search

pypi / warehouse

The Python Package Index
https://pypi.org
Apache License 2.0
3.54k stars 952 forks source link

REST API is missing package_roles info from XML-RPC #9700

Open 4383 opened 3 years ago

4383 commented 3 years ago

Describe the bug On openstack, we noticed missing data during our transition from the xmlrpc to the restful API.

Indeed, few months ago, we started transitioning github.com/openstack/releases on the restful API.

Previously we relied on the package_role method to retrieve roles. Role is either Maintainer or Owner. The original intent here was to check whether an existing package registration allowed the account used by our automation to upload releases.

Example:

>>> import xmlrpc.client
>>> client = xmlrpc.client.ServerProxy("https://pypi.org/pypi")
>>> client.package_roles('ansible-role-atos-hsm')
[['Owner', 'openstackci']]

Unfortunately the restful API doesn't seems to return similar information. A maintainer field is returned but this one is empty

>>> import requests
>>> data = requests.get('https://pypi.org/pypi/ansible-role-atos-hsm/json')
>>> print(data.json()['info']['maintainer'])

>>> # Empty result

So, we don't know how to finalize our transition without these data.

Expected behavior

Does the fact that the data.json()['info']['maintainer'] is empty is normal?

Do we should expect an empty result here?

Is it possible to bind something else (another JSON key) to retrieve this information?

To Reproduce

By using xmlrpc:

>>> import xmlrpc.client
>>> client = xmlrpc.client.ServerProxy("https://pypi.org/pypi")
>>> client.package_roles('ansible-role-atos-hsm')
[['Owner', 'openstackci']]

By using restful

>>> import requests
>>> data = requests.get('https://pypi.org/pypi/ansible-role-atos-hsm/json')
>>> print(data.json()['info']['maintainer'])

>>> # Empty result

My Platform

Additional context

To see the full context of our transition and the full context of the experienced problem, then, please have a look to https://review.opendev.org/c/openstack/releases/+/785008

Thanks for your help.

di commented 3 years ago

The maintainer field in the JSON API corresponds to the Maintainer metadata field that is provided in the package metadata, not the maintainers on PyPI.

There is no equivalent API for package_role.

4383 commented 3 years ago

So, if no equivalent exist, I think that we can close this issue.

Thank you for your reply.

di commented 3 years ago

We can leave this open to track creation of an equivalent.

4383 commented 3 years ago

You mean the creation of an equivalent field (package_role)? If yes it would be awesome.

abitrolly commented 3 years ago

Should this be renamed to "REST API is missing package_roles info from XML-RPC"?

4383 commented 3 years ago

Should this be renamed to "REST API is missing package_roles info from XML-RPC"?

Do you speak about this github issue or do you speak about the github pull request #9770 ?

abitrolly commented 3 years ago

About this GitHub issue. It is quite specific about what info is missing.

4383 commented 3 years ago

Done

abitrolly commented 3 years ago

Now it needs to be linked to some master issue about adding a package Admin API to PyPI, but I can't find any. The closest one is https://github.com/pypa/warehouse/issues/284 and it is not specific enough to be actionable. In particular it does not separate Metadata API (stuff that comes shipped with code) and Admin API (outside stuff that is needed to manage shipping through PyPI).