add endpoints for html_documents

tracim/__init__.py

@@ -17,6 +17,7 @@ from tracim.lib.utils.authorization import AcceptAllAuthorizationPolicy
 from tracim.lib.utils.authorization import TRACIM_DEFAULT_PERM
 from tracim.lib.webdav import WebdavAppFactory
 from tracim.views import BASE_API_V2
+from tracim.views.contents_api.html_document_controller import HTMLDocumentController  # nopep8
 from tracim.views.core_api.session_controller import SessionController
 from tracim.views.core_api.system_controller import SystemController
 from tracim.views.core_api.user_controller import UserController
@@ -73,11 +74,13 @@ def web(global_config, **local_settings):
     user_controller = UserController()
     workspace_controller = WorkspaceController()
     comment_controller = CommentController()
+    html_document_controller = HTMLDocumentController()
     configurator.include(session_controller.bind, route_prefix=BASE_API_V2)
     configurator.include(system_controller.bind, route_prefix=BASE_API_V2)
     configurator.include(user_controller.bind, route_prefix=BASE_API_V2)
     configurator.include(workspace_controller.bind, route_prefix=BASE_API_V2)
     configurator.include(comment_controller.bind, route_prefix=BASE_API_V2)
+    configurator.include(html_document_controller.bind, route_prefix=BASE_API_V2)
     hapic.add_documentation_view(
         '/api/v2/doc',
         'Tracim v2 API',

tracim/exceptions.py

@@ -117,5 +117,17 @@ class UserNotFoundInTracimRequest(TracimException):
     pass
 
 
+class ContentNotFoundInTracimRequest(TracimException):
+    pass
+
+
+class ContentNotFound(TracimException):
+    pass
+
+
+class ContentTypeNotAllowed(TracimException):
+    pass
+
+
 class WorkspacesDoNotMatch(TracimException):
     pass

tracim/fixtures/content.py

@@ -121,6 +121,18 @@ class Content(Fixture):
             do_save=True,
             do_notify=False,
         )
+        with new_revision(
+                session=self._session,
+                tm=transaction.manager,
+                content=tiramisu_page,
+        ):
+            content_api.update_content(
+                item=tiramisu_page,
+                new_content='<p>To cook a great Tiramisu, you need many ingredients.</p>',  # nopep8
+                new_label='Tiramisu Recipe',
+            )
+            content_api.save(tiramisu_page)
+
         best_cake_thread = content_api.create(
             content_type=ContentType.Thread,
             workspace=recipe_workspace,

tracim/lib/core/content.py

@@ -16,6 +16,7 @@ import sqlalchemy
 from sqlalchemy.orm import aliased
 from sqlalchemy.orm import joinedload
 from sqlalchemy.orm.attributes import get_history
+from sqlalchemy.orm.exc import NoResultFound
 from sqlalchemy.orm.session import Session
 from sqlalchemy import desc
 from sqlalchemy import distinct
@@ -25,6 +26,7 @@ from sqlalchemy.sql.elements import and_
 from tracim.lib.utils.utils import cmp_to_key
 from tracim.lib.core.notifications import NotifierFactory
 from tracim.exceptions import SameValueError
+from tracim.exceptions import ContentNotFound
 from tracim.exceptions import WorkspacesDoNotMatch
 from tracim.lib.utils.utils import current_date_for_filename
 from tracim.models.revision_protection import new_revision
@@ -39,9 +41,9 @@ from tracim.models.data import RevisionReadStatus
 from tracim.models.data import UserRoleInWorkspace
 from tracim.models.data import Workspace
 from tracim.lib.utils.translation import fake_translator as _
+from tracim.models.context_models import RevisionInContext
 from tracim.models.context_models import ContentInContext
 
-
 __author__ = 'damien'
 
 
@@ -161,6 +163,10 @@ class ContentApi(object):
     def get_content_in_context(self, content: Content):
         return ContentInContext(content, self._session, self._config)
 
+    def get_revision_in_context(self, revision: ContentRevisionRO):
+        # TODO - G.M - 2018-06-173 - create revision in context object
+        return RevisionInContext(revision, self._session, self._config)
+    
     def get_revision_join(self) -> sqlalchemy.sql.elements.BooleanClauseList:
         """
         Return the Content/ContentRevision query join condition
@@ -464,7 +470,11 @@ class ContentApi(object):
         if parent:
             base_request = base_request.filter(Content.parent_id==parent.content_id)  # nopep8
 
-        return base_request.one()
+        try:
+            content = base_request.one()
+        except NoResultFound as exc:
+            raise ContentNotFound('Content "{}" not found in database'.format(content_id)) from exc  # nopep8
+        return content
 
     def get_one_revision(self, revision_id: int = None) -> ContentRevisionRO:
         """

tracim/lib/utils/authorization.py

@@ -1,14 +1,20 @@
 # -*- coding: utf-8 -*-
+import typing
 from typing import TYPE_CHECKING
 
+import functools
 from pyramid.interfaces import IAuthorizationPolicy
 from zope.interface import implementer
+
+from tracim.models.contents import NewContentType
+
 try:
     from json.decoder import JSONDecodeError
 except ImportError:  # python3.4
     JSONDecodeError = ValueError
 
 from tracim.exceptions import InsufficientUserWorkspaceRole
+from tracim.exceptions import ContentTypeNotAllowed
 from tracim.exceptions import InsufficientUserProfile
 if TYPE_CHECKING:
     from tracim import TracimRequest
@@ -122,3 +128,21 @@ def require_candidate_workspace_role(minimal_required_role: int):
 
         return wrapper
     return decorator
+
+
+def require_content_types(content_types: typing.List['NewContentType']):
+    """
+    Restricts access to specific file type or raise an exception.
+    Check role for candidate_workspace.
+    :param content_types: list of NewContentType object
+    :return: decorator
+    """
+    def decorator(func):
+        @functools.wraps(func)
+        def wrapper(self, context, request: 'TracimRequest'):
+            content = request.current_content
+            if content.type in [content.slug for content in content_types]:
+                return func(self, context, request)
+            raise ContentTypeNotAllowed()
+        return wrapper
+    return decorator

tracim/lib/utils/request.py

@@ -2,18 +2,21 @@
 from pyramid.request import Request
 from sqlalchemy.orm.exc import NoResultFound
 
-from tracim.exceptions import NotAuthenticated
+from tracim.exceptions import NotAuthenticated, ContentNotFound
+from tracim.exceptions import ContentNotFoundInTracimRequest
 from tracim.exceptions import WorkspaceNotFoundInTracimRequest
 from tracim.exceptions import UserNotFoundInTracimRequest
 from tracim.exceptions import UserDoesNotExist
 from tracim.exceptions import WorkspaceNotFound
 from tracim.exceptions import ImmutableAttribute
+from tracim.models.contents import ContentTypeLegacy as ContentType
+from tracim.lib.core.content import ContentApi
 from tracim.lib.core.user import UserApi
 from tracim.lib.core.workspace import WorkspaceApi
 from tracim.lib.utils.authorization import JSONDecodeError
 
 from tracim.models import User
-from tracim.models.data import Workspace
+from tracim.models.data import Workspace, Content
 
 
 class TracimRequest(Request):
@@ -35,6 +38,9 @@ class TracimRequest(Request):
             decode_param_names,
             **kw
         )
+        # Current content, found in request path
+        self._current_content = None  # type: Content
+
         # Current workspace, found in request path
         self._current_workspace = None  # type: Workspace
 
@@ -93,6 +99,27 @@ class TracimRequest(Request):
             )
         self._current_user = user
 
+    @property
+    def current_content(self) -> User:
+        """
+        Get current  content from path
+        """
+        if self._current_content is None:
+            self._current_content = self._get_current_content(
+                self.current_user,
+                self.current_workspace,
+                self
+                )
+        return self._current_content
+
+    @current_content.setter
+    def current_content(self, content: Content) -> None:
+        if self._current_content is not None:
+            raise ImmutableAttribute(
+                "Can't modify already setted current_content"
+            )
+        self._current_content = content
+
     # TODO - G.M - 24-05-2018 - Find a better naming for this ?
     @property
     def candidate_user(self) -> User:
@@ -132,7 +159,6 @@ class TracimRequest(Request):
         self._current_workspace = None
         self.dbsession.close()
 
-
     @candidate_user.setter
     def candidate_user(self, user: User) -> None:
         if self._candidate_user is not None:
@@ -145,6 +171,39 @@ class TracimRequest(Request):
     # Utils for TracimRequest
     ###
 
+    def _get_current_content(
+            self,
+            user: User,
+            workspace: Workspace,
+            request: 'TracimRequest'
+    ):
+        """
+        Get current content from request
+        :param user: User who want to check the workspace
+        :param request: pyramid request
+        :return: current content
+        """
+        content_id = ''
+        try:
+            if 'content_id' in request.matchdict:
+                content_id = int(request.matchdict['content_id'])
+            if not content_id:
+                raise ContentNotFoundInTracimRequest('No content_id property found in request')  # nopep8
+            api = ContentApi(
+                current_user=user,
+                session=request.dbsession,
+                config=request.registry.settings['CFG']
+            )
+            content = api.get_one(content_id=content_id, workspace=workspace, content_type=ContentType.Any)  # nopep8
+        except JSONDecodeError:
+            raise ContentNotFound('Bad json body')
+        except NoResultFound:
+            raise ContentNotFound(
+                'Content {} does not exist '
+                'or is not visible for this user'.format(content_id)
+            )
+        return content
+
     def _get_candidate_user(
             self,
             request: 'TracimRequest',

tracim/models/context_models.py

@@ -8,6 +8,7 @@ from tracim import CFG
 from tracim.models import User
 from tracim.models.auth import Profile
 from tracim.models.data import Content
+from tracim.models.data import ContentRevisionRO
 from tracim.models.data import Workspace, UserRoleInWorkspace
 from tracim.models.workspace_menu_entries import default_workspace_menu_entry
 from tracim.models.workspace_menu_entries import WorkspaceMenuEntry
@@ -89,7 +90,44 @@ class CommentCreation(object):
             self,
             raw_content: str,
     ):
-        self.raw_content=raw_content
+        self.raw_content = raw_content
+
+
+class SetContentStatus(object):
+    """
+    Set content status
+    """
+    def __init__(
+            self,
+            status: str,
+    ):
+        self.status = status
+
+
+class HTMLDocumentUpdate(object):
+    """
+    Comment creation model
+    """
+    def __init__(
+            self,
+            label: str,
+            raw_content: str,
+    ):
+        self.label = label
+        self.raw_content = raw_content
+
+
+class ThreadUpdate(object):
+    """
+    Comment creation model
+    """
+    def __init__(
+            self,
+            label: str,
+            raw_content: str,
+    ):
+        self.label = label
+        self.raw_content = raw_content
 
 
 class UserInContext(object):
@@ -331,7 +369,7 @@ class ContentInContext(object):
 
     @property
     def sub_content_types(self) -> typing.List[str]:
-        return [type.slug for type in self.content.get_allowed_content_types()]
+        return [_type.slug for _type in self.content.get_allowed_content_types()]
 
     @property
     def status(self) -> str:
@@ -357,9 +395,28 @@ class ContentInContext(object):
             user=self.content.owner
         )
 
-    # Context-related
+    @property
+    def current_revision_id(self):
+        return self.content.revision_id
+
+    @property
+    def created(self):
+        return self.content.created
+
+    @property
+    def modified(self):
+        return self.updated
+
+    @property
+    def updated(self):
+        return self.content.updated
 
     @property
+    def last_modifier(self):
+        # TODO - G.M - 2018-06-173 - Repair owner/last modifier
+        return self.author
+    # Context-related
+    @property
     def show_in_ui(self):
         # TODO - G.M - 31-05-2018 - Enable Show_in_ui params
         # if false, then do not show content in the treeview.
@@ -371,3 +428,111 @@ class ContentInContext(object):
     @property
     def slug(self):
         return slugify(self.content.label)
+
+
+class RevisionInContext(object):
+    """
+    Interface to get Content data and Content data related to context.
+    """
+
+    def __init__(self, content: ContentRevisionRO, dbsession: Session, config: CFG):
+        self.revision = content
+        self.dbsession = dbsession
+        self.config = config
+
+    # Default
+    @property
+    def content_id(self) -> int:
+        return self.revision.content_id
+
+    @property
+    def id(self) -> int:
+        return self.content_id
+
+    @property
+    def parent_id(self) -> int:
+        """
+        Return parent_id of the content
+        """
+        return self.revision.parent_id
+
+    @property
+    def workspace_id(self) -> int:
+        return self.revision.workspace_id
+
+    @property
+    def label(self) -> str:
+        return self.revision.label
+
+    @property
+    def content_type(self) -> str:
+        return self.revision.type
+
+    @property
+    def sub_content_types(self) -> typing.List[str]:
+        return [_type.slug for _type
+                in self.revision.node.get_allowed_content_types()]
+
+    @property
+    def status(self) -> str:
+        return self.revision.status
+
+    @property
+    def is_archived(self):
+        return self.revision.is_archived
+
+    @property
+    def is_deleted(self):
+        return self.revision.is_deleted
+
+    @property
+    def raw_content(self):
+        return self.revision.description
+
+    @property
+    def author(self):
+        return UserInContext(
+            dbsession=self.dbsession,
+            config=self.config,
+            user=self.revision.owner
+        )
+
+    @property
+    def revision_id(self):
+        return self.revision.revision_id
+
+    @property
+    def created(self):
+        return self.revision.created
+
+    @property
+    def modified(self):
+        return self.updated
+
+    @property
+    def updated(self):
+        return self.revision.updated
+
+    @property
+    def last_modifier(self):
+        # TODO - G.M - 2018-06-173 - Repair owner/last modifier
+        return self.author
+    
+    @property
+    def comments_ids(self):
+        # TODO - G.M - 2018-06-173 - Return comments related to this revision
+        return []
+
+    # Context-related
+    @property
+    def show_in_ui(self):
+        # TODO - G.M - 31-05-2018 - Enable Show_in_ui params
+        # if false, then do not show content in the treeview.
+        # This may his maybe used for specific contents or for sub-contents.
+        # Default is True.
+        # In first version of the API, this field is always True
+        return True
+
+    @property
+    def slug(self):
+        return slugify(self.revision.label)

tracim/tests/functional/test_comments.py

@@ -1,7 +1,4 @@
 # -*- coding: utf-8 -*-
-"""
-Tests for /api/v2/workspaces subpath endpoints.
-"""
 from tracim.tests import FunctionalTest
 from tracim.fixtures.content import Content as ContentFixtures
 from tracim.fixtures.users_and_groups import Base as BaseFixture

tracim/tests/functional/test_contents.py

@@ -0,0 +1,218 @@
+# -*- coding: utf-8 -*-
+from tracim.tests import FunctionalTest
+from tracim.fixtures.content import Content as ContentFixtures
+from tracim.fixtures.users_and_groups import Base as BaseFixture
+
+
+class TestHtmlDocuments(FunctionalTest):
+    """
+    Tests for /api/v2/workspaces/{workspace_id}/html-documents/{content_id}
+    endpoint
+    """
+
+    fixtures = [BaseFixture, ContentFixtures]
+
+    def test_api__get_html_document__err_400__wrong_content_type(self) -> None:
+        """
+        Get one html document of a content
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get(
+            '/api/v2/workspaces/2/html-documents/7',
+            status=400
+        )   # nopep8
+
+    def test_api__get_html_document__ok_200__nominal_case(self) -> None:
+        """
+        Get one html document of a content
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get(
+            '/api/v2/workspaces/2/html-documents/6',
+            status=200
+        )   # nopep8
+        content = res.json_body
+        assert content['content_type'] == 'page'
+        assert content['content_id'] == 6
+        assert content['is_archived'] is False
+        assert content['is_deleted'] is False
+        assert content['label'] == 'Tiramisu Recipe'
+        assert content['parent_id'] == 3
+        assert content['show_in_ui'] is True
+        assert content['slug'] == 'tiramisu-recipe'
+        assert content['status'] == 'open'
+        assert content['workspace_id'] == 2
+        assert content['current_revision_id'] == 7
+        # TODO - G.M - 2018-06-173 - check date format
+        assert content['created']
+        assert content['author']
+        assert content['author']['user_id'] == 1
+        assert content['author']['avatar_url'] is None
+        assert content['author']['public_name'] == 'Global manager'
+        # TODO - G.M - 2018-06-173 - check date format
+        assert content['modified']
+        assert content['last_modifier'] == content['author']
+        assert content['raw_content'] == '<p>To cook a great Tiramisu, you need many ingredients.</p>'  # nopep8
+
+    def test_api__update_html_document__ok_200__nominal_case(self) -> None:
+        """
+        Update(put) one html document of a content
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'label' : 'My New label',
+            'raw_content': '<p> Le nouveau contenu </p>',
+        }
+        res = self.testapp.put_json(
+            '/api/v2/workspaces/2/html-documents/6',
+            params=params,
+            status=200
+        )
+        content = res.json_body
+        assert content['content_type'] == 'page'
+        assert content['content_id'] == 6
+        assert content['is_archived'] is False
+        assert content['is_deleted'] is False
+        assert content['label'] == 'My New label'
+        assert content['parent_id'] == 3
+        assert content['show_in_ui'] is True
+        assert content['slug'] == 'my-new-label'
+        assert content['status'] == 'open'
+        assert content['workspace_id'] == 2
+        assert content['current_revision_id'] == 26
+        # TODO - G.M - 2018-06-173 - check date format
+        assert content['created']
+        assert content['author']
+        assert content['author']['user_id'] == 1
+        assert content['author']['avatar_url'] is None
+        assert content['author']['public_name'] == 'Global manager'
+        # TODO - G.M - 2018-06-173 - check date format
+        assert content['modified']
+        assert content['last_modifier'] == content['author']
+        assert content['raw_content'] == '<p> Le nouveau contenu </p>'
+
+        res = self.testapp.get(
+            '/api/v2/workspaces/2/html-documents/6',
+            status=200
+        )   # nopep8
+        content = res.json_body
+        assert content['content_type'] == 'page'
+        assert content['content_id'] == 6
+        assert content['is_archived'] is False
+        assert content['is_deleted'] is False
+        assert content['label'] == 'My New label'
+        assert content['parent_id'] == 3
+        assert content['show_in_ui'] is True
+        assert content['slug'] == 'my-new-label'
+        assert content['status'] == 'open'
+        assert content['workspace_id'] == 2
+        assert content['current_revision_id'] == 26
+        # TODO - G.M - 2018-06-173 - check date format
+        assert content['created']
+        assert content['author']
+        assert content['author']['user_id'] == 1
+        assert content['author']['avatar_url'] is None
+        assert content['author']['public_name'] == 'Global manager'
+        # TODO - G.M - 2018-06-173 - check date format
+        assert content['modified']
+        assert content['last_modifier'] == content['author']
+        assert content['raw_content'] == '<p> Le nouveau contenu </p>'
+
+    def test_api__get_html_document_revisions__ok_200__nominal_case(self) -> None:
+        """
+        Get one html document of a content
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get(
+            '/api/v2/workspaces/2/html-documents/6/revisions',
+            status=200
+        )
+        revisions = res.json_body
+        assert len(revisions) == 2
+        revision = revisions[0]
+        assert revision['content_type'] == 'page'
+        assert revision['content_id'] == 6
+        assert revision['is_archived'] is False
+        assert revision['is_deleted'] is False
+        assert revision['label'] == 'Tiramisu Recipe'
+        assert revision['parent_id'] == 3
+        assert revision['show_in_ui'] is True
+        assert revision['slug'] == 'tiramisu-recipe'
+        assert revision['status'] == 'open'
+        assert revision['workspace_id'] == 2
+        assert revision['revision_id'] == 6
+        assert revision['sub_content_types']
+        # TODO - G.M - 2018-06-173 - Test with real comments
+        assert revision['comments_ids'] == []
+        # TODO - G.M - 2018-06-173 - check date format
+        assert revision['created']
+        assert revision['author']
+        assert revision['author']['user_id'] == 1
+        assert revision['author']['avatar_url'] is None
+        assert revision['author']['public_name'] == 'Global manager'
+
+    def test_api__set_html_document_status__ok_200__nominal_case(self) -> None:
+        """
+        Get one html document of a content
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'status': 'closed-deprecated',
+        }
+
+        # before
+        res = self.testapp.get(
+            '/api/v2/workspaces/2/html-documents/6',
+            status=200
+        )   # nopep8
+        content = res.json_body
+        assert content['content_type'] == 'page'
+        assert content['content_id'] == 6
+        assert content['status'] == 'open'
+
+        # set status
+        res = self.testapp.put_json(
+            '/api/v2/workspaces/2/html-documents/6/status',
+            params=params,
+            status=204
+        )
+
+        # after
+        res = self.testapp.get(
+            '/api/v2/workspaces/2/html-documents/6',
+            status=200
+        )   # nopep8
+        content = res.json_body
+        assert content['content_type'] == 'page'
+        assert content['content_id'] == 6
+        assert content['status'] == 'closed-deprecated'

tracim/views/contents_api/html_document_controller.py

@@ -0,0 +1,196 @@
+# coding=utf-8
+import transaction
+from pyramid.config import Configurator
+
+from tracim.models.data import UserRoleInWorkspace
+
+try:  # Python 3.5+
+    from http import HTTPStatus
+except ImportError:
+    from http import client as HTTPStatus
+
+from tracim import TracimRequest
+from tracim.extensions import hapic
+from tracim.lib.core.content import ContentApi
+from tracim.views.controllers import Controller
+from tracim.views.core_api.schemas import HtmlDocumentContentSchema
+from tracim.views.core_api.schemas import HtmlDocumentRevisionSchema
+from tracim.views.core_api.schemas import SetContentStatusSchema
+from tracim.views.core_api.schemas import HtmlDocumentModifySchema
+from tracim.views.core_api.schemas import WorkspaceAndContentIdPathSchema
+from tracim.views.core_api.schemas import NoContentSchema
+from tracim.lib.utils.authorization import require_content_types
+from tracim.lib.utils.authorization import require_workspace_role
+from tracim.exceptions import WorkspaceNotFound, ContentTypeNotAllowed
+from tracim.exceptions import InsufficientUserProfile
+from tracim.exceptions import NotAuthenticated
+from tracim.exceptions import AuthenticationFailed
+from tracim.models.contents import ContentTypeLegacy as ContentType
+from tracim.models.contents import htmlpage_type
+from tracim.models.revision_protection import new_revision
+
+HTML_DOCUMENT_ENDPOINTS_TAG = 'HTML documents'
+
+
+class HTMLDocumentController(Controller):
+
+    @hapic.with_api_doc(tags=[HTML_DOCUMENT_ENDPOINTS_TAG])
+    @hapic.handle_exception(NotAuthenticated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(WorkspaceNotFound, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(AuthenticationFailed, HTTPStatus.BAD_REQUEST)
+    @hapic.handle_exception(ContentTypeNotAllowed, HTTPStatus.BAD_REQUEST)
+    @require_workspace_role(UserRoleInWorkspace.READER)
+    @require_content_types([htmlpage_type])
+    @hapic.input_path(WorkspaceAndContentIdPathSchema())
+    @hapic.output_body(HtmlDocumentContentSchema())
+    def get_html_document(self, context, request: TracimRequest, hapic_data=None):  # nopep8
+        """
+        Get html document content
+        """
+        app_config = request.registry.settings['CFG']
+        api = ContentApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        content = api.get_one(
+            hapic_data.path.content_id,
+            content_type=ContentType.Any
+        )
+        return api.get_content_in_context(content)
+
+    @hapic.with_api_doc(tags=[HTML_DOCUMENT_ENDPOINTS_TAG])
+    @hapic.handle_exception(NotAuthenticated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(WorkspaceNotFound, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(AuthenticationFailed, HTTPStatus.BAD_REQUEST)
+    @require_workspace_role(UserRoleInWorkspace.CONTRIBUTOR)
+    @require_content_types([htmlpage_type])
+    @hapic.input_path(WorkspaceAndContentIdPathSchema())
+    @hapic.input_body(HtmlDocumentModifySchema())
+    @hapic.output_body(HtmlDocumentContentSchema())
+    def update_html_document(self, context, request: TracimRequest, hapic_data=None):
+        """
+        update_html_document
+        """
+        app_config = request.registry.settings['CFG']
+        api = ContentApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        content = api.get_one(
+            hapic_data.path.content_id,
+            content_type=ContentType.Any
+        )
+        with new_revision(
+                session=request.dbsession,
+                tm=transaction.manager,
+                content=content
+        ):
+            api.update_content(
+                item=content,
+                new_label=hapic_data.body.label,
+                new_content=hapic_data.body.raw_content,
+
+            )
+            api.save(content)
+        return api.get_content_in_context(content)
+
+    @hapic.with_api_doc(tags=[HTML_DOCUMENT_ENDPOINTS_TAG])
+    @hapic.handle_exception(NotAuthenticated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(WorkspaceNotFound, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(AuthenticationFailed, HTTPStatus.BAD_REQUEST)
+    @require_workspace_role(UserRoleInWorkspace.READER)
+    @require_content_types([htmlpage_type])
+    @hapic.input_path(WorkspaceAndContentIdPathSchema())
+    @hapic.output_body(HtmlDocumentRevisionSchema(many=True))
+    def get_html_document_revisions(self, context, request: TracimRequest, hapic_data=None):  # nopep8
+        """
+        get html_document revisions
+        """
+        app_config = request.registry.settings['CFG']
+        api = ContentApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        content = api.get_one(
+            hapic_data.path.content_id,
+            content_type=ContentType.Any
+        )
+        revisions = content.revisions
+        return [
+            api.get_revision_in_context(revision)
+            for revision in revisions
+        ]
+
+    @hapic.with_api_doc(tags=[HTML_DOCUMENT_ENDPOINTS_TAG])
+    @hapic.handle_exception(NotAuthenticated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(WorkspaceNotFound, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(AuthenticationFailed, HTTPStatus.BAD_REQUEST)
+    @require_content_types([htmlpage_type])
+    @hapic.input_path(WorkspaceAndContentIdPathSchema())
+    @hapic.input_body(SetContentStatusSchema())
+    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
+    def set_html_document_status(self, context, request: TracimRequest, hapic_data=None):  # nopep8
+        """
+        set html_document status
+        """
+        app_config = request.registry.settings['CFG']
+        api = ContentApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        content = api.get_one(
+            hapic_data.path.content_id,
+            content_type=ContentType.Any
+        )
+        with new_revision(
+                session=request.dbsession,
+                tm=transaction.manager,
+                content=content
+        ):
+            api.set_status(
+                content,
+                hapic_data.body.status,
+            )
+            api.save(content)
+        return
+
+    def bind(self, configurator: Configurator):
+        # Get html-document
+        configurator.add_route(
+            'html_document',
+            '/workspaces/{workspace_id}/html-documents/{content_id}',
+            request_method='GET'
+        )
+        configurator.add_view(self.get_html_document, route_name='html_document')  # nopep8
+
+        # update html-document
+        configurator.add_route(
+            'update_html_document',
+            '/workspaces/{workspace_id}/html-documents/{content_id}',
+            request_method='PUT'
+        )  # nopep8
+        configurator.add_view(self.update_html_document, route_name='update_html_document')  # nopep8
+
+        # get html document revisions
+        configurator.add_route(
+            'html_document_revisions',
+            '/workspaces/{workspace_id}/html-documents/{content_id}/revisions',  # nopep8
+            request_method='GET'
+        )
+        configurator.add_view(self.get_html_document_revisions, route_name='html_document_revisions')  # nopep8
+
+        # get html document revisions
+        configurator.add_route(
+            'set_html_document_status',
+            '/workspaces/{workspace_id}/html-documents/{content_id}/status',  # nopep8
+            request_method='PUT'
+        )
+        configurator.add_view(self.set_html_document_status, route_name='set_html_document_status')  # nopep8

tracim/views/core_api/schemas.py

@@ -9,12 +9,15 @@ from tracim.models.contents import CONTENT_DEFAULT_STATUS
 from tracim.models.contents import GlobalStatus
 from tracim.models.contents import open_status
 from tracim.models.context_models import ContentCreation
+from tracim.models.context_models import SetContentStatus
 from tracim.models.context_models import CommentCreation
 from tracim.models.context_models import CommentPath
 from tracim.models.context_models import MoveParams
 from tracim.models.context_models import WorkspaceAndContentPath
 from tracim.models.context_models import ContentFilter
 from tracim.models.context_models import LoginCredentials
+from tracim.models.context_models import HTMLDocumentUpdate
+from tracim.models.context_models import ThreadUpdate
 from tracim.models.data import UserRoleInWorkspace
 
 
@@ -412,7 +415,7 @@ class HtmlDocumentContentSchema(ContentSchema):
 
 
 class RevisionSchema(ContentDigestSchema):
-    comments_id = marshmallow.fields.List(marshmallow.fields.Int(example=4))
+    comments_ids = marshmallow.fields.List(marshmallow.fields.Int(example=4))
     revision_id = marshmallow.fields.Int(example=12)
     created = marshmallow.fields.DateTime(
         format='%Y-%m-%dT%H:%M:%SZ',
@@ -450,10 +453,18 @@ class ContentModifySchema(marshmallow.Schema):
 class HtmlDocumentModifySchema(ContentModifySchema):
     raw_content = marshmallow.fields.String('<p>Html page Content !</p>')
 
+    @post_load
+    def html_document_update(self, data):
+        return HTMLDocumentUpdate(**data)
+
 
 class ThreadModifySchema(ContentModifySchema):
     raw_content = marshmallow.fields.String('Description of Thread')
 
+    @post_load
+    def thread_update(self, data):
+        return ThreadUpdate(**data)
+
 
 class SetCommentSchema(marshmallow.Schema):
     raw_content = marshmallow.fields.String(
@@ -470,5 +481,10 @@ class SetContentStatusSchema(marshmallow.Schema):
         example='closed-deprecated',
         validate=OneOf([status.slug for status in CONTENT_DEFAULT_STATUS]),
         description='this slug is found in content_type available statuses',
-        default=open_status
-    )
+        default=open_status,
+        required=True,
+    )
+
+    @post_load
+    def set_status(self, data):
+        return SetContentStatus(**data)