From 93eab24c4a858ac0121540e7d06acf37c79c8de9 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Thu, 1 Apr 2010 21:00:13 -0700 Subject: Add a new resource for managing child item orders. --- .../gallery/helpers/item_ordered_members_rest.php | 80 ++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 modules/gallery/helpers/item_ordered_members_rest.php (limited to 'modules') diff --git a/modules/gallery/helpers/item_ordered_members_rest.php b/modules/gallery/helpers/item_ordered_members_rest.php new file mode 100644 index 00000000..a2bcc034 --- /dev/null +++ b/modules/gallery/helpers/item_ordered_members_rest.php @@ -0,0 +1,80 @@ +url); + $ordered_members = array(); + foreach ($item->children() as $child) { + $ordered_members[] = rest::url("item", $child); + } + + return array( + "url" => $request->url, + "entity" => array("ordered_members" => $ordered_members)); + } + + static function put($request) { + $item = rest::resolve($request->url); + access::required("edit", $item); + + // Verify that we're not adding or removing members this way + if (count($request->params->ordered_members) != $item->children_count()) { + throw new Rest_Exception("Bad Request", 400); + } + + $ordered_members = array(); + foreach ($request->params->ordered_members as $url) { + $member = rest::resolve($url); + if ($member->parent_id != $item->id) { + throw new Rest_Exception("Bad Request", 400); + } + $ordered_members[] = $member; + } + + // Update all the weights. This is a pretty inefficient way to do this if we're just changing + // one or two elements, but it's easy. We could optimize this by looking at the current order + // and figuring out which elements have moved and then only changing those values. + $i = 0; + foreach ($ordered_members as $member) { + $member->weight = $i++; + $member->save(); + } + } + + static function relationships($resource_type, $resource) { + if ($resource_type == "item" && $resource->is_album()) { + return array( + "item_ordered_members" => array( + "url" => rest::url("item_ordered_members", $resource))); + } + } + + static function resolve($id) { + $item = ORM::factory("item", $id); + if (!access::can("view", $item) || !$item->is_album()) { + throw new Kohana_404_Exception(); + } + return $item; + } + + static function url($item) { + return url::abs_site("rest/item_ordered_members/{$item->id}"); + } +} -- cgit v1.2.3 From 4e450b5a9664d2a24b74050f7b410cd581fc41cb Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 2 Apr 2010 11:53:24 -0700 Subject: Always return an array from item_ordered_members_rest::relationships() --- modules/gallery/helpers/item_ordered_members_rest.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'modules') diff --git a/modules/gallery/helpers/item_ordered_members_rest.php b/modules/gallery/helpers/item_ordered_members_rest.php index a2bcc034..5ae331bc 100644 --- a/modules/gallery/helpers/item_ordered_members_rest.php +++ b/modules/gallery/helpers/item_ordered_members_rest.php @@ -64,6 +64,8 @@ class item_ordered_members_rest_Core { "item_ordered_members" => array( "url" => rest::url("item_ordered_members", $resource))); } + + return array(); } static function resolve($id) { -- cgit v1.2.3 From 5679e30ef6c68272cce295bd593bc23c9ec1e1b3 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 4 Apr 2010 11:55:54 -0700 Subject: REST changes: Allow PUT and POST requests to modify members, not just entity. TESTS ARE NOT UPDATED YET. - Fix item_rest::get() to maintain the proper sort order, which requires duplicating some Item_Model code. - Elide "weight" from the REST version of item - Adjust the weight of members according to the order they're returned from the client. You can't add or remove members here, you can only reorder them. - Changed the wire protocol to handle more complex values. Now "entity" and "members" are JSON encoded. The Gallery3 helper does this correctly. - Changed the wire protocol for tag_item -- now it stores the tag and item urls in the entity, not as members. This is more consistent. - Added missing security for renaming and deleting tags. - Got rid of vestigial tag_rest::post(). We add/remove tags via the relationship. --- .../gallery/helpers/item_ordered_members_rest.php | 82 ------------------- modules/gallery/helpers/item_rest.php | 93 +++++++++++++--------- modules/gallery/models/item.php | 2 +- modules/rest/controllers/rest.php | 7 ++ modules/tag/helpers/item_tags_rest.php | 5 +- modules/tag/helpers/tag_item_rest.php | 2 +- modules/tag/helpers/tag_items_rest.php | 4 +- modules/tag/helpers/tag_rest.php | 27 +++---- modules/tag/helpers/tags_rest.php | 6 +- 9 files changed, 85 insertions(+), 143 deletions(-) delete mode 100644 modules/gallery/helpers/item_ordered_members_rest.php (limited to 'modules') diff --git a/modules/gallery/helpers/item_ordered_members_rest.php b/modules/gallery/helpers/item_ordered_members_rest.php deleted file mode 100644 index 5ae331bc..00000000 --- a/modules/gallery/helpers/item_ordered_members_rest.php +++ /dev/null @@ -1,82 +0,0 @@ -url); - $ordered_members = array(); - foreach ($item->children() as $child) { - $ordered_members[] = rest::url("item", $child); - } - - return array( - "url" => $request->url, - "entity" => array("ordered_members" => $ordered_members)); - } - - static function put($request) { - $item = rest::resolve($request->url); - access::required("edit", $item); - - // Verify that we're not adding or removing members this way - if (count($request->params->ordered_members) != $item->children_count()) { - throw new Rest_Exception("Bad Request", 400); - } - - $ordered_members = array(); - foreach ($request->params->ordered_members as $url) { - $member = rest::resolve($url); - if ($member->parent_id != $item->id) { - throw new Rest_Exception("Bad Request", 400); - } - $ordered_members[] = $member; - } - - // Update all the weights. This is a pretty inefficient way to do this if we're just changing - // one or two elements, but it's easy. We could optimize this by looking at the current order - // and figuring out which elements have moved and then only changing those values. - $i = 0; - foreach ($ordered_members as $member) { - $member->weight = $i++; - $member->save(); - } - } - - static function relationships($resource_type, $resource) { - if ($resource_type == "item" && $resource->is_album()) { - return array( - "item_ordered_members" => array( - "url" => rest::url("item_ordered_members", $resource))); - } - - return array(); - } - - static function resolve($id) { - $item = ORM::factory("item", $id); - if (!access::can("view", $item) || !$item->is_album()) { - throw new Kohana_404_Exception(); - } - return $item; - } - - static function url($item) { - return url::abs_site("rest/item_ordered_members/{$item->id}"); - } -} diff --git a/modules/gallery/helpers/item_rest.php b/modules/gallery/helpers/item_rest.php index 16abec5a..f52713b8 100644 --- a/modules/gallery/helpers/item_rest.php +++ b/modules/gallery/helpers/item_rest.php @@ -70,6 +70,14 @@ class item_rest_Core { $orm->where("type", "IN", explode(",", $p->type)); } + // Apply the item's sort order, using id as the tie breaker. + // See Item_Model::children() + $order_by = array($item->sort_column => $item->sort_order); + if ($item->sort_column != "id") { + $order_by["id"] = "ASC"; + } + $orm->order_by($order_by); + $members = array(); foreach ($orm->find_all() as $child) { $members[] = rest::url("item", $child); @@ -86,33 +94,44 @@ class item_rest_Core { $item = rest::resolve($request->url); access::required("edit", $item); - $params = $request->params; - - // Only change fields from a whitelist. - foreach (array("album_cover", "captured", "description", - "height", "mime_type", "name", "parent", "rand_key", "resize_dirty", - "resize_height", "resize_width", "slug", "sort_column", "sort_order", - "thumb_dirty", "thumb_height", "thumb_width", "title", "view_count", - "weight", "width") as $key) { - switch ($key) { - case "album_cover": - if (property_exists($request->params, "album_cover")) { - $album_cover_item = rest::resolve($request->params->album_cover); - access::required("view", $album_cover_item); - $item->album_cover_item_id = $album_cover_item->id; + if ($entity = $request->params->entity) { + // Only change fields from a whitelist. + foreach (array("album_cover", "captured", "description", + "height", "mime_type", "name", "parent", "rand_key", "resize_dirty", + "resize_height", "resize_width", "slug", "sort_column", "sort_order", + "thumb_dirty", "thumb_height", "thumb_width", "title", "view_count", + "width") as $key) { + switch ($key) { + case "album_cover": + if (property_exists($entity, "album_cover")) { + $album_cover_item = rest::resolve($entity->album_cover); + access::required("view", $album_cover_item); + $item->album_cover_item_id = $album_cover_item->id; + } + break; + + case "parent": + if (property_exists($entity, "parent")) { + $parent = rest::resolve($entity->parent); + access::required("edit", $parent); + $item->parent_id = $parent->id; + } + break; + default: + if (property_exists($entity, $key)) { + $item->$key = $entity->$key; + } } - break; + } + } - case "parent": - if (property_exists($request->params, "parent")) { - $parent = rest::resolve($request->params->parent); - access::required("edit", $parent); - $item->parent_id = $parent->id; - } - break; - default: - if (property_exists($request->params, $key)) { - $item->$key = $request->params->$key; + $weight = 0; + if (isset($request->params->members)) { + foreach ($request->params->members as $url) { + $child = rest::resolve($url); + if ($child->parent_id == $item->id && $child->weight != $weight) { + $child->weight = $weight++; + $child->save(); } } } @@ -123,33 +142,33 @@ class item_rest_Core { $parent = rest::resolve($request->url); access::required("edit", $parent); - $params = $request->params; + $entity = $request->params->entity; $item = ORM::factory("item"); - switch ($params->type) { + switch ($entity->type) { case "album": $item->type = "album"; $item->parent_id = $parent->id; - $item->name = $params->name; - $item->title = isset($params->title) ? $params->title : $name; - $item->description = isset($params->description) ? $params->description : null; - $item->slug = isset($params->slug) ? $params->slug : null; + $item->name = $entity->name; + $item->title = isset($entity->title) ? $entity->title : $name; + $item->description = isset($entity->description) ? $entity->description : null; + $item->slug = isset($entity->slug) ? $entity->slug : null; $item->save(); break; case "photo": case "movie": - $item->type = $params->type; + $item->type = $entity->type; $item->parent_id = $parent->id; $item->set_data_file($request->file); - $item->name = $params->name; - $item->title = isset($params->title) ? $params->title : $params->name; - $item->description = isset($params->description) ? $params->description : null; - $item->slug = isset($params->slug) ? $params->slug : null; + $item->name = $entity->name; + $item->title = isset($entity->title) ? $entity->title : $entity->name; + $item->description = isset($entity->description) ? $entity->description : null; + $item->slug = isset($entity->slug) ? $entity->slug : null; $item->save(); break; default: - throw new Rest_Exception("Invalid type: $params->type", 400); + throw new Rest_Exception("Invalid type: $entity->type", 400); } return array("url" => rest::url("item", $item)); diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 6ede5109..4a87a2ab 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -941,7 +941,7 @@ class Item_Model extends ORM_MPTT { // Elide some internal-only data that is going to cause confusion in the client. foreach (array("relative_path_cache", "relative_url_cache", "left_ptr", "right_ptr", - "thumb_dirty", "resize_dirty") as $key) { + "thumb_dirty", "resize_dirty", "weight") as $key) { unset($data[$key]); } return $data; diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php index 29334cea..dab54976 100644 --- a/modules/rest/controllers/rest.php +++ b/modules/rest/controllers/rest.php @@ -54,6 +54,13 @@ class Rest_Controller extends Controller { break; } + if (isset($request->params->entity)) { + $request->params->entity = json_decode($request->params->entity); + } + if (isset($request->params->members)) { + $request->params->members = json_decode($request->params->members); + } + $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method)); $request->access_key = $input->server("HTTP_X_GALLERY_REQUEST_KEY"); $request->url = url::abs_current(true); diff --git a/modules/tag/helpers/item_tags_rest.php b/modules/tag/helpers/item_tags_rest.php index 8a1b1e8b..02c79e5d 100644 --- a/modules/tag/helpers/item_tags_rest.php +++ b/modules/tag/helpers/item_tags_rest.php @@ -31,8 +31,8 @@ class item_tags_rest_Core { } static function post($request) { - $tag = rest::resolve($request->params->tag); - $item = rest::resolve($request->params->item); + $tag = rest::resolve($request->params->entity->tag); + $item = rest::resolve($request->params->entity->item); access::required("view", $item); tag::add($item, $tag->name); @@ -45,6 +45,7 @@ class item_tags_rest_Core { static function delete($request) { list ($tag, $item) = rest::resolve($request->url); + access::required("edit", $item); $tag->remove($item); $tag->save(); } diff --git a/modules/tag/helpers/tag_item_rest.php b/modules/tag/helpers/tag_item_rest.php index bce00a9f..17cb726e 100644 --- a/modules/tag/helpers/tag_item_rest.php +++ b/modules/tag/helpers/tag_item_rest.php @@ -22,7 +22,7 @@ class tag_item_rest_Core { list ($tag, $item) = rest::resolve($request->url); return array( "url" => $request->url, - "members" => array( + "entity" => array( "tag" => rest::url("tag", $tag), "item" => rest::url("item", $item))); } diff --git a/modules/tag/helpers/tag_items_rest.php b/modules/tag/helpers/tag_items_rest.php index 003c7c95..848c2cd3 100644 --- a/modules/tag/helpers/tag_items_rest.php +++ b/modules/tag/helpers/tag_items_rest.php @@ -33,8 +33,8 @@ class tag_items_rest_Core { } static function post($request) { - $tag = rest::resolve($request->params->tag); - $item = rest::resolve($request->params->item); + $tag = rest::resolve($request->params->entity->tag); + $item = rest::resolve($request->params->entity->item); access::required("view", $item); if (!$tag->loaded()) { diff --git a/modules/tag/helpers/tag_rest.php b/modules/tag/helpers/tag_rest.php index f30706bd..e0b7bd87 100644 --- a/modules/tag/helpers/tag_rest.php +++ b/modules/tag/helpers/tag_rest.php @@ -36,28 +36,25 @@ class tag_rest_Core { "members" => $tag_items))); } - static function post($request) { - if (empty($request->params->url)) { - throw new Rest_Exception("Bad request", 400); - } - - $tag = rest::resolve($request->url); - $item = rest::resolve($request->params->url); - access::required("edit", $item); - - tag::add($item, $tag->name); - return array("url" => rest::url("tag_item", $tag, $item)); - } - static function put($request) { + // Who can we allow to edit a tag name? If we allow anybody to do it then any logged in + // user can rename all your tags to something offensive. Right now limit renaming to admins. + if (!identity::active_user()->admin) { + access::forbidden(); + } $tag = rest::resolve($request->url); - if (isset($request->params->name)) { - $tag->name = $request->params->name; + if (isset($request->params->entity->name)) { + $tag->name = $request->params->entity->name; $tag->save(); } } static function delete($request) { + // Restrict deleting tags to admins. Otherwise, a logged in user can do great harm to an + // install. + if (!identity::active_user()->admin) { + access::forbidden(); + } $tag = rest::resolve($request->url); $tag->delete(); } diff --git a/modules/tag/helpers/tags_rest.php b/modules/tag/helpers/tags_rest.php index 82826d8e..434e774a 100644 --- a/modules/tag/helpers/tags_rest.php +++ b/modules/tag/helpers/tags_rest.php @@ -40,13 +40,13 @@ class tags_rest_Core { } } - if (empty($request->params->name)) { + if (empty($request->params->entity->name)) { throw new Rest_Exception("Bad Request", 400); } - $tag = ORM::factory("tag")->where("name", "=", $request->params->name)->find(); + $tag = ORM::factory("tag")->where("name", "=", $request->params->entity->name)->find(); if (!$tag->loaded()) { - $tag->name = $request->params->name; + $tag->name = $request->params->entity->name; $tag->count = 0; $tag->save(); } -- cgit v1.2.3 From a2e0472f83b7f3151c4b4ca51472d18258110561 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Thu, 15 Apr 2010 06:18:47 -0700 Subject: Only return the members element to the rest client if the item is an album. This makes it consistent to the rest client that collections will have a members element. --- modules/gallery/helpers/item_rest.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/item_rest.php b/modules/gallery/helpers/item_rest.php index f52713b8..36d2ca62 100644 --- a/modules/gallery/helpers/item_rest.php +++ b/modules/gallery/helpers/item_rest.php @@ -78,16 +78,18 @@ class item_rest_Core { } $orm->order_by($order_by); - $members = array(); - foreach ($orm->find_all() as $child) { - $members[] = rest::url("item", $child); - } - - return array( + $result = array( "url" => $request->url, "entity" => $item->as_restful_array(), - "members" => $members, "relationships" => rest::relationships("item", $item)); + if ($item->is_album()) { + $result["members"] = array(); + foreach ($orm->find_all() as $child) { + $result["members"][] = rest::url("item", $child); + } + } + + return $result; } static function put($request) { -- cgit v1.2.3 From ca453413616d31d4c367526bdc9f480b23ba80db Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 17 Apr 2010 12:10:01 -0700 Subject: Trigger the album_add_form_completed event after creating a new album. --- modules/gallery/controllers/albums.php | 1 + 1 file changed, 1 insertion(+) (limited to 'modules') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 730db9ae..ea15418f 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -107,6 +107,7 @@ class Albums_Controller extends Items_Controller { if ($valid) { $album->save(); + module::event("album_add_form_completed", $album, $form); log::success("content", "Created an album", html::anchor("albums/$album->id", "view album")); message::success(t("Created album %album_title", -- cgit v1.2.3 From 27b29afd7cf679f33429ce144871c1d96f137fbb Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 17 Apr 2010 12:26:52 -0700 Subject: Add user::valid_username() as a validation helper. --- modules/user/helpers/user.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'modules') diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index 650dcf6a..1ad4bbd2 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -76,6 +76,12 @@ class user_Core { } } + static function valid_username($text_input) { + if (!self::lookup_by_name($text_input->value)) { + $text_input->add_error("invalid_username", 1); + } + } + /** * Create the hashed passwords. * @param string $password a plaintext password -- cgit v1.2.3 From 6d81feacae8329cd0c65abe920ecd3fa2e8f2537 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 17 Apr 2010 12:28:46 -0700 Subject: Change the key for invalid passwords from "invalid" to "invalid_password" to remove ambiguity. --- modules/gallery/controllers/reauthenticate.php | 2 +- modules/user/controllers/users.php | 2 +- modules/user/helpers/user.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'modules') diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index b2a67f01..3503d80a 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -63,7 +63,7 @@ class Reauthenticate_Controller extends Controller { $group->password("password")->label(t("Password"))->id("g-password")->class(null) ->callback("auth::validate_too_many_failed_auth_attempts") ->callback("user::valid_password") - ->error_messages("invalid", t("Incorrect password")) + ->error_messages("invalid_password", t("Incorrect password")) ->error_messages( "too_many_failed_auth_attempts", t("Too many incorrect passwords. Try again later")); diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index e1f1fa2b..7f3f6b1f 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -167,7 +167,7 @@ class Users_Controller extends Controller { $group->password("old_password")->label(t("Old password"))->id("g-password") ->callback("auth::validate_too_many_failed_auth_attempts") ->callback("user::valid_password") - ->error_messages("invalid", t("Incorrect password")) + ->error_messages("invalid_password", t("Incorrect password")) ->error_messages( "too_many_failed_auth_attempts", t("Too many incorrect passwords. Try again later")); diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index 1ad4bbd2..55153263 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -72,7 +72,7 @@ class user_Core { static function valid_password($password_input) { if (!user::is_correct_password(identity::active_user(), $password_input->value)) { - $password_input->add_error("invalid", 1); + $password_input->add_error("invalid_password", 1); } } -- cgit v1.2.3 From af71df3d0f6bbed29446df1801d16d28acbf927c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 17 Apr 2010 15:35:09 -0700 Subject: Update tests to reflect recent changes to the REST API. --- modules/gallery/tests/Item_Rest_Helper_Test.php | 70 ++++++++++++++----------- modules/rest/tests/Rest_Controller_Test.php | 1 + modules/tag/tests/Tag_Item_Rest_Helper_Test.php | 2 +- modules/tag/tests/Tag_Rest_Helper_Test.php | 32 +---------- modules/tag/tests/Tags_Rest_Helper_Test.php | 8 +-- 5 files changed, 49 insertions(+), 64 deletions(-) (limited to 'modules') diff --git a/modules/gallery/tests/Item_Rest_Helper_Test.php b/modules/gallery/tests/Item_Rest_Helper_Test.php index bef95668..0b5e0471 100644 --- a/modules/gallery/tests/Item_Rest_Helper_Test.php +++ b/modules/gallery/tests/Item_Rest_Helper_Test.php @@ -42,13 +42,14 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $photo1), - rest::url("item", $album2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array()))), + "members" => array())), + "members" => array( + rest::url("item", $photo1), + rest::url("item", $album2)), + ), item_rest::get($request)); $request->url = rest::url("item", $album1); @@ -56,13 +57,14 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $photo1), - rest::url("item", $album2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array()))), + "members" => array())), + "members" => array( + rest::url("item", $photo1), + rest::url("item", $album2)), + ), item_rest::get($request)); $request->url = rest::url("item", $album1); @@ -70,14 +72,15 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), + "relationships" => array( + "tags" => array( + "url" => rest::url("item_tags", $album1), + "members" => array())), "members" => array( rest::url("item", $photo1), rest::url("item", $album2), rest::url("item", $photo2)), - "relationships" => array( - "tags" => array( - "url" => rest::url("item_tags", $album1), - "members" => array()))), + ), item_rest::get($request)); } @@ -96,12 +99,13 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $photo2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array()))), + "members" => array())), + "members" => array( + rest::url("item", $photo2)), + ), item_rest::get($request)); } @@ -118,12 +122,13 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal_array( array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), - "members" => array( - rest::url("item", $album2)), "relationships" => array( "tags" => array( "url" => rest::url("item_tags", $album1), - "members" => array() ))), + "members" => array())), + "members" => array( + rest::url("item", $album2)), + ), item_rest::get($request)); } @@ -134,7 +139,8 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->title = "my new title"; + $request->params->entity = new stdClass(); + $request->params->entity->title = "my new title"; item_rest::put($request); $this->assert_equal("my new title", $album1->reload()->title); @@ -147,8 +153,9 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->title = "my new title"; - $request->params->slug = "not url safe"; + $request->params->entity = new stdClass(); + $request->params->entity->title = "my new title"; + $request->params->entity->slug = "not url safe"; try { item_rest::put($request); @@ -166,9 +173,10 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->type = "album"; - $request->params->name = "my album"; - $request->params->title = "my album"; + $request->params->entity = new stdClass(); + $request->params->entity->type = "album"; + $request->params->entity->name = "my album"; + $request->params->entity->title = "my album"; $response = item_rest::post($request); $new_album = rest::resolve($response["url"]); @@ -183,10 +191,11 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->type = "album"; - $request->params->name = "my album"; - $request->params->title = "my album"; - $request->params->slug = "not url safe"; + $request->params->entity = new stdClass(); + $request->params->entity->type = "album"; + $request->params->entity->name = "my album"; + $request->params->entity->title = "my album"; + $request->params->entity->slug = "not url safe"; try { item_rest::post($request); @@ -205,8 +214,9 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request = new stdClass(); $request->url = rest::url("item", $album1); $request->params = new stdClass(); - $request->params->type = "photo"; - $request->params->name = "my photo.jpg"; + $request->params->entity = new stdClass(); + $request->params->entity->type = "photo"; + $request->params->entity->name = "my photo.jpg"; $request->file = MODPATH . "gallery/tests/test.jpg"; $response = item_rest::post($request); $new_photo = rest::resolve($response["url"]); diff --git a/modules/rest/tests/Rest_Controller_Test.php b/modules/rest/tests/Rest_Controller_Test.php index 6d09b214..fe83283d 100644 --- a/modules/rest/tests/Rest_Controller_Test.php +++ b/modules/rest/tests/Rest_Controller_Test.php @@ -27,6 +27,7 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { public function teardown() { list($_GET, $_POST, $_SERVER) = $this->_save; + identity::set_active_user(identity::admin_user()); } public function login_test() { diff --git a/modules/tag/tests/Tag_Item_Rest_Helper_Test.php b/modules/tag/tests/Tag_Item_Rest_Helper_Test.php index e5acab93..533f832d 100644 --- a/modules/tag/tests/Tag_Item_Rest_Helper_Test.php +++ b/modules/tag/tests/Tag_Item_Rest_Helper_Test.php @@ -32,7 +32,7 @@ class Tag_Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { $request->url = rest::url("tag_item", $tag, item::root()); $this->assert_equal_array( array("url" => rest::url("tag_item", $tag, item::root()), - "members" => array( + "entity" => array( "tag" => rest::url("tag", $tag), "item" => rest::url("item", item::root()))), tag_item_rest::get($request)); diff --git a/modules/tag/tests/Tag_Rest_Helper_Test.php b/modules/tag/tests/Tag_Rest_Helper_Test.php index f4d5a14a..a8aa89d4 100644 --- a/modules/tag/tests/Tag_Rest_Helper_Test.php +++ b/modules/tag/tests/Tag_Rest_Helper_Test.php @@ -67,41 +67,13 @@ class Tag_Rest_Helper_Test extends Gallery_Unit_Test_Case { tag_rest::get($request)); } - public function post_test() { - $tag = test::random_tag(); - - // Create an editable item to be tagged - $album = test::random_album(); - access::allow(identity::everybody(), "edit", $album); - - // Add the album to the tag - $request = new stdClass(); - $request->url = rest::url("tag", $tag); - $request->params = new stdClass(); - $request->params->url = rest::url("item", $album); - $this->assert_equal_array( - array("url" => rest::url("tag_item", $tag, $album)), - tag_rest::post($request)); - } - - public function post_with_no_item_url_test() { - $request = new stdClass(); - try { - tag_rest::post($request); - } catch (Rest_Exception $e) { - $this->assert_equal(400, $e->getCode()); - return; - } - - $this->assert_true(false, "Shouldn't get here"); - } - public function put_test() { $tag = test::random_tag(); $request = new stdClass(); $request->url = rest::url("tag", $tag); $request->params = new stdClass(); - $request->params->name = "new name"; + $request->params->entity = new stdClass(); + $request->params->entity->name = "new name"; tag_rest::put($request); $this->assert_equal("new name", $tag->reload()->name); diff --git a/modules/tag/tests/Tags_Rest_Helper_Test.php b/modules/tag/tests/Tags_Rest_Helper_Test.php index a0ebc8c3..99332c7c 100644 --- a/modules/tag/tests/Tags_Rest_Helper_Test.php +++ b/modules/tag/tests/Tags_Rest_Helper_Test.php @@ -45,11 +45,12 @@ class Tags_Rest_Helper_Test extends Gallery_Unit_Test_Case { } public function post_test() { - access::allow(identity::everybody(), "edit", item::root()); + identity::set_active_user(identity::guest()); $request = new stdClass(); $request->params = new stdClass(); - $request->params->name = "test tag"; + $request->params->entity = new stdClass(); + $request->params->entity->name = "test tag"; $this->assert_equal( array("url" => url::site("rest/tag/1")), tags_rest::post($request)); @@ -63,7 +64,8 @@ class Tags_Rest_Helper_Test extends Gallery_Unit_Test_Case { try { $request = new stdClass(); $request->params = new stdClass(); - $request->params->name = "test tag"; + $request->params->entity = new stdClass(); + $request->params->entity->name = "test tag"; tags_rest::post($request); } catch (Exception $e) { $this->assert_equal(403, $e->getCode()); -- cgit v1.2.3 From 2257776f9b4c231033656db1eb23246035aa42fd Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 17 Apr 2010 15:36:46 -0700 Subject: Don't show the member element for non-collection elements in the response. Having a members sidebar element indicates to the rest clients that this is a resource collection. Conflicts: modules/gallery/helpers/items_rest.php --- modules/gallery/helpers/items_rest.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'modules') diff --git a/modules/gallery/helpers/items_rest.php b/modules/gallery/helpers/items_rest.php index 05ca65cf..5d8e80b2 100644 --- a/modules/gallery/helpers/items_rest.php +++ b/modules/gallery/helpers/items_rest.php @@ -22,19 +22,20 @@ class items_rest_Core { $items = array(); if (isset($request->params->url)) { - foreach($request->params->url as $url) { + foreach (json_decode($request->params->url) as $url) { $item = rest::resolve($url); if (access::can("view", $item)) { - $members = array(); + $item_rest = array("url" => $url, + "entity" => $item->as_restful_array(), + "relationship" => rest::relationships("item", $item)); if ($item->type == "album") { + $members = array(); foreach ($item->children() as $child) { $members[] = rest::url("item", $child); } + $item_rest["members"] = $members; } - $items[] = array("url" => $url, - "entity" => $item->as_restful_array(), - "members" => $members, - "relationship" => rest::relationships("item", $item)); + $items[] = $item_rest; } } } -- cgit v1.2.3