Customize incoming POST data
99 views
Skip to first unread message
Jon M.
Feb 26, 2015, 11:53:52 PM2/26/15
to web...@googlegroups.com
Greetings Web2Py fellows!
While working with the DAL and some views I faced wall when I looked at the POST constructor from API. So the first question is simple.
Is there any way to only catch a value from the POST constructor and do whatever I want inside the controller 'default.py' in order to keep using some queries needed to verify information and insert the data into the table with the appropiate values?
The second and last:
If the first one is doable, then what does an API method is supposed to return?
Eg.
@request.restful()
def api():
def GET(*args,**vars):
return dict()
def POST(desired_value):
if (some_controller_method(desired_value)):
return something
else:
???
return something_else
def PUT(*args,**vars):
return dict()
def DELETE(*args,**vars):
return dict()
return locals()
That's all folks! Thank you very much for your time and attention. :D
While working with the DAL and some views I faced wall when I looked at the POST constructor from API. So the first question is simple.
Is there any way to only catch a value from the POST constructor and do whatever I want inside the controller 'default.py' in order to keep using some queries needed to verify information and insert the data into the table with the appropiate values?
The second and last:
If the first one is doable, then what does an API method is supposed to return?
Eg.
@request.restful()
def api():
def GET(*args,**vars):
return dict()
def POST(desired_value):
if (some_controller_method(desired_value)):
return something
else:
???
return something_else
def PUT(*args,**vars):
return dict()
def DELETE(*args,**vars):
return dict()
return locals()
That's all folks! Thank you very much for your time and attention. :D
Leonel Câmara
Feb 27, 2015, 7:03:05 AM2/27/15
to
I'm a little confused by this question. You could do something like this:
def POST(*args, **vars):
if (some_controller_method(vars['desired_value'])):
if (some_controller_method(vars['desired_value'])):
return something
else:
???
return something_else
Is this what you need?
Jon M.
Feb 28, 2015, 8:07:03 AM2/28/15
to web...@googlegroups.com
Dude!!! Thanks a lot!!! It worked like expected...
Just for the record, in case someone face this problem.
I set it up like suggested:
def POST(*args, **vars):
if (some_controller_method(vars['entry_value'])):
print "The Output"
print str(vars['entry_value'])
else:
do_something_else()
Using curl in terminal used something like this:
curl --user us...@server.org:thepass -d "entry_value=the_value" http://127.0.0.1:8000/appname/default/api/entries.json
Output at server terminal instance debugging messages, in case web2py.py was executed in terminal.
The Ouptut
the_value
As followed in: http://www.web2pyslices.com/slice/show/1534/restful-services-with-curl-andor-python
Suddenly I raised a doubt... Which one is better secure practice, the POST API function with the auth required and subsequent functions for the server to do... Or, customized methods that catch the raw info via XML for example. Which one is in security context, better.
P.D: Sorry if it bothers, but how can someone distinguish between explicit or implicit JSON usage? I ask this because of the HTTP protocol and its relation with JSON usage, headers, processed info, tools that process information as XML, JSON, etc... And as we can se here and in the tutorial showed, the only thing related with JSON is the final part of the URL.
Peace for all of you fellows! C:
Just for the record, in case someone face this problem.
I set it up like suggested:
def POST(*args, **vars):
if (some_controller_method(vars['entry_value'])):
print "The Output"
print str(vars['entry_value'])
else:
do_something_else()
Using curl in terminal used something like this:
curl --user us...@server.org:thepass -d "entry_value=the_value" http://127.0.0.1:8000/appname/default/api/entries.json
Output at server terminal instance debugging messages, in case web2py.py was executed in terminal.
The Ouptut
the_value
As followed in: http://www.web2pyslices.com/slice/show/1534/restful-services-with-curl-andor-python
Suddenly I raised a doubt... Which one is better secure practice, the POST API function with the auth required and subsequent functions for the server to do... Or, customized methods that catch the raw info via XML for example. Which one is in security context, better.
P.D: Sorry if it bothers, but how can someone distinguish between explicit or implicit JSON usage? I ask this because of the HTTP protocol and its relation with JSON usage, headers, processed info, tools that process information as XML, JSON, etc... And as we can se here and in the tutorial showed, the only thing related with JSON is the final part of the URL.
Peace for all of you fellows! C:
Massimo Di Pierro
Feb 28, 2015, 11:00:12 AM2/28/15
to web...@googlegroups.com
Yes this can be done but the reason for using
@restful
def api()
def POST(parameter):
...
return locals()
is to have web2py do the mapping of args and vars in to parameter. If you do not want this than just do:
def api():
if request.env.request_method=='POST':
...
the code is simpler has less gotchas.
Jon M.
Mar 3, 2015, 12:06:21 PM3/3/15
to web...@googlegroups.com
Astonishing support and goodwill, thanks a lot again Mr. Di Pierro!
I will implement it that way in order to keep improving the infrastructure and performance of the back-end.
Have a wonderful night and week! :D
I will implement it that way in order to keep improving the infrastructure and performance of the back-end.
Have a wonderful night and week! :D
Reply all
Reply to author
Forward
0 new messages