Changeset - 6a820dcbcb99
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 13 years ago 2013-04-17 11:10:51
marcin@python-works.com
update docs about the API access whitelist option
1 file changed with 16 insertions and 1 deletions:
docs/api/api.rst
16
1
0 comments (0 inline, 0 general)
docs/api/api.rst
Show inline comments
 
.. _api:
 

			




	
	
	
		
 
===

			




	
	
	
		
 
API

			




	
	
	
		
 
===

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Starting from RhodeCode version 1.2 a simple API was implemented.

			




	
	
	
		
 
There's a single schema for calling all api methods. API is implemented

			




	
	
	
		
 
with JSON protocol both ways. An url to send API request to RhodeCode is

			




	
	
	
		
 
<your_server>/_admin/api

			




	
	
	
		
 

			




	
	
	
		
 
API ACCESS FOR WEB VIEWS

			




	
	
	
		
 
++++++++++++++++++++++++

			




	
	
	
		
 

			




	
	
	
		
 
API access can also be turned on for each web view in RhodeCode that is

			




	
	
	
		
 
decorated with `@LoginRequired` decorator. To enable API access simple change

			




	
	
	
		
 
the standard login decorator to `@LoginRequired(api_access=True)`.

			




	
	
	
		
 

			




	
	
	
		
 
To make this operation easier, starting from version 1.7.0 there's a white list

			




	
	
	
		
 
of views that will have API access enabled. Simply edit `api_access_controllers_whitelist`

			




	
	
	
		
 
option in your .ini file, and define views that should have API access enabled.

			




	
	
	
		
 
Following example shows how to enable API access to patch/diff raw file and archive

			




	
	
	
		
 
in RhodeCode::

			




	
	
	
		
 

			




	
	
	
		
 
    api_access_controllers_whitelist = 

			




	
	
	
		
 
        ChangesetController:changeset_patch,

			




	
	
	
		
 
        ChangesetController:changeset_raw,

			




	
	
	
		
 
        FilesController:raw,

			




	
	
	
		
 
        FilesController:archivefile

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
After this change, a rhodecode view can be accessed without login by adding a

			




	
	
	
		
 
GET parameter `?api_key=<api_key>` to url. By default this is only

			




	
	
	
		
 
enabled on RSS/ATOM feed views.

			




	
	
	
		
 
enabled on RSS/ATOM feed views. Exposing raw diffs is a good way to integrate with

			




	
	
	
		
 
3rd party services like code review, or build farms that could download archives.

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
API ACCESS

			




	
	
	
		
 
++++++++++

			




	
	
	
		
 

			




	
	
	
		
 
All clients are required to send JSON-RPC spec JSON data::

			




	
	
	
		
 

			




	
	
	
		
 
    {

			




	
	
	
		
 
        "id:"<id>",

			




	
	
	
		
 
        "api_key":"<api_key>",

			




	
	
	
		
 
        "method":"<method_name>",

			




	
	
	
		
 
        "args":{"<arg_key>":"<arg_val>"}

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
Example call for autopulling remotes repos using curl::

			




	
	
	
		
 
    curl https://server.com/_admin/api -X POST -H 'content-type:text/plain' --data-binary '{"id":1,"api_key":"xe7cdb2v278e4evbdf5vs04v832v0efvcbcve4a3","method":"pull","args":{"repo":"CPython"}}'

			




	
	
	
		
 

			




	
	
	
		
 
Simply provide

			




	
	
	
		
 
 - *id* A value of any type, which is used to match the response with the request that it is replying to.

			




	
	
	
		
 
 - *api_key* for access and permission validation.

			




	
	
	
		
 
 - *method* is name of method to call

			




	
	
	
		
 
 - *args* is an key:value list of arguments to pass to method

			




	
	
	
		
 

			




	
	
	
		
 
.. note::

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.