From ded9ed4df809d28ba2f4519a398e06daf335ee81 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 8 Aug 2010 11:35:36 -0700
Subject: Create a registry of REST resources and call it "registry"..  Pretty
 simple, actually.  Fixes ticket #1173.

---
 modules/rest/helpers/registry_rest.php | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 modules/rest/helpers/registry_rest.php

(limited to 'modules/rest/helpers')

diff --git a/modules/rest/helpers/registry_rest.php b/modules/rest/helpers/registry_rest.php
new file mode 100644
index 00000000..e9c8b955
--- /dev/null
+++ b/modules/rest/helpers/registry_rest.php
@@ -0,0 +1,30 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class registry_rest_Core {
+  static function get($request) {
+    $results = array();
+    foreach (module::active() as $module) {
+      foreach (glob(MODPATH . "{$module->name}/helpers/*_rest.php") as $filename) {
+        $results[] = str_replace("_rest.php", "", basename($filename));
+      }
+    }
+    return array_unique($results);
+  }
+}
-- 
cgit v1.2.3


From d6f5a8a8d13892d6487f344c5e5b1f5dd48893d5 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 8 Aug 2010 15:02:24 -0700
Subject: Add JSONP support.  You must specify
 &output=jsonp?callback=<js_function> Fixes ticket #1205.

---
 modules/rest/helpers/rest.php | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

(limited to 'modules/rest/helpers')

diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index 644779da..73d09c64 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -24,7 +24,27 @@ class rest_Core {
     Session::instance()->abort_save();
 
     header("X-Gallery-API-Version: " . rest::API_VERSION);
-    if (Input::instance()->get("output") == "html") {
+    switch (Input::instance()->get("output", "json")) {
+    case "json":
+      json::reply($data);
+      break;
+
+    case "jsonp":
+      if (!($callback = Input::instance()->get("callback", ""))) {
+        throw new Rest_Exception(
+          "Bad Request", 400, array("errors" => array("callback" => "missing")));
+      }
+
+      if (preg_match('/^[$A-Za-z_][0-9A-Za-z_]*$/', $callback) == 1) {
+        header("Content-type: application/javascript");
+        print "$callback(" . json_encode($data) . ")";
+      } else {
+        throw new Rest_Exception(
+          "Bad Request", 400, array("errors" => array("callback" => "invalid")));
+      }
+      break;
+
+    case "html":
       header("Content-type: text/html");
       if ($data) {
         $html = preg_replace(
@@ -34,8 +54,10 @@ class rest_Core {
         $html = t("Empty response");
       }
       print "<pre>$html</pre>";
-    } else {
-      json::reply($data);
+      break;
+
+    default:
+      throw new Rest_Exception("Bad Request", 400);
     }
   }
 
-- 
cgit v1.2.3


From 0014745d4ad0c5e95e4ebced95062a6272359bf5 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 8 Aug 2010 21:49:30 -0700
Subject: Add a button to the user profile page to let you reset your REST API
 key.  This is useful if you think it's been compromised in some way. Fixes
 ticket #1226.

---
 modules/rest/controllers/rest.php                 | 16 ++++++++++++++++
 modules/rest/helpers/rest.php                     | 10 ++++++++++
 modules/rest/helpers/rest_event.php               |  7 -------
 modules/rest/views/reset_api_key_confirm.html.php |  7 +++++++
 modules/rest/views/user_profile_rest.html.php     |  3 +++
 5 files changed, 36 insertions(+), 7 deletions(-)
 create mode 100644 modules/rest/views/reset_api_key_confirm.html.php

(limited to 'modules/rest/helpers')

diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php
index bf2f0a54..a721ff2b 100644
--- a/modules/rest/controllers/rest.php
+++ b/modules/rest/controllers/rest.php
@@ -37,6 +37,22 @@ class Rest_Controller extends Controller {
     rest::reply(rest::access_key());
   }
 
+  public function reset_api_key_confirm() {
+    $form = new Forge("rest/reset_api_key", "", "post", array("id" => "g-reset-api-key"));
+    $group = $form->group("confirm_reset")->label(t("Confirm resetting your REST API key"));
+    $group->submit("")->value(t("Reset"));
+    $v = new View("reset_api_key_confirm.html");
+    $v->form = $form;
+    print $v;
+  }
+
+  public function reset_api_key() {
+    access::verify_csrf();
+    rest::reset_access_key();
+    message::success(t("Your REST API key has been reset."));
+    json::reply(array("result" => "success"));
+  }
+
   public function __call($function, $args) {
     try {
       $input = Input::instance();
diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index 73d09c64..333daf95 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -87,6 +87,16 @@ class rest_Core {
     identity::set_active_user($user);
   }
 
+  static function reset_access_key() {
+    $key = ORM::factory("user_access_key")
+      ->where("user_id", "=", identity::active_user()->id)
+      ->find();
+    if ($key->loaded()) {
+      $key->delete();
+    }
+    return rest::access_key();
+  }
+
   static function access_key() {
     $key = ORM::factory("user_access_key")
       ->where("user_id", "=", identity::active_user()->id)
diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php
index f23b9a58..6a42e893 100644
--- a/modules/rest/helpers/rest_event.php
+++ b/modules/rest/helpers/rest_event.php
@@ -54,13 +54,6 @@ class rest_event {
     self::_get_access_key_form($user, $form);
   }
 
-  /**
-   * Called when user is editing their own form
-   */
-  static function user_edit_form($user, $form) {
-    self::_get_access_key_form($user, $form);
-  }
-
   /**
    * Get the form fields for user edit
    */
diff --git a/modules/rest/views/reset_api_key_confirm.html.php b/modules/rest/views/reset_api_key_confirm.html.php
new file mode 100644
index 00000000..3aae2a9a
--- /dev/null
+++ b/modules/rest/views/reset_api_key_confirm.html.php
@@ -0,0 +1,7 @@
+<?php defined("SYSPATH") or die("No direct script access.") ?>
+<div id="g-rest-reset-api-key" class="ui-helper-clearfix">
+  <p>
+    <?= t("Do you really want to reset your REST API key?  Any clients that use this key will need to be updated with the new value.") ?>
+  </p>
+  <?= $form ?>
+</div>
diff --git a/modules/rest/views/user_profile_rest.html.php b/modules/rest/views/user_profile_rest.html.php
index e81f3d0b..3e5d3dbf 100644
--- a/modules/rest/views/user_profile_rest.html.php
+++ b/modules/rest/views/user_profile_rest.html.php
@@ -4,6 +4,9 @@
     <li id="g-rest-key">
       <p>
         <?= t("<b>Key</b>: %key", array("key" => $rest_key)) ?>
+        <a class="g-button ui-state-default ui-corner-all g-dialog-link" href="<?= url::site("rest/reset_api_key_confirm") ?>">
+          <?= t("reset") ?>
+        </a>
       </p>
     </li>
   </ul>
-- 
cgit v1.2.3


From 541a084cc1dcc6afa19ff526f1a12d0e878be5ab Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 8 Aug 2010 21:51:26 -0700
Subject: "REST api" --> "REST API".

---
 modules/rest/helpers/rest_event.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/rest/helpers')

diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php
index 6a42e893..d8c69e94 100644
--- a/modules/rest/helpers/rest_event.php
+++ b/modules/rest/helpers/rest_event.php
@@ -97,6 +97,6 @@ class rest_event {
       $key->save();
     }
     $view->rest_key = $key->access_key;
-    $data->content[] = (object)array("title" => t("REST api"), "view" => $view);
+    $data->content[] = (object)array("title" => t("REST API"), "view" => $view);
   }
 }
-- 
cgit v1.2.3


From a94bb197987deeee4b0046fb6566510080e087f6 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Mon, 9 Aug 2010 23:01:47 -0700
Subject: Force the charset to UTF-8 when viewing the HTML form of REST output.

---
 modules/rest/helpers/rest.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/rest/helpers')

diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index 333daf95..3a6b2cad 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -45,7 +45,7 @@ class rest_Core {
       break;
 
     case "html":
-      header("Content-type: text/html");
+      header("Content-type: text/html; charset=UTF-8");
       if ($data) {
         $html = preg_replace(
           "#([\w]+?://[\w]+[^ \'\"\n\r\t<]*)#ise", "'<a href=\"\\1\" >\\1</a>'",
-- 
cgit v1.2.3


From ff1d8aea2f2805f85ce3cc7e4079d04fb9f1bac4 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 15 Aug 2010 01:59:54 -0700
Subject: We use UTF-8 everywhere.  Fixes ticket #1285.

---
 modules/gallery/controllers/user_profile.php  | 2 +-
 modules/gallery/tests/Sendmail_Test.php       | 4 ++--
 modules/gallery/views/error_admin.html.php    | 2 +-
 modules/gallery/views/error_user.html.php     | 2 +-
 modules/notification/helpers/notification.php | 6 +++---
 modules/rest/helpers/rest.php                 | 2 +-
 modules/user/controllers/password.php         | 2 +-
 7 files changed, 10 insertions(+), 10 deletions(-)

(limited to 'modules/rest/helpers')

diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php
index 726d3e51..e992655b 100644
--- a/modules/gallery/controllers/user_profile.php
+++ b/modules/gallery/controllers/user_profile.php
@@ -56,7 +56,7 @@ class User_Profile_Controller extends Controller {
         ->to($user->email)
         ->subject(html::clean($form->message->subject->value))
         ->header("Mime-Version", "1.0")
-        ->header("Content-type", "text/html; charset=iso-8859-1")
+        ->header("Content-type", "text/html; charset=UTF-8")
         ->reply_to($form->message->reply_to->value)
         ->message(html::purify($form->message->message->value))
         ->send();
diff --git a/modules/gallery/tests/Sendmail_Test.php b/modules/gallery/tests/Sendmail_Test.php
index b20543d1..b9406047 100644
--- a/modules/gallery/tests/Sendmail_Test.php
+++ b/modules/gallery/tests/Sendmail_Test.php
@@ -65,14 +65,14 @@ class Sendmail_Test extends Gallery_Unit_Test_Case {
                 "From: from@gallery3.com\n" .
                 "Reply-To: public@gallery3.com\n" .
                 "MIME-Version: 1.0\n" .
-                "Content-type: text/html; charset=iso-8859-1\r\n" .
+                "Content-Type: text/html; charset=UTF-8\r\n" .
                 "Subject: Test Email Unit test\r\n\r\n" .
                 "<html><body><p>This is an html msg</p></body></html>";
     $result = Sendmail_For_Test::factory()
       ->to("receiver@someemail.com")
       ->subject("Test Email Unit test")
       ->header("MIME-Version", "1.0")
-      ->header("Content-type", "text/html; charset=iso-8859-1")
+      ->header("Content-Type", "text/html; charset=UTF-8")
       ->message("<html><body><p>This is an html msg</p></body></html>")
       ->send()
       ->send_text;
diff --git a/modules/gallery/views/error_admin.html.php b/modules/gallery/views/error_admin.html.php
index f5004eae..af78c59c 100644
--- a/modules/gallery/views/error_admin.html.php
+++ b/modules/gallery/views/error_admin.html.php
@@ -120,7 +120,7 @@
         font-size: 1.1em;
       }
     </style>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
     <title><?= t("Something went wrong!") ?></title>
 
     <script type="text/javascript">
diff --git a/modules/gallery/views/error_user.html.php b/modules/gallery/views/error_user.html.php
index b64cfb53..09ab752a 100644
--- a/modules/gallery/views/error_user.html.php
+++ b/modules/gallery/views/error_user.html.php
@@ -36,7 +36,7 @@
         margin: 0 auto;
       }
     </style>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
     <title><?= t("Something went wrong!") ?></title>
   </head>
   <body>
diff --git a/modules/notification/helpers/notification.php b/modules/notification/helpers/notification.php
index 0cf536bc..e4212203 100644
--- a/modules/notification/helpers/notification.php
+++ b/modules/notification/helpers/notification.php
@@ -185,7 +185,7 @@ class notification {
           ->to($email)
           ->subject($pending->subject)
           ->header("Mime-Version", "1.0")
-          ->header("Content-type", "text/html; charset=utf-8")
+          ->header("Content-Type", "text/html; charset=UTF-8")
           ->message($pending->body)
           ->send();
         $pending->delete();
@@ -199,7 +199,7 @@ class notification {
           ->to($email)
           ->subject(t("Multiple events have occurred")) // @todo fix this terrible subject line
           ->header("Mime-Version", "1.0")
-          ->header("Content-type", "text/html; charset=utf-8")
+          ->header("Content-Type", "text/html; charset=UTF-8")
           ->message($text)
           ->send();
       }
@@ -213,7 +213,7 @@ class notification {
           ->to($subscribers)
           ->subject($subject)
           ->header("Mime-Version", "1.0")
-          ->header("Content-type", "text/html; charset=utf-8")
+          ->header("Content-Type", "text/html; charset=UTF-8")
           ->message($text)
           ->send();
       } else {
diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index 3a6b2cad..d5ed0452 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -36,7 +36,7 @@ class rest_Core {
       }
 
       if (preg_match('/^[$A-Za-z_][0-9A-Za-z_]*$/', $callback) == 1) {
-        header("Content-type: application/javascript");
+        header("Content-type: application/javascript; charset=UTF-8");
         print "$callback(" . json_encode($data) . ")";
       } else {
         throw new Rest_Exception(
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 575720a8..2e5eac5f 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -61,7 +61,7 @@ class Password_Controller extends Controller {
         ->to($user->email)
         ->subject(t("Password Reset Request"))
         ->header("Mime-Version", "1.0")
-        ->header("Content-type", "text/html; charset=iso-8859-1")
+        ->header("Content-type", "text/html; charset=UTF-8")
         ->message($message->render())
         ->send();
 
-- 
cgit v1.2.3