Make query params only read from query params, not JSON as well

2014-10-03 15:05:34 -04:00 · 2014-10-03 15:05:34 -04:00 · e0993b26af
commit e0993b26af
parent ec42303750
4 changed files with 13 additions and 10 deletions
--- a/endpoints/api/init.py
+++ b/endpoints/api/init.py
@ -27,8 +27,8 @@ api_bp = Blueprint('api', __name__)
 api = Api()
 api.init_app(api_bp)
 api.decorators = [csrf_protect,
-                  process_oauth,
-                  crossdomain(origin='*', headers=['Authorization', 'Content-Type'])]
+                  crossdomain(origin='*', headers=['Authorization', 'Content-Type']),
+                  process_oauth]


 class ApiException(Exception):
@ -90,6 +90,7 @@ def handle_api_error(error):
  if error.error_type is not None:
    response.headers['WWW-Authenticate'] = ('Bearer error="%s" error_description="%s"' %
                                            (error.error_type, error.error_description))
+
  return response


@ -191,6 +192,7 @@ def query_param(name, help_str, type=reqparse.text_type, default=None,
      'default': default,
      'choices': choices,
      'required': required,
+      'location': ('args')
    })
    return func
  return add_param
--- a/endpoints/api/user.py
+++ b/endpoints/api/user.py
@ -120,6 +120,10 @@ class User(ApiResource):
          'type': 'string',
          'description': 'The user\'s email address',
        },
+        'invite_code': {
+          'type': 'string',
+          'description': 'The optional invite code'
+        }
      }
    },
    'UpdateUser': {
@ -197,15 +201,12 @@ class User(ApiResource):

  @show_if(features.USER_CREATION)
  @nickname('createNewUser')
-  @parse_args
-  @query_param('inviteCode', 'Invitation code given for creating the user.', type=str,
-               default='')
  @internal_only
  @validate_json_request('NewUser')
-  def post(self, args):
+  def post(self):
    """ Create a new user. """
    user_data = request.get_json()
-    invite_code = args['inviteCode']
+    invite_code = user_data.get('invite_code', '')

    existing_user = model.get_user(user_data['username'])
    if existing_user:
--- a/static/js/app.js
+++ b/static/js/app.js
@ -2813,7 +2813,7 @@ quayApp.directive('signupForm', function () {
        $scope.registering = true;

        if ($scope.inviteCode) {
-          $scope.newUser['inviteCode'] = $scope.inviteCode;
+          $scope.newUser['invite_code'] = $scope.inviteCode;
        }

        ApiService.createNewUser($scope.newUser).then(function(resp) {
--- a/test/test_api_usage.py
+++ b/test/test_api_usage.py
@ -173,7 +173,7 @@ class ApiTestCase(unittest.TestCase):
      if memberData['name'] == membername:
        return

-    self.fail(membername + ' not found in team: ' + json.dumps(data))
+    self.fail(membername + ' not found in team: ' + py_json.dumps(data))

  def login(self, username, password='password'):
    return self.postJsonResponse(Signin, data=dict(username=username, password=password))
@ -405,7 +405,7 @@ class TestCreateNewUser(ApiTestCase):
    invite = model.add_or_invite_to_team(inviter, team, None, 'foo@example.com')
     
    details = {
-      'inviteCode': invite.invite_token
+      'invite_code': invite.invite_token
    }
    details.update(NEW_USER_DETAILS);