Does this help:
patterns = [
"/friends[person]",
"/{person.name}/:field",
...
("/dogs[pet]", db.pet.info=='dog'),
("/mydogs[pet]/{pet.name.startswith}",
db.pet.owner==auth.user.id), #<<<<<
]
On Sunday, 7 April 2013 08:28:10 UTC-5, Philipp Müller wrote:
>
> Hello,
>
> yes, all the methods are decorated with @requires_login(). The login
> itself is not the problem, that works fine.
> The issue is, that I want to return user-specific results in my api.
> Exposing one table by writing something along the lines of:
>
> @request.restful()
> @auth.requires_login()
> def v1():
> response.view = 'api.json'# +request.extension
> def GET(*args, **vars):
>
> patterns = [
> "/stores[store]" ]
>
> parser = db.parse_as_rest(patterns, args, vars)
> if parser.status == 200:
> return dict(content=parser.response)
> else:
> raise HTTP(parser.status, parser.error)
>
> works fine.
>
> When I write "normal" database queries, that I want to return (logged in)
> user-specific data, I can do it like this, i.e. to return the pets of a
> user:
>
> def petsForOwnerQuery():
> pets = (db.pets.owner == db.owner.auth)
> return selectedStores
>
> then i can go on and retrieve the currently logged in owner like this:
>
> def ownerFromAuthUserQuery():
> loggedInOwner = (db.owner.auth == auth.user.id)
> return loggedInCustomer
>
> Combining these queries, I can retrieve the pets for the currently logged
> in user.
>
> My question now is, how I can accomplish this, using the
> @require_restful() decorator in my API.
>
> Thank you & regards,
> Philipp
>
>
> Am Samstag, 6. April 2013 19:40:39 UTC+2 schrieb Christian Foster Howes:
>>
>> have you tried decorating your GET/PUT/POST/DELETE methods with the
>> @requires_login()?
>>
>> @request.restful()
>> def user():
>> @requires_login()
>> def GET(*args, **kwargs):
>> ....
>>
>> i'm doing something similar to that...but with a custom decorator rather
>> than requires_login.
>>
>> cfh
>>
>>
>> On Friday, April 5, 2013 2:58:17 PM UTC-7, Philipp Müller wrote:
>>>
>>> Hello,
>>>
>>> I have written a restful API in web2py using @request_restful() and then
>>> specified the patterns and tables that I wanted to expose in the API.
>>> The whole API uses basic auth, which is fine. I'm used to retrieving the
>>> user, that currently uses a service by calling auth.user.id. If I
>>> wanted to check what items in the database are associated with the
>>> currently logged in user, I could do that with a db query.
>>>
>>> Using @request_restful, I would like to do the exact thing, i.e. return
>>> only values, that are associated with the user, that is currently using my
>>> API. I have been able to figure out how to do this, any help regarding this
>>> problem would be highly appreciated.
>>>
>>> Kind regards,
>>> Philipp
>>>
>>
--
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
