Simplify the REST API code. Here's what I did:

1) Simplify gallery_rest to return flat models, no children and do no
   validation for now.
2) Flatten the REST replies and use HTTP codes to indicate
   success/failure instead of additional status messages.
3) Use the message and error code support in the base Exception class,
   instead of brewing our own in Rest_Exception.
4) Get rid of rest::success() and rest::fail() -- we only need
   rest::reply() since all failures are covered by throwing an
   exception.
5) Get rid of /rest/access_key and just use /rest for authentication.
6) Inline and simplify rest::normalize_request since we only use it once
7) Change rest::set_active_user to succeed or throw an exception
8) Extract Rest_Exception::sendHeaders into rest::send_headers()

Here's what's currently broken:
1) Data validation.  There currently is none
2) Logging.  That's gone too
3) image block and tag code is broken
4) Tests are broken
5) No movie support

1 files changed, 36 insertions, 24 deletions

diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php
index 26e5b31a..0332e5fc 100644
--- a/modules/rest/controllers/rest.php
+++ b/modules/rest/controllers/rest.php
@@ -18,20 +18,14 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class Rest_Controller extends Controller {
-  public function access_key() {
+  public function index() {
     try {
-      $request = (object)Input::instance()->get();
-      if (empty($request->user) || empty($request->password)) {
-        throw new Rest_Exception(403, "Forbidden");
-      }
-
-      $user = identity::lookup_user_by_name($request->user);
-      if (empty($user)) {
-        throw new Rest_Exception(403, "Forbidden");
-      }
+      $username = Input::instance()->post("user");
+      $password = Input::instance()->post("password");
 
-      if (!identity::is_correct_password($user, $request->password)) {
-        throw new Rest_Exception(403, "Forbidden");
+      $user = identity::lookup_user_by_name($username);
+      if (empty($user) || !identity::is_correct_password($user, $password)) {
+        throw new Rest_Exception("Forbidden", 403);
       }
 
       $key = ORM::factory("user_access_token")
@@ -42,27 +36,45 @@ class Rest_Controller extends Controller {
         $key->access_key = md5($user->name . rand());
         $key->save();
       }
-      print rest::success(array("token" => $key->access_key));
-    } catch (Rest_Exception $e) {
-      $e->sendHeaders();
+
+      rest::reply($key->access_key);
+    } catch (Exception $e) {
+      rest::send_headers($e);
     }
  }
 
   public function __call($function, $args) {
-    $request = rest::normalize_request($args);
+    $input = Input::instance();
+    switch ($method = strtolower($input->server("REQUEST_METHOD"))) {
+    case "get":
+      $request->params = (object) Input::instance()->get();
+      break;
+
+    case "post":
+      $request->params = (object) Input::instance()->post();
+      if (isset($_FILES["file"])) {
+        $request->file = upload::save("file");
+      }
+      break;
+    }
+
+    $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method));
+    $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY");
+    $request->path = implode("/", $args);
+
     try {
-      if (rest::set_active_user($request->access_token)) {
-        $handler_class = "{$function}_rest";
-        $handler_method = $request->method;
+      rest::set_active_user($request->access_token);
 
-        if (!method_exists($handler_class, $handler_method)) {
-          throw new Rest_Exception(403, "Forbidden");
-        }
+      $handler_class = "{$function}_rest";
+      $handler_method = $request->method;
 
-        print call_user_func(array($handler_class, $handler_method), $request);
+      if (!method_exists($handler_class, $handler_method)) {
+        throw new Rest_Exception("Forbidden", 403);
       }
+
+      print call_user_func(array($handler_class, $handler_method), $request);
     } catch (Rest_Exception $e) {
-      $e->sendHeaders();
+      rest::send_headers($e);
     }
   }
 }
\ No newline at end of file