From 71be6cf239fba5718cd6336403df602b05c21c7d Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Mon, 7 Dec 2009 18:11:26 -0800 Subject: The rest framework that the new gallery3 remote interface will be built on. At the moment, there are no handlers to perform any functionality. --- modules/rest/helpers/rest_event.php | 75 +++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 modules/rest/helpers/rest_event.php (limited to 'modules/rest/helpers/rest_event.php') diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php new file mode 100644 index 00000000..fd1c25be --- /dev/null +++ b/modules/rest/helpers/rest_event.php @@ -0,0 +1,75 @@ +where("id", $user->id) + ->delete_all(); + } + + /** + * Called after a user has been added. Just add a remote access key + * on every add. + */ + static function user_add_form_admin_completed($user, $form) { + $key = ORM::factory("rest_key"); + $key->user_id = $user->id; + $key->access_key = md5($user->name . rand()); + $key->save(); + } + + /** + * Called when admin is editing a user + */ + static function user_edit_form_admin($user, $form) { + self::_get_access_key_form($user, $form); + } + + /** + * Called when user is editing their own form + */ + static function user_edit_form($user, $form) { + self::_get_access_key_form($user, $form); + } + + /** + * Get the form fields for user edit + */ + static function _get_access_key_form($user, $form) { + $key = ORM::factory("rest_key") + ->where("user_id", $user->id) + ->find(); + + if (!$key->loaded) { + $key->user_id = $user->id; + $key->access_key = md5($user->name . rand()); + $key->save(); + } + + $form->edit_user->input("access_key") + ->value($key->access_key) + ->readonly("readonly") + ->class("g-form-static") + ->label(t("Remote access key")); + } +} -- cgit v1.2.3 From fa0663d7df0cfcf0818e182f3d2d19fc6be2a5d1 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 8 Dec 2009 09:19:48 -0800 Subject: Rename the backing table from rest_keys to user_access_tokens Implement an api to format the errors and success messages Removed the custom routing... urls are now /rest// --- modules/rest/config/routes.php | 23 ---------- modules/rest/controllers/rest.php | 53 ++++++++++------------ modules/rest/helpers/rest.php | 69 +++++++++++++++++++++++++++++ modules/rest/helpers/rest_event.php | 8 ++-- modules/rest/helpers/rest_installer.php | 4 +- modules/rest/models/rest_key.php | 21 --------- modules/rest/models/user_access_token.php | 21 +++++++++ modules/rest/tests/Rest_Controller_Test.php | 34 +++++++------- 8 files changed, 136 insertions(+), 97 deletions(-) delete mode 100644 modules/rest/config/routes.php create mode 100644 modules/rest/helpers/rest.php delete mode 100644 modules/rest/models/rest_key.php create mode 100644 modules/rest/models/user_access_token.php (limited to 'modules/rest/helpers/rest_event.php') diff --git a/modules/rest/config/routes.php b/modules/rest/config/routes.php deleted file mode 100644 index ec65fda8..00000000 --- a/modules/rest/config/routes.php +++ /dev/null @@ -1,23 +0,0 @@ -input->post("request")); if (empty($request->user) || empty($request->password)) { - print json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))); + print rest::forbidden("No user or password supplied"); return; } $user = identity::lookup_user_by_name($request->user); if (empty($user)) { - print json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))); + print rest::forbidden("User '{$request->user}' not found"); return; } if (!identity::is_correct_password($user, $request->password)) { - print json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))); + print rest::forbidden("Invalid password for '{$request->user}'."); return; } - $key = ORM::factory("rest_key") + $key = ORM::factory("user_access_token") ->where("user_id", $user->id) ->find(); if (!$key->loaded) { @@ -43,7 +43,7 @@ class Rest_Controller extends Controller { $key->save(); Kohana::log("alert", Kohana::debug($key->as_array())); } - print json_encode(array("status" => "OK", "token" => $key->access_key)); + print rest::success(array("token" => $key->access_key)); } public function __call($function, $args) { @@ -51,41 +51,37 @@ class Rest_Controller extends Controller { $request = $this->input->post("request", null); if (empty($access_token)) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); + print rest::forbidden("No access token supplied."); return; } - if (!empty($request)) { - $method = strtolower($this->input->server("HTTP_X_HTTP_METHOD_OVERRIDE", "POST")); - $request = json_decode($request); - } else { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); - return; - } - try { - $key = ORM::factory("rest_key") + $key = ORM::factory("user_access_token") ->where("access_key", $access_token) ->find(); if (!$key->loaded) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); + print rest::forbidden("Invalid key: $access_token"); return; } $user = identity::lookup_user($key->user_id); if (empty($user)) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Authorization failed"))); + print rest::forbidden("User not found: {$key->user_id}"); return; } + if (!empty($request)) { + $method = strtolower($this->input->server("HTTP_X_HTTP_METHOD_OVERRIDE", "POST")); + $request = json_decode($request); + } else { + print rest::invalid_request("Empty Request"); + return; + } + + if (empty($args[0])) { - print json_encode(array("status" => "ERROR", - "message" => (string)t("Invalid request parameters"))); + print rest::invalid_request("Resource not supplied"); return; } @@ -93,18 +89,15 @@ class Rest_Controller extends Controller { $handler_method = "{$method}_{$args[0]}"; if (!method_exists($handler_class, $handler_method)) { - Kohana::log("error", "$handler_class::$handler_method is not implemented"); - print json_encode(array("status" => "ERROR", - "message" => (string)t("Service not implemented"))); + print rest::not_implemented("$handler_class::$handler_method is not implemented"); return; } - $response = call_user_func(array($handler_class, $handler_method), $request); + identity::set_active_user($user); - print json_encode($response); + print call_user_func(array($handler_class, $handler_method), $request); } catch (Exception $e) { - Kohana::log("error", $e->__toString()); - print json_encode(array("status" => "ERROR", "message" => (string)t("Internal error"))); + print rest::internal_error($e); } } diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php new file mode 100644 index 00000000..34852a9e --- /dev/null +++ b/modules/rest/helpers/rest.php @@ -0,0 +1,69 @@ + "OK"); + if (!empty($message)) { + $response["message"] = (string)$message; + } + // We don't need to save the session for this request + Session::abort_save(); + return json_encode(array_merge($response, $response_data)); + } + + private static function _format_response($message, $log_message) { + if (!empty($log_message)) { + Kohana::log("info", $log_message); + } + // We don't need to save the session for this request + Session::abort_save(); + return json_encode(array("status" => "ERROR", "message" => (string)$message)); + } +} diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index fd1c25be..ce926107 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -22,7 +22,7 @@ class rest_event { * the user_homes directory. */ static function user_before_delete($user) { - ORM::factory("rest_key") + ORM::factory("user_access_token") ->where("id", $user->id) ->delete_all(); } @@ -32,7 +32,7 @@ class rest_event { * on every add. */ static function user_add_form_admin_completed($user, $form) { - $key = ORM::factory("rest_key"); + $key = ORM::factory("user_access_token"); $key->user_id = $user->id; $key->access_key = md5($user->name . rand()); $key->save(); @@ -56,7 +56,7 @@ class rest_event { * Get the form fields for user edit */ static function _get_access_key_form($user, $form) { - $key = ORM::factory("rest_key") + $key = ORM::factory("user_access_token") ->where("user_id", $user->id) ->find(); @@ -66,7 +66,7 @@ class rest_event { $key->save(); } - $form->edit_user->input("access_key") + $form->edit_user->input("user_access_token") ->value($key->access_key) ->readonly("readonly") ->class("g-form-static") diff --git a/modules/rest/helpers/rest_installer.php b/modules/rest/helpers/rest_installer.php index 274002c0..9fbc5b2e 100644 --- a/modules/rest/helpers/rest_installer.php +++ b/modules/rest/helpers/rest_installer.php @@ -20,7 +20,7 @@ class rest_installer { static function install() { Database::instance() - ->query("CREATE TABLE {rest_keys} ( + ->query("CREATE TABLE {user_access_tokens} ( `id` int(9) NOT NULL auto_increment, `user_id` int(9) NOT NULL, `access_key` char(32) NOT NULL, @@ -32,6 +32,6 @@ class rest_installer { } static function uninstall() { - Database::instance()->query("DROP TABLE IF EXISTS {rest_keys}"); + Database::instance()->query("DROP TABLE IF EXISTS {user_access_tokens}"); } } diff --git a/modules/rest/models/rest_key.php b/modules/rest/models/rest_key.php deleted file mode 100644 index 4dee8b65..00000000 --- a/modules/rest/models/rest_key.php +++ /dev/null @@ -1,21 +0,0 @@ -_save = array($_GET, $_POST, $_SERVER); $this->_user = identity::create_user("access_test", "Access Test", "password"); - $key = ORM::factory("rest_key"); + $key = ORM::factory("user_access_token"); $this->_access_key = $key->access_key = md5($this->_user->name . rand()); $key->user_id = $this->_user->id; $key->save(); @@ -59,7 +59,7 @@ class Rest_Controller_Test extends Unit_Test_Case { } public function rest_access_key_generated_test() { - ORM::factory("rest_key") + ORM::factory("user_access_token") ->where("access_key", $this->_access_key) ->delete(); $_SERVER["REQUEST_METHOD"] = "POST"; @@ -97,46 +97,46 @@ class Rest_Controller_Test extends Unit_Test_Case { $this->_call_controller()); } - public function rest_get_album_no_request_key_test() { + public function rest_get_resource_no_request_key_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))), $this->_call_controller("rest")); } - public function rest_get_album_no_request_content_test() { + public function rest_get_resource_no_request_content_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; $this->assert_equal( - json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))), + json_encode(array("status" => "ERROR", "message" => (string)t("Invalid request"))), $this->_call_controller("rest")); } - public function rest_get_album_invalid_key_test() { + public function rest_get_resource_invalid_key_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = md5($this->_access_key); // screw up the access key - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( json_encode(array("status" => "ERROR", "message" => (string)t("Authorization failed"))), $this->_call_controller()); } - public function rest_get_album_no_user_for_key_test() { + public function rest_get_resource_no_user_for_key_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->_user->delete(); unset($this->_user); @@ -146,31 +146,31 @@ class Rest_Controller_Test extends Unit_Test_Case { $this->_call_controller("rest")); } - public function rest_get_album_no_resource_test() { + public function rest_get_resource_no_resource_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( - json_encode(array("status" => "ERROR", "message" => (string)t("Invalid request parameters"))), + json_encode(array("status" => "ERROR", "message" => (string)t("Invalid request"))), $this->_call_controller("rest")); } - public function rest_get_album_no_handler_test() { + public function rest_get_resource_no_handler_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; $_GET["request_key"] = $this->_access_key; - $_POST["request"] = json_encode(array("path" => "/test_album")); + $_POST["request"] = json_encode(array("path" => $this->_path)); $this->assert_equal( json_encode(array("status" => "ERROR", "message" => (string)t("Service not implemented"))), $this->_call_controller("rest", "album")); } - public function rest_get_album_test() { + public function rest_get_resource_test() { $_SERVER["HTTP_X_HTTP_METHOD_OVERRIDE"] = "GET"; $_SERVER["REQUEST_METHOD"] = "POST"; @@ -214,7 +214,7 @@ class rest_rest { $response["description"] = $item->description; $response["internet_address"] = $item->slug; $response["type"] = $item->type; - return array("status" => "OK", "message" => (string)t("Processed"), "item" => $response); + return rest::success(array("item" => $response), t("Processed")); } } -- cgit v1.2.3 From 7e8985d0e8ae8db124ba20c8292c1ca8df038169 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 29 Dec 2009 15:26:18 -0800 Subject: Found another where statement that required converting --- modules/rest/helpers/rest_event.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'modules/rest/helpers/rest_event.php') diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index ce926107..a06f43ea 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -23,8 +23,8 @@ class rest_event { */ static function user_before_delete($user) { ORM::factory("user_access_token") - ->where("id", $user->id) - ->delete_all(); + ->where("id", "=", $user->id) + ->delete_all(); } /** @@ -57,10 +57,10 @@ class rest_event { */ static function _get_access_key_form($user, $form) { $key = ORM::factory("user_access_token") - ->where("user_id", $user->id) + ->where("user_id", "=", $user->id) ->find(); - if (!$key->loaded) { + if (!$key->loaded()) { $key->user_id = $user->id; $key->access_key = md5($user->name . rand()); $key->save(); -- cgit v1.2.3 From 28597ba53354537704899e7ad9eb39bbd5718b21 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 2 Jan 2010 14:31:59 -0800 Subject: Correct file structure tests, Have the tests delete the userid they create so as not to impact other tests. --- modules/gallery/tests/Gallery_Rest_Helper_Test.php | 22 ++++++++++------ modules/rest/controllers/rest.php | 3 ++- modules/rest/helpers/rest.php | 3 ++- modules/rest/helpers/rest_event.php | 3 ++- modules/rest/tests/Rest_Controller_Test.php | 29 ++++++++++++++-------- modules/tag/tests/Tag_Rest_Helper_Test.php | 20 +++++++++------ 6 files changed, 52 insertions(+), 28 deletions(-) (limited to 'modules/rest/helpers/rest_event.php') diff --git a/modules/gallery/tests/Gallery_Rest_Helper_Test.php b/modules/gallery/tests/Gallery_Rest_Helper_Test.php index 4cd3f2a6..605a4f37 100644 --- a/modules/gallery/tests/Gallery_Rest_Helper_Test.php +++ b/modules/gallery/tests/Gallery_Rest_Helper_Test.php @@ -26,17 +26,25 @@ class Gallery_Rest_Helper_Test extends Unit_Test_Case { public function teardown() { list($_GET, $_POST, $_SERVER, $_FILES) = $this->_save; identity::set_active_user($this->_saved_active_user); + if (!empty($this->_user)) { + try { + $this->_user->delete(); + } catch (Exception $e) { } + } } private function _create_user() { - $user = identity::create_user("access_test" . rand(), "Access Test", "password"); - $key = ORM::factory("user_access_token"); - $key->access_key = md5($user->name . rand()); - $key->user_id = $user->id; - $key->save(); - identity::set_active_user($user); - return $user; + if (empty($this->_user)) { + $this->_user = identity::create_user("access_test" . rand(), "Access Test", "password"); + $key = ORM::factory("user_access_token"); + $key->access_key = md5($this->_user->name . rand()); + $key->user_id = $this->_user->id; + $key->save(); + identity::set_active_user($this->_user); + } + return $this->_user; } + private function _create_album($parent=null) { $album_name = "album_" . rand(); if (empty($parent)) { diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php index 446ec7cb..39ca4797 100644 --- a/modules/rest/controllers/rest.php +++ b/modules/rest/controllers/rest.php @@ -1,4 +1,5 @@ -access_key = md5($user->name . rand()); - $key->user_id = $user->id; - $key->save(); - return array($key->access_key, $user); + if (empty($this->_user)) { + $this->_user = identity::create_user("access_test" . rand(), "Access Test", "password"); + $this->_key = ORM::factory("user_access_token"); + $this->_key->access_key = md5($this->_user->name . rand()); + $this->_key->user_id = $this->_user->id; + $this->_key->save(); + identity::set_active_user($this->_user); + } + return array($this->_key->access_key, $this->_user); + } + + public function teardown() { + list($_GET, $_POST, $_SERVER) = $this->_save; + if (!empty($this->_user)) { + try { + $this->_user->delete(); + } catch (Exception $e) { } + } } private function _create_image($parent=null) { @@ -40,11 +52,6 @@ class Rest_Controller_Test extends Unit_Test_Case { return photo::create($parent, $filename, "$image_name.jpg", $image_name); } - - public function teardown() { - list($_GET, $_POST, $_SERVER) = $this->_save; - } - public function rest_access_key_exists_test() { list ($access_key, $user) = $this->_create_user(); $_SERVER["REQUEST_METHOD"] = "GET"; diff --git a/modules/tag/tests/Tag_Rest_Helper_Test.php b/modules/tag/tests/Tag_Rest_Helper_Test.php index ac64470c..055e5cec 100644 --- a/modules/tag/tests/Tag_Rest_Helper_Test.php +++ b/modules/tag/tests/Tag_Rest_Helper_Test.php @@ -31,18 +31,24 @@ class Tag_Rest_Helper_Test extends Unit_Test_Case { Database::instance()->query("TRUNCATE {tags}"); Database::instance()->query("TRUNCATE {items_tags}"); + if (!empty($this->_user)) { + $this->_user->delete(); + } } catch (Exception $e) { } } private function _create_user() { - $user = identity::create_user("access_test" . rand(), "Access Test", "password"); - $key = ORM::factory("user_access_token"); - $key->access_key = md5($user->name . rand()); - $key->user_id = $user->id; - $key->save(); - identity::set_active_user($user); - return $user; + if (empty($this->_user)) { + $this->_user = identity::create_user("access_test" . rand(), "Access Test", "password"); + $key = ORM::factory("user_access_token"); + $key->access_key = md5($this->_user->name . rand()); + $key->user_id = $this->_user->id; + $key->save(); + identity::set_active_user($this->_user); + } + return $this->_user; } + private function _create_album($tags=array(), $parent=null) { $album_name = "album_" . rand(); if (empty($parent)) { -- cgit v1.2.3