summaryrefslogtreecommitdiff
path: root/modules/rest
diff options
context:
space:
mode:
Diffstat (limited to 'modules/rest')
-rw-r--r--modules/rest/controllers/rest.php65
-rw-r--r--modules/rest/helpers/rest.php104
-rw-r--r--modules/rest/libraries/Rest_Exception.php17
-rw-r--r--modules/rest/tests/Rest_Controller_Test.php20
4 files changed, 93 insertions, 113 deletions
diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php
index 26e5b31a..cac49740 100644
--- a/modules/rest/controllers/rest.php
+++ b/modules/rest/controllers/rest.php
@@ -18,20 +18,14 @@
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class Rest_Controller extends Controller {
- public function access_key() {
+ public function index() {
try {
- $request = (object)Input::instance()->get();
- if (empty($request->user) || empty($request->password)) {
- throw new Rest_Exception(403, "Forbidden");
- }
-
- $user = identity::lookup_user_by_name($request->user);
- if (empty($user)) {
- throw new Rest_Exception(403, "Forbidden");
- }
+ $username = Input::instance()->post("user");
+ $password = Input::instance()->post("password");
- if (!identity::is_correct_password($user, $request->password)) {
- throw new Rest_Exception(403, "Forbidden");
+ $user = identity::lookup_user_by_name($username);
+ if (empty($user) || !identity::is_correct_password($user, $password)) {
+ throw new Rest_Exception("Forbidden", 403);
}
$key = ORM::factory("user_access_token")
@@ -42,27 +36,52 @@ class Rest_Controller extends Controller {
$key->access_key = md5($user->name . rand());
$key->save();
}
- print rest::success(array("token" => $key->access_key));
- } catch (Rest_Exception $e) {
- $e->sendHeaders();
+
+ rest::reply($key->access_key);
+ } catch (Exception $e) {
+ rest::send_headers($e);
}
}
public function __call($function, $args) {
- $request = rest::normalize_request($args);
+ $input = Input::instance();
+ switch ($method = strtolower($input->server("REQUEST_METHOD"))) {
+ case "get":
+ $request->params = (object) Input::instance()->get();
+ break;
+
+ case "post":
+ $request->params = (object) Input::instance()->post();
+ if (isset($_FILES["file"])) {
+ $request->file = upload::save("file");
+ }
+ break;
+ }
+
+ $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method));
+ $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY");
+ $request->url = url::abs_current(true);
+
try {
- if (rest::set_active_user($request->access_token)) {
- $handler_class = "{$function}_rest";
- $handler_method = $request->method;
+ rest::set_active_user($request->access_token);
- if (!method_exists($handler_class, $handler_method)) {
- throw new Rest_Exception(403, "Forbidden");
- }
+ $handler_class = "{$function}_rest";
+ $handler_method = $request->method;
+ if (!method_exists($handler_class, $handler_method)) {
+ throw new Rest_Exception("Forbidden", 403);
+ }
+
+ try {
print call_user_func(array($handler_class, $handler_method), $request);
+ } catch (ORM_Validation_Exception $e) {
+ foreach ($e->validation->errors() as $key => $value) {
+ $msgs[] = "$key: $value";
+ }
+ throw new Rest_Exception("Bad Request: " . join(", ", $msgs), 400);
}
} catch (Rest_Exception $e) {
- $e->sendHeaders();
+ rest::send_headers($e);
}
}
} \ No newline at end of file
diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index be0644f2..121191f2 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -18,87 +18,57 @@
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class rest_Core {
- /**
- * Request failed
- */
- static function fail($log_message=null) {
- if (!empty($log_message)) {
- Kohana_Log::add("info", $log_message);
- }
- // We don't need to save the session for this request
+ static function reply($data=array()) {
Session::abort_save();
- return json_encode(array("status" => "ERROR", "message" => (string)$message));
- }
- /**
- * Success
- */
- static function success($response_data=array(), $message=null) {
- $response = array("status" => "OK");
- if (!empty($message)) {
- $response["message"] = (string)$message;
+ if ($data) {
+ print json_encode($data);
}
- $response = array_merge($response, $response_data);
-
- // We don't need to save the session for this request
- Session::abort_save();
- return json_encode($response);
}
- /**
- * Validation Error
- */
- static function validation_error($error_data) {
- $response = array("status" => "VALIDATE_ERROR");
- $response = array_merge($response, array("fields" => $error_data));
-
- // We don't need to save the session for this request
- Session::abort_save();
- return json_encode($response);
- }
+ static function set_active_user($access_token) {
+ if (empty($access_token)) {
+ identity::set_active_user(identity::guest());
+ return;
+ }
+ $key = ORM::factory("user_access_token")
+ ->where("access_key", "=", $access_token)
+ ->find();
- static function normalize_request($args=array()) {
- $input = Input::instance();
- $method = strtolower($input->server("REQUEST_METHOD"));
- $request = new stdClass();
- foreach (array_keys($input->get()) as $key) {
- $request->$key = $input->get($key);
+ if (!$key->loaded()) {
+ throw new Rest_Exception("Forbidden", 403);
}
- if ($method != "get") {
- foreach (array_keys($input->post()) as $key) {
- $request->$key = $input->post($key);
- }
- foreach (array_keys($_FILES) as $key) {
- $request->$key = $_FILES[$key];
- }
+
+ $user = identity::lookup_user($key->user_id);
+ if (empty($user)) {
+ throw new Rest_Exception("Forbidden", 403);
}
- $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method));
- $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY");
- $request->arguments = $args; // Let the rest handler figure out what the arguments mean
+ identity::set_active_user($user);
+ }
- return $request;
+ static function send_headers($exception) {
+ header("HTTP/1.1 " . $exception->getCode() . " " . $exception->getMessage());
}
- static function set_active_user($access_token) {
- if (empty($access_token)) {
- $user = identity::guest();
- } else {
- $key = ORM::factory("user_access_token")
- ->where("access_key", "=", $access_token)
- ->find();
+ /**
+ * Convert a REST url into an object.
+ * Eg: "http://example.com/gallery3/index.php/rest/gallery/Family/Wedding" -> Item_Model
+ *
+ * @param string the fully qualified REST url
+ * @return mixed the corresponding object (usually a model of some kind)
+ */
+ static function resolve($url) {
+ $relative_url = substr($url, strlen(url::abs_site("rest")));
+ $path = parse_url($relative_url, PHP_URL_PATH);
+ $components = explode("/", $path, 3);
- if ($key->loaded()) {
- $user = identity::lookup_user($key->user_id);
- if (empty($user)) {
- throw new Rest_Exception(403, "Forbidden");
- }
- } else {
- throw new Rest_Exception(403, "Forbidden");
- }
+ $class = "$components[1]_rest";
+ if (!method_exists($class, "resolve")) {
+ throw new Kohana_404_Exception($url);
}
- identity::set_active_user($user);
- return true;
+
+ return call_user_func(array($class, "resolve"), !empty($components[2]) ? $components[2] : null);
}
}
diff --git a/modules/rest/libraries/Rest_Exception.php b/modules/rest/libraries/Rest_Exception.php
index 905b94a0..596b3712 100644
--- a/modules/rest/libraries/Rest_Exception.php
+++ b/modules/rest/libraries/Rest_Exception.php
@@ -18,19 +18,4 @@
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class Rest_Exception_Core extends Exception {
- /**
- * Set internal properties.
- */
- public function __construct($code, $text) {
- parent::__construct("$code $text");
- }
-
- /**
- * Sends the headers, to emulate server behavior.
- *
- * @return void
- */
- public function sendHeaders() {
- header('HTTP/1.1 {$this->getMessage()}');
- }
-} // End Rest Exception \ No newline at end of file
+} \ No newline at end of file
diff --git a/modules/rest/tests/Rest_Controller_Test.php b/modules/rest/tests/Rest_Controller_Test.php
index 83bd9db6..c881583c 100644
--- a/modules/rest/tests/Rest_Controller_Test.php
+++ b/modules/rest/tests/Rest_Controller_Test.php
@@ -84,7 +84,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
try {
$this->_call_controller();
} catch (Rest_Exception $e) {
- $this->assert_equal("403 Forbidden", $e->getMessage());
+ $this->assert_equal(403, $e->getCode());
+ $this->assert_equal("Forbidden", $e->getMessage());
} catch (Exception $e) {
$this->assert_false(true, $e->__toString());
}
@@ -97,7 +98,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
try {
$this->_call_controller();
} catch (Rest_Exception $e) {
- $this->assert_equal("403 Forbidden", $e->getMessage());
+ $this->assert_equal(403, $e->getCode());
+ $this->assert_equal("Forbidden", $e->getMessage());
} catch (Exception $e) {
$this->assert_false(true, $e->__toString());
}
@@ -109,7 +111,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
try {
$this->_call_controller();
} catch (Rest_Exception $e) {
- $this->assert_equal("403 Forbidden", $e->getMessage());
+ $this->assert_equal(403, $e->getCode());
+ $this->assert_equal("Forbidden", $e->getMessage());
} catch (Exception $e) {
$this->assert_false(true, $e->__toString());
}
@@ -137,7 +140,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
try {
$this->_call_controller();
} catch (Rest_Exception $e) {
- $this->assert_equal("403 Forbidden", $e->getMessage());
+ $this->assert_equal(403, $e->getCode());
+ $this->assert_equal("Forbidden", $e->getMessage());
} catch (Exception $e) {
$this->assert_false(true, $e->__toString());
}
@@ -155,7 +159,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
try {
$this->_call_controller("rest", explode("/", $photo->relative_url()));
} catch (Rest_Exception $e) {
- $this->assert_equal("403 Forbidden", $e->getMessage());
+ $this->assert_equal(403, $e->getCode());
+ $this->assert_equal("Forbidden", $e->getMessage());
} catch (Exception $e) {
$this->assert_false(true, $e->__toString());
}
@@ -171,7 +176,8 @@ class Rest_Controller_Test extends Unit_Test_Case {
try {
$this->_call_controller("rest", explode("/", $photo->relative_url()));
} catch (Rest_Exception $e) {
- $this->assert_equal("501 Not Implemented", $e->getMessage());
+ $this->assert_equal(501, $e->getCode());
+ $this->assert_equal("Not Implemented", $e->getMessage());
} catch (Exception $e) {
$this->assert_false(true, $e->__toString());
}
@@ -218,7 +224,7 @@ class rest_rest {
$response["thumb_url"] = $item->thumb_url();
$response["description"] = $item->description;
$response["internet_address"] = $item->slug;
- return rest::success(array($item->type => $response), t("Processed"));
+ return rest::reply(array($item->type => $response));
}
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 12:20:14 +0000