  @responseSupport(True)
  def OPTIONS(self, *args, **kwargs):
    """HTTP OPTIONS implementation"""
-    response = self.REQUEST.response
+    self.REQUEST.response.setStatus(204)
-    response.setHeader('Access-Control-Allow-Headers',
+    return self.REQUEST.response
-      self.REQUEST.get('Access-Control-Allow-Headers'))
-    response.setHeader('Access-Control-Allow-Origin', '*')
-    response.setHeader('Access-Control-Allow-Methods', 'DELETE, PUT, POST, '
-      'GET, OPTIONS')
-    response.setStatus(200)
-    return response
  def __before_publishing_traverse__(self, self2, request):
    path = request['TraversalRequestNameStack']
@@ -88,7 +79,6 @@ class GenericPublisher(Implicit):
 class InstancePublisher(GenericPublisher):
  """Instance publisher"""
-  @jsonResponse
  def __request(self):
    response = self.REQUEST.response
    self.REQUEST.stdin.seek(0)
@@ -152,7 +142,7 @@ class InstancePublisher(GenericPublisher):
    response.setBody(json.dumps({'status':'processing'}))
    return response
-  @responseSupport
+  @responseSupport()
  def __call__(self):
    """Instance GET/POST support"""
    if self.REQUEST['REQUEST_METHOD'] == 'POST':