From 59b6cd30e621ffeba55f23012e3ede42a4905e78 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 30 Mar 2010 13:53:14 -0700 Subject: Rename "user_access_tokens" table to "user_access_keys" as step 1 of a multi step process to refer to REST access keys as "access_key" everywhere. Bump the rest module to version 2. --- modules/rest/helpers/rest.php | 4 ++-- modules/rest/helpers/rest_event.php | 14 +++++++------- modules/rest/helpers/rest_installer.php | 14 +++++++++++--- modules/rest/models/user_access_key.php | 21 +++++++++++++++++++++ modules/rest/models/user_access_token.php | 21 --------------------- modules/rest/module.info | 2 +- modules/rest/tests/Rest_Controller_Test.php | 4 ++-- 7 files changed, 44 insertions(+), 36 deletions(-) create mode 100644 modules/rest/models/user_access_key.php delete mode 100644 modules/rest/models/user_access_token.php (limited to 'modules/rest') diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index 7440350f..e87ee91c 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -42,7 +42,7 @@ class rest_Core { throw new Rest_Exception("Forbidden", 403); } - $key = ORM::factory("user_access_token") + $key = ORM::factory("user_access_key") ->where("access_key", "=", $access_token) ->find(); @@ -59,7 +59,7 @@ class rest_Core { } static function get_access_token($user_id) { - $key = ORM::factory("user_access_token") + $key = ORM::factory("user_access_key") ->where("user_id", "=", $user_id) ->find(); diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index 91affe7a..c89436c0 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -24,7 +24,7 @@ class rest_event { */ static function user_before_delete($user) { db::build() - ->delete("user_access_tokens") + ->delete("user_access_keys") ->where("id", "=", $user->id) ->execute(); } @@ -34,7 +34,7 @@ class rest_event { * on every add. */ static function user_add_form_admin_completed($user, $form) { - $key = ORM::factory("user_access_token"); + $key = ORM::factory("user_access_key"); $key->user_id = $user->id; $key->access_key = md5($user->name . rand()); $key->save(); @@ -58,7 +58,7 @@ class rest_event { * Get the form fields for user edit */ static function _get_access_key_form($user, $form) { - $key = ORM::factory("user_access_token") + $key = ORM::factory("user_access_key") ->where("user_id", "=", $user->id) ->find(); @@ -68,7 +68,7 @@ class rest_event { $key->save(); } - $form->edit_user->input("user_access_token") + $form->edit_user->input("user_access_key") ->value($key->access_key) ->readonly("readonly") ->class("g-form-static") @@ -87,9 +87,9 @@ class rest_event { } $view = new View("user_profile_rest.html"); - $key = ORM::factory("user_access_token") - ->where("user_id", "=", $data->user->id) - ->find(); + $key = ORM::factory("user_access_key") + ->where("user_id", "=", $data->user->id) + ->find(); if (!$key->loaded()) { $key->user_id = $data->user->id; diff --git a/modules/rest/helpers/rest_installer.php b/modules/rest/helpers/rest_installer.php index f69f62d1..aeb9573e 100644 --- a/modules/rest/helpers/rest_installer.php +++ b/modules/rest/helpers/rest_installer.php @@ -20,7 +20,7 @@ class rest_installer { static function install() { Database::instance() - ->query("CREATE TABLE {user_access_tokens} ( + ->query("CREATE TABLE {user_access_keys} ( `id` int(9) NOT NULL auto_increment, `user_id` int(9) NOT NULL, `access_key` char(32) NOT NULL, @@ -28,10 +28,18 @@ class rest_installer { UNIQUE KEY(`access_key`), UNIQUE KEY(`user_id`)) DEFAULT CHARSET=utf8;"); - module::set_version("rest", 1); + module::set_version("rest", 2); + } + + static function upgrade($version) { + $db = Database::instance(); + if ($version == 1) { + $db->query("RENAME TABLE {user_access_tokens} TO {user_access_keys}"); + module::set_version("rest", $version = 2); + } } static function uninstall() { - Database::instance()->query("DROP TABLE IF EXISTS {user_access_tokens}"); + Database::instance()->query("DROP TABLE IF EXISTS {user_access_keys}"); } } diff --git a/modules/rest/models/user_access_key.php b/modules/rest/models/user_access_key.php new file mode 100644 index 00000000..1da0f5eb --- /dev/null +++ b/modules/rest/models/user_access_key.php @@ -0,0 +1,21 @@ +assert_false( - ORM::factory("user_access_token")->where("user_id", "=", $user->id)->find()->loaded()); + ORM::factory("user_access_key")->where("user_id", "=", $user->id)->find()->loaded()); $_POST["user"] = $user->name; $_POST["password"] = "password"; $response = test::call_and_capture(array(new Rest_Controller(), "index")); $expected = - ORM::factory("user_access_token")->where("user_id", "=", $user->id)->find()->access_key; + ORM::factory("user_access_key")->where("user_id", "=", $user->id)->find()->access_key; // Now there is an access key, and it was returned $this->assert_equal(json_encode($expected), $response); -- cgit v1.2.3 From ca977dce516b9e2ca9539db69fce188ed33d971c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 30 Mar 2010 14:01:40 -0700 Subject: Rename "access_token" to "access_key" in the code for consistency. --- modules/rest/controllers/rest.php | 6 +++--- modules/rest/helpers/rest.php | 8 ++++---- modules/rest/tests/Rest_Controller_Test.php | 18 +++++++++--------- 3 files changed, 16 insertions(+), 16 deletions(-) (limited to 'modules/rest') diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php index 9f9b9aff..29334cea 100644 --- a/modules/rest/controllers/rest.php +++ b/modules/rest/controllers/rest.php @@ -34,7 +34,7 @@ class Rest_Controller extends Controller { auth::login($user); - $key = rest::get_access_token($user->id); + $key = rest::get_access_key($user->id); rest::reply($key->access_key); } @@ -55,10 +55,10 @@ class Rest_Controller extends Controller { } $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method)); - $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY"); + $request->access_key = $input->server("HTTP_X_GALLERY_REQUEST_KEY"); $request->url = url::abs_current(true); - rest::set_active_user($request->access_token); + rest::set_active_user($request->access_key); $handler_class = "{$function}_rest"; $handler_method = $request->method; diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index e87ee91c..49999520 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -37,13 +37,13 @@ class rest_Core { } } - static function set_active_user($access_token) { - if (empty($access_token)) { + static function set_active_user($access_key) { + if (empty($access_key)) { throw new Rest_Exception("Forbidden", 403); } $key = ORM::factory("user_access_key") - ->where("access_key", "=", $access_token) + ->where("access_key", "=", $access_key) ->find(); if (!$key->loaded()) { @@ -58,7 +58,7 @@ class rest_Core { identity::set_active_user($user); } - static function get_access_token($user_id) { + static function get_access_key($user_id) { $key = ORM::factory("user_access_key") ->where("user_id", "=", $user_id) ->find(); diff --git a/modules/rest/tests/Rest_Controller_Test.php b/modules/rest/tests/Rest_Controller_Test.php index e8b9dbd0..6d09b214 100644 --- a/modules/rest/tests/Rest_Controller_Test.php +++ b/modules/rest/tests/Rest_Controller_Test.php @@ -21,7 +21,7 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { public function setup() { $this->_save = array($_GET, $_POST, $_SERVER); - $key = rest::get_access_token(1); // admin user + $key = rest::get_access_key(1); // admin user $_SERVER["HTTP_X_GALLERY_REQUEST_KEY"] = $key->access_key; } @@ -82,11 +82,11 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["REQUEST_METHOD"] = "GET"; $_GET["key"] = "value"; - $key = rest::get_access_token(1); // admin user + $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "get", - "access_token" => $key->access_key, + "access_key" => $key->access_key, "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } @@ -95,11 +95,11 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["REQUEST_METHOD"] = "POST"; $_POST["key"] = "value"; - $key = rest::get_access_token(1); // admin user + $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "post", - "access_token" => $key->access_key, + "access_key" => $key->access_key, "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } @@ -109,11 +109,11 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["HTTP_X_GALLERY_REQUEST_METHOD"] = "put"; $_POST["key"] = "value"; - $key = rest::get_access_token(1); // admin user + $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "put", - "access_token" => $key->access_key, + "access_key" => $key->access_key, "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } @@ -123,11 +123,11 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["HTTP_X_GALLERY_REQUEST_METHOD"] = "delete"; $_POST["key"] = "value"; - $key = rest::get_access_token(1); // admin user + $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "delete", - "access_token" => $key->access_key, + "access_key" => $key->access_key, "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } -- cgit v1.2.3 From 668c12da1cd6add3c7a734f34c84bd87700b2141 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 30 Mar 2010 20:47:45 -0700 Subject: Rest -> REST --- modules/rest/helpers/rest_event.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/rest') diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index c89436c0..e4e53ef6 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -97,6 +97,6 @@ class rest_event { $key->save(); } $view->rest_key = $key->access_key; - $data->content[] = (object)array("title" => t("Rest api"), "view" => $view); + $data->content[] = (object)array("title" => t("REST api"), "view" => $view); } } -- cgit v1.2.3 From 5679e30ef6c68272cce295bd593bc23c9ec1e1b3 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 4 Apr 2010 11:55:54 -0700 Subject: REST changes: Allow PUT and POST requests to modify members, not just entity. TESTS ARE NOT UPDATED YET. - Fix item_rest::get() to maintain the proper sort order, which requires duplicating some Item_Model code. - Elide "weight" from the REST version of item - Adjust the weight of members according to the order they're returned from the client. You can't add or remove members here, you can only reorder them. - Changed the wire protocol to handle more complex values. Now "entity" and "members" are JSON encoded. The Gallery3 helper does this correctly. - Changed the wire protocol for tag_item -- now it stores the tag and item urls in the entity, not as members. This is more consistent. - Added missing security for renaming and deleting tags. - Got rid of vestigial tag_rest::post(). We add/remove tags via the relationship. --- .../gallery/helpers/item_ordered_members_rest.php | 82 ------------------- modules/gallery/helpers/item_rest.php | 93 +++++++++++++--------- modules/gallery/models/item.php | 2 +- modules/rest/controllers/rest.php | 7 ++ modules/tag/helpers/item_tags_rest.php | 5 +- modules/tag/helpers/tag_item_rest.php | 2 +- modules/tag/helpers/tag_items_rest.php | 4 +- modules/tag/helpers/tag_rest.php | 27 +++---- modules/tag/helpers/tags_rest.php | 6 +- 9 files changed, 85 insertions(+), 143 deletions(-) delete mode 100644 modules/gallery/helpers/item_ordered_members_rest.php (limited to 'modules/rest') diff --git a/modules/gallery/helpers/item_ordered_members_rest.php b/modules/gallery/helpers/item_ordered_members_rest.php deleted file mode 100644 index 5ae331bc..00000000 --- a/modules/gallery/helpers/item_ordered_members_rest.php +++ /dev/null @@ -1,82 +0,0 @@ -url); - $ordered_members = array(); - foreach ($item->children() as $child) { - $ordered_members[] = rest::url("item", $child); - } - - return array( - "url" => $request->url, - "entity" => array("ordered_members" => $ordered_members)); - } - - static function put($request) { - $item = rest::resolve($request->url); - access::required("edit", $item); - - // Verify that we're not adding or removing members this way - if (count($request->params->ordered_members) != $item->children_count()) { - throw new Rest_Exception("Bad Request", 400); - } - - $ordered_members = array(); - foreach ($request->params->ordered_members as $url) { - $member = rest::resolve($url); - if ($member->parent_id != $item->id) { - throw new Rest_Exception("Bad Request", 400); - } - $ordered_members[] = $member; - } - - // Update all the weights. This is a pretty inefficient way to do this if we're just changing - // one or two elements, but it's easy. We could optimize this by looking at the current order - // and figuring out which elements have moved and then only changing those values. - $i = 0; - foreach ($ordered_members as $member) { - $member->weight = $i++; - $member->save(); - } - } - - static function relationships($resource_type, $resource) { - if ($resource_type == "item" && $resource->is_album()) { - return array( - "item_ordered_members" => array( - "url" => rest::url("item_ordered_members", $resource))); - } - - return array(); - } - - static function resolve($id) { - $item = ORM::factory("item", $id); - if (!access::can("view", $item) || !$item->is_album()) { - throw new Kohana_404_Exception(); - } - return $item; - } - - static function url($item) { - return url::abs_site("rest/item_ordered_members/{$item->id}"); - } -} diff --git a/modules/gallery/helpers/item_rest.php b/modules/gallery/helpers/item_rest.php index 16abec5a..f52713b8 100644 --- a/modules/gallery/helpers/item_rest.php +++ b/modules/gallery/helpers/item_rest.php @@ -70,6 +70,14 @@ class item_rest_Core { $orm->where("type", "IN", explode(",", $p->type)); } + // Apply the item's sort order, using id as the tie breaker. + // See Item_Model::children() + $order_by = array($item->sort_column => $item->sort_order); + if ($item->sort_column != "id") { + $order_by["id"] = "ASC"; + } + $orm->order_by($order_by); + $members = array(); foreach ($orm->find_all() as $child) { $members[] = rest::url("item", $child); @@ -86,33 +94,44 @@ class item_rest_Core { $item = rest::resolve($request->url); access::required("edit", $item); - $params = $request->params; - - // Only change fields from a whitelist. - foreach (array("album_cover", "captured", "description", - "height", "mime_type", "name", "parent", "rand_key", "resize_dirty", - "resize_height", "resize_width", "slug", "sort_column", "sort_order", - "thumb_dirty", "thumb_height", "thumb_width", "title", "view_count", - "weight", "width") as $key) { - switch ($key) { - case "album_cover": - if (property_exists($request->params, "album_cover")) { - $album_cover_item = rest::resolve($request->params->album_cover); - access::required("view", $album_cover_item); - $item->album_cover_item_id = $album_cover_item->id; + if ($entity = $request->params->entity) { + // Only change fields from a whitelist. + foreach (array("album_cover", "captured", "description", + "height", "mime_type", "name", "parent", "rand_key", "resize_dirty", + "resize_height", "resize_width", "slug", "sort_column", "sort_order", + "thumb_dirty", "thumb_height", "thumb_width", "title", "view_count", + "width") as $key) { + switch ($key) { + case "album_cover": + if (property_exists($entity, "album_cover")) { + $album_cover_item = rest::resolve($entity->album_cover); + access::required("view", $album_cover_item); + $item->album_cover_item_id = $album_cover_item->id; + } + break; + + case "parent": + if (property_exists($entity, "parent")) { + $parent = rest::resolve($entity->parent); + access::required("edit", $parent); + $item->parent_id = $parent->id; + } + break; + default: + if (property_exists($entity, $key)) { + $item->$key = $entity->$key; + } } - break; + } + } - case "parent": - if (property_exists($request->params, "parent")) { - $parent = rest::resolve($request->params->parent); - access::required("edit", $parent); - $item->parent_id = $parent->id; - } - break; - default: - if (property_exists($request->params, $key)) { - $item->$key = $request->params->$key; + $weight = 0; + if (isset($request->params->members)) { + foreach ($request->params->members as $url) { + $child = rest::resolve($url); + if ($child->parent_id == $item->id && $child->weight != $weight) { + $child->weight = $weight++; + $child->save(); } } } @@ -123,33 +142,33 @@ class item_rest_Core { $parent = rest::resolve($request->url); access::required("edit", $parent); - $params = $request->params; + $entity = $request->params->entity; $item = ORM::factory("item"); - switch ($params->type) { + switch ($entity->type) { case "album": $item->type = "album"; $item->parent_id = $parent->id; - $item->name = $params->name; - $item->title = isset($params->title) ? $params->title : $name; - $item->description = isset($params->description) ? $params->description : null; - $item->slug = isset($params->slug) ? $params->slug : null; + $item->name = $entity->name; + $item->title = isset($entity->title) ? $entity->title : $name; + $item->description = isset($entity->description) ? $entity->description : null; + $item->slug = isset($entity->slug) ? $entity->slug : null; $item->save(); break; case "photo": case "movie": - $item->type = $params->type; + $item->type = $entity->type; $item->parent_id = $parent->id; $item->set_data_file($request->file); - $item->name = $params->name; - $item->title = isset($params->title) ? $params->title : $params->name; - $item->description = isset($params->description) ? $params->description : null; - $item->slug = isset($params->slug) ? $params->slug : null; + $item->name = $entity->name; + $item->title = isset($entity->title) ? $entity->title : $entity->name; + $item->description = isset($entity->description) ? $entity->description : null; + $item->slug = isset($entity->slug) ? $entity->slug : null; $item->save(); break; default: - throw new Rest_Exception("Invalid type: $params->type", 400); + throw new Rest_Exception("Invalid type: $entity->type", 400); } return array("url" => rest::url("item", $item)); diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 6ede5109..4a87a2ab 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -941,7 +941,7 @@ class Item_Model extends ORM_MPTT { // Elide some internal-only data that is going to cause confusion in the client. foreach (array("relative_path_cache", "relative_url_cache", "left_ptr", "right_ptr", - "thumb_dirty", "resize_dirty") as $key) { + "thumb_dirty", "resize_dirty", "weight") as $key) { unset($data[$key]); } return $data; diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php index 29334cea..dab54976 100644 --- a/modules/rest/controllers/rest.php +++ b/modules/rest/controllers/rest.php @@ -54,6 +54,13 @@ class Rest_Controller extends Controller { break; } + if (isset($request->params->entity)) { + $request->params->entity = json_decode($request->params->entity); + } + if (isset($request->params->members)) { + $request->params->members = json_decode($request->params->members); + } + $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method)); $request->access_key = $input->server("HTTP_X_GALLERY_REQUEST_KEY"); $request->url = url::abs_current(true); diff --git a/modules/tag/helpers/item_tags_rest.php b/modules/tag/helpers/item_tags_rest.php index 8a1b1e8b..02c79e5d 100644 --- a/modules/tag/helpers/item_tags_rest.php +++ b/modules/tag/helpers/item_tags_rest.php @@ -31,8 +31,8 @@ class item_tags_rest_Core { } static function post($request) { - $tag = rest::resolve($request->params->tag); - $item = rest::resolve($request->params->item); + $tag = rest::resolve($request->params->entity->tag); + $item = rest::resolve($request->params->entity->item); access::required("view", $item); tag::add($item, $tag->name); @@ -45,6 +45,7 @@ class item_tags_rest_Core { static function delete($request) { list ($tag, $item) = rest::resolve($request->url); + access::required("edit", $item); $tag->remove($item); $tag->save(); } diff --git a/modules/tag/helpers/tag_item_rest.php b/modules/tag/helpers/tag_item_rest.php index bce00a9f..17cb726e 100644 --- a/modules/tag/helpers/tag_item_rest.php +++ b/modules/tag/helpers/tag_item_rest.php @@ -22,7 +22,7 @@ class tag_item_rest_Core { list ($tag, $item) = rest::resolve($request->url); return array( "url" => $request->url, - "members" => array( + "entity" => array( "tag" => rest::url("tag", $tag), "item" => rest::url("item", $item))); } diff --git a/modules/tag/helpers/tag_items_rest.php b/modules/tag/helpers/tag_items_rest.php index 003c7c95..848c2cd3 100644 --- a/modules/tag/helpers/tag_items_rest.php +++ b/modules/tag/helpers/tag_items_rest.php @@ -33,8 +33,8 @@ class tag_items_rest_Core { } static function post($request) { - $tag = rest::resolve($request->params->tag); - $item = rest::resolve($request->params->item); + $tag = rest::resolve($request->params->entity->tag); + $item = rest::resolve($request->params->entity->item); access::required("view", $item); if (!$tag->loaded()) { diff --git a/modules/tag/helpers/tag_rest.php b/modules/tag/helpers/tag_rest.php index f30706bd..e0b7bd87 100644 --- a/modules/tag/helpers/tag_rest.php +++ b/modules/tag/helpers/tag_rest.php @@ -36,28 +36,25 @@ class tag_rest_Core { "members" => $tag_items))); } - static function post($request) { - if (empty($request->params->url)) { - throw new Rest_Exception("Bad request", 400); - } - - $tag = rest::resolve($request->url); - $item = rest::resolve($request->params->url); - access::required("edit", $item); - - tag::add($item, $tag->name); - return array("url" => rest::url("tag_item", $tag, $item)); - } - static function put($request) { + // Who can we allow to edit a tag name? If we allow anybody to do it then any logged in + // user can rename all your tags to something offensive. Right now limit renaming to admins. + if (!identity::active_user()->admin) { + access::forbidden(); + } $tag = rest::resolve($request->url); - if (isset($request->params->name)) { - $tag->name = $request->params->name; + if (isset($request->params->entity->name)) { + $tag->name = $request->params->entity->name; $tag->save(); } } static function delete($request) { + // Restrict deleting tags to admins. Otherwise, a logged in user can do great harm to an + // install. + if (!identity::active_user()->admin) { + access::forbidden(); + } $tag = rest::resolve($request->url); $tag->delete(); } diff --git a/modules/tag/helpers/tags_rest.php b/modules/tag/helpers/tags_rest.php index 82826d8e..434e774a 100644 --- a/modules/tag/helpers/tags_rest.php +++ b/modules/tag/helpers/tags_rest.php @@ -40,13 +40,13 @@ class tags_rest_Core { } } - if (empty($request->params->name)) { + if (empty($request->params->entity->name)) { throw new Rest_Exception("Bad Request", 400); } - $tag = ORM::factory("tag")->where("name", "=", $request->params->name)->find(); + $tag = ORM::factory("tag")->where("name", "=", $request->params->entity->name)->find(); if (!$tag->loaded()) { - $tag->name = $request->params->name; + $tag->name = $request->params->entity->name; $tag->count = 0; $tag->save(); } -- cgit v1.2.3 From af71df3d0f6bbed29446df1801d16d28acbf927c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 17 Apr 2010 15:35:09 -0700 Subject: Update tests to reflect recent changes to the REST API. --- modules/gallery/tests/Item_Rest_Helper_Test.php | 70 ++++++++++++++----------- modules/rest/tests/Rest_Controller_Test.php | 1 + modules/tag/tests/Tag_Item_Rest_Helper_Test.php | 2 +- modules/tag/tests/Tag_Rest_Helper_Test.php | 32 +---------- modules/tag/tests/Tags_Rest_Helper_Test.php | 8 +-- 5 files changed, 49 insertions(+), 64 deletions(-) (limited to 'modules/rest') diff --git a/modules/gallery/tests/Item_Rest_Helper_Test.php b/modules/gallery/tests/Item_Rest_Helper_Test.php index bef95668..0b5e0471 100644 --- a/modules/gallery/tests/Item_Rest_Helper_Test.php +++ b/modules/gallery/tests/Item_Rest_Helper_Test.php @@ -42,13 +42,14 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $photo1), - rest::url("item", $album2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array()))), + "members" => array())), + "members" => array( + rest::url("item", $photo1), + rest::url("item", $album2)), + ), item_rest::get($request)); $request->url = rest::url("item", $album1); @@ -56,13 +57,14 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $photo1), - rest::url("item", $album2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array()))), + "members" => array())), + "members" => array( + rest::url("item", $photo1), + rest::url("item", $album2)), + ), item_rest::get($request)); $request->url = rest::url("item", $album1); @@ -70,14 +72,15 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), + "relationships" => array( + "tags" => array( + "url" => rest::url("item_tags", $album1), + "members" => array())), "members" => array( rest::url("item", $photo1), rest::url("item", $album2), rest::url("item", $photo2)), - "relationships" => array( - "tags" => array( - "url" => rest::url("item_tags", $album1), - "members" => array()))), + ), item_rest::get($request)); } @@ -96,12 +99,13 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $photo2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array()))), + "members" => array())), + "members" => array( + rest::url("item", $photo2)), + ), item_rest::get($request)); } @@ -118,12 +122,13 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $album2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array() ))), + "members" => array())), + "members" => array( + rest::url("item", $album2)), + ), item_rest::get($request)); } @@ -134,7 +139,8 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->title = "my new title"; + $request->params->entity = new stdClass(); + $request->params->entity->title = "my new title"; item_rest::put($request); $this->assert_equal("my new title", $album1->reload()->title); @@ -147,8 +153,9 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->title = "my new title"; - $request->params->slug = "not url safe"; + $request->params->entity = new stdClass(); + $request->params->entity->title = "my new title"; + $request->params->entity->slug = "not url safe"; try { item_rest::put($request); @@ -166,9 +173,10 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->type = "album"; - $request->params->name = "my album"; - $request->params->title = "my album"; + $request->params->entity = new stdClass(); + $request->params->entity->type = "album"; + $request->params->entity->name = "my album"; + $request->params->entity->title = "my album"; $response = item_rest::post($request); $new_album = rest::resolve($response["url"]); @@ -183,10 +191,11 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->type = "album"; - $request->params->name = "my album"; - $request->params->title = "my album"; - $request->params->slug = "not url safe"; + $request->params->entity = new stdClass(); + $request->params->entity->type = "album"; + $request->params->entity->name = "my album"; + $request->params->entity->title = "my album"; + $request->params->entity->slug = "not url safe"; try { item_rest::post($request); @@ -205,8 +214,9 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->type = "photo"; - $request->params->name = "my photo.jpg"; + $request->params->entity = new stdClass(); + $request->params->entity->type = "photo"; + $request->params->entity->name = "my photo.jpg"; $request->file = MODPATH . "gallery/tests/test.jpg"; $response = item_rest::post($request); $new_photo = rest::resolve($response["url"]); diff --git a/modules/rest/tests/Rest_Controller_Test.php b/modules/rest/tests/Rest_Controller_Test.php index 6d09b214..fe83283d 100644 --- a/modules/rest/tests/Rest_Controller_Test.php +++ b/modules/rest/tests/Rest_Controller_Test.php @@ -27,6 +27,7 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { public function teardown() { list($_GET, $_POST, $_SERVER) = $this->_save; + identity::set_active_user(identity::admin_user()); } public function login_test() { diff --git a/modules/tag/tests/Tag_Item_Rest_Helper_Test.php b/modules/tag/tests/Tag_Item_Rest_Helper_Test.php index e5acab93..533f832d 100644 --- a/modules/tag/tests/Tag_Item_Rest_Helper_Test.php +++ b/modules/tag/tests/Tag_Item_Rest_Helper_Test.php @@ -32,7 +32,7 @@ class Tag_Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request->url = rest::url("tag_item", $tag, item::root()); $this->assert_equal_array( array("url" => rest::url("tag_item", $tag, item::root()), - "members" => array( + "entity" => array( "tag" => rest::url("tag", $tag), "item" => rest::url("item", item::root()))), tag_item_rest::get($request)); diff --git a/modules/tag/tests/Tag_Rest_Helper_Test.php b/modules/tag/tests/Tag_Rest_Helper_Test.php index f4d5a14a..a8aa89d4 100644 --- a/modules/tag/tests/Tag_Rest_Helper_Test.php +++ b/modules/tag/tests/Tag_Rest_Helper_Test.php @@ -67,41 +67,13 @@ class Tag_Rest_Helper_Test extends Gallery_Unit_Test_Case { tag_rest::get($request)); } - public function post_test() { - $tag = test::random_tag(); - - // Create an editable item to be tagged - $album = test::random_album(); - access::allow(identity::everybody(), "edit", $album); - - // Add the album to the tag - $request = new stdClass(); - $request->url = rest::url("tag", $tag); - $request->params = new stdClass(); - $request->params->url = rest::url("item", $album); - $this->assert_equal_array( - array("url" => rest::url("tag_item", $tag, $album)), - tag_rest::post($request)); - } - - public function post_with_no_item_url_test() { - $request = new stdClass(); - try { - tag_rest::post($request); - } catch (Rest_Exception $e) { - $this->assert_equal(400, $e->getCode()); - return; - } - - $this->assert_true(false, "Shouldn't get here"); - } - public function put_test() { $tag = test::random_tag(); $request = new stdClass(); $request->url = rest::url("tag", $tag); $request->params = new stdClass(); - $request->params->name = "new name"; + $request->params->entity = new stdClass(); + $request->params->entity->name = "new name"; tag_rest::put($request); $this->assert_equal("new name", $tag->reload()->name); diff --git a/modules/tag/tests/Tags_Rest_Helper_Test.php b/modules/tag/tests/Tags_Rest_Helper_Test.php index a0ebc8c3..99332c7c 100644 --- a/modules/tag/tests/Tags_Rest_Helper_Test.php +++ b/modules/tag/tests/Tags_Rest_Helper_Test.php @@ -45,11 +45,12 @@ class Tags_Rest_Helper_Test extends Gallery_Unit_Test_Case { } public function post_test() { - access::allow(identity::everybody(), "edit", item::root()); + identity::set_active_user(identity::guest()); $request = new stdClass(); $request->params = new stdClass(); - $request->params->name = "test tag"; + $request->params->entity = new stdClass(); + $request->params->entity->name = "test tag"; $this->assert_equal( array("url" => url::site("rest/tag/1")), tags_rest::post($request)); @@ -63,7 +64,8 @@ class Tags_Rest_Helper_Test extends Gallery_Unit_Test_Case { try { $request = new stdClass(); $request->params = new stdClass(); - $request->params->name = "test tag"; + $request->params->entity = new stdClass(); + $request->params->entity->name = "test tag"; tags_rest::post($request); } catch (Exception $e) { $this->assert_equal(403, $e->getCode()); -- cgit v1.2.3