refactor: change all APIs to more standard endpoints

Author: freemindcore

easy/controller/base.py

@@ -11,11 +11,11 @@ class CrudAPIController(ControllerBase, CrudAPI, metaclass=CrudApiMetaclass):
     """
     Base APIController for auto creating CRUD APIs
 
-    GET /?pk={id}       - Retrieve a single Object
-    PUT /               - Create a single Object
-    PATCH /?pk={id}     - Update fields for an Object
-    DELETE /?pk={id}    - Delete a single Object
-    GET /get_all        - Retrieve multiple Object, paginated
+    GET /{id}       - Retrieve a single Object
+    PUT /{id}               - Create a single Object
+    PATCH /{id}     - Update fields for an Object
+    DELETE /{id}    - Delete a single Object
+    GET /           - Retrieve multiple Object, paginated
     GET /filter/?filters={filters_dict}
                         - Filter Objects with django-orm filter dict, paginated
     GET /filter_exclude/?filters={filters_dict}

easy/controller/meta.py

@@ -27,27 +27,27 @@ def __init__(self, service=None):  # type: ignore
         super().__init__(model=self.model)
 
     # Define Controller APIs for auto generation
-    async def get_obj(self, request: HttpRequest, pk: int) -> Any:
+    async def get_obj(self, request: HttpRequest, id: int) -> Any:
         """
-        GET /?pk={id}
+        GET /{id}
         Retrieve a single Object
         """
-        return await self.service.get_obj(pk)
+        return await self.service.get_obj(id)
 
-    async def del_obj(self, request: HttpRequest, pk: int) -> Any:
+    async def del_obj(self, request: HttpRequest, id: int) -> Any:
         """
-        DELETE /?pk={id}
+        DELETE /{id}
         Delete a single Object
         """
-        return await self.service.del_obj(pk)
+        return await self.service.del_obj(id)
 
     @paginate
     async def get_objs(
         self, request: HttpRequest, maximum: int = None, filters: str = None
     ) -> Any:
         """
-        GET /get_all
-        Retrieve multiple Object
+        GET /?maximum={int}&filters={filters_dict}
+        Retrieve multiple Object (optional: maximum # and filters)
         """
         if filters:
             return await self.service.get_objs(maximum, **json.loads(filters))
@@ -100,20 +100,20 @@ def __new__(mcs, name: str, bases: Tuple[Type[Any], ...], attrs: dict) -> Any:
         opts_recursive: Optional[bool] = temp_opts.model_recursive
 
         base_cls_attrs = {
-            "get_obj": http_get("/", summary="Get")(
+            "get_obj": http_get("/{id}", summary="Get a single object")(
                 copy_func(CrudAPI.get_obj)  # type: ignore
             ),
-            "del_obj": http_delete("/", summary="Delete")(
+            "del_obj": http_delete("/{id}", summary="Delete a single object")(
                 copy_func(CrudAPI.del_obj)  # type: ignore
             ),
-            "get_all": http_get("/get_all", summary="Get All")(
+            "get_all": http_get("/", summary="Get multiple objects")(
                 copy_func(CrudAPI.get_objs)  # type: ignore
             ),
-            "filter_objs": http_get("/filter", summary="Filter")(
+            "filter_objs": http_get("/filter/", summary="Filter")(
                 copy_func(CrudAPI.filter_objs)  # type: ignore
             ),
             "filter_exclude_objs": http_get(
-                "/filter_exclude", summary="Filter exclude"
+                "/filter_exclude/", summary="Filter exclude"
             )(
                 copy_func(CrudAPI.filter_exclude_objs)  # type: ignore
             ),
@@ -143,13 +143,13 @@ async def add_obj(  # type: ignore
                 return await self.service.add_obj(**data.dict())
 
             async def patch_obj(  # type: ignore
-                self, request: HttpRequest, pk: int, data: DataSchema
+                self, request: HttpRequest, id: int, data: DataSchema
             ) -> Any:
                 """
-                PATCH /?pk={id}
+                PATCH /{id}
                 Update a single field for a Object
                 """
-                return await self.service.patch_obj(pk=pk, payload=data.dict())
+                return await self.service.patch_obj(id=id, payload=data.dict())
 
             DataSchema.__name__ = (
                 f"{opts_model.__name__}__AutoSchema({str(uuid.uuid4())[:4]})"
@@ -160,7 +160,7 @@ async def patch_obj(  # type: ignore
 
             base_cls_attrs.update(
                 {
-                    "patch_obj": http_patch("/", summary="Patch/Update")(
+                    "patch_obj": http_patch("/{id}", summary="Patch a single object")(
                         copy_func(CrudAPI.patch_obj)  # type: ignore
                     ),
                     "add_obj": http_put("/", summary="Create")(

easy/main.py

@@ -28,7 +28,6 @@ class EasyAPI(NinjaExtraAPI):
         Easy_output: bool = True,
             If True, will be encapsulated in BaseAPIResponse
     -renderer, default to EasyJSONRenderer
-    -API docs default to docs_permission_required，only logged in Staff users can visit
     -Auto generate AdminAPIs, it will read the following settings:
         AUTO_ADMIN_ENABLED_ALL_APPS
         AUTO_ADMIN_EXCLUDE_APPS

easy/services/crud.py

@@ -14,17 +14,17 @@ def __init__(self, model: Type[models.Model]):
         super().__init__(model)
         self.model = model
 
-    async def get_obj(self, pk: int) -> Any:
-        return await sync_to_async(self._crud_get_obj)(pk)
+    async def get_obj(self, id: int) -> Any:
+        return await sync_to_async(self._crud_get_obj)(id)
 
     async def get_objs(self, maximum: int = None, **filters: Any) -> Any:
         return await sync_to_async(self._crud_get_objs_all)(maximum, **filters)
 
-    async def patch_obj(self, pk: int, payload: Any) -> Any:
-        return await sync_to_async(self._crud_update_obj)(pk, payload)
+    async def patch_obj(self, id: int, payload: Any) -> Any:
+        return await sync_to_async(self._crud_update_obj)(id, payload)
 
-    async def del_obj(self, pk: int) -> Any:
-        return await sync_to_async(self._crud_del_obj)(pk)
+    async def del_obj(self, id: int) -> Any:
+        return await sync_to_async(self._crud_del_obj)(id)
 
     async def add_obj(self, **payload: Any) -> Any:
         return await sync_to_async(self._crud_add_obj)(**payload)

tests/demo_app/controllers.py

@@ -21,7 +21,7 @@
 class AutoGenCrudAPIController(CrudAPIController):
     """
     For unit testings of the following auto generated APIs:
-        get/create/patch/delete/get_all/filter/filter_exclude
+        get/create/patch/delete/filter/filter_exclude
     """
 
     def __init__(self, service: EventService):
@@ -59,16 +59,16 @@ class Meta:
             "category",
         ]
 
-    @http_get("/base_response")
+    @http_get("/base_response/")
     async def generate_base_response(self, request):
         return BaseApiResponse({"data": "This is a BaseApiResponse."})
 
-    @http_get("/qs_paginated", auth=None)
+    @http_get("/qs_paginated/", auth=None)
     @paginate
     async def qs_paginated(self, request):
         return await self.service.get_event_objs_demo()
 
-    @http_get("/qs_list", response=List[EventSchema])
+    @http_get("/qs_list/", response=List[EventSchema])
     async def get_objs_list_with_filter_exclude(self, request):
         return await sync_to_async(list)(
             await self.service.filter_exclude_objs(
@@ -77,7 +77,7 @@ async def get_objs_list_with_filter_exclude(self, request):
         )
 
     @http_get(
-        "/qs",
+        "/qs/",
     )
     async def list_events(self):
         qs = await sync_to_async(self.model.objects.all)()
@@ -96,30 +96,30 @@ def __init__(self, service: EventService):
     class Meta:
         model = Event
 
-    @http_get("/must_be_authenticated", permissions=[IsAuthenticated])
+    @http_get("/must_be_authenticated/", permissions=[IsAuthenticated])
     async def must_be_authenticated(self, word: str):
         return await self.service.get_identity_demo(word)
 
-    @http_get("/must_be_admin_user", permissions=[IsAdminUser])
+    @http_get("/must_be_admin_user/", permissions=[IsAdminUser])
     async def must_be_admin_user(self, word: str):
         return await self.service.get_identity_demo(word)
 
-    @http_get("/must_be_super_user", permissions=[IsSuperUser])
+    @http_get("/must_be_super_user/", permissions=[IsSuperUser])
     async def must_be_super_user(self, word: str):
         return await self.service.get_identity_demo(word)
 
-    @http_get("/test_perm_only_super", permissions=[BaseApiPermission])
+    @http_get("/test_perm_only_super/", permissions=[BaseApiPermission])
     async def test_perm_only_super(self, request):
         response = await self.service.add_obj(title="test_event_title")
         event_id = response.json_data.get("data")["id"]
         # return await self.service.get_obj(id=note.id)
         return await sync_to_async(self.get_object_or_none)(Event, id=event_id)
 
-    @http_get("/test_perm", permissions=[BaseApiPermission])
+    @http_get("/test_perm/", permissions=[BaseApiPermission])
     async def test_perm(self, request, word: str):
         return await self.service.get_identity_demo(word)
 
-    @http_get("/test_perm_admin_site", permissions=[AdminSitePermission])
+    @http_get("/test_perm_admin_site/", permissions=[AdminSitePermission])
     async def test_perm_admin_site(self, request, word: str):
         return await self.service.get_identity_demo(word)
 

tests/demo_app/test_async_api_permissions.py

@@ -20,76 +20,78 @@ async def test_demo(self, easy_api_client):
         client = easy_api_client(PermissionAPIController)
 
         response = await client.get(
-            "/must_be_authenticated?word=authenticated", content_type="application/json"
+            "/must_be_authenticated/?word=authenticated",
+            content_type="application/json",
         )
+        print(f"{response.__dict__.items()}")
         assert response.status_code == 200
         assert response.json().get("data")["says"] == "authenticated"
 
         client = easy_api_client(PermissionAPIController)
         response = await client.get(
-            "/must_be_admin_user?word=admin",
+            "/must_be_admin_user/?word=admin",
         )
         assert response.status_code == 403
         with pytest.raises(KeyError):
             assert response.json().get("data")["says"] == "admin"
 
         client = easy_api_client(PermissionAPIController, is_staff=True)
         response = await client.get(
-            "/must_be_admin_user?word=admin",
+            "/must_be_admin_user/?word=admin",
         )
         assert response.status_code == 200
         assert response.json().get("data")["says"] == "admin"
 
         client = easy_api_client(PermissionAPIController)
         response = await client.get(
-            "/must_be_super_user?word=superuser",
+            "/must_be_super_user/?word=superuser",
         )
         assert response.status_code == 403
         with pytest.raises(KeyError):
             assert response.json().get("data")["says"] == "superuser"
 
         client = easy_api_client(PermissionAPIController, is_superuser=True)
         response = await client.get(
-            "/must_be_super_user?word=superuser",
+            "/must_be_super_user/?word=superuser",
         )
         assert response.status_code == 200
         assert response.json().get("data")["says"] == "superuser"
 
     async def test_perm(self, transactional_db, easy_api_client):
         client = easy_api_client(PermissionAPIController)
-        response = await client.get("/test_perm", query=dict(word="normal"))
+        response = await client.get("/test_perm/", query=dict(word="normal"))
         assert response.status_code == 200
         assert response.json().get("data")["says"] == "normal"
         client = easy_api_client(PermissionAPIController, is_staff=True)
-        response = await client.get("/test_perm", query=dict(word="staff"))
+        response = await client.get("/test_perm/", query=dict(word="staff"))
         assert response.status_code == 200
         assert response.json().get("data")["says"] == "staff"
 
     async def test_perm_only_super(self, transactional_db, easy_api_client):
         client = easy_api_client(PermissionAPIController)
-        response = await client.get("/test_perm_only_super")
+        response = await client.get("/test_perm_only_super/")
         assert response.status_code == 403
         assert response.json().get("data") == {
             "detail": "You do not have permission to perform this action."
         }
 
         client = easy_api_client(PermissionAPIController)
-        response = await client.get("/test_perm_only_super")
+        response = await client.get("/test_perm_only_super/")
         assert response.status_code == 403
         assert response.json().get("data") == {
             "detail": "You do not have permission to perform this action."
         }
 
         client = easy_api_client(PermissionAPIController, is_superuser=True)
-        response = await client.get("/test_perm_only_super")
+        response = await client.get("/test_perm_only_super/")
         assert response.status_code == 200
         assert response.json().get("data")["title"] == "test_event_title"
 
     async def test_perm_admin_site(self, transactional_db, easy_api_client):
         # None-admin users
         client = easy_api_client(PermissionAPIController)
         response = await client.get(
-            "/test_perm_admin_site", query=dict(word="non-admin")
+            "/test_perm_admin_site/", query=dict(word="non-admin")
         )
         assert response.status_code == 403
         assert response.json().get("data") == {
@@ -98,7 +100,7 @@ async def test_perm_admin_site(self, transactional_db, easy_api_client):
 
         # Staff users
         client = easy_api_client(PermissionAPIController, is_staff=True)
-        response = await client.get("/test_perm_admin_site", query=dict(word="staff"))
+        response = await client.get("/test_perm_admin_site/", query=dict(word="staff"))
         assert response.status_code == 200
         assert response.json()["data"]["says"] == "staff"
 
@@ -109,12 +111,12 @@ async def test_perm_auto_apis_delete(self, transactional_db, easy_api_client):
         object_data.update(title=f"{object_data['title']}_get")
         event = await sync_to_async(Event.objects.create)(**object_data)
         response = await client.get(
-            f"/?pk={event.id}",
+            f"/{event.id}",
         )
         assert response.status_code == 403
 
         response = await client.delete(
-            f"/?pk={event.id}",
+            f"/{event.id}",
         )
         assert response.status_code == 403
         assert response.json().get("data") == {
@@ -124,11 +126,11 @@ async def test_perm_auto_apis_delete(self, transactional_db, easy_api_client):
         # Super users
         client = easy_api_client(AutoGenCrudAPIController, is_superuser=True)
         await client.delete(
-            f"/?pk={event.id}",
+            f"/{event.id}",
         )
 
         response = await client.get(
-            f"/?pk={event.id}",
+            f"/{event.id}",
         )
         assert response.status_code == 200
         assert response.json().get("code") == 404
@@ -140,7 +142,7 @@ async def test_perm_auto_apis_patch(self, transactional_db, easy_api_client):
         event = await sync_to_async(Event.objects.create)(**object_data)
 
         response = await client.get(
-            f"/?pk={event.id}",
+            f"/{event.id}",
         )
         assert response.status_code == 403
         assert response.json().get("data") == {
@@ -150,7 +152,7 @@ async def test_perm_auto_apis_patch(self, transactional_db, easy_api_client):
         # Staff users
         client = easy_api_client(AutoGenCrudAPIController, is_staff=True)
         response = await client.get(
-            f"/?pk={event.id}",
+            f"/{event.id}",
         )
         assert response.json().get("data")["title"] == f"{object_data['title']}"
 
@@ -172,7 +174,7 @@ async def test_perm_auto_apis_patch(self, transactional_db, easy_api_client):
 
         client = easy_api_client(AdminSitePermissionAPIController)
         response = await client.patch(
-            f"/?pk={event.id}", json=new_data, content_type="application/json"
+            f"/{event.id}", json=new_data, content_type="application/json"
         )
 
         assert response.status_code == 403
@@ -183,12 +185,12 @@ async def test_perm_auto_apis_patch(self, transactional_db, easy_api_client):
         # Super users
         client = easy_api_client(AutoGenCrudAPIController, is_superuser=True)
         response = await client.patch(
-            f"/?pk={event.id}", json=new_data, content_type="application/json"
+            f"/{event.id}", json=new_data, content_type="application/json"
         )
         assert response.json().get("data")["pk"] == event.id
 
         response = await client.get(
-            f"/?pk={event.id}",
+            f"/{event.id}",
         )
         assert response.status_code == 200
         assert response.json().get("data")["title"] == "AsyncAPIEvent_patch"