App-Dochazka-REST
view release on metacpan or search on metacpan
bin/dochazka-ldap-sync-all view on Meta::CPAN
if ( $status->not_ok ) {
print "WARNING: could not sync " . $_->nick . " from LDAP\n" unless $quiet;
next;
}
if ( $old->compare( $_ ) ) {
print $_->nick . " existing profile data match LDAP: no action needed\n" unless $quiet;
next;
}
$status = $_->update( $faux_context );
if ( $status->ok ) {
print $_->nick . " profile updated from LDAP\n" unless $quiet;
next;
}
print "WARNING: could not update " . $_->nick . " employee object (" .
$status->text . ")\n" unless $quiet;
}
print "Processed " . scalar( @$emp_list ) . " employees\n" unless $quiet;
exit( 0 );
config/REST_Config.pm view on Meta::CPAN
# DOCHAZKA_LDAP_TEST_UID_NON_EXISTENT
# a non-existent UID for LDAP testing (t/201-LDAP.t)
set( 'DOCHAZKA_LDAP_TEST_UID_NON_EXISTENT', 'I_do_NOT_exist_in_local_LDAP' );
# DOCHAZKA_REST_SESSION_EXPIRATION_TIME
# number of seconds after which a session will be considered stale
set( 'DOCHAZKA_REST_SESSION_EXPIRATION_TIME', 3600 );
# DOCHAZKA_PROFILE_EDITABLE_FIELDS
# which employee fields can be updated by employees with privlevel 'inactive' and 'active'
# N.B. 1 administrators can edit all fields, and passerbies can't edit any
# N.B. 2 if LDAP authentication and LDAP import/sync are being used, it may not
# make sense for employees to edit *any* of the fields
# N.B. 3 this site param affects the functioning of the "POST employee/self" and "POST employee/current" resources
set( 'DOCHAZKA_PROFILE_EDITABLE_FIELDS', {
'inactive' => [ 'password' ],
'active' => [ 'password' ],
});
# DOCHAZKA_INTERVAL_SELECT_LIMIT
ext/REST_SiteConfig.pm.example view on Meta::CPAN
# DOCHAZKA_LDAP_TEST_UID_NON_EXISTENT
# a non-existent UID for LDAP testing (t/201-LDAP.t)
#set( 'DOCHAZKA_LDAP_TEST_UID_NON_EXISTENT', 'I_do_NOT_exist_in_local_LDAP' );
# DOCHAZKA_REST_SESSION_EXPIRATION_TIME
# number of seconds after which a session will be considered stale
#set( 'DOCHAZKA_REST_SESSION_EXPIRATION_TIME', 3600 );
# DOCHAZKA_PROFILE_EDITABLE_FIELDS
# which employee fields can be updated by employees with privlevel 'inactive' and 'active'
# N.B. 1 administrators can edit all fields, and passerbies can't edit any
# N.B. 2 if LDAP authentication and LDAP import/sync are being used, it may not
# make sense for employees to edit *any* of the fields
# N.B. 3 this site param affects the functioning of the "POST
# employee/self" and "POST employee/current" resources
#set( 'DOCHAZKA_PROFILE_EDITABLE_FIELDS', {
# 'inactive' => [ 'password' ],
# 'active' => [ 'password' ],
#});
lib/App/Dochazka/REST/Dispatch.pm view on Meta::CPAN
$status = $sched->insert( $context );
if ( $status->ok ) {
if ( $status->code eq 'DOCHAZKA_SCHEDULE_EXISTS' ) {
$self->context->{'create_path'} = '.../schedule/shid/' . $sched->sid;
$code = 'DISPATCH_SCHEDULE_EXISTS';
$log->info( "POST schedule/new: Returning existing schedule, unchanged" );
$sched = $status->payload;
} elsif ( $status->code eq 'DOCHAZKA_SCHEDULE_UPDATE_OK' ) {
$self->context->{'create_path'} = '.../schedule/shid/' . $sched->sid;
$code = 'DISPATCH_SCHEDULE_UPDATE_OK';
$log->info( "POST schedule/new: Existing schedule updated" );
} elsif ( $status->code eq 'DOCHAZKA_SCHEDULE_INSERT_OK' ) {
$self->context->{'create_path'} = '.../schedule/shid/' . $sched->sid;
$code = 'DISPATCH_SCHEDULE_INSERT_OK';
$log->info( "POST schedule/new: New schedule inserted" );
} else {
die "AGGHGHG! could not handle App::Dochazka::REST::Model::Schedule->insert status: "
. Dumper( $status );
}
} else {
$self->mrest_declare_status( code => 500, explanation =>
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=back
=head2 C<< activity/aid >>
=over
Allowed methods: POST
Enables existing activity objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'aid' property, the value of which specifies the AID to be
updated.
=back
=head2 C<< activity/aid/:aid >>
=over
Allowed methods: DELETE, GET, PUT
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=over
=item * GET
Retrieves an activity object by its AID.
=item * PUT
Updates the activity object whose AID is specified by the ':aid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{ "long_desc" : "new description", "disabled" : "f" }
=item * DELETE
Deletes the activity object whose AID is specified by the ':aid' URI parameter.
This will work only if nothing in the database refers to this activity.
=back
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=back
=head2 C<< activity/code >>
=over
Allowed methods: POST
This resource enables existing activity objects to be updated, and new
activity objects to be inserted, by sending a POST request to the REST server.
Along with the properties to be modified/inserted, the request body must
include an 'code' property, the value of which specifies the activity to be
updated.
=back
=head2 C<< activity/code/:code >>
=over
Allowed methods: DELETE, GET, PUT
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=over
=item * GET
Retrieves an activity object by its code.
=item * PUT
Inserts new or updates existing activity object whose code is specified by the
':code' URI parameter. The fields to be updated and their new values should be
sent in the request body, e.g., like this:
{ "long_desc" : "new description", "disabled" : "f" }
=item * DELETE
Deletes an activity object by its code whose code is specified by the ':code'
URI parameter. This will work only if nothing in the database refers to this
activity.
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=back
=head2 C<< component/cid >>
=over
Allowed methods: POST
Enables existing component objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'cid' property, the value of which specifies the cid to be
updated.
=back
=head2 C<< component/cid/:cid >>
=over
Allowed methods: DELETE, GET, PUT
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=over
=item * GET
Retrieves an component object by its cid.
=item * PUT
Updates the component object whose cid is specified by the ':cid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{ "path" : "new/path", "source" : "new source", "acl" : "inactive" }
=item * DELETE
Deletes the component object whose cid is specified by the ':cid' URI parameter.
This will work only if nothing in the database refers to this component.
=back
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=back
=head2 C<< component/path >>
=over
Allowed methods: POST
This resource enables existing component objects to be updated, and new
component objects to be inserted, by sending a POST request to the REST server.
Along with the properties to be modified/inserted, the request body must
include an 'path' property, the value of which specifies the component to be
updated.
=back
=head2 C<< configinfo >>
=over
Allowed methods: GET
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=over
=item * GET
Displays the profile of the currently logged-in employee. The information
is limited to just the employee object itself.
=item * POST
Provides a way for an employee to update certain fields of her own employee
profile. Exactly which fields can be updated may differ from site to site
(see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=back
=back
=head2 C<< employee/current/priv >>
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
This resource provides a way to update employee objects using the
POST method, provided the employee's EID is provided in the content body.
The properties to be modified should also be included, e.g.:
{ "eid" : 43, "fullname" : "Foo Bariful" }
This would change the 'fullname' property of the employee with EID 43 to "Foo
Bariful" (provided such an employee exists).
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=back
=head2 C<< employee/eid/:eid >>
=over
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
Updates the "employee profile" (employee object) of the employee with
the given EID. For example, if the request body was:
{ "fullname" : "Foo Bariful" }
the request would change the 'fullname' property of the employee with EID 43
(provided such an employee exists) to "Foo Bariful". Any 'eid' property
provided in the content body will be ignored.
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=item * DELETE
Deletes the employee with the given EID (will only work if the EID
exists and nothing in the database refers to it).
=back
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
Consider, for example, the following request body:
{ "nick" : "foobar", "fullname" : "Foo Bariful" }
If an employee "foobar" exists, such a request would change the 'fullname'
property of that employee to "Foo Bariful". On the other hand, if the employee
doesn't exist this HTTP request would cause a new employee 'foobar' to be
created.
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=back
=head2 C<< employee/nick/:nick >>
=over
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
would look for an employee whose nick is 'foobar'.
=item * PUT
Inserts a new employee or updates an existing one (exact match only).
If a 'nick' property is provided in the content body and its value is
different from the nick provided in the URI, the employee's nick will be
changed to the value provided in the content body.
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=item * DELETE
Deletes an employee (exact match only). This will work only if the
exact nick exists and nothing else in the database refers to the employee
in question.
=back
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=over
=item * GET
Displays the profile of the currently logged-in employee. The information
is limited to just the employee object itself.
=item * POST
Provides a way for an employee to update certain fields of her own employee
profile. Exactly which fields can be updated may differ from site to site
(see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=back
=back
=head2 C<< employee/self/priv >>
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=back
=head2 C<< interval/iid >>
=over
Allowed methods: POST
Enables existing interval objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'iid' property, the value of which specifies the iid to be
updated.
=back
=head2 C<< interval/iid/:iid >>
=over
Allowed methods: DELETE, GET, PUT
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=over
=item * GET
Retrieves an interval object by its IID.
=item * PUT
Updates the interval object whose iid is specified by the ':iid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{
"eid" : 34,
"aid" : 1,
"intvl" : '[ 2014-11-18 08:00, 2014-11-18 12:00 )'
}
=item * DELETE
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=back
=head2 C<< lock/lid >>
=over
Allowed methods: POST
Enables existing lock objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'lid' property, the value of which specifies the lid to be
updated.
=back
=head2 C<< lock/lid/:lid >>
=over
Allowed methods: DELETE, GET, PUT
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=over
=item * GET
Retrieves an lock object by its lid.
=item * PUT
Updates the lock object whose lid is specified by the ':lid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{
"eid" : 34,
"intvl" : '[ 2014-11-18 00:00, 2014-11-18 24:00 )'
}
=item * DELETE
Deletes the lock object whose lid is specified by the ':lid' URI parameter.
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
Adds a record to the privhistory of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "priv" (one of
"passerby", "inactive", "active", or "admin").
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
=back
=head2 C<< priv/history/eid/:eid/:tsrange >>
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
Adds a record to the privhistory of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "priv" (one of
"passerby", "inactive", "active", or "admin").
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
=back
=head2 C<< priv/history/nick/:nick/:tsrange >>
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=item * POST
Adds a record to the schedule history of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "sid" (the ID of the schedule).
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
=back
=head2 C<< schedule/history/eid/:eid/:tsrange >>
lib/App/Dochazka/REST/Docs/Resources.pm view on Meta::CPAN
=item * POST
Adds a record to the schedule history of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "sid" (the ID of the schedule).
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
=back
=head2 C<< schedule/history/nick/:nick/:tsrange >>
lib/App/Dochazka/REST/Guide.pm view on Meta::CPAN
=head2 Lock
In Dochazka, a "lock" is a record in the "locks" table specifying that
a particular user's attendance data (i.e. activity intervals) for a
given period (tsrange) cannot be changed. That means, for intervals in
the locked tsrange:
=over
=item * existing intervals cannot be updated or deleted
=item * no new intervals can be inserted
=back
Employees can create locks (i.e., insert records into the locks table) on their
own EID, but they cannot delete or update those locks (or any others).
Administrators can insert, update, or delete locks at will.
How the lock is used will differ from site to site, and some sites may not
lib/App/Dochazka/REST/Model/Activity.pm view on Meta::CPAN
attrs => [ 'code', 'long_desc', 'remark' ],
);
return $status;
}
=head2 update
Instance method. Assuming that the object has been prepared, i.e. the AID
corresponds to the activity to be updated and the attributes have been
changed as desired, this function runs the actual UPDATE, hopefully
bringing the database into line with the object. Overwrites all the
object's attributes with the values actually written to the database.
Returns status object.
=cut
sub update {
my $self = shift;
my ( $context ) = validate_pos( @_, { type => HASHREF } );
lib/App/Dochazka/REST/Model/Component.pm view on Meta::CPAN
$self->create_file if $status->ok;
return $status;
}
=head2 update
Instance method. Assuming that the object has been prepared, i.e. the CID
corresponds to the component to be updated and the attributes have been
changed as desired, this function runs the actual UPDATE, hopefully
bringing the database into line with the object. Overwrites all the
object's attributes with the values actually written to the database.
Returns status object.
=cut
sub update {
my $self = shift;
my ( $context ) = validate_pos( @_, { type => HASHREF } );
lib/App/Dochazka/REST/Model/Employee.pm view on Meta::CPAN
attrs => [ 'sec_id', 'nick', 'fullname', 'email', 'passhash', 'salt',
'sync', 'supervisor', 'remark' ],
);
return $status;
}
=head2 update
Instance method. Assuming that the object has been prepared, i.e. the EID
corresponds to the employee to be updated and the attributes have been
changed as desired, this function runs the actual UPDATE, hopefully
bringing the database into line with the object. Overwrites all the
object's attributes with the values actually written to the database.
Returns status object.
=cut
sub update {
my $self = shift;
my ( $context ) = validate_pos( @_, { type => HASHREF } );
lib/App/Dochazka/REST/Model/Schedule.pm view on Meta::CPAN
if ( $status->ok ) {
$status->code( 'DOCHAZKA_SCHEDULE_INSERT_OK' );
$log->info( "Inserted new schedule with SID " . $self->{sid} );
}
return $status;
}
=head2 update
Although we do not allow the 'sid' or 'schedule' fields to be updated, schedule
records have 'scode', 'remark' and 'disabled' fields that can be updated via this
method.
=cut
sub update {
my $self = shift;
my ( $context ) = validate_pos( @_, { type => HASHREF } );
return $CELL->status_err( 'DOCHAZKA_MALFORMED_400' ) unless $self->{'sid'};
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
parent => 'activity',
handler => {
POST => 'handler_post_activity_aid',
},
acl_profile => 'admin',
cli => 'activity aid',
description => 'Update an existing activity object via POST request (AID must be included in request body)',
documentation => <<'EOH',
=pod
Enables existing activity objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'aid' property, the value of which specifies the AID to be
updated.
EOH
},
# /activity/aid/:aid
'activity/aid/:aid' =>
{
parent => 'activity',
handler => {
GET => 'handler_activity_aid',
PUT => 'handler_activity_aid',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
=over
=item * GET
Retrieves an activity object by its AID.
=item * PUT
Updates the activity object whose AID is specified by the ':aid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{ "long_desc" : "new description", "disabled" : "f" }
=item * DELETE
Deletes the activity object whose AID is specified by the ':aid' URI parameter.
This will work only if nothing in the database refers to this activity.
=back
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
parent => 'activity',
handler => {
POST => 'handler_post_activity_code',
},
acl_profile => 'admin',
cli => 'activity aid',
description => 'Update an existing activity object via POST request (activity code must be included in request body)',
documentation => <<'EOH',
=pod
This resource enables existing activity objects to be updated, and new
activity objects to be inserted, by sending a POST request to the REST server.
Along with the properties to be modified/inserted, the request body must
include an 'code' property, the value of which specifies the activity to be
updated.
EOH
},
# /activity/code/:code
'activity/code/:code' =>
{
parent => 'activity',
handler => {
GET => 'handler_get_activity_code',
PUT => 'handler_put_activity_code',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
=over
=item * GET
Retrieves an activity object by its code.
=item * PUT
Inserts new or updates existing activity object whose code is specified by the
':code' URI parameter. The fields to be updated and their new values should be
sent in the request body, e.g., like this:
{ "long_desc" : "new description", "disabled" : "f" }
=item * DELETE
Deletes an activity object by its code whose code is specified by the ':code'
URI parameter. This will work only if nothing in the database refers to this
activity.
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
parent => 'component',
handler => {
POST => 'handler_post_component_cid',
},
acl_profile => 'admin',
cli => 'component cid',
description => 'Update an existing component object via POST request (cid must be included in request body)',
documentation => <<'EOH',
=pod
Enables existing component objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'cid' property, the value of which specifies the cid to be
updated.
EOH
},
# /component/cid/:cid
'component/cid/:cid' =>
{
parent => 'component',
handler => {
GET => 'handler_component_cid',
PUT => 'handler_component_cid',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
=over
=item * GET
Retrieves an component object by its cid.
=item * PUT
Updates the component object whose cid is specified by the ':cid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{ "path" : "new/path", "source" : "new source", "acl" : "inactive" }
=item * DELETE
Deletes the component object whose cid is specified by the ':cid' URI parameter.
This will work only if nothing in the database refers to this component.
=back
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
parent => 'component',
handler => {
POST => 'handler_post_component_path',
},
acl_profile => 'admin',
cli => 'component cid',
description => 'Update an existing component object via POST request (component path must be included in request body)',
documentation => <<'EOH',
=pod
This resource enables existing component objects to be updated, and new
component objects to be inserted, by sending a POST request to the REST server.
Along with the properties to be modified/inserted, the request body must
include an 'path' property, the value of which specifies the component to be
updated.
EOH
},
};
=head2 Employee resources
=cut
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
This resource provides a way to update employee objects using the
POST method, provided the employee's EID is provided in the content body.
The properties to be modified should also be included, e.g.:
{ "eid" : 43, "fullname" : "Foo Bariful" }
This would change the 'fullname' property of the employee with EID 43 to "Foo
Bariful" (provided such an employee exists).
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
EOH
},
# /employee/eid/:eid
'employee/eid/:eid' =>
{
parent => 'employee',
handler => {
GET => 'handler_get_employee_eid',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
Updates the "employee profile" (employee object) of the employee with
the given EID. For example, if the request body was:
{ "fullname" : "Foo Bariful" }
the request would change the 'fullname' property of the employee with EID 43
(provided such an employee exists) to "Foo Bariful". Any 'eid' property
provided in the content body will be ignored.
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=item * DELETE
Deletes the employee with the given EID (will only work if the EID
exists and nothing in the database refers to it).
=back
EOH
},
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
Consider, for example, the following request body:
{ "nick" : "foobar", "fullname" : "Foo Bariful" }
If an employee "foobar" exists, such a request would change the 'fullname'
property of that employee to "Foo Bariful". On the other hand, if the employee
doesn't exist this HTTP request would cause a new employee 'foobar' to be
created.
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
EOH
},
# /employee/nick/:nick
'employee/nick/:nick' =>
{
parent => 'employee',
handler => {
GET => 'handler_get_employee_nick',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
would look for an employee whose nick is 'foobar'.
=item * PUT
Inserts a new employee or updates an existing one (exact match only).
If a 'nick' property is provided in the content body and its value is
different from the nick provided in the URI, the employee's nick will be
changed to the value provided in the content body.
ACL note: 'inactive' and 'active' employees can use this resource to modify
their own employee profile. Exactly which fields can be updated may differ from
site to site (see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=item * DELETE
Deletes an employee (exact match only). This will work only if the
exact nick exists and nothing else in the database refers to the employee
in question.
=back
EOH
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
=over
=item * GET
Displays the profile of the currently logged-in employee. The information
is limited to just the employee object itself.
=item * POST
Provides a way for an employee to update certain fields of her own employee
profile. Exactly which fields can be updated may differ from site to site
(see the DOCHAZKA_PROFILE_EDITABLE_FIELDS site parameter).
=back
EOH
},
# /employee/self/full
'employee/self/full' =>
{
parent => 'employee/self',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
Adds a record to the privhistory of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "priv" (one of
"passerby", "inactive", "active", or "admin").
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
EOH
},
'schedule/history/eid/:eid' =>
{
parent => 'schedule/history',
handler => {
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
Adds a record to the schedule history of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "sid" (the ID of the schedule).
Alternatively, an "scode" property (schedule code) can be sent instead of "sid".
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
EOH
},
'priv/history/eid/:eid/:tsrange' =>
{
parent => 'priv/history',
handler => {
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
Adds a record to the privhistory of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "priv" (one of
"passerby", "inactive", "active", or "admin").
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
EOH
},
'schedule/history/nick/:nick' =>
{
parent => 'schedule/history',
handler => {
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
Adds a record to the schedule history of the given employee. The content body should
contain two properties: "effective" (a timestamp) and "sid" (the ID of the schedule).
Alternatively, an "scode" property (schedule code) can be sent instead of "sid".
It is assumed that schedule histories will be built up record-by-record;
insertion of multiple history records in a single request is not supported.
=back
Update note: histories can be updated by adding new records and deleting old
ones. Existing history records cannot be changed. Adds/deletes should be
performed with due care - especially with regard to existing employee
attendance data (if any).
EOH
},
'priv/history/nick/:nick/:tsrange' =>
{
parent => 'priv/history',
handler => {
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
parent => 'interval',
handler => {
POST => 'handler_post_interval_iid',
},
acl_profile => 'active',
cli => 'interval iid $JSON',
description => 'Update an existing interval object via POST request (iid must be included in request body)',
documentation => <<'EOH',
=pod
Enables existing interval objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'iid' property, the value of which specifies the iid to be
updated.
EOH
},
# /interval/iid/:iid
'interval/iid/:iid' =>
{
parent => 'interval',
handler => {
GET => 'handler_get_interval_iid',
PUT => 'handler_interval_iid',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
=over
=item * GET
Retrieves an interval object by its IID.
=item * PUT
Updates the interval object whose iid is specified by the ':iid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{
"eid" : 34,
"aid" : 1,
"intvl" : '[ 2014-11-18 08:00, 2014-11-18 12:00 )'
}
=item * DELETE
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
parent => 'lock',
handler => {
POST => 'handler_post_lock_lid',
},
acl_profile => 'admin',
cli => 'lock lid $JSON',
description => 'Update an existing lock object via POST request (lid must be included in request body)',
documentation => <<'EOH',
=pod
Enables existing lock objects to be updated by sending a POST request to
the REST server. Along with the properties to be modified, the request body
must include an 'lid' property, the value of which specifies the lid to be
updated.
EOH
},
# /lock/lid/:lid
'lock/lid/:lid' =>
{
parent => 'lock',
handler => {
GET => 'handler_get_lock_lid',
PUT => 'handler_lock_lid',
lib/App/Dochazka/REST/ResourceDefs.pm view on Meta::CPAN
=over
=item * GET
Retrieves an lock object by its lid.
=item * PUT
Updates the lock object whose lid is specified by the ':lid' URI parameter.
The fields to be updated and their new values should be sent in the request
body, e.g., like this:
{
"eid" : 34,
"intvl" : '[ 2014-11-18 00:00, 2014-11-18 24:00 )'
}
=item * DELETE
Deletes the lock object whose lid is specified by the ':lid' URI parameter.
lib/App/Dochazka/REST/Shared.pm view on Meta::CPAN
return 1;
}
}
$d_obj->mrest_declare_status( code => 403, explanation => "DISPATCH_KEEP_TO_YOURSELF" );
return 0;
}
=head2 shared_employee_acl_part2
Apply ACL rules on which fields can be updated.
If privlevel is inactive or active, analyze which fields the user wants to update
(passerbies will be rejected earlier in Resource.pm, and admins can edit any field)
Returns boolean 1 or 0, where 1 means "ACL check passed".
=cut
sub shared_employee_acl_part2 {
my ( $d_obj ) = @_;
$log->debug( "Entering " . __PACKAGE__ . "::shared_employee_acl_part2" );
t/dispatch/history.t view on Meta::CPAN
note( "Update the history record inserted above" );
$status = req( $test, 200, 'root', 'POST', "$base/$tphid", <<"EOS" );
{ "remark" : "I am foo!" }
EOS
is( $status->level, 'OK' );
is( $status->code, 'DOCHAZKA_CUD_OK' );
ok( defined $status->payload );
ok( exists $status->payload->{'remark'} );
is( $status->payload->{'remark'}, 'I am foo!' );
note( "Get the updated history record and check it just to be sure" );
$status = req( $test, 200, 'root', 'GET', "$base/$tphid" );
ok( $status->ok );
is( $status->payload->{'remark'}, 'I am foo!' );
note( 'DELETE' );
note( 'delete the privhistory record we created earlier' );
$status = req( $test, 200, 'root', 'DELETE', "$base/$tphid" );
is( $status->level, "OK" );
is( $status->code, 'DOCHAZKA_CUD_OK' );
t/model/employee.t view on Meta::CPAN
note( 'set Mr. Fu sync property to true' );
ok( ! $mrfu->sync );
is( $mrfu->sync, 0 );
$mrfu->sync( 1 );
ok( $mrfu->sync );
is( $mrfu->sync, 1 );
note( 'update Mr. Fu database record' );
$status = $mrfu->update( $faux_context );
is( $status->level, 'OK', 'Mr. Fu database record updated' );
is( $status->code, 'DOCHAZKA_CUD_OK' );
ok( $status->payload );
is( $status->payload->sync, 1 );
note( 'get_all_sync_employees() returns Mr. Fu' );
$status = get_all_sync_employees( $dbix_conn );
is( $status->level, 'OK' );
is( $status->code, 'DISPATCH_RECORDS_FOUND' );
ok( $status->payload );
is( ref( $status->payload ), 'ARRAY' );
t/model/schedule.t view on Meta::CPAN
note('Attempt to change the "sid" field');
$saved_sched_obj = $schedule->clone;
#diag( Dumper $saved_sched_obj );
#BAIL_OUT(0);
$schedule->sid( 99943 );
is( $schedule->{sid}, 99943 );
$status = $schedule->update( $faux_context );
is( $status->level, 'OK' );
is( $status->{'DBI_return_value'}, '0E0' );
# but the value in the database is unchanged - the 'sid' and 'schedule' fields are never updated
$status = App::Dochazka::REST::Model::Schedule->load_by_sid( $dbix_conn, $saved_sched_obj->sid );
is( $status->level, 'OK' );
is( $status->payload->{sid}, $saved_sched_obj->sid ); # no real change
$schedule = $status->payload;
note('(in other words, nothing changed)');
note('Make a bogus schedintvls object and attempt to delete it');
my $bogus_intvls = App::Dochazka::REST::Model::Schedintvls->spawn;
$status = $bogus_intvls->delete( $dbix_conn );
is( $status->level, 'WARN', "Could not delete bogus intervals" );
( run in 0.441 second using v1.01-cache-2.11-cpan-05444aca049 )