Source code for girder.api.describe

import bson.json_util
import dateutil.parser
from functools import wraps
import inspect
import jsonschema
import os
import cherrypy
from collections import OrderedDict

from girder import constants, logprint
from girder.api.rest import getCurrentUser, getBodyJson
from girder.constants import SortDir, VERSION
from girder.exceptions import RestException
from girder.models.setting import Setting
from girder.settings import SettingKey
from girder.utility import config, toBool
from girder.utility.model_importer import ModelImporter
from girder.utility.webroot import WebrootBase
from . import docs, access
from .rest import Resource, getApiUrl, getUrlParts

from inspect import signature, Parameter

SWAGGER_VERSION = '2.0'


def _walkTree(node, path=()):
    # This will infinitely recurse if anything mounted under the API root
    # has a cyclical reference. That's bad.
    routeMap = {}
    for k, v in vars(node).items():
        if isinstance(v, Resource):
            full_path = list(path)
            full_path.append(k)
            routeMap[v] = full_path

        if hasattr(v, 'exposed'):
            new_path = list(path)
            new_path.append(k)
            routeMap.update(_walkTree(v, new_path))

    return routeMap


[docs]class Description: """ This class provides convenient chainable semantics to allow api route handlers to describe themselves to the documentation. A route handler function can apply the :py:class:`girder.api.describe.describeRoute` decorator to itself (called with an instance of this class) in order to describe itself. """ # Data Type map from common name or type to (type, format) # See Data Type spec: # https://github.com/OAI/OpenAPI-Specification/blob/ # 0122c22e7fb93b571740dd3c6e141c65563a18be/versions/2.0.md#data-types _dataTypeMap = { # Primitives 'integer': ('integer', 'int32'), 'long': ('integer', 'int64'), 'number': ('number', None), 'float': ('number', 'float'), 'double': ('number', 'double'), 'string': ('string', None), 'byte': ('string', 'byte'), 'binary': ('string', 'binary'), 'boolean': ('boolean', None), 'date': ('string', 'date'), 'dateTime': ('string', 'date-time'), 'password': ('string', 'password'), 'file': ('file', None) } def __init__(self, summary): self._summary = summary self._params = [] self._responses = {} self._consumes = [] self._produces = [] self._responseClass = None self._responseClassArray = False self._notes = None self._deprecated = False self.hasPagingParams = False self.modelParams = {} self.jsonParams = {}
[docs] def asDict(self): """ Returns this description object as an appropriately formatted dict """ # Responses Object spec: # The Responses Object MUST contain at least one response code, and it # SHOULD be the response for a successful operation call. if '200' not in self._responses: self._responses['200'] = { 'description': 'Success' } if self._responseClass is not None: schema = { '$ref': '#/definitions/%s' % self._responseClass } if self._responseClassArray: schema = { 'type': 'array', 'items': schema } self._responses['200']['schema'] = schema resp = { 'summary': self._summary, 'responses': self._responses } if self._params: resp['parameters'] = self._params if self._notes is not None: resp['description'] = self._notes if self._consumes: resp['consumes'] = self._consumes if self._produces: # swagger has a bug where not all appropriate mime types are # considered to be binary (see # https://github.com/swagger-api/swagger-ui/issues/1605). If we # have specified zip format, replace it with # application/octet-stream # Reduce the list of produces values to unique values, # maintaining the order. produces = list(OrderedDict.fromkeys([ 'application/octet-stream' if item in ('application/zip', ) else item for item in self._produces])) resp['produces'] = produces if self._deprecated: resp['deprecated'] = True return resp
def responseClass(self, obj, array=False): self._responseClass = obj self._responseClassArray = array return self def _validateParamInfo(self, dataType, paramType, name): """ Helper to convert and validate the dataType and paramType. Prints warnings if invalid values were passed. """ # Legacy data type conversions if dataType == 'int': dataType = 'integer' # Parameter Object spec: # If type is "file", then the swagger "consumes" field MUST be either # "multipart/form-data", "application/x-www-form-urlencoded" or both # and the parameter MUST be in "formData". if dataType == 'file': paramType = 'formData' # Get type and format from common name dataTypeFormat = None if dataType in self._dataTypeMap: dataType, dataTypeFormat = self._dataTypeMap[dataType] # If we are dealing with the body then the dataType might be defined # by a schema added using addModel(...), we don't know for sure as we # don't know the resource name here to look it up. elif paramType != 'body': logprint.warning( 'WARNING: Invalid dataType "%s" specified for parameter names "%s"' % (dataType, name)) # Parameter Object spec: # Since the parameter is not located at the request body, it is limited # to simple types (that is, not an object). if paramType != 'body' and dataType not in ( 'string', 'number', 'integer', 'long', 'boolean', 'array', 'file', 'float', 'double', 'date', 'dateTime'): logprint.warning( 'WARNING: Invalid dataType "%s" specified for parameter "%s"' % (dataType, name)) if paramType == 'form': paramType = 'formData' return dataType, dataTypeFormat, paramType
[docs] def param(self, name, description, paramType='query', dataType='string', required=True, enum=None, default=None, strip=False, lower=False, upper=False): """ This helper will build a parameter declaration for you. It has the most common options as defaults, so you won't have to repeat yourself as much when declaring the APIs. Note that we could expose more parameters from the Parameter Object spec, for example: format, allowEmptyValue, minimum, maximum, pattern, uniqueItems. :param name: name of the parameter used in the REST query. :param description: explanation of the parameter. :param paramType: how is the parameter sent. One of 'query', 'path', 'body', 'header', or 'formData'. :param dataType: the data type expected in the parameter. This is one of 'integer', 'long', 'float', 'double', 'string', 'byte', 'binary', 'boolean', 'date', 'dateTime', 'password', or 'file'. :param required: True if the request will fail if this parameter is not present, False if the parameter is optional. :param enum: a fixed list of possible values for the field. :type enum: `list` :param strip: For string types, set this to True if the string should be stripped of white space. :type strip: bool :param lower: For string types, set this to True if the string should be converted to lowercase. :type lower: bool :param upper: For string types, set this to True if the string should be converted to uppercase. :type upper: bool """ dataType, format, paramType = self._validateParamInfo(dataType, paramType, name) param = { 'name': name, 'description': description, 'in': paramType, 'required': required } if dataType == 'string': param['_strip'] = strip param['_lower'] = lower param['_upper'] = upper if paramType == 'body': param['schema'] = { '$ref': '#/definitions/%s' % dataType } else: param['type'] = dataType if format is not None: param['format'] = format if enum: param['enum'] = enum if default is not None: param['default'] = default self._params.append(param) return self
[docs] def modelParam(self, name, description=None, model=None, destName=None, paramType='path', plugin='_core', level=None, required=True, force=False, exc=True, requiredFlags=None, **kwargs): """ This should be used in lieu of ``param`` if the parameter is a model ID and the model should be loaded and passed into the route handler. For example, if you have a route like ``GET /item/:id``, you could do: >>> from girder.models.item import Item >>> modelParam('id', model=Item, level=AccessType.READ) Which would cause the ``id`` parameter in the path to be mapped to an item model parameter named ``item``, and ensure that the calling user has at least ``READ`` access on that item. For parameters passed in the query string or form data, for example a request like ``POST /item?folderId=...``, you must specify the ``paramType``. >>> modelParam('folderId', 'The ID of the parent folder.', model=Folder, ... level=AccessType.WRITE, paramType='query') Note that in the above example, ``model`` is omitted; in this case, the model is inferred to be ``'folder'`` from the parameter name ``'folderId'``. :param name: The name passed in via the request, e.g. 'id'. :type name: str :param description: The description of the parameter. If not passed, defaults to "The ID of the <model>." :type description: str :param destName: The kwarg name after model loading, e.g. 'folder'. Defaults to the value of the model parameter. :type destName: str :param paramType: how is the parameter sent. One of 'query', 'path', 'body', 'header', or 'formData'. :param model: The model class to use for loading, or a name, e.g. 'folder'. If not passed, defaults to stripping the last two characters from the name, such that e.g. 'folderId' would make the model become 'folder'. :type model: class or str :param plugin: Plugin name, if loading a plugin model. Only used when the ``model`` param is a string rather than a class. :type plugin: str :param level: Access level, if this is an access controlled model. :type level: AccessType :param required: Whether this parameter is required. :type required: bool :param force: Force loading of the model (skip access check). :type force: bool :param exc: Whether an exception should be raised for a nonexistent resource. :type exc: bool :param requiredFlags: Access flags that are required on the object being loaded. :type requiredFlags: str or list/set/tuple of str or None """ if model is None: model = name[:-2] # strip off "Id" isModelClass = inspect.isclass(model) if description is None: description = 'The ID of the document.' self.param(name=name, description=description, paramType=paramType, required=required) self.modelParams[name] = { 'destName': destName, 'level': level, 'force': force, 'model': model, 'plugin': plugin, 'isModelClass': isModelClass, 'exc': exc, 'required': required, 'requiredFlags': requiredFlags, 'kwargs': kwargs } return self
[docs] def jsonParam(self, name, description, paramType='query', dataType='string', required=True, default=None, requireObject=False, requireArray=False, schema=None): """ Specifies a parameter that should be processed as JSON. :param requireObject: Whether the value must be a JSON object / Python dict. :type requireObject: bool :param requireArray: Whether the value must be a JSON array / Python list. :type requireArray: bool :param schema: A JSON schema that will be used to validate the parameter value. If this is passed, it overrides any ``requireObject`` or ``requireArray`` values that were passed. :type schema: dict """ if default is not None and default != (): default = bson.json_util.dumps(default) self.param( name=name, description=description, paramType=paramType, dataType=dataType, required=required, default=default) self.jsonParams[name] = { 'requireObject': requireObject, 'requireArray': requireArray, 'schema': schema } return self
[docs] def pagingParams(self, defaultSort, defaultSortDir=SortDir.ASCENDING, defaultLimit=50): """ Adds the limit, offset, sort, and sortdir parameter documentation to this route handler. :param defaultSort: The default field used to sort the result set. :type defaultSort: str :param defaultSortDir: Sort order: -1 or 1 (desc or asc) :type defaultSortDir: int :param defaultLimit: The default page size. :type defaultLimit: int """ self.param( 'limit', 'Result set size limit.', default=defaultLimit, required=False, dataType='int') self.param('offset', 'Offset into result set.', default=0, required=False, dataType='int') if defaultSort is not None: self.param( 'sort', 'Field to sort the result set by.', default=defaultSort, required=False, strip=True) self.param( 'sortdir', 'Sort order: 1 for ascending, -1 for descending.', required=False, dataType='integer', enum=[SortDir.ASCENDING, SortDir.DESCENDING], default=defaultSortDir) self.hasPagingParams = True return self
def consumes(self, value): self._consumes.append(value) return self def produces(self, value): if isinstance(value, (list, tuple)): self._produces.extend(value) else: self._produces.append(value) return self def notes(self, notes): self._notes = notes return self
[docs] def errorResponse(self, reason='A parameter was invalid.', code=400): """ This helper will build an errorResponse declaration for you. Many endpoints will be able to use the default parameter values for one of their responses. :param reason: The reason or list of reasons why the error occurred. :type reason: `str, list, or tuple` :param code: HTTP status code. :type code: int """ code = str(code) # Combine list of reasons into a single string. # swagger-ui renders the description using Markdown. if not isinstance(reason, str): reason = '\n\n'.join(reason) if code in self._responses: self._responses[code]['description'] += '\n\n' + reason else: self._responses[code] = { 'description': reason } return self
[docs] def deprecated(self): """ Mark the route as deprecated. """ self._deprecated = True return self
@property def params(self): return self._params
[docs]class ApiDocs(WebrootBase): """ This serves up the Swagger page. """ def __init__(self, templatePath=None): if not templatePath: templatePath = os.path.join(constants.PACKAGE_DIR, 'api', 'api_docs.mako') super().__init__(templatePath) curConfig = config.getConfig() self.vars['mode'] = curConfig['server'].get('mode', '') def _renderHTML(self): from girder.utility import server self.vars['apiRoot'] = server.getApiRoot() self.vars['staticPublicPath'] = server.getStaticPublicPath() self.vars['brandName'] = Setting().get(SettingKey.BRAND_NAME) return super()._renderHTML()
[docs]class Describe(Resource): def __init__(self): super().__init__() self.route('GET', (), self.listResources, nodoc=True) def _addSwaggerValues(self, paths, definitions): for path in paths.values(): for method in path.values(): for param in method.get('parameters', []): if param.get('in', '') == 'formData' and 'consumes' not in method: method['consumes'] = [ 'multipart/form-data', 'application/x-www-form-urlencoded'] for param in (method.get('parameters', []) + list( method.get('responses', {}).values())): if 'schema' not in param: continue schema = param['schema'] schema = schema.get('items', schema) defin = schema.get('$ref', '').split('#/definitions/') if len(defin) == 2 and defin[1] not in definitions: definitions[defin[1]] = { 'type': defin[1] if defin[1] in {'string', 'boolean', 'integer', 'number'} else 'object'} @access.public def listResources(self, params): # Paths Object paths = {} # Definitions Object definitions = dict(**docs.models[None]) wsgiRoot = cherrypy.request.app.root # This is due to the idiosyncrasy of mounting the API root at both {core_girder_route}/api # as well as under /api. Depending which one is being used, the API root object could be # either at .api.v1 or just at .v1 due to the way it's mounted in server.py. try: apiRoot = wsgiRoot.api.v1 except AttributeError: apiRoot = wsgiRoot.v1 routeMap = _walkTree(apiRoot) # List of Tag Objects tags = [] for resource in sorted(docs.routes.keys(), key=str): # Update Definitions Object if resource in docs.models: for name, model in docs.models[resource].items(): definitions[name] = model prefixPath = None tag = resource if isinstance(resource, Resource): if resource not in routeMap: raise RestException('Resource not mounted: %s' % resource) prefixPath = routeMap[resource] tag = prefixPath[0] # Tag Object tags.append({ 'name': tag }) for route, methods in docs.routes[resource].items(): # Path Item Object pathItem = {} for method, operation in methods.items(): operation = operation.copy() if 'parameters' in operation: operation['parameters'] = [ {k: v for k, v in param.items() if not k.startswith('_')} for param in operation['parameters']] # Operation Object pathItem[method.lower()] = operation if prefixPath: operation['tags'] = prefixPath[:1] if prefixPath: route = '/'.join([''] + prefixPath + [route[1:]]) paths[route] = pathItem self._addSwaggerValues(paths, definitions) apiUrl = getApiUrl(preferReferer=True) urlParts = getUrlParts(apiUrl) host = urlParts.netloc basePath = urlParts.path return { 'swagger': SWAGGER_VERSION, 'info': { 'title': 'Girder REST API', 'version': VERSION['release'] }, 'host': host, 'basePath': basePath, 'tags': tags, 'paths': paths, 'definitions': definitions, 'securityDefinitions': { 'Girder-Token': { 'type': 'apiKey', 'in': 'header', 'name': 'Girder-Token', } }, 'security': [{'Girder-Token': []}], }
class describeRoute: # noqa: class name def __init__(self, description): """ This returns a decorator to set the API documentation on a route handler. Pass the Description object (or None) that you want to use to describe this route. It should be used like the following example: .. code-block:: python @describeRoute( Description('Do something') .param('foo', 'Some parameter', ...) ) def routeHandler(...) :param description: The description for the route. :type description: :py:class:`girder.api.describe.Description` or None """ self.description = description def __call__(self, fun): fun.description = self.description return fun class autoDescribeRoute(describeRoute): # noqa: class name def __init__(self, description, hide=False): """ Like describeRoute, but this decorator also controls behavior of the underlying method. It handles parameter validation and transformation based on the Description object passed. :param description: The description object. :type description: Description :param hide: Set to True if this route should not appear in the swagger listing. :type hide: bool """ super().__init__(description=description) self.hide = hide def _passArg(self, fun, kwargs, name, val): """ This helper passes the arguments to the underlying function if the function has an argument with the given name. Otherwise, it adds it into the "params" argument, which is a dictionary containing other parameters. :param fun: The wrapped route handler function :type fun: callable :param name: The name of the argument to set :type name: str :param kwargs: The arguments to be passed down to the function. :type kwargs: dict :param val: The value of the argument to set """ if name in self._funNamedArgs or self._funHasKwargs: kwargs[name] = val kwargs['params'].pop(name, None) else: kwargs['params'][name] = val def _mungeKwargs(self, kwargs, fun): """ Performs final modifications to the kwargs passed into the wrapped function. Combines the sort/sortdir params appropriately for consumption by the model layer, and only passes the "params" catch-all dict if there is a corresponding kwarg for it in the wrapped function. """ if self.description.hasPagingParams and 'sort' in kwargs: sortdir = kwargs.pop('sortdir', None) or kwargs['params'].pop('sortdir', None) kwargs['sort'] = [(kwargs['sort'], sortdir)] if 'params' not in self._funNamedArgs and not self._funHasKwargs: kwargs.pop('params', None) def _inspectFunSignature(self, fun): self._funNamedArgs = set() self._funHasKwargs = False for funParam in signature(fun).parameters.values(): if funParam.kind in {Parameter.POSITIONAL_OR_KEYWORD, Parameter.KEYWORD_ONLY}: # POSITIONAL_OR_KEYWORD are basic positional parameters # KEYWORD_ONLY are named parameters that appear after a * in Python 3 self._funNamedArgs.add(funParam.name) elif funParam.kind == Parameter.VAR_KEYWORD: # VAR_KEYWORD is the **kwargs parameter self._funHasKwargs = True @staticmethod def _destName(info, model): destName = info['destName'] if destName is None: if info['isModelClass']: destName = model.name else: destName = info['model'] return destName def __call__(self, fun): self._inspectFunSignature(fun) @wraps(fun) def wrapped(*args, **kwargs): """ Transform any passed params according to the spec, or fill in default values for any params not passed. """ # Combine path params with form/query params into a single lookup table params = {k: v for k, v in kwargs.items() if k != 'params'} params.update(kwargs.get('params', {})) kwargs['params'] = kwargs.get('params', {}) for descParam in self.description.params: # We need either a type or a schema ( for message body ) if 'type' not in descParam and 'schema' not in descParam: continue name = descParam['name'] model = self._getModel(name, self.description.modelParams) if name in params: if name in self.description.jsonParams: info = self.description.jsonParams[name] val = self._loadJson(name, info, params[name]) self._passArg(fun, kwargs, name, val) elif name in self.description.modelParams: info = self.description.modelParams[name] kwargs.pop(name, None) # Remove from path params val = self._loadModel(name, info, params[name], model) self._passArg(fun, kwargs, self._destName(info, model), val) else: val = self._validateParam(name, descParam, params[name]) self._passArg(fun, kwargs, name, val) elif descParam['in'] == 'body': if name in self.description.jsonParams: info = self.description.jsonParams[name].copy() info['required'] = descParam['required'] val = self._loadJsonBody(name, info) self._passArg(fun, kwargs, name, val) else: self._passArg(fun, kwargs, name, cherrypy.request.body) elif descParam['in'] == 'header': continue # For now, do nothing with header params elif 'default' in descParam: self._passArg(fun, kwargs, name, descParam['default']) elif descParam['required']: raise RestException('Parameter "%s" is required.' % name) else: # If required=False but no default is specified, use None if name in self.description.modelParams: info = self.description.modelParams[name] kwargs.pop(name, None) # Remove from path params self._passArg(fun, kwargs, info['destName'] or model.name, None) else: self._passArg(fun, kwargs, name, None) self._mungeKwargs(kwargs, fun) return fun(*args, **kwargs) if self.hide: wrapped.description = None else: wrapped.description = self.description return wrapped def _validateJsonType(self, name, info, val): if info.get('schema') is not None: try: jsonschema.validate(val, info['schema']) except jsonschema.ValidationError as e: raise RestException('Invalid JSON object for parameter %s: %s' % ( name, str(e))) elif info['requireObject'] and not isinstance(val, dict): raise RestException('Parameter %s must be a JSON object.' % name) elif info['requireArray'] and not isinstance(val, list): raise RestException('Parameter %s must be a JSON array.' % name) def _loadJsonBody(self, name, info): val = None if cherrypy.request.body.length == 0 and info['required']: raise RestException('JSON parameter %s must be passed in request body.' % name) elif cherrypy.request.body.length > 0: val = getBodyJson() self._validateJsonType(name, info, val) return val def _loadJson(self, name, info, value): try: val = bson.json_util.loads(value) except ValueError: raise RestException('Parameter %s must be valid JSON.' % name) self._validateJsonType(name, info, val) return val def _getModel(self, name, modelParams): if name not in self.description.modelParams: return info = self.description.modelParams[name] if info['isModelClass']: return info['model']() else: return ModelImporter.model(info['model'], info['plugin']) def _loadModel(self, name, info, id, model): if info['force']: doc = model.load(id, force=True, **info['kwargs']) elif info['level'] is not None: doc = model.load(id=id, level=info['level'], user=getCurrentUser(), **info['kwargs']) else: doc = model.load(id, **info['kwargs']) if doc is None and info['exc']: raise RestException('Invalid %s id (%s).' % (model.name, str(id))) if info['requiredFlags']: model.requireAccessFlags(doc, user=getCurrentUser(), flags=info['requiredFlags']) return doc def _handleString(self, name, descParam, value): if descParam['_strip']: value = value.strip() if descParam['_lower']: value = value.lower() if descParam['_upper']: value = value.upper() format = descParam.get('format') if format in ('date', 'date-time'): try: value = dateutil.parser.parse(value) except ValueError: raise RestException('Invalid date format for parameter %s: %s.' % (name, value)) if format == 'date': value = value.date() return value def _handleInt(self, name, descParam, value): try: return int(value) except ValueError: raise RestException('Invalid value for integer parameter %s: %s.' % (name, value)) def _handleNumber(self, name, descParam, value): try: return float(value) except ValueError: raise RestException('Invalid value for numeric parameter %s: %s.' % (name, value)) def _validateParam(self, name, descParam, value): """ Validates and transforms a single parameter that was passed. Raises RestException if the passed value is invalid. :param name: The name of the param. :type name: str :param descParam: The formal parameter in the Description. :type descParam: dict :param value: The value passed in for this param for the current request. :returns: The value transformed """ type = descParam.get('type') # Coerce to the correct data type if type == 'string': value = self._handleString(name, descParam, value) elif type == 'boolean': value = toBool(value) elif type == 'integer': value = self._handleInt(name, descParam, value) elif type == 'number': value = self._handleNumber(name, descParam, value) # Enum validation (should be after type coercion) if 'enum' in descParam and value not in descParam['enum']: raise RestException('Invalid value for %s: "%s". Allowed values: %s.' % ( name, value, ', '.join(str(v) for v in descParam['enum']))) return value