Simplify the REST API code. Here's what I did:

1) Simplify gallery_rest to return flat models, no children and do no validation for now. 2) Flatten the REST replies and use HTTP codes to indicate success/failure instead of additional status messages. 3) Use the message and error code support in the base Exception class, instead of brewing our own in Rest_Exception. 4) Get rid of rest::success() and rest::fail() -- we only need rest::reply() since all failures are covered by throwing an exception. 5) Get rid of /rest/access_key and just use /rest for authentication. 6) Inline and simplify rest::normalize_request since we only use it once 7) Change rest::set_active_user to succeed or throw an exception 8) Extract Rest_Exception::sendHeaders into rest::send_headers() Here's what's currently broken: 1) Data validation. There currently is none 2) Logging. That's gone too 3) image block and tag code is broken 4) Tests are broken 5) No movie support
author: Bharat Mediratta <bharat@menalto.com> 2010-01-03 20:30:35 -0800
committer: Bharat Mediratta <bharat@menalto.com> 2010-01-03 20:30:35 -0800
commit: 0e3327bca70623175791ee41085d55d0cb13fe5b (patch)
tree: 4445d8783d024baf8eddb4ea3ca2b6e7cf15ae7c /modules/rest
parent: 64e5efd57ba1479179c202e1b76b6eeb42d2924c (diff)
4 files changed, 70 insertions, 117 deletions
diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php
index 26e5b31a..0332e5fc 100644
--- a/modules/rest/controllers/rest.php
+++ b/modules/rest/controllers/rest.php
@@ -18,20 +18,14 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class Rest_Controller extends Controller {
-  public function access_key() {
+  public function index() {
     try {
-      $request = (object)Input::instance()->get();
-      if (empty($request->user) || empty($request->password)) {
-        throw new Rest_Exception(403, "Forbidden");
-      }
-
-      $user = identity::lookup_user_by_name($request->user);
-      if (empty($user)) {
-        throw new Rest_Exception(403, "Forbidden");
-      }
+      $username = Input::instance()->post("user");
+      $password = Input::instance()->post("password");
 
-      if (!identity::is_correct_password($user, $request->password)) {
-        throw new Rest_Exception(403, "Forbidden");
+      $user = identity::lookup_user_by_name($username);
+      if (empty($user) || !identity::is_correct_password($user, $password)) {
+        throw new Rest_Exception("Forbidden", 403);
       }
 
       $key = ORM::factory("user_access_token")
@@ -42,27 +36,45 @@ class Rest_Controller extends Controller {
         $key->access_key = md5($user->name . rand());
         $key->save();
       }
-      print rest::success(array("token" => $key->access_key));
-    } catch (Rest_Exception $e) {
-      $e->sendHeaders();
+
+      rest::reply($key->access_key);
+    } catch (Exception $e) {
+      rest::send_headers($e);
     }
  }
 
   public function __call($function, $args) {
-    $request = rest::normalize_request($args);
+    $input = Input::instance();
+    switch ($method = strtolower($input->server("REQUEST_METHOD"))) {
+    case "get":
+      $request->params = (object) Input::instance()->get();
+      break;
+
+    case "post":
+      $request->params = (object) Input::instance()->post();
+      if (isset($_FILES["file"])) {
+        $request->file = upload::save("file");
+      }
+      break;
+    }
+
+    $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method));
+    $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY");
+    $request->path = implode("/", $args);
+
     try {
-      if (rest::set_active_user($request->access_token)) {
-        $handler_class = "{$function}_rest";
-        $handler_method = $request->method;
+      rest::set_active_user($request->access_token);
 
-        if (!method_exists($handler_class, $handler_method)) {
-          throw new Rest_Exception(403, "Forbidden");
-        }
+      $handler_class = "{$function}_rest";
+      $handler_method = $request->method;
 
-        print call_user_func(array($handler_class, $handler_method), $request);
+      if (!method_exists($handler_class, $handler_method)) {
+        throw new Rest_Exception("Forbidden", 403);
       }
+
+      print call_user_func(array($handler_class, $handler_method), $request);
     } catch (Rest_Exception $e) {
-      $e->sendHeaders();
+      rest::send_headers($e);
     }
   }
 }
 \ No newline at end of file
diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index be0644f2..f7f3f9fd 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -18,87 +18,37 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class rest_Core {
-  /**
-   * Request failed
-   */
-  static function fail($log_message=null) {
-    if (!empty($log_message)) {
-      Kohana_Log::add("info", $log_message);
-    }
-    // We don't need to save the session for this request
+  static function reply($data=array()) {
     Session::abort_save();
-    return json_encode(array("status" => "ERROR", "message" => (string)$message));
-  }
 
-  /**
-   * Success
-   */
-  static function success($response_data=array(), $message=null) {
-    $response = array("status" => "OK");
-    if (!empty($message)) {
-      $response["message"] = (string)$message;
+    if ($data) {
+      print json_encode($data);
     }
-    $response = array_merge($response, $response_data);
-
-    // We don't need to save the session for this request
-    Session::abort_save();
-    return json_encode($response);
   }
 
-  /**
-   * Validation Error
-   */
-  static function validation_error($error_data) {
-    $response = array("status" => "VALIDATE_ERROR");
-    $response = array_merge($response, array("fields" => $error_data));
-
-    // We don't need to save the session for this request
-    Session::abort_save();
-    return json_encode($response);
-  }
+  static function set_active_user($access_token) {
+    if (empty($access_token)) {
+      identity::set_active_user(identity::guest());
+      return;
+    }
 
+    $key = ORM::factory("user_access_token")
+      ->where("access_key", "=", $access_token)
+      ->find();
 
-  static function normalize_request($args=array()) {
-    $input = Input::instance();
-    $method = strtolower($input->server("REQUEST_METHOD"));
-    $request = new stdClass();
-    foreach (array_keys($input->get()) as $key) {
-      $request->$key = $input->get($key);
-    }
-    if ($method != "get") {
-      foreach (array_keys($input->post()) as $key) {
-        $request->$key = $input->post($key);
-      }
-      foreach (array_keys($_FILES) as $key) {
-        $request->$key = $_FILES[$key];
-      }
+    if (!$key->loaded()) {
+      throw new Rest_Exception("Forbidden", 403);
     }
 
-    $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method));
-    $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY");
-    $request->arguments = $args;  // Let the rest handler figure out what the arguments mean
+    $user = identity::lookup_user($key->user_id);
+    if (empty($user)) {
+      throw new Rest_Exception("Forbidden", 403);
+    }
 
-    return $request;
+    identity::set_active_user($user);
   }
 
-  static function set_active_user($access_token) {
-    if (empty($access_token)) {
-      $user = identity::guest();
-    } else {
-      $key = ORM::factory("user_access_token")
-        ->where("access_key", "=", $access_token)
-        ->find();
-
-      if ($key->loaded()) {
-        $user = identity::lookup_user($key->user_id);
-        if (empty($user)) {
-          throw new Rest_Exception(403, "Forbidden");
-        }
-      } else {
-        throw new Rest_Exception(403, "Forbidden");
-      }
-    }
-    identity::set_active_user($user);
-    return true;
+  static function send_headers($exception) {
+    header("HTTP/1.1 " . $exception->getCode() . " " . $exception->getMessage());
   }
 }
diff --git a/modules/rest/libraries/Rest_Exception.php b/modules/rest/libraries/Rest_Exception.php
index 905b94a0..596b3712 100644
--- a/modules/rest/libraries/Rest_Exception.php
+++ b/modules/rest/libraries/Rest_Exception.php
@@ -18,19 +18,4 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class Rest_Exception_Core extends Exception {
-  /**
-   * Set internal properties.
-   */
-  public function __construct($code, $text) {
-    parent::__construct("$code $text");
-  }
-
-  /**
-   * Sends the headers, to emulate server behavior.
-   *
-   * @return void
-   */
-  public function sendHeaders() {
-    header('HTTP/1.1 {$this->getMessage()}');
-  }
-} // End Rest Exception
-\ No newline at end of file
+}
+\ No newline at end of file
diff --git a/modules/rest/tests/Rest_Controller_Test.php b/modules/rest/tests/Rest_Controller_Test.php
index 83bd9db6..c881583c 100644
--- a/modules/rest/tests/Rest_Controller_Test.php
+++ b/modules/rest/tests/Rest_Controller_Test.php
@@ -84,7 +84,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
     try {
       $this->_call_controller();
     } catch (Rest_Exception $e) {
-      $this->assert_equal("403 Forbidden", $e->getMessage());
+      $this->assert_equal(403, $e->getCode());
+      $this->assert_equal("Forbidden", $e->getMessage());
     } catch (Exception $e) {
       $this->assert_false(true, $e->__toString());
     }
@@ -97,7 +98,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
     try {
       $this->_call_controller();
     } catch (Rest_Exception $e) {
-      $this->assert_equal("403 Forbidden", $e->getMessage());
+      $this->assert_equal(403, $e->getCode());
+      $this->assert_equal("Forbidden", $e->getMessage());
     } catch (Exception $e) {
       $this->assert_false(true, $e->__toString());
     }
@@ -109,7 +111,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
     try {
       $this->_call_controller();
     } catch (Rest_Exception $e) {
-      $this->assert_equal("403 Forbidden", $e->getMessage());
+      $this->assert_equal(403, $e->getCode());
+      $this->assert_equal("Forbidden", $e->getMessage());
     } catch (Exception $e) {
       $this->assert_false(true, $e->__toString());
     }
@@ -137,7 +140,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
     try {
       $this->_call_controller();
     } catch (Rest_Exception $e) {
-      $this->assert_equal("403 Forbidden", $e->getMessage());
+      $this->assert_equal(403, $e->getCode());
+      $this->assert_equal("Forbidden", $e->getMessage());
     } catch (Exception $e) {
       $this->assert_false(true, $e->__toString());
     }
@@ -155,7 +159,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
     try {
       $this->_call_controller("rest", explode("/", $photo->relative_url()));
     } catch (Rest_Exception $e) {
-      $this->assert_equal("403 Forbidden", $e->getMessage());
+      $this->assert_equal(403, $e->getCode());
+      $this->assert_equal("Forbidden", $e->getMessage());
     } catch (Exception $e) {
       $this->assert_false(true, $e->__toString());
     }
@@ -171,7 +176,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
     try {
       $this->_call_controller("rest", explode("/", $photo->relative_url()));
     } catch (Rest_Exception $e) {
-      $this->assert_equal("501 Not Implemented", $e->getMessage());
+      $this->assert_equal(501, $e->getCode());
+      $this->assert_equal("Not Implemented", $e->getMessage());
     } catch (Exception $e) {
       $this->assert_false(true, $e->__toString());
     }
@@ -218,7 +224,7 @@ class rest_rest {
     $response["thumb_url"] = $item->thumb_url();
     $response["description"] = $item->description;
     $response["internet_address"] = $item->slug;
-    return rest::success(array($item->type => $response), t("Processed"));
+    return rest::reply(array($item->type => $response));
   }
 
 }
author	Bharat Mediratta <bharat@menalto.com>	2010-01-03 20:30:35 -0800
committer	Bharat Mediratta <bharat@menalto.com>	2010-01-03 20:30:35 -0800
commit	0e3327bca70623175791ee41085d55d0cb13fe5b (patch)
tree	4445d8783d024baf8eddb4ea3ca2b6e7cf15ae7c /modules/rest
parent	64e5efd57ba1479179c202e1b76b6eeb42d2924c (diff)