diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2009-12-08 09:19:48 -0800 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2009-12-08 09:19:48 -0800 |
| commit | fa0663d7df0cfcf0818e182f3d2d19fc6be2a5d1 (patch) | |
| tree | 436b22828205f718d05bbc6a445864c86205625f /modules | |
| parent | b0de1fe1d975e43a060c66da16f3cc2474d70bae (diff) | |
Rename the backing table from rest_keys to user_access_tokens
Implement an api to format the errors and success messages
Removed the custom routing... urls are now /rest/<module_name>/<resource>
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/rest/config/routes.php | 23 | ||||
| -rw-r--r-- | modules/rest/controllers/rest.php | 53 | ||||
| -rw-r--r-- | modules/rest/helpers/rest.php | 69 | ||||
| -rw-r--r-- | modules/rest/helpers/rest_event.php | 8 | ||||
| -rw-r--r-- | modules/rest/helpers/rest_installer.php | 4 | ||||
| -rw-r--r-- | modules/rest/models/user_access_token.php (renamed from modules/rest/models/rest_key.php) | 2 | ||||
| -rw-r--r-- | modules/rest/tests/Rest_Controller_Test.php | 34 |
7 files changed, 116 insertions, 77 deletions
diff --git a/modules/rest/config/routes.php b/modules/rest/config/routes.php deleted file mode 100644 index ec65fda8..00000000 --- a/modules/rest/config/routes.php +++ /dev/null @@ -1,23 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ - -// Redirect module REST requests to the REST Controller -$config["^(\w+)/rest/(.*)$"] = "rest/$1/$2"; - diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php index d16d2316..0e5cbe96 100644 --- a/modules/rest/controllers/rest.php +++ b/modules/rest/controllers/rest.php @@ -20,21 +20,21 @@ class Rest_Controller extends Controller { public function access_key() { $request = json_decode($this->input->post("request")); if (empty($request->user) || empty($request->password)) { - print json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))); + print rest::forbidden("No user or password supplied"); return; } $user = identity::lookup_user_by_name($request->user); if (empty($user)) { - print json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))); + print rest::forbidden("User '{$request->user}' not found"); return; } if (!identity::is_correct_password($user, $request->password)) { - print json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))); + print rest::forbidden("Invalid password for '{$request->user}'."); return; } - $key = ORM::factory("rest_key") + $key = ORM::factory("user_access_token") ->where("user_id", $user->id) ->find(); if (!$key->loaded) { @@ -43,7 +43,7 @@ class Rest_Controller extends Controller { $key->save(); Kohana::log("alert", Kohana::debug($key->as_array())); } - print json_encode(array("status" => "OK", "token" => $key->access_key)); + print rest::success(array("token" => $key->access_key)); } public function __call($function, $args) { @@ -51,41 +51,37 @@ class Rest_Controller extends Controller { $request = $this->input->post("request", null); if (empty($access_token)) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); + print rest::forbidden("No access token supplied."); return; } - if (!empty($request)) { - $method = strtolower($this->input->server("HTTP_X_HTTP_METHOD_OVERRIDE", "POST")); - $request = json_decode($request); - } else { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); - return; - } - try { - $key = ORM::factory("rest_key") + $key = ORM::factory("user_access_token") ->where("access_key", $access_token) ->find(); if (!$key->loaded) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); + print rest::forbidden("Invalid key: $access_token"); return; } $user = identity::lookup_user($key->user_id); if (empty($user)) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); + print rest::forbidden("User not found: {$key->user_id}"); return; } + if (!empty($request)) { + $method = strtolower($this->input->server("HTTP_X_HTTP_METHOD_OVERRIDE", "POST")); + $request = json_decode($request); + } else { + print rest::invalid_request("Empty Request"); + return; + } + + if (empty($args[0])) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Invalid request parameters"))); + print rest::invalid_request("Resource not supplied"); return; } @@ -93,18 +89,15 @@ class Rest_Controller extends Controller { $handler_method = "{$method}_{$args[0]}"; if (!method_exists($handler_class, $handler_method)) { - Kohana::log("error", "$handler_class::$handler_method is not implemented"); - print json_encode(array("status" => "ERROR", - "message" => (string)t("Service not implemented"))); + print rest::not_implemented("$handler_class::$handler_method is not implemented"); return; } - $response = call_user_func(array($handler_class, $handler_method), $request); + identity::set_active_user($user); - print json_encode($response); + print call_user_func(array($handler_class, $handler_method), $request); } catch (Exception $e) { - Kohana::log("error", $e->__toString()); - print json_encode(array("status" => "ERROR", "message" => (string)t("Internal error"))); + print rest::internal_error($e); } } diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php new file mode 100644 index 00000000..34852a9e --- /dev/null +++ b/modules/rest/helpers/rest.php @@ -0,0 +1,69 @@ +<?php defined("SYSPATH") or die("No direct script access.");/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class rest_Core { + /** + * Authorization Failure + */ + static function forbidden($log_message=null) { + return self::_format_response(t("Authorization failed"), $log_message); + } + + /** + * Invalid Failure + */ + static function invalid_request($log_message=null) { + return self::_format_response(t("Invalid request"), $log_message); + } + + /** + * Not implemented + */ + static function not_implemented($log_message=null) { + return self::_format_response(t("Service not implemented"), $log_message); + } + + /** + * Internal Error + */ + static function internal_error($log_message=null) { + return self::_format_response(t("Internal error"), $log_message); + } + + /** + * Not implemented + */ + static function success($response_data, $message=null) { + $response = array("status" => "OK"); + if (!empty($message)) { + $response["message"] = (string)$message; + } + // We don't need to save the session for this request + Session::abort_save(); + return json_encode(array_merge($response, $response_data)); + } + + private static function _format_response($message, $log_message) { + if (!empty($log_message)) { + Kohana::log("info", $log_message); + } + // We don't need to save the session for this request + Session::abort_save(); + return json_encode(array("status" => "ERROR", "message" => (string)$message)); + } +} diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index fd1c25be..ce926107 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -22,7 +22,7 @@ class rest_event { * the user_homes directory. */ static function user_before_delete($user) { - ORM::factory("rest_key") + ORM::factory("user_access_token") ->where("id", $user->id) ->delete_all(); } @@ -32,7 +32,7 @@ class rest_event { * on every add. */ static function user_add_form_admin_completed($user, $form) { - $key = ORM::factory("rest_key"); + $key = ORM::factory("user_access_token"); $key->user_id = $user->id; $key->access_key = md5($user->name . rand()); $key->save(); @@ -56,7 +56,7 @@ class rest_event { * Get the form fields for user edit */ static function _get_access_key_form($user, $form) { - $key = ORM::factory("rest_key") + $key = ORM::factory("user_access_token") ->where("user_id", $user->id) ->find(); @@ -66,7 +66,7 @@ class rest_event { $key->save(); } - $form->edit_user->input("access_key") + $form->edit_user->input("user_access_token") ->value($key->access_key) ->readonly("readonly") ->class("g-form-static") diff --git a/modules/rest/helpers/rest_installer.php b/modules/rest/helpers/rest_installer.php index 274002c0..9fbc5b2e 100644 --- a/modules/rest/helpers/rest_installer.php +++ b/modules/rest/helpers/rest_installer.php @@ -20,7 +20,7 @@ class rest_installer { static function install() { Database::instance() - ->query("CREATE TABLE {rest_keys} ( + ->query("CREATE TABLE {user_access_tokens} ( `id` int(9) NOT NULL auto_increment, `user_id` int(9) NOT NULL, `access_key` char(32) NOT NULL, @@ -32,6 +32,6 @@ class rest_installer { } static function uninstall() { - Database::instance()->query("DROP TABLE IF EXISTS {rest_keys}"); + Database::instance()->query("DROP TABLE IF EXISTS {user_access_tokens}"); } } diff --git a/modules/rest/models/rest_key.php b/modules/rest/models/user_access_token.php index 4dee8b65..5669d8d1 100644 --- a/modules/rest/models/rest_key.php +++ b/modules/rest/models/user_access_token.php @@ -17,5 +17,5 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ -class Rest_Key_Model extends ORM { +class User_Access_Token_Model extends ORM { } diff --git a/modules/rest/tests/Rest_Controller_Test.php b/modules/rest/tests/Rest_Controller_Test.php index 16c5177b..afac2d05 100644 --- a/modules/rest/tests/Rest_Controller_Test.php +++ b/modules/rest/tests/Rest_Controller_Test.php @@ -21,7 +21,7 @@ class Rest_Controller_Test extends Unit_Test_Case { public function setup() { $this->_save = array($_GET, $_POST, $_SERVER); $this->_user = identity::create_user("access_test", "Access Test", "password"); - $key = ORM::factory("rest_key"); + $key = ORM::factory("user_access_token"); $this->_access_key = $key->access_key = md5($this->_user->name . rand()); $key->user_id = $this->_user->id; $key->save(); @@ -59,7 +59,7 @@ class Rest_Controller_Test extends Unit_Test_Case { } public function rest_access_key_generated_test() { - ORM::factory("rest_key") + ORM::factory("user_access_token") ->where("access_key", $this->_access_key) ->delete(); $_SERVER["REQUEST_METHOD"] = "POST"; @@ -97,46 +97,46 @@ class Rest_Controller_Test extends Unit_Test_Case { $this->_call_controller()); } - public function rest_get_album_no_request_key_test() { + public function rest_get_resource_no_request_key_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))), $this->_call_controller("rest")); } - public function rest_get_album_no_request_content_test() { + public function rest_get_resource_no_request_content_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; $this->assert_equal( - json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))), + json_encode(array("status" => "ERROR", "message" => (string)t("Invalid request"))), $this->_call_controller("rest")); } - public function rest_get_album_invalid_key_test() { + public function rest_get_resource_invalid_key_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = md5($this->_access_key); // screw up the access key - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))), $this->_call_controller()); } - public function rest_get_album_no_user_for_key_test() { + public function rest_get_resource_no_user_for_key_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->_user->delete(); unset($this->_user); @@ -146,31 +146,31 @@ class Rest_Controller_Test extends Unit_Test_Case { $this->_call_controller("rest")); } - public function rest_get_album_no_resource_test() { + public function rest_get_resource_no_resource_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( - json_encode(array("status" => "ERROR", "message" => (string)t("Invalid request parameters"))), + json_encode(array("status" => "ERROR", "message" => (string)t("Invalid request"))), $this->_call_controller("rest")); } - public function rest_get_album_no_handler_test() { + public function rest_get_resource_no_handler_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( json_encode(array("status" => "ERROR", "message" => (string)t("Service not implemented"))), $this->_call_controller("rest", "album")); } - public function rest_get_album_test() { + public function rest_get_resource_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; @@ -214,7 +214,7 @@ class rest_rest { $response["description"] = $item->description; $response["internet_address"] = $item->slug; $response["type"] = $item->type; - return array("status" => "OK", "message" => (string)t("Processed"), "item" => $response); + return rest::success(array("item" => $response), t("Processed")); } } |