3 files changed, 89 insertions, 9 deletions
diff --git a/modules/gallery/helpers/gallery_rest.php b/modules/gallery/helpers/gallery_rest.php
index 8b209bae..5bd65901 100644
--- a/modules/gallery/helpers/gallery_rest.php
+++ b/modules/gallery/helpers/gallery_rest.php
@@ -20,7 +20,7 @@
 class gallery_rest_Core {
   static function get($request) {
     if (empty($request->path)) {
-      return rest::invalid_request();
+      $request->path = "";
     }
 
     $item = ORM::factory("item")
@@ -32,7 +32,8 @@ class gallery_rest_Core {
       return rest::not_found("Resource: {$request->path} missing.");
     }
 
-    $response_data = array("path" => $item->relative_url(),
+    $response_data = array("type" => $item->type,
+                           "path" => $item->relative_url(),
                            "title" => $item->title,
                            "thumb_url" => $item->thumb_url(),
                            "url" => $item->abs_url(),
@@ -43,7 +44,7 @@ class gallery_rest_Core {
     if (!empty($children)) {
       $response_data["children"] = $children;
     }
-    return rest::success(array($item->type => $response_data));
+    return rest::success(array("resource" => $response_data));
   }
 
   static function put($request) {
@@ -97,6 +98,65 @@ class gallery_rest_Core {
     return rest::success();
   }
 
+  static function post($request) {
+    if (empty($request->path)) {
+      return rest::invalid_request();
+    }
+
+    $components = explode("/", $request->path);
+    $name = urldecode(array_pop($components));
+
+    $parent = ORM::factory("item")
+      ->where("relative_url_cache", implode("/", $components))
+      ->viewable()
+      ->find();
+
+    if (!$parent->loaded) {
+      return rest::not_found("Resource: {$request->path} missing.");
+    }
+
+    if (!access::can("edit", $parent)) {
+      return rest::not_found("Resource: {$request->path} permission denied.");
+    }
+
+    if (empty($_FILES["image"])) {
+      $new_item = album::create(
+        $parent,
+        $name,
+        empty($request->title) ? $name : $request->title,
+        empty($request->description) ? null : $request->description,
+        identity::active_user()->id,
+        empty($request->slug) ? $name : $request->slug);
+      $log_message = t("Added an album");
+    } else {
+      $file_validation = new Validation($_FILES);
+      $file_validation->add_rules(
+        "image", "upload::valid", "upload::required", "upload::type[gif,jpg,jpeg,png,flv,mp4]");
+      if (!$file_validation->validate()) {
+        $errors = $file_validation->errors();
+        return rest::fail(
+          $errors["image"] == "type" ? "Upload failed: Unsupported file type" :
+                                       "Upload failed: Uploaded file missing");
+      }
+      $temp_filename = upload::save("image");
+      $name = substr(basename($temp_filename), 10);  // Skip unique identifier Kohana adds
+      $title = item::convert_filename_to_title($name);
+      $path_info = @pathinfo($temp_filename);
+      if (array_key_exists("extension", $path_info) &&
+          in_array(strtolower($path_info["extension"]), array("flv", "mp4"))) {
+        $new_item = movie::create($parent, $temp_filename, $name, $title);
+        $log_message = t("Added a movie");
+      } else {
+        $new_item = photo::create($parent, $temp_filename, $name, $title);
+        $log_message = t("Added a photo");
+      }
+    }
+
+    log::success("content", $log_message, "<a href=\"{$new_item->type}s/$new_item->id\">view</a>");
+
+    return rest::success(array("path" => $new_item->relative_url()));
+  }
+
   static function delete($request) {
     if (empty($request->path)) {
       return rest::invalid_request();
@@ -140,6 +200,10 @@ class gallery_rest_Core {
       $children[] = array("type" => $child->type,
                           "has_children" => $child->children_count() > 0,
                           "path" => $child->relative_url(),
+                          "thumb_url" => $child->thumb_url(true),
+                          "thumb_dimensions" => array("width" => $child->thumb_width,
+                                                     "height" => $child->thumb_height),
+                          "has_thumb" => $child->has_thumb(),
                           "title" => $child->title);
     }
 
diff --git a/modules/gallery/tests/Gallery_Rest_Helper_Test.php b/modules/gallery/tests/Gallery_Rest_Helper_Test.php
index dae55952..f1a06388 100644
--- a/modules/gallery/tests/Gallery_Rest_Helper_Test.php
+++ b/modules/gallery/tests/Gallery_Rest_Helper_Test.php
@@ -19,7 +19,7 @@
  */
 class Gallery_Rest_Helper_Test extends Unit_Test_Case {
   public function setup() {
-    $this->_save = array($_GET, $_POST, $_SERVER);
+    $this->_save = array($_GET, $_POST, $_SERVER, $_FILES);
     $this->_saved_active_user = identity::active_user();
 
     $this->_user = identity::create_user("access_test", "Access Test", "password");
@@ -42,7 +42,7 @@ class Gallery_Rest_Helper_Test extends Unit_Test_Case {
   }
 
   public function teardown() {
-    list($_GET, $_POST, $_SERVER) = $this->_save;
+    list($_GET, $_POST, $_SERVER, $_FILES) = $this->_save;
     identity::set_active_user($this->_saved_active_user);
 
     try {
@@ -50,7 +50,7 @@ class Gallery_Rest_Helper_Test extends Unit_Test_Case {
         $this->_user->delete();
       }
       if (!empty($this->_album)) {
-        $this->_album->delete();
+        //$this->_album->delete();
       }
     } catch (Exception $e) { }
   }
@@ -203,4 +203,20 @@ class Gallery_Rest_Helper_Test extends Unit_Test_Case {
     $this->_sibling->reload();
     $this->assert_false($this->_sibling->loaded);
   }
+
+  public function gallery_rest_post_album_test() {
+    access::allow(identity::registered_users(), "edit", $this->_album);
+
+    $new_path = $this->_child->relative_url() . "/new%20child";
+    identity::set_active_user($this->_user);
+    $request = (object)array("path" => $new_path);
+
+    $this->assert_equal(json_encode(array("status" => "OK", "path" => $new_path)),
+                        gallery_rest::post($request));
+    $album = ORM::factory("item")
+      ->where("relative_url_cache", $new_path)
+      ->find();
+    $this->assert_true($album->loaded);
+    $this->assert_equal("new child", $album->slug);
+  }
 }
diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php
index 577d8aeb..0a39e02c 100644
--- a/modules/rest/controllers/rest.php
+++ b/modules/rest/controllers/rest.php
@@ -18,7 +18,7 @@
  */
 class Rest_Controller extends Controller {
   public function access_key() {
-    $request = json_decode($this->input->post("request"));
+    $request = (object)$this->input->get();
     if (empty($request->user) || empty($request->password)) {
       print rest::forbidden("No user or password supplied");
       return;
@@ -66,7 +66,7 @@ class Rest_Controller extends Controller {
     }
   }
 
-  private function _normalize_request($args) {
+  private function _normalize_request($args=array()) {
    $method = strtolower($this->input->server("REQUEST_METHOD"));
     if ($method != "get") {
       $request = $this->input->post("request", null);
@@ -77,7 +77,7 @@ class Rest_Controller extends Controller {
       }
     } else {
       $request = new stdClass();
-      foreach (array_keys($_GET) as $key) {
+      foreach (array_keys($this->input->get()) as $key) {
         $request->$key = $this->input->get($key);
       }
     }