diff options
Diffstat (limited to 'modules/gallery')
| -rw-r--r-- | modules/gallery/controllers/albums.php | 42 | ||||
| -rw-r--r-- | modules/gallery/controllers/movies.php | 38 | ||||
| -rw-r--r-- | modules/gallery/controllers/photos.php | 41 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery_rest.php | 148 | ||||
| -rw-r--r-- | modules/gallery/helpers/item.php | 45 | ||||
| -rw-r--r-- | modules/gallery/tests/Gallery_Rest_Helper_Test.php | 206 |
6 files changed, 447 insertions, 73 deletions
diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 3c1a0adf..feaea76d 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -131,40 +131,32 @@ class Albums_Controller extends Items_Controller { $form->edit_item->dirname->value != $album->name || $form->edit_item->slug->value != $album->slug) { // Make sure that there's not a conflict - if ($row = Database::instance() - ->select(array("name", "slug")) - ->from("items") - ->where("parent_id", $album->parent_id) - ->where("id <>", $album->id) - ->open_paren() - ->where("name", $form->edit_item->dirname->value) - ->orwhere("slug", $form->edit_item->slug->value) - ->close_paren() - ->get() - ->current()) { - if ($row->name == $form->edit_item->dirname->value) { - $form->edit_item->dirname->add_error("name_conflict", 1); - } - if ($row->slug == $form->edit_item->slug->value) { - $form->edit_item->slug->add_error("slug_conflict", 1); - } - $valid = false; + $errors = item::check_for_conflicts( + $album, $form->edit_item->dirname->value, $form->edit_item->slug->value); + + if (!empty($errors["name_conflict"])) { + $form->edit_item->dirname->add_error("name_conflict", 1); + } + if (!empty($errors["slug_conflict"])) { + $form->edit_item->slug->add_error("slug_conflict", 1); } + $valid = empty($errors); } } if ($valid) { $watching_album = $album->url() != ($location = parse_url(request::referrer(), PHP_URL_PATH)); - $album->title = $form->edit_item->title->value; - $album->description = $form->edit_item->description->value; - $album->sort_column = $form->edit_item->sort_order->column->value; - $album->sort_order = $form->edit_item->sort_order->direction->value; + $new_values = array("title" => $form->edit_item->title->value, + "description" => $form->edit_item->description->value, + "sort_column" => $form->edit_item->sort_order->column->value, + "sort_order" => $form->edit_item->sort_order->direction->value, + "slug" => $form->edit_item->slug->value); if ($album->id != 1) { - $album->rename($form->edit_item->dirname->value); + $new_values["name"] = $form->edit_item->dirname->value; } - $album->slug = $form->edit_item->slug->value; - $album->save(); + item::update($album, $new_values); + module::event("item_edit_form_completed", $album, $form); log::success("content", "Updated album", "<a href=\"albums/$album->id\">view</a>"); diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 575b2b60..4e0916b3 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -76,34 +76,26 @@ class Movies_Controller extends Items_Controller { if ($form->edit_item->filename->value != $movie->name || $form->edit_item->slug->value != $movie->slug) { // Make sure that there's not a name or slug conflict - if ($row = Database::instance() - ->select(array("name", "slug")) - ->from("items") - ->where("parent_id", $movie->parent_id) - ->where("id <>", $movie->id) - ->open_paren() - ->where("name", $form->edit_item->filename->value) - ->orwhere("slug", $form->edit_item->slug->value) - ->close_paren() - ->get() - ->current()) { - if ($row->name == $form->edit_item->filename->value) { - $form->edit_item->filename->add_error("name_conflict", 1); - } - if ($row->slug == $form->edit_item->slug->value) { - $form->edit_item->slug->add_error("slug_conflict", 1); - } - $valid = false; + $errors = item::check_for_conflicts( + $movie, $form->edit_item->filename->value, $form->edit_item->slug->value); + + if (!empty($errors["name_conflict"])) { + $form->edit_item->filename->add_error("name_conflict", 1); + } + if (!empty($errors["slug_conflict"])) { + $form->edit_item->slug->add_error("slug_conflict", 1); } + $valid = empty($errors); } } if ($valid) { - $movie->title = $form->edit_item->title->value; - $movie->description = $form->edit_item->description->value; - $movie->slug = $form->edit_item->slug->value; - $movie->rename($form->edit_item->filename->value); - $movie->save(); + $new_values = array("title" => $form->edit_item->title->value, + "description" => $form->edit_item->description->value, + "name" => $form->edit_item->filename->value, + "slug" => $form->edit_item->slug->value); + item::update($movie, $new_values); + module::event("item_edit_form_completed", $movie, $form); log::success("content", "Updated movie", "<a href=\"{$movie->url()}\">view</a>"); diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index ba4cfb83..455ac25c 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -76,42 +76,33 @@ class Photos_Controller extends Items_Controller { if ($form->edit_item->filename->value != $photo->name || $form->edit_item->slug->value != $photo->slug) { // Make sure that there's not a name or slug conflict - if ($row = Database::instance() - ->select(array("name", "slug")) - ->from("items") - ->where("parent_id", $photo->parent_id) - ->where("id <>", $photo->id) - ->open_paren() - ->where("name", $form->edit_item->filename->value) - ->orwhere("slug", $form->edit_item->slug->value) - ->close_paren() - ->get() - ->current()) { - if ($row->name == $form->edit_item->filename->value) { - $form->edit_item->filename->add_error("name_conflict", 1); - } - if ($row->slug == $form->edit_item->slug->value) { - $form->edit_item->slug->add_error("slug_conflict", 1); - } - $valid = false; + $errors = item::check_for_conflicts( + $photo, $form->edit_item->filename->value, $form->edit_item->slug->value); + + if (!empty($errors["name_conflict"])) { + $form->edit_item->filename->add_error("name_conflict", 1); + } + if (!empty($errors["slug_conflict"])) { + $form->edit_item->slug->add_error("slug_conflict", 1); } + $valid = empty($errors); } } if ($valid) { $watching_album = $photo->url() != ($location = parse_url(request::referrer(), PHP_URL_PATH)); - $photo->title = $form->edit_item->title->value; - $photo->description = $form->edit_item->description->value; - $photo->slug = $form->edit_item->slug->value; - $photo->rename($form->edit_item->filename->value); - $photo->save(); + $new_values = array("title" => $form->edit_item->title->value, + "description" => $form->edit_item->description->value, + "name" => $form->edit_item->filename->value, + "slug" => $form->edit_item->slug->value); + item::update($photo, $new_values); + module::event("item_edit_form_completed", $photo, $form); log::success("content", "Updated photo", "<a href=\"{$photo->url()}\">view</a>"); message::success( - t("Saved photo %photo_title", - array("photo_title" => html::purify($photo->title)))); + t("Saved photo %photo_title", array("photo_title" => html::purify($photo->title)))); print json_encode( array("result" => "success", diff --git a/modules/gallery/helpers/gallery_rest.php b/modules/gallery/helpers/gallery_rest.php new file mode 100644 index 00000000..8b209bae --- /dev/null +++ b/modules/gallery/helpers/gallery_rest.php @@ -0,0 +1,148 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class gallery_rest_Core { + static function get($request) { + if (empty($request->path)) { + return rest::invalid_request(); + } + + $item = ORM::factory("item") + ->where("relative_url_cache", $request->path) + ->viewable() + ->find(); + + if (!$item->loaded) { + return rest::not_found("Resource: {$request->path} missing."); + } + + $response_data = array("path" => $item->relative_url(), + "title" => $item->title, + "thumb_url" => $item->thumb_url(), + "url" => $item->abs_url(), + "description" => $item->description, + "internet_address" => $item->slug); + + $children = self::_get_children($item, $request); + if (!empty($children)) { + $response_data["children"] = $children; + } + return rest::success(array($item->type => $response_data)); + } + + static function put($request) { + if (empty($request->path)) { + return rest::invalid_request(); + } + + $item = ORM::factory("item") + ->where("relative_url_cache", $request->path) + ->viewable() + ->find(); + + if (!$item->loaded) { + return rest::not_found("Resource: {$request->path} missing."); + } + + if (!access::can("edit", $item)) { + return rest::not_found("Resource: {$request->path} permission denied."); + } + + // Normalize the request + $new_values = array(); + $fields = array("title", "description", "name", "slug"); + if ($item->is_album()) { + $fields = array_merge($fields, array("sort_column", "sort_order")); + } + foreach ($fields as $field) { + $new_values[$field] = !empty($request->$field) ? $request->$field : $item->$field; + } + if ($item->id == 1) { + unset($new_values["name"]); + } + if ($item->id != 1 && + ($new_values["name"] != $item->name || $new_values["slug"] != $item->slug)) { + // Make sure that there's not a conflict + $errors = item::check_for_conflicts($item, $new_values["name"], $new_values["slug"]); + if (!empty($errors["name_conflict"])) { + return rest::fail(t("Renaming %path failed: new name exists", + array("path" => $request->path))); + } + if (!empty($errors["slug_conflict"])) { + return rest::fail(t("Renaming %path failed: new internet address exists", + array("path" => $request->path))); + } + } + + item::update($item, $new_values); + + log::success("content", "Updated $item->type", "<a href=\"{$item->type}s/$item->id\">view</a>"); + + return rest::success(); + } + + static function delete($request) { + if (empty($request->path)) { + return rest::invalid_request(); + } + + $item = ORM::factory("item") + ->where("relative_url_cache", $request->path) + ->viewable() + ->find(); + + if (!$item->loaded) { + return rest::success(); + } + + if (!access::can("edit", $item)) { + return rest::not_found("Resource: {$request->path} permission denied."); + } + + if ($item->id == 1) { + return rest::invalid_request("Attempt to delete the root album"); + } + + $item->delete(); + + if ($item->is_album()) { + $msg = t("Deleted album <b>%title</b>", array("title" => html::purify($item->title))); + } else { + $msg = t("Deleted photo <b>%title</b>", array("title" => html::purify($item->title))); + } + log::success("content", $msg); + + return rest::success(); + } + + private static function _get_children($item, $request) { + $children = array(); + $limit = empty($request->limit) ? null : $request->limit; + $offset = empty($request->offset) ? null : $request->offset; + $where = empty($request->filter) ? array() : array("type" => $request->filter); + foreach ($item->viewable()->children($limit, $offset, $where) as $child) { + $children[] = array("type" => $child->type, + "has_children" => $child->children_count() > 0, + "path" => $child->relative_url(), + "title" => $child->title); + } + + return $children; + } +} diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index f8e6534e..6348c256 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -96,6 +96,51 @@ class item_Core { } } + + static function update($item, $fields) { + $dirty = false; + if ($item->id != 1 && !empty($fields["name"]) && $fields["name"] != $item->name) { + $item->rename($fields["name"]); + unset($fields["name"]); + $dirty = true; + } + foreach ($fields as $field => $value) { + if ($value !== $item->$field) { + $item->$field = $value; + $dirty = true; + } + } + + if ($dirty) { + $item->save(); + } + } + + static function check_for_conflicts($item, $new_name, $new_slug) { + $errors = array(); + + if ($row = Database::instance() + ->select(array("name", "slug")) + ->from("items") + ->where("parent_id", $item->parent_id) + ->where("id <>", $item->id) + ->open_paren() + ->where("name", $new_name) + ->orwhere("slug", $new_slug) + ->close_paren() + ->get() + ->current()) { + if ($row->name == $new_name) { + $errors["name_conflict"] = 1; + } + if ($row->slug == $new_slug) { + $errors["slug_conflict"] = 1; + } + } + + return $errors; + } + /** * Sanitize a filename into something presentable as an item title * @param string $filename diff --git a/modules/gallery/tests/Gallery_Rest_Helper_Test.php b/modules/gallery/tests/Gallery_Rest_Helper_Test.php new file mode 100644 index 00000000..dae55952 --- /dev/null +++ b/modules/gallery/tests/Gallery_Rest_Helper_Test.php @@ -0,0 +1,206 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Gallery_Rest_Helper_Test extends Unit_Test_Case { + public function setup() { + $this->_save = array($_GET, $_POST, $_SERVER); + $this->_saved_active_user = identity::active_user(); + + $this->_user = identity::create_user("access_test", "Access Test", "password"); + $key = ORM::factory("user_access_token"); + $this->_access_key = $key->access_key = md5($this->_user->name . rand()); + $key->user_id = $this->_user->id; + $key->save(); + + $root = ORM::factory("item", 1); + $this->_album = album::create($root, "album", "Test Album", rand()); + $this->_child = album::create($this->_album, "child", "Test Child Album", rand()); + + $filename = MODPATH . "gallery/tests/test.jpg"; + $rand = rand(); + $this->_photo = photo::create($this->_child, $filename, "$rand.jpg", $rand); + + $filename = MODPATH . "gallery/tests/test.jpg"; + $rand = rand(); + $this->_sibling = photo::create($this->_album, $filename, "$rand.jpg", $rand); + } + + public function teardown() { + list($_GET, $_POST, $_SERVER) = $this->_save; + identity::set_active_user($this->_saved_active_user); + + try { + if (!empty($this->_user)) { + $this->_user->delete(); + } + if (!empty($this->_album)) { + $this->_album->delete(); + } + } catch (Exception $e) { } + } + + public function gallery_rest_get_album_test() { + $request = (object)array("path" => $this->_child->relative_url()); + + $this->assert_equal( + json_encode(array("status" => "OK", + "album" => array("path" => $this->_child->relative_url(), + "title" => $this->_child->title, + "thumb_url" => $this->_child->thumb_url(), + "url" => $this->_child->abs_url(), + "description" => $this->_child->description, + "internet_address" => $this->_child->slug, + "children" => array(array( + "type" => "photo", + "has_children" => false, + "path" => $this->_photo->relative_url(), + "title" => $this->_photo->title))))), + gallery_rest::get($request)); + } + + public function gallery_rest_get_photo_test() { + $request = (object)array("path" => $this->_photo->relative_url()); + + $this->assert_equal( + json_encode(array("status" => "OK", + "photo" => array("path" => $this->_photo->relative_url(), + "title" => $this->_photo->title, + "thumb_url" => $this->_photo->thumb_url(), + "url" => $this->_photo->abs_url(), + "description" => $this->_photo->description, + "internet_address" => $this->_photo->slug))), + gallery_rest::get($request)); + } + + public function gallery_rest_put_album_no_path_test() { + access::allow(identity::registered_users(), "edit", $this->_child); + + identity::set_active_user($this->_user); + $request = (object)array("description" => "Updated description", + "title" => "Updated Title", + "sort_order" => "DESC", + "sort_column" => "title", + "name" => "new name"); + + $this->assert_equal(json_encode(array("status" => "ERROR", "message" => "Invalid request")), + gallery_rest::put($request)); + } + + public function gallery_rest_put_album_not_found_test() { + access::allow(identity::registered_users(), "edit", $this->_child); + + identity::set_active_user($this->_user); + $request = (object)array("path" => $this->_child->relative_url() . rand(), + "description" => "Updated description", + "title" => "Updated Title", + "sort_order" => "DESC", + "sort_column" => "title", + "name" => "new name"); + + $this->assert_equal(json_encode(array("status" => "ERROR", "message" => "Resource not found")), + gallery_rest::put($request)); + } + + public function gallery_rest_put_album_no_edit_permission_test() { + identity::set_active_user($this->_user); + $request = (object)array("path" => $this->_child->relative_url(), + "description" => "Updated description", + "title" => "Updated Title", + "sort_order" => "DESC", + "sort_column" => "title", + "name" => "new name"); + + $this->assert_equal(json_encode(array("status" => "ERROR", "message" => "Resource not found")), + gallery_rest::put($request)); + } + + public function gallery_rest_put_album_rename_conflict_test() { + access::allow(identity::registered_users(), "edit", $this->_child); + identity::set_active_user($this->_user); + $request = (object)array("path" => $this->_child->relative_url(), + "description" => "Updated description", + "title" => "Updated Title", + "sort_order" => "DESC", + "sort_column" => "title", + "name" => $this->_sibling->name); + + $this->assert_equal( + json_encode(array("status" => "ERROR", + "message" => "Renaming album/child failed: new name exists")), + gallery_rest::put($request)); + } + + public function gallery_rest_put_album_test() { + access::allow(identity::registered_users(), "edit", $this->_child); + + identity::set_active_user($this->_user); + $request = (object)array("path" => $this->_child->relative_url(), + "description" => "Updated description", + "title" => "Updated Title", + "sort_order" => "DESC", + "sort_column" => "title", + "name" => "new name"); + + $this->assert_equal(json_encode(array("status" => "OK")), gallery_rest::put($request)); + $this->_child->reload(); + $this->assert_equal("Updated description", $this->_child->description); + $this->assert_equal("Updated Title", $this->_child->title); + $this->assert_equal("DESC", $this->_child->sort_order); + $this->assert_equal("title", $this->_child->sort_column); + $this->assert_equal("new name", $this->_child->name); + } + + public function gallery_rest_put_photo_test() { + access::allow(identity::registered_users(), "edit", $this->_child); + + identity::set_active_user($this->_user); + $request = (object)array("path" => $this->_photo->relative_url(), + "description" => "Updated description", + "title" => "Updated Title", + "name" => "new name"); + + $this->assert_equal(json_encode(array("status" => "OK")), gallery_rest::put($request)); + $this->_photo->reload(); + $this->assert_equal("Updated description", $this->_photo->description); + $this->assert_equal("Updated Title", $this->_photo->title); + $this->assert_equal("new name", $this->_photo->name); + } + + public function gallery_rest_delete_album_test() { + access::allow(identity::registered_users(), "edit", $this->_album); + + identity::set_active_user($this->_user); + $request = (object)array("path" => $this->_child->relative_url()); + + $this->assert_equal(json_encode(array("status" => "OK")), gallery_rest::delete($request)); + $this->_child->reload(); + $this->assert_false($this->_child->loaded); + } + + public function gallery_rest_delete_photo_test() { + access::allow(identity::registered_users(), "edit", $this->_album); + + identity::set_active_user($this->_user); + $request = (object)array("path" => $this->_sibling->relative_url()); + + $this->assert_equal(json_encode(array("status" => "OK")), gallery_rest::delete($request)); + $this->_sibling->reload(); + $this->assert_false($this->_sibling->loaded); + } +} |