Reputation: 308
Python EVE:- Blocking POST Method and Enabling PUT Method for some endpoints in Python EVE
I initially wrote the webservice to allow the both 'GET' and POST methods to be allowed on all the endpoints . Now there are some changes in our webservices workflow , we want to block the POST endpoint for some of the endpoints and enable PUT for them some endpoints will still have POST enabled.
I will explain more by adding the code snippet of settings.py
__author__ = 'sappal'
# pulling DBSchema from DBTableSchema
from DBSchema.DBTableSchema import DBTableSchema
from Configs import Configs
dbtableSchema = DBTableSchema()
# Let's just use the local mongod instance. Edit as needed.
# Please note that MONGO_HOST and MONGO_PORT could very well be left
# out as they already default to a bare bones local 'mongod' instance.
## LOCALHOST ENTRIES
MONGO_HOST = Configs.MONGO_DB_HOST
MONGO_PORT = Configs.MONGO_DB_PORT
MONGO_USERNAME = Configs.MONGO_DB_USER_NAME
MONGO_PASSWORD = Configs.MONGO_DB_PASSWORD
MONGO_DBNAME = Configs.MONGO_DB
# Enable reads (GET), inserts (POST) and DELETE for resources/collections
# (if you omit this line, the API will default to ['GET'] and provide
# read-only access to the endpoint).
RESOURCE_METHODS = ['GET', 'PATCH', 'POST', 'DELETE']
# Enable reads (GET), edits (PATCH), replacements (PUT) and deletes of
# individual items (defaults to read-only item access).
ITEM_METHODS = ['GET', 'PATCH', 'PUT', 'DELETE', 'POST']
# Used for implementing user-resource restricted access.
# Returns the documents which are associated with particular user
AUTH_FIELD = 'userid'
people = {
'item_title': 'person',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'POST'],
'schema': dbtableSchema.schema_people,
'public_methods': ['POST']
}
org = {
'item_title': 'org',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'PATCH'],
'schema': dbtableSchema.schema_people_org
}
puburl = {
'item_title': 'puburl',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'PATCH'],
'schema': dbtableSchema.schema_people_pub_url
}
address = {
'item_title': 'address',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'PATCH'],
'schema': dbtableSchema.schema_people_address
}
contactnumber = {
'item_title': 'contactnumber',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'PATCH'],
'schema': dbtableSchema.schema_people_contact_number
}
template = {
'item_title': 'template',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'POST'],
'schema': dbtableSchema.schema_template
}
usersharedcontacts = {
'item_title': 'usersharedcontacts',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'PATCH'],
'schema': dbtableSchema.schema_people_with_user_shared_contacts
}
cardholder = {
'item_title': 'cardholder',
'cache_control': 'max-age=10,must-revalidate',
'cache_expires': 10,
'resource_methods': ['GET', 'PATCH'],
'schema': dbtableSchema.schema_people_card_holder
}
DOMAIN = {
'people': people,
'org': org,
'puburl': puburl,
'address': address,
'contactnumber': contactnumber,
'template': template,
'usersharedcontacts': usersharedcontacts,
'cardholder': cardholder
}
I want to make POST method to be enabled for people and template endpoint, as you can see I have made this configuration 'resource_methods': ['GET', 'POST'] for the above endpoints .
I also want to disable POST method for the remaining endpoints so I configured the following for those remaining endpoints 'resource_methods': ['GET', 'PATCH'], .
I have also configured the RESOURCE_METHODS = ['GET', 'PATCH', 'POST', 'DELETE']
But when I am trying to run the Application I am getting the errors on console of the following type
eve.exceptions.ConfigException: Unallowed [usersharedcontacts] resource method(s): PATCH. Supported: GET, POST, DELETE
Process finished with exit code 1
Upvotes: 2
Views: 1037
Answers (1)
Reputation: 6576
PATCH is a document (item) method, not a resource method, that's why you get an Unallowed exception. Try with:
'resource_methods': ['GET'], # read-only resource endpoint
'item_methods': ['PATCH'] # still allow edits at the document endpoint
See the CRUD Operations table in the documentation for more details.
Upvotes: 4
Related Questions
- Data update though PUT request
- using EVE Python api for request and response
- How to protect custom endpoints using BasicAuth?
- Filtering EVE REST API
- Eve: 405 Methods not allowed for PATCH request
- submit request (post) internally in python-eve
- Performing PUT , PATCH in python eve application returns , The method is not allowed for the requested URL
- Customizing Authorization on resource endpoints in Python EVE
- Modifying the Request parameters throws Internal Server Error
- How do you read post variables in python-eve?