1. Jesper Nøhr
  2. django-piston-oauth10a

Commits

Jesper Nøhr  committed aaf0c2d

better resource method detection, getting the default oauth store up to speed with 1.0a

  • Participants
  • Parent commits b7f9e2e
  • Branches default

Comments (0)

Files changed (4)

File piston/authentication.py

View file
     """
     Shortcut for initialization.
     """
-    if request.method == "POST" and \
-       request.META['CONTENT_TYPE'] == "application/x-www-form-urlencoded":
+    if request.method == "POST": #and \
+#       request.META['CONTENT_TYPE'] == "application/x-www-form-urlencoded":
         params = dict(request.REQUEST.items())
     else:
         params = {}
     form = forms.OAuthAuthenticationForm(initial={
         'oauth_token': token.key,
         'oauth_callback': callback,
-        })
+      })
 
     return render_to_response('piston/authorize_token.html',
             { 'form': form }, RequestContext(request))
                 args = '?'+token.to_string(only_key=True)
             else:
                 args = '?error=%s' % 'Access not granted by user.'
+                print "FORM ERROR", form.errors
             
             if not callback:
                 callback = getattr(settings, 'OAUTH_CALLBACK_VIEW')

File piston/emitters.py

View file
     conveniently returns a serialized `dict`. This is
     usually the only method you want to use in your
     emitter. See below for examples.
+
+    `RESERVED_FIELDS` was introduced when better resource
+    method detection came, and we accidentially caught these
+    as the methods on the handler. Issue58 says that's no good.
     """
     EMITTERS = { }
+    RESERVED_FIELDS = set([ 'read', 'update', 'create', 
+                            'delete', 'model', 'anonymous',
+                            'allowed_methods', 'fields', 'exclude' ])
 
     def __init__(self, payload, typemapper, handler, fields=(), anonymous=True):
         self.typemapper = typemapper
         if isinstance(self.data, Exception):
             raise
     
-    def method_fields(self, data, fields):
-        if not data:
+    def method_fields(self, handler, fields):
+        if not handler:
             return { }
 
-        has = dir(data)
+        has = dir(handler)
         ret = dict()
             
-        for field in fields:
-            if field in has and callable(field):
-                ret[field] = getattr(data, field)
-        
+        for field in fields - Emitter.RESERVED_FIELDS:
+            t = getattr(handler, str(field), None)
+
+            if t and callable(t):
+                ret[field] = t
+
         return ret
     
     def construct(self):
                 f = thing.__emittable__
                 if inspect.ismethod(f) and len(inspect.getargspec(f)[0]) == 1:
                     ret = _any(f())
+            elif repr(thing).startswith("<django.db.models.fields.related.RelatedManager"):
+                ret = _any(thing.all())
             else:
                 ret = smart_unicode(thing, strings_only=True)
 
                     get_fields = set(fields)
 
                 met_fields = self.method_fields(handler, get_fields)
-                
+                           
                 for f in data._meta.local_fields:
                     if f.serialize and not any([ p in met_fields for p in [ f.attname, f.name ]]):
                         if not f.rel:

File piston/store.py

View file
         else:
             return nonce.key
 
-    def fetch_request_token(self, oauth_consumer):
+    def fetch_request_token(self, oauth_consumer, oauth_callback):
         if oauth_consumer.key == self.consumer.key:
             self.request_token = Token.objects.create_token(consumer=self.consumer,
                                                             token_type=Token.REQUEST,
             return self.request_token
         return None
 
-    def fetch_access_token(self, oauth_consumer, oauth_token):
+    def fetch_access_token(self, oauth_consumer, oauth_token, oauth_callback):
         if oauth_consumer.key == self.consumer.key \
         and oauth_token.key == self.request_token.key \
         and self.request_token.is_approved:

File tests/test_project/apps/testapp/tests.py

View file
         atoken = Token.objects.get(key=oa_atoken.key, token_type=Token.ACCESS)
         self.assertEqual(atoken.secret, oa_atoken.secret)
 
-
 class BasicAuthTest(MainTests):
 
     def test_invalid_auth_header(self):