API

===

Starting from RhodeCode version 1.2 a simple API was implemented.

There's a single schema for calling all api methods. API is implemented

with JSON protocol both ways. An url to send API request in RhodeCode is

<your_server>/_admin/api

    {

        "api_key":"<api_key>",

        "method":"<method_name>",

        "args":{"<arg_key>":"<arg_val>"}

    }

Example call for autopulling remotes repos using curl::

    curl https://server.com/_admin/api -X POST -H 'content-type:text/plain' --data-binary '{"api_key":"xe7cdb2v278e4evbdf5vs04v832v0efvcbcve4a3","method":"pull","args":{"repo":"CPython"}}'

Simply provide

 - *api_key* for access and permission validation.

 - *method* is name of method to call

 - *args* is an key:value list of arguments to pass to method

.. note::

    api_key can be found in your user account page

    {

        "result": "<result>",

        "error": null

    }

All responses from API will be `HTTP/1.0 200 OK`, if there's an error while

calling api *error* key from response will contain failure description

and result will be null.

API METHODS

+++++++++++

                "name":  "<name>",

                "active":"<bool> = True"

              }

OUTPUT::

    result: {

              "id":  "<newusersgroupid>",

              "msg": "created new users group <name>"

            }

    error:  null

Adds a user to a users group. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    api_key : "<api_key>"

    method :  "add_user_users_group"

    args:     {

                "group_name" :  "<groupname>",

                "user_name" :   "<username>"

              }

                "name" :        "<name>"

                "type" :        "<type>",

                "description" : "<description>",

                "members" :     [

                                  { "id" :         "<userid>",

	                                "username" :   "<username>",

	                                "firstname":   "<firstname>",

	                                "lastname" :   "<lastname>",

	                                "email" :      "<email>",

	                                "active" :     "<bool>",

	                                "admin" :      "<bool>",

	                                "ldap" :       "<ldap_dn>",

	                              },

                                  …

                                  {

                                    "id" :       "<usersgroupid>",

                                    "name" :     "<usersgroupname>",

                                    "active":    "<bool>",

                                  },

                                  …

                                ]

            }

    error:  null

create_repo

-----------

Creates a repository. This command can be executed only using api_key

belonging to user with admin rights.

If repository name contains "/", all needed repository groups will be created.

Add a user to a repository. This command can be executed only using api_key

belonging to user with admin rights.

If "perm" is None, user will be removed from the repository.

INPUT::

    api_key : "<api_key>"

    method :  "add_user_to_repo"

    args:     {

                "repo_name" :  "<reponame>",

                "user_name" :  "<username>",

              }

OUTPUT::

    result: None

    error:  null

# -*- coding: utf-8 -*-

"""

    rhodecode.controllers.api

    ~~~~~~~~~~~~~~~~~~~~~~~~~

    JSON RPC controller

    :created_on: Aug 20, 2011

    :author: marcink

    :copyright: (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>    

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

import inspect

import logging

import types

import urllib

import traceback

from rhodecode.lib.compat import izip_longest, json

from paste.response import replace_header

from pylons.controllers import WSGIController

from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \

HTTPBadRequest, HTTPError

from rhodecode.model.db import User

from rhodecode.lib.auth import AuthUser

log = logging.getLogger('JSONRPC')

class JSONRPCError(BaseException):

    def __init__(self, message):

        self.message = message

    def __str__(self):

        return str(self.message)

def jsonrpc_error(message, code=None):

class JSONRPCController(WSGIController):

    """

     A WSGI-speaking JSON-RPC controller class

     See the specification:

     <http://json-rpc.org/wiki/specification>`.

     Valid controller return values should be json-serializable objects.

     Sub-classes should catch their exceptions and raise JSONRPCError

     if they want to pass meaningful errors to the client.

     """

    def _get_method_args(self):

        """

        Return `self._rpc_args` to dispatched controller method

        chosen by __call__

        """

        return self._rpc_args

    def __call__(self, environ, start_response):

        """

        Parse the request body as JSON, look up the method on the

            length = int(environ['CONTENT_LENGTH'])

            log.debug('Content-Length: %s', length)

        if length == 0:

            log.debug("Content-Length is 0")

            return jsonrpc_error(message="Content-Length is 0")

        raw_body = environ['wsgi.input'].read(length)

        try:

            json_body = json.loads(urllib.unquote_plus(raw_body))

        except ValueError, e:

            return jsonrpc_error(message="JSON parse error ERR:%s RAW:%r" \

                                 % (e, urllib.unquote_plus(raw_body)))

        try:

            self._req_api_key = json_body['api_key']

            self._req_method = json_body['method']

            log.debug('method: %s, params: %s',

                      self._req_method,

        except KeyError, e:

            return jsonrpc_error(message='Incorrect JSON query missing %s' % e)

        try:

            u = User.get_by_api_key(self._req_api_key)

            auth_u = AuthUser(u.user_id, self._req_api_key)

        except Exception, e:

            return jsonrpc_error(message='Invalid API KEY')

        self._error = None

        try:

            self._func = self._find_method()

        except AttributeError, e:

            return jsonrpc_error(message=str(e))

        # now that we have a method, add self._req_params to

        # self.kargs and dispatch control to WGIController

        argspec = inspect.getargspec(self._func)

        arglist = argspec[0][1:]

        default_empty = types.NotImplementedType

        # perms decorators to work they expect the controller class to have

        # rhodecode_user attribute set

        self.rhodecode_user = auth_u

        # This attribute will need to be first param of a method that uses

        # api_key, which is translated to instance of user at that name

        USER_SESSION_ATTR = 'apiuser'

        if USER_SESSION_ATTR not in arglist:

            return jsonrpc_error(message='This method [%s] does not support '

                                 'authentication (missing %s param)' %

                                 (self._func.__name__, USER_SESSION_ATTR))

        # get our arglist and check if we provided them as args

            if arg == USER_SESSION_ATTR:

                # this is checked before so we don't need validate it

                continue

            # NotImplementedType (default_empty)

        self._rpc_args['action'] = self._req_method

        self._rpc_args['environ'] = environ

        self._rpc_args['start_response'] = start_response

        status = []

        headers = []

        exc_info = []

        def change_content(new_status, new_headers, new_exc_info=None):

            status.append(new_status)

            headers.extend(new_headers)

            exc_info.append(new_exc_info)

        output = WSGIController.__call__(self, environ, change_content)

        output = list(output)

        headers.append(('Content-Length', str(len(output[0]))))

        replace_header(headers, 'Content-Type', 'application/json')

        start_response(status[0], headers, exc_info[0])

        return output

                self._error = str(raw_response)

        except JSONRPCError, e:

            self._error = str(e)

        except Exception, e:

            log.error('Encountered unhandled exception: %s' \

                      % traceback.format_exc())

            json_exc = JSONRPCError('Internal server error')

            self._error = str(json_exc)

        if self._error is not None:

            raw_response = None

        try:

            return json.dumps(response)

        except TypeError, e:

            log.debug('Error encoding response: %s', e)

            return json.dumps(dict(result=None,

                                   error="Error encoding response"))

    def _find_method(self):

        """

        Return method named by `self._req_method` in controller if able

        """

# -*- coding: utf-8 -*-

"""

    rhodecode.model.users_group

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~

    repository permission model for RhodeCode

    :created_on: Oct 1, 2011

    :copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

from rhodecode.model.meta import Session

log = logging.getLogger(__name__)

class RepositoryPermissionModel(BaseModel):

    def get_user_permission(self, repository, user):

        return RepoToPerm.query() \

                .filter(RepoToPerm.user == user) \

                .filter(RepoToPerm.repository == repository) \

                .scalar()

    def update_user_permission(self, repository, user, permission):

        permission = Permission.get_by_key(permission)

        current = self.get_user_permission(repository, user)

        if current:

            if not current.permission is permission:

            p.user = user

            p.repository = repository

            p.permission = permission

            Session.add(p)

        Session.commit()

    def delete_user_permission(self, repository, user):

        current = self.get_user_permission(repository, user)

        if current:

            Session.delete(current)

            Session.commit()

    def update_or_delete_user_permission(self, repository, user, permission):

        if permission:

            self.update_user_permission(repository, user, permission)

        else:

            self.delete_user_permission(repository, user)