diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-01-03 20:30:35 -0800 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-01-03 20:30:35 -0800 |
| commit | 0e3327bca70623175791ee41085d55d0cb13fe5b (patch) | |
| tree | 4445d8783d024baf8eddb4ea3ca2b6e7cf15ae7c /modules/rest/helpers/rest.php | |
| parent | 64e5efd57ba1479179c202e1b76b6eeb42d2924c (diff) | |
Simplify the REST API code. Here's what I did:
1) Simplify gallery_rest to return flat models, no children and do no
validation for now.
2) Flatten the REST replies and use HTTP codes to indicate
success/failure instead of additional status messages.
3) Use the message and error code support in the base Exception class,
instead of brewing our own in Rest_Exception.
4) Get rid of rest::success() and rest::fail() -- we only need
rest::reply() since all failures are covered by throwing an
exception.
5) Get rid of /rest/access_key and just use /rest for authentication.
6) Inline and simplify rest::normalize_request since we only use it once
7) Change rest::set_active_user to succeed or throw an exception
8) Extract Rest_Exception::sendHeaders into rest::send_headers()
Here's what's currently broken:
1) Data validation. There currently is none
2) Logging. That's gone too
3) image block and tag code is broken
4) Tests are broken
5) No movie support
Diffstat (limited to 'modules/rest/helpers/rest.php')
| -rw-r--r-- | modules/rest/helpers/rest.php | 90 |
1 files changed, 20 insertions, 70 deletions
diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index be0644f2..f7f3f9fd 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -18,87 +18,37 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class rest_Core { - /** - * Request failed - */ - static function fail($log_message=null) { - if (!empty($log_message)) { - Kohana_Log::add("info", $log_message); - } - // We don't need to save the session for this request + static function reply($data=array()) { Session::abort_save(); - return json_encode(array("status" => "ERROR", "message" => (string)$message)); - } - /** - * Success - */ - static function success($response_data=array(), $message=null) { - $response = array("status" => "OK"); - if (!empty($message)) { - $response["message"] = (string)$message; + if ($data) { + print json_encode($data); } - $response = array_merge($response, $response_data); - - // We don't need to save the session for this request - Session::abort_save(); - return json_encode($response); } - /** - * Validation Error - */ - static function validation_error($error_data) { - $response = array("status" => "VALIDATE_ERROR"); - $response = array_merge($response, array("fields" => $error_data)); - - // We don't need to save the session for this request - Session::abort_save(); - return json_encode($response); - } + static function set_active_user($access_token) { + if (empty($access_token)) { + identity::set_active_user(identity::guest()); + return; + } + $key = ORM::factory("user_access_token") + ->where("access_key", "=", $access_token) + ->find(); - static function normalize_request($args=array()) { - $input = Input::instance(); - $method = strtolower($input->server("REQUEST_METHOD")); - $request = new stdClass(); - foreach (array_keys($input->get()) as $key) { - $request->$key = $input->get($key); - } - if ($method != "get") { - foreach (array_keys($input->post()) as $key) { - $request->$key = $input->post($key); - } - foreach (array_keys($_FILES) as $key) { - $request->$key = $_FILES[$key]; - } + if (!$key->loaded()) { + throw new Rest_Exception("Forbidden", 403); } - $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method)); - $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY"); - $request->arguments = $args; // Let the rest handler figure out what the arguments mean + $user = identity::lookup_user($key->user_id); + if (empty($user)) { + throw new Rest_Exception("Forbidden", 403); + } - return $request; + identity::set_active_user($user); } - static function set_active_user($access_token) { - if (empty($access_token)) { - $user = identity::guest(); - } else { - $key = ORM::factory("user_access_token") - ->where("access_key", "=", $access_token) - ->find(); - - if ($key->loaded()) { - $user = identity::lookup_user($key->user_id); - if (empty($user)) { - throw new Rest_Exception(403, "Forbidden"); - } - } else { - throw new Rest_Exception(403, "Forbidden"); - } - } - identity::set_active_user($user); - return true; + static function send_headers($exception) { + header("HTTP/1.1 " . $exception->getCode() . " " . $exception->getMessage()); } } |