diff options
Diffstat (limited to 'modules/rest/helpers/rest.php')
| -rw-r--r-- | modules/rest/helpers/rest.php | 158 |
1 files changed, 97 insertions, 61 deletions
diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index be0644f2..a61aba2f 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -18,87 +18,123 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class rest_Core { - /** - * Request failed - */ - static function fail($log_message=null) { - if (!empty($log_message)) { - Kohana_Log::add("info", $log_message); + static function reply($data=array()) { + Session::instance()->abort_save(); + + if ($data) { + if (Input::instance()->get("output") == "html") { + header("Content-type: text/html"); + $html = preg_replace( + "#([\w]+?://[\w]+[^ \'\"\n\r\t<]*)#ise", "'<a href=\"\\1\" >\\1</a>'", + var_export($data, 1)); + print "<pre>$html</pre>"; + } else { + header("Content-type: application/json"); + print json_encode($data); + } } - // We don't need to save the session for this request - Session::abort_save(); - return json_encode(array("status" => "ERROR", "message" => (string)$message)); } - /** - * Success - */ - static function success($response_data=array(), $message=null) { - $response = array("status" => "OK"); - if (!empty($message)) { - $response["message"] = (string)$message; + static function set_active_user($access_token) { + if (empty($access_token)) { + identity::set_active_user(identity::guest()); + return; } - $response = array_merge($response, $response_data); - // We don't need to save the session for this request - Session::abort_save(); - return json_encode($response); + $key = ORM::factory("user_access_token") + ->where("access_key", "=", $access_token) + ->find(); + + if (!$key->loaded()) { + throw new Rest_Exception("Forbidden", 403); + } + + $user = identity::lookup_user($key->user_id); + if (empty($user)) { + throw new Rest_Exception("Forbidden", 403); + } + + identity::set_active_user($user); + } + + static function get_access_token($user_id) { + $key = ORM::factory("user_access_token") + ->where("user_id", "=", $user_id) + ->find(); + + if (!$key->loaded()) { + $key->user_id = $user_id; + $key->access_key = md5(md5(uniqid(mt_rand(), true) . access::private_key())); + $key->save(); + } + return $key; } /** - * Validation Error + * Convert a REST url into an object. + * Eg: + * http://example.com/gallery3/index.php/rest/item/35 -> Item_Model + * http://example.com/gallery3/index.php/rest/tag/16 -> Tag_Model + * http://example.com/gallery3/index.php/rest/tagged_item/1,16 -> [Tag_Model, Item_Model] + * + * @param string the fully qualified REST url + * @return mixed the corresponding object (usually a model of some kind) */ - static function validation_error($error_data) { - $response = array("status" => "VALIDATE_ERROR"); - $response = array_merge($response, array("fields" => $error_data)); + static function resolve($url) { + $relative_url = substr($url, strlen(url::abs_site("rest"))); + $path = parse_url($relative_url, PHP_URL_PATH); + $components = explode("/", $path, 3); + + if (count($components) != 3) { + throw new Kohana_404_Exception($url); + } + + $class = "$components[1]_rest"; + if (!method_exists($class, "resolve")) { + throw new Kohana_404_Exception($url); + } - // We don't need to save the session for this request - Session::abort_save(); - return json_encode($response); + return call_user_func(array($class, "resolve"), !empty($components[2]) ? $components[2] : null); } + /** + * Return an absolute url used for REST resource location. + * @param string resource type (eg, "item", "tag") + * @param object resource + */ + static function url() { + $args = func_get_args(); + $resource_type = array_shift($args); - static function normalize_request($args=array()) { - $input = Input::instance(); - $method = strtolower($input->server("REQUEST_METHOD")); - $request = new stdClass(); - foreach (array_keys($input->get()) as $key) { - $request->$key = $input->get($key); + $class = "{$resource_type}_rest"; + if (!method_exists($class, "url")) { + throw new Rest_Exception("Bad Request", 400); } - if ($method != "get") { - foreach (array_keys($input->post()) as $key) { - $request->$key = $input->post($key); - } - foreach (array_keys($_FILES) as $key) { - $request->$key = $_FILES[$key]; + + $url = call_user_func_array(array($class, "url"), $args); + if (Input::instance()->get("output") == "html") { + if (strpos($url, "?") === false) { + $url .= "?output=html"; + } else { + $url .= "&output=html"; } } - - $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method)); - $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY"); - $request->arguments = $args; // Let the rest handler figure out what the arguments mean - - return $request; + return $url; } - static function set_active_user($access_token) { - if (empty($access_token)) { - $user = identity::guest(); - } else { - $key = ORM::factory("user_access_token") - ->where("access_key", "=", $access_token) - ->find(); - - if ($key->loaded()) { - $user = identity::lookup_user($key->user_id); - if (empty($user)) { - throw new Rest_Exception(403, "Forbidden"); + static function relationships($resource_type, $resource) { + $results = array(); + foreach (module::active() as $module) { + foreach (glob(MODPATH . "{$module->name}/helpers/*_rest.php") as $filename) { + $class = str_replace(".php", "", basename($filename)); + if (method_exists($class, "relationships")) { + $results = array_merge( + $results, + call_user_func(array($class, "relationships"), $resource_type, $resource)); } - } else { - throw new Rest_Exception(403, "Forbidden"); } } - identity::set_active_user($user); - return true; + + return $results; } } |