XXXXXXXX Revert "erp5_api_style: rewrite most of `jIOWebSection`"

This reverts commit bc17aafd.

Check if it fixes tests.

bt5/erp5_api_style/DocumentTemplateItem/portal_components/document.erp5.jIOWebSection.py

 # -*- coding: utf-8 -*-
 ##############################################################################
 #
-# Copyright (c) 2024 Nexedi SA and Contributors. All Rights Reserved.
+# Copyright (c) 2016 Nexedi SA and Contributors. All Rights Reserved.
+#                    Cédric Le Ninivin <cedric.leninivin@nexedi.com>
 #
 # WARNING: This program as such is intended to be used by professional
 # programmers who take the whole responsability of assessing all potential
@@ -27,118 +28,140 @@
 ##############################################################################
 
 from AccessControl import ClassSecurityInfo
+from AccessControl import Unauthorized
 from Acquisition import aq_inner
-
-from zExceptions import NotFound, Unauthorized
-from Products.ERP5Type import Permissions
-
-from erp5.component.mixin.DocumentExtensibleTraversableMixin import DocumentExtensibleTraversableMixin
+from OFS.Traversable import NotFound
 from erp5.component.document.WebSection import WebSection
+from Products.ERP5Type import Permissions
+from zExceptions import HTTPClientError
+from zLOG import LOG, INFO
 
 MARKER = []
-ALLOWED_MODES = ["put", "get", "post", "allDocs"]
 
-class jIOAPITraverseErrorWrapper(object):
-  """
-  JSON error object, to avoid ERP5 default error pages.
-  Publishable but non-Persistent and without Acquisition.
-  """
+# Redefine an Unauthorized error to avoid Zope redirecting the user to the main ERP5 login form
+class jIOUnauthorized(HTTPClientError):
+  errmsg = 'Unauthorized'
+  status = 401
 
-  def __init__(self, error_context, portal):
-    self.error_context = error_context
-    self.portal = portal
+  def __init__(self, underlyingError):
+    HTTPClientError.__init__(self)
+    self.underlyingError = underlyingError
 
-  # Used for debugging, especially in tests
   def __str__(self):
-    return str(self.error_context)
-
-  def __call__(self):
-    portal = self.portal
-
-    # Skin used to allow replacement and because Manager proxy role is needed
-    portal.ERP5Site_logApiErrorAndReturn(**self.error_context)
+    return str(self.underlyingError)
 
+  def __bytes__(self):
+    return bytes(self.underlyingError)
 
-class jIOMethod(object):
+def convertTojIOAPICall(function):
   """
-  Represents one of the four possible jIO methods.
-  Publishable but non-Persistent and without Acquisition.
-  XXX: Acquisition might be suitable here
+  Wrap the method to create a log entry for each invocation to the zope logger
   """
-
-  def __init__(self, mode_name, web_section):
-    super(jIOMethod, self).__init__()
-    self.mode_name = mode_name
-    self.web_section = web_section
-
-  def __call__(self):
-    self.web_section.REQUEST.response.setHeader("Content-Type", "application/json")
-
+  def wrapper(self, *args, **kwd):
+    """
+    Log the call, and the result of the call
+    """
+    assert(self.REQUEST.REQUEST_METHOD == "POST")
     try:
-      return self.web_section.ERP5Site_asjIOStyle(
-        mode=self.mode_name,
-        text_content=self.web_section.REQUEST.get("BODY"),
-        data_dict=None,
+      self.REQUEST.response.setHeader("Content-Type", "application/json")
+      retval = function(self, *args, **kwd)
+    except Unauthorized, e:
+      body = self.ERP5Site_logApiErrorAndReturn(
+        error_code="401",
+        error_message=str(e),
+        error_name="Unauthorized"
+      )
+      self.REQUEST.response.setBody(body, lock=True)
+      raise jIOUnauthorized(e)
+    except NotFound, e:
+      LOG('jIOWebSection', INFO, 'Converting NotFound to NotFound error mesage in JSON,',
+          error=True)
+      body = self.ERP5Site_logApiErrorAndReturn(
+        error_code="404",
+        error_message=str(e),
+        error_name="NotFound"
+      )
+      self.REQUEST.response.setBody(body, lock=True)
+      raise
+    except:
+      LOG('jIOWebSection', INFO, 'Converting Error to InternalError message in JSON,',
+          error=True)
+      body = self.ERP5Site_logApiErrorAndReturn(
+        error_code="500",
+        error_message="Internal Server Error",
+        error_name="InternalError"
       )
-    except Exception as e:
-      error_context = {
-        "error_code": 500,
-        "error_name": "API-INTERNAL-ERROR",
-        "error_message": str(e)
-      }
-
-      # This NotFound catches instance of objects not found inside API call
-      if isinstance(e, NotFound):
-        error_context["error_code"] = 404
-        error_context["error_name"] = "API-NOT-FOUND"
-      elif isinstance(e, Unauthorized):
-        error_context["error_code"] = 403
-        error_context["error_name"] = "API-UNAUTHORIZED"
-        # Avoid information leak when Unauthorized
-        del error_context["error_message"]
-
-      # Skin used to allow replacement and because Manager proxy role is needed
-      self.web_section.ERP5Site_logApiErrorAndReturn(**error_context)
+      self.REQUEST.response.setBody(body, lock=True)
+      raise
+
+    return '%s' % retval
+  wrapper.__doc__ = function.__doc__
+  return wrapper
 
 class jIOWebSection(WebSection):
-  portal_type = "jIO Web Section"
+  """
+  This Web Section is a wrapper to jIO to pass content in the body
+  """
 
-  # Declarative security
+  portal_type = 'jIO Web Section'
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation, "getLayoutProperty")
+  security.declareProtected(Permissions.AccessContentsInformation, 'getLayoutProperty')
   def getLayoutProperty(self, key, default=None):
     """
-    A simple method to get a property of the current by
-    acquiring it from the current section or its parents.
+        A simple method to get a property of the current by
+        acquiring it from the current section or its parents.
     """
     section = aq_inner(self)
-    while section.getPortalType() in ("Web Section", "Web Site", "Static Web Section", "Static Web Site", "jIO Web Section"):
+    while section.getPortalType() in ('Web Section', 'Web Site', 'Static Web Section', 'Static Web Site',
+                                      'jIO Web Section'):
       result = section.getProperty(key, MARKER)
       if result not in (MARKER, None):
         return result
       section = section.aq_parent
     return default
 
-  security.declareProtected(Permissions.View, "_bobo_traverse__")
-  def __bobo_traverse__(self, request, name):
-    if name in ALLOWED_MODES:
-      return jIOMethod(name, self)
+  @convertTojIOAPICall
+  def _asjIOStyle(self, mode, text_content="", data_dict=None):
+    return self.ERP5Site_asjIOStyle(
+      mode=mode,
+      text_content=text_content,
+      data_dict=data_dict,
+    )
 
-    document = None
-    try:
-      # Inheritance as follows: jIOWebSection <| WebSection <| (Domain, DocumentExtensibleTraversableMixin)
-      # Use DocumentExtensibleTraversableMixin traversal to avoid ERP5 HTML 404 page.
-      document = DocumentExtensibleTraversableMixin.__bobo_traverse__(self, request, name)
-    # This NotFound catches objects not found during traversal
-    except NotFound as e:
-      error_context = {
-        "error_code": 404,
-        "error_message": str(e),
-        "error_name": "NotFound",
-        "text_content": request.get("BODY")
-      }
-      document = jIOAPITraverseErrorWrapper(error_context, self.getPortalObject())
-
-    return document
+  security.declareProtected(Permissions.View, 'get')
+  def get(self): #pylint:disable=arguments-differ
+    """
+      Taken from WebSection Bobo Traverse, the difference is that
+      __bobo_traverse__ from DocumentExtensibleTraversableMixin is not called
+    """
+    # Register current web site physical path for later URL generation
+    return self._asjIOStyle(mode="get", text_content=self.REQUEST.get('BODY'))
+
+  security.declareProtected(Permissions.View, 'post')
+  def post(self):
+    """
+      Taken from WebSection Bobo Traverse, the difference is that
+      __bobo_traverse__ from DocumentExtensibleTraversableMixin is not called
+    """
+    # Register current web site physical path for later URL generation
+    return self._asjIOStyle(mode="post", text_content=self.REQUEST.get('BODY'))
+
+  security.declareProtected(Permissions.View, 'put')
+  def put(self):
+    """
+      Taken from WebSection Bobo Traverse, the difference is that
+      __bobo_traverse__ from DocumentExtensibleTraversableMixin is not called
+    """
+    # Register current web site physical path for later URL generation
+    return self._asjIOStyle(mode="put", text_content=self.REQUEST.get('BODY'))
+
+  security.declareProtected(Permissions.View, 'allDocs')
+  def allDocs(self):
+    """
+      Taken from WebSection Bobo Traverse, the difference is that
+      __bobo_traverse__ from DocumentExtensibleTraversableMixin is not called
+    """
+    # Register current web site physical path for later URL generation
+    return self._asjIOStyle(mode="allDocs", text_content=self.REQUEST.get('BODY'))

bt5/erp5_api_style/SkinTemplateItem/portal_skins/erp5_api_style/ERP5Site_logApiErrorAndReturn.py

@@ -7,6 +7,7 @@ error = context.getPortalObject().error_record_module.newContent(
   description=str(error_message),
   text_content=str(text_content)
 )
+container.REQUEST.RESPONSE.setStatus(error_code, lock=True)
 # We follow here Paypal api guideline
 # https://github.com/paypal/api-standards/blob/master/api-style-guide.md#error-schema
 error_dict = {
@@ -23,10 +24,4 @@ if error_link:
 if detail_list:
   error_dict["details"] = detail_list
   error.setDescription(str(error_message) + "\n".join([str(x) for x in detail_list]))
-
-serialized_error = json.dumps(error_dict, indent=2)
-context.REQUEST.response.setHeader("Content-Type", "application/json")
-context.REQUEST.response.setStatus(error_code, lock=True)
-context.REQUEST.response.setBody(serialized_error, lock=True)
-
-return serialized_error
+return json.dumps(error_dict, indent=2)