7979# For helper functions
8080from api .scripts .utilities import UserUtils
8181
82- from authentication .services import CustomJSONWebTokenAuthentication
8382
8483################################################################################################
8584# NOTES
@@ -197,10 +196,14 @@ def get(self, request, username: str, temp_identifier: str):
197196 {"activation_success" : False , "status" : status .HTTP_400_BAD_REQUEST }
198197 )
199198
199+
200+ # Source: https://www.django-rest-framework.org/api-guide/authentication/#by-exposing-an-api-endpoint
200201class ApiAccountsDescribe (APIView ):
201- """Account details
202+ """
203+ Account details
202204
203205 --------------------
206+ No schema for this request since only the Authorization header is required.
204207 The word 'Token' must be included in the header.
205208 For example: 'Token 627626823549f787c3ec763ff687169206626149'
206209 """
@@ -218,12 +221,16 @@ class ApiAccountsDescribe(APIView):
218221 manual_parameters = auth ,
219222 responses = {
220223 200 : "Authorization is successful." ,
221- 403 : "Forbidden. Authentication credentials were not provided, or the token is invalid." ,
224+ 403 : "Forbidden. Authentication credentials were not provided." ,
225+ 403 : "Invalid token"
222226 },
223227 tags = ["Account Management" ],
224228 )
225229 def post (self , request ):
226- """"""
230+ """
231+ Pass the request to the handling function
232+ Source: https://stackoverflow.com/a/31813810
233+ """
227234
228235 if request .headers ["Authorization" ].split (" " )[0 ] == "Token" or request .headers ["Authorization" ].split (" " )[0 ] == "TOKEN" :
229236 return POST_api_accounts_describe (
@@ -624,8 +631,9 @@ class ApiObjectsDraftsModify(APIView):
624631
625632 --------------------
626633
627- Modifies a BCO object. The BCO object must be a draft in order to be modifiable. The contents of the BCO will be replaced with the
628- new contents provided in the request body.
634+ Modifies a BCO object. The BCO object must be a draft in order to be
635+ modifiable. WARNING: The contents of the BCO will be replaced with the new
636+ contents provided in the request body.
629637 """
630638
631639 POST_api_objects_drafts_modify_schema = openapi .Schema (
@@ -661,6 +669,16 @@ class ApiObjectsDraftsModify(APIView):
661669 request_body = request_body ,
662670 responses = {
663671 200 : "Modification of BCO draft is successful." ,
672+ 207 : "Some or all BCO modifications failed. Each object submitted"
673+ " will have it's own response object with it's own status"
674+ " code and message:\n "
675+ "201: The prefix * was successfully created.\n "
676+ "400: Bad Request. The expiration date * is not valid.\n "
677+ "400: Bad Request. The prefix * does not follow the naming rules for a prefix.\n "
678+ "403: Forbidden. User does not have permission to perform this action.\n "
679+ "404: Not Found. The user * was not found on the server.\n "
680+ "409: Conflict. The prefix the requestor is attempting to create already exists.\n " ,
681+ 401 : "Unauthorized. Authentication credentials were not provided." ,
664682 400 : "Bad request." ,
665683 403 : "Invalid token." ,
666684 },
@@ -793,39 +811,22 @@ def post(self, request) -> Response:
793811# TODO: What is the difference between this and ApiObjectsPublish?
794812class ApiObjectsDraftsPublish (APIView ):
795813 """
796- Bulk Publish BCOs
814+ Publish a BCO
797815
798816 --------------------
799-
800- Publish draft BCO objects. Once published, a BCO object becomes immutable.
801- The `object_id` field is optional, and is used to specify if the object
802- should be published as a specific version, instead of the next available numeric
803- version.
804-
805817
806- ```json
807- {
808- "POST_api_objects_drafts_publish": [
809- {
810- "prefix": "TEST",
811- "draft_id": "http://127.0.0.1:8000/TEST_000001",
812- "object_id": "http://127.0.0.1:8000/TEST_000001/1.0",
813- "delete_draft": false
814- }
815- ]
816- }
818+ Publish a draft BCO object. Once published, a BCO object becomes immutable.
817819 """
818820
819821 # TODO: This seems to be missing group, which I would expect to be part of the publication
820- permission_classes = [IsAuthenticated ,]
821- # authentication_classes = [CustomJSONWebTokenAuthentication]
822+ permission_classes = [IsAuthenticated ]
822823
823824 POST_api_objects_drafts_publish_schema = openapi .Schema (
824825 type = openapi .TYPE_OBJECT ,
825826 required = ["draft_id" , "prefix" ],
826827 properties = {
827828 "prefix" : openapi .Schema (
828- type = openapi .TYPE_STRING , description = "BCO Prefix to publish with."
829+ type = openapi .TYPE_STRING , description = "BCO Prefix to publish with."
829830 ),
830831 "draft_id" : openapi .Schema (
831832 type = openapi .TYPE_STRING , description = "BCO Object Draft ID."
@@ -857,14 +858,13 @@ class ApiObjectsDraftsPublish(APIView):
857858 @swagger_auto_schema (
858859 request_body = request_body ,
859860 responses = {
860- 200 : "All BCO publications successful." ,
861- 207 : "Some or all publications failed." ,
861+ 200 : "BCO Publication is successful." ,
862+ 300 : "Some requests failed." ,
862863 400 : "Bad request." ,
863- 403 : "Authentication credentials were not provided ." ,
864+ 403 : "Invalid token ." ,
864865 },
865866 tags = ["BCO Management" ],
866867 )
867-
868868 def post (self , request ) -> Response :
869869 return check_post_and_process (request , post_api_objects_drafts_publish )
870870
@@ -1045,10 +1045,7 @@ class ApiObjectsSearch(APIView):
10451045
10461046 Shell
10471047 ```shell
1048- curl -X POST "http://localhost:8000/api/objects/search/" -H "accept:
1049- application/json" -H "Authorization: Token ${token}" -H "Content-Type:
1050- application/json" -d "{\" POST_api_objects_search\" :
1051- [{\" type\" : \" prefix\" ,\" search\" : \" TEST\" }]}"
1048+ curl -X POST "http://localhost:8000/api/objects/search/" -H "accept: application/json" -H "Authorization: Token ${token}" -H "Content-Type: application/json" -d "{\" POST_api_objects_search\" :[{\" type\" : \" prefix\" ,\" search\" : \" TEST\" }]}"
10521049 ```
10531050
10541051 JavaScript
@@ -1216,8 +1213,13 @@ class ApiPrefixesCreate(APIView):
12161213 ```
12171214 """
12181215
1219- permission_classes = [RequestorInPrefixAdminsGroup , IsAuthenticated , ]
1216+ # Permissions - prefix admins only
1217+ permission_classes = [RequestorInPrefixAdminsGroup ]
12201218
1219+ # TYPE_ARRAY explanation
1220+ # Source: https://stackoverflow.com/questions/53492889/drf-yasg-doesnt-take-type-array-as-a-valid-type
1221+
1222+ # TODO: Need to get the schema that is being sent here from FE
12211223 request_body = openapi .Schema (
12221224 type = openapi .TYPE_OBJECT ,
12231225 title = "Prefix Creation Schema" ,
@@ -1251,17 +1253,13 @@ class ApiPrefixesCreate(APIView):
12511253 @swagger_auto_schema (
12521254 request_body = request_body ,
12531255 responses = {
1254- 200 : "All prefixes were successfully created." ,
1255- 207 : "Some or all prefix creations failed. Each object submitted"
1256- " will have it's own response object with it's own status"
1257- " code and message:\n "
1258- "201: The prefix * was successfully created.\n "
1259- "400: Bad Request. The expiration date * is not valid.\n "
1260- "400: Bad Request. The prefix * does not follow the naming rules for a prefix.\n "
1261- "403: Forbidden. User does not have permission to perform this action.\n "
1262- "404: Not Found. The user * was not found on the server.\n "
1263- "409: Conflict. The prefix the requestor is attempting to create already exists.\n " ,
1264- 401 : "Unauthorized. Authentication credentials were not provided."
1256+ 201 : "The prefix was successfully created." ,
1257+ 400 : "Bad request for one of two reasons: \n 1) the prefix does not"
1258+ "follow the naming standard, or \n 2) owner_user and/or"
1259+ "owner_group do not exist." ,
1260+ 401 : "Unauthorized. Authentication credentials were not provided." ,
1261+ 403 : "Forbidden. User doesnot have permission to perform this action" ,
1262+ 409 : "The prefix the requestor is attempting to create already exists." ,
12651263 },
12661264 tags = ["Prefix Management" ],
12671265 )
@@ -1468,6 +1466,7 @@ class ApiPrefixesPermissionsSet(APIView):
14681466 ]
14691467 }
14701468 ```
1469+
14711470 """
14721471
14731472 # Permissions - prefix admins only
@@ -1521,11 +1520,10 @@ class ApiPrefixesToken(APIView):
15211520
15221521 --------------------
15231522
1524- Get all available prefixes and their associated permissions for a given
1525- token. The word 'Token' must be included in the header.
1523+ Get all available prefixes and their associated permissions for a given token.
1524+ The word 'Token' must be included in the header.
15261525
1527- For example: 'Token 627626823549f787c3ec763ff687169206626149'. Using that
1528- token will return an empty list, as that is test user.
1526+ For example: 'Token 627626823549f787c3ec763ff687169206626149'.
15291527 """
15301528
15311529 auth = [
@@ -1540,20 +1538,18 @@ class ApiPrefixesToken(APIView):
15401538 @swagger_auto_schema (
15411539 manual_parameters = auth ,
15421540 responses = {
1543- 200 : "The available prefixes were returned." ,
1544- 401 : "The authorization header was not provided." ,
1545- 403 : "Invalid token." ,
1541+ 200 : "The Authorization header was provided and available prefixes were returned." ,
1542+ 400 : "The Authorization header was not provided." ,
15461543 },
15471544 tags = ["Prefix Management" ],
15481545 )
15491546 def post (self , request ) -> Response :
15501547 if "Authorization" in request .headers :
1548+ # Pass the request to the handling function
1549+ # Source: https://stackoverflow.com/a/31813810
15511550 return post_api_prefixes_token_flat (request = request )
15521551 else :
1553- return Response (
1554- data = {"detail" : "The authorization header was not provided." },
1555- status = status .HTTP_401_UNAUTHORIZED
1556- )
1552+ return Response (status = status .HTTP_400_BAD_REQUEST )
15571553
15581554
15591555class ApiPrefixesTokenFlat (APIView ):
0 commit comments