pullrequest creation API
Mads Kiilerich
mads at kiilerich.com
Wed Mar 11 22:08:18 EDT 2015
On 03/11/2015 09:56 PM, Thomas De Schampheleire wrote:
> Hi,
>
> I would like to create a way to create a pull request
> programmatically, through an API call.
You also asked for feedback on the related
https://bitbucket.org/conservancy/kallithea/pull-request/47/add-pullrequest-json-page/diff
. Would that PR solve your problem?
> At first sight, using the api_access=True method to create a callable
> web view is the easiest, since you could take in the request and pass
> it to the existing PullrequestsController:create() method. However,
> this existing create method is decorated with @NotAnonymous, causing
> it to be unavailable for API calls.
>
> The alternative is to create an API method in controllers/api/api.py,
> but it's unclear to me how to hook this into the
> PullrequestsController.
I think that is because we have too much logic in the controller. I
think that in some MVC universes, the controller should only deal with
the view specific code (html page and user interaction). The logic we
want to expose for general purposes should thus not be view specific but
should be a part of the model.
> How to proceed here?
> Should I remove the NotAnonymous decorator and pass the requested user
> as argument to the API call?
I am not sure in what way NotAnonymous and LoginRequired really are
different. For example, it seems weird that NotAnonymous doesn't
consider the IP filtering. We should perhaps use LoginRequired
everywhere? Or would this checking have too much overhead? I don't know.
Try!
> I was also a bit confused on how these API keys are working: it seems
> that whenever you call an API, you are really the default (anonymous)
> user, regardless of the API key you are using.
> For this use case, it would be better to determine the user this API
> key is belonging to.
As far as I can see, BaseController.__call__ in kallithea/lib/base.py
_will_ determine the user based on the api key.
LoginRequired will consider the presence of an api key as evidence that
the user was authenticated with that key.
/Mads
More information about the kallithea-general
mailing list