Refactor API views a bit for sake of running as separate service

also add "proper" (sic) permission checks
2018-11-03 18:55:26 -05:00 · 2018-11-03 18:55:26 -05:00 · fec8ba28e2
commit fec8ba28e2
parent 9b61b05155
5 changed files with 35 additions and 15 deletions
--- a/tailbone/api/master.py
+++ b/tailbone/api/master.py
@ -36,8 +36,6 @@ class APIMasterView(APIView):
    """
    Base class for data model REST API views.
    """
-    allow_get = True
-    allow_collection_get = True

    @property
    def Session(self):
@ -60,16 +58,14 @@ class APIMasterView(APIView):
        if hasattr(cls, 'object_key'):
            return cls.object_key
        return cls.get_normalized_model_name()
-        # raise NotImplementedError("must set `object_key` for {}".format(cls.__name__))

    @classmethod
    def get_collection_key(cls):
        if hasattr(cls, 'collection_key'):
            return cls.collection_key
        return '{}s'.format(cls.get_object_key())
-        # raise NotImplementedError("must set `collection_key` for {}".format(cls.__name__))

-    def collection_get(self):
+    def _collection_get(self):
        cls = self.get_model_class()
        objects = self.Session.query(cls)

@ -92,7 +88,7 @@ class APIMasterView(APIView):
        objects = [self.normalize(obj) for obj in objects]
        return {self.get_collection_key(): objects}

-    def get(self):
+    def _get(self):
        uuid = self.request.matchdict['uuid']
        obj = self.Session.query(self.get_model_class()).get(uuid)
        if not obj: