Commit Graph
53 Commits
Author SHA1 Message Date
shadlaws 9b9f1a7b07 #2031 - Add class_exists() before method_exists() if class existence is unknown.
- fixed all instances of this in core code
- deleted previous Zend Guard Loader workaround in MY_Kohana.php
- updated Bootstrap.php to reflect deleted MY_Kohana.php
2013-03-02 13:25:10 +01:00
Bharat Mediratta a1a6600457 Enable the profiler and debug output if var/PROFILE exists. This
provides a quick/easy way for server admins to provide profile output.
Fixes #1959.
2013-01-23 18:03:09 -05:00
Bharat Mediratta d45a737779 Update copyright to 2013. Fixes #1953. 2013-01-21 01:22:01 -05:00
Bharat Mediratta bf2bb3e1ea Update copyright to 2012. #1822 2012-02-27 09:48:23 -08:00
Bharat Mediratta 423daa52d5 Update copyright to 2011. 2011-01-21 23:01:06 -08:00
Bharat Mediratta 161a85d3f5 Enable profiling output in the HTML output for REST. Fixes #1535. 2010-12-16 20:37:44 -08:00
Bharat Mediratta cd48b89f31 Consolidate all the random code into a random helper that offers:
random::hash()
  random::string()
  random::percent()
  random::int()

So that we don't have lots of different ways to get random values all
over the code.  Follow-on to #1527.
2010-12-15 14:57:00 -08:00
Bharat Mediratta 554ca2e683 Take into account the core.url_suffix configuration setting when
parsing REST urls.  This fixes the problem that setting the url suffix
breaks REST.  Fixes #1500.
2010-11-22 22:01:11 -08:00
Bharat Mediratta ff1d8aea2f We use UTF-8 everywhere. Fixes ticket #1285. 2010-08-15 01:59:54 -07:00
Bharat Mediratta a94bb19798 Force the charset to UTF-8 when viewing the HTML form of REST output. 2010-08-09 23:01:47 -07:00
Bharat Mediratta 0014745d4a Add a button to the user profile page to let you reset your REST API
key.  This is useful if you think it's been compromised in some way.
Fixes ticket #1226.
2010-08-08 21:49:30 -07:00
Bharat Mediratta d6f5a8a8d1 Add JSONP support. You must specify &output=jsonp?callback=<js_function>
Fixes ticket #1205.
2010-08-08 15:02:24 -07:00
Tim Almdal 48c2e73048 More patches as part of #1225. Change the 'core' modules to use the json::reply
method to set the content type header and encode the response as a json object
2010-07-23 23:05:39 -07:00
Bharat Mediratta fa404589d6 Oops. Fix up a bad instance of $user in rest::access_key() introduced
in my last change.
2010-06-19 10:24:26 -07:00
Bharat Mediratta 9b78867427 Simplify rest::get_access_key($user) to rest::access_key() that
returns just the access key string for the active user.  That's how we
use the API, so keep it simple.
2010-06-18 20:43:14 -07:00
Bharat Mediratta 57b53e6193 Guard against relationships() not returning an array. 2010-06-15 20:21:10 -07:00
Bharat Mediratta 2c1e3800ef Send back the REST API version as a header. It's on every request,
which sucks, but it's totally unobtrusive because it's a header so
that's ok.  Decided that the current version is "3.0" although it will
surely change before the final 3.0 release.

Fixes ticket #1148
2010-06-11 14:59:17 -07:00
Bharat Mediratta 481ef823dd Add an advanced setting to allow developers to allow guest access to
REST entities.
2010-06-05 19:45:15 -07:00
Bharat Mediratta ca977dce51 Rename "access_token" to "access_key" in the code for consistency. 2010-03-30 14:01:40 -07:00
Bharat Mediratta 59b6cd30e6 Rename "user_access_tokens" table to "user_access_keys" as step 1 of a
multi step process to refer to REST access keys as "access_key"
everywhere.  Bump the rest module to version 2.
2010-03-30 13:53:14 -07:00
Bharat Mediratta 05d345e16d Guests don't get access to the REST API. 2010-03-03 10:17:48 -08:00
Bharat Mediratta c3c2b45280 Update the copyright to 2010. It's only 3 months into the year :-) 2010-03-03 10:15:34 -08:00
Bharat Mediratta 1377b2c7b3 When using rest::reply(), don't call var_export() if the response is empty. 2010-02-20 10:24:29 -08:00
Tim Almdal f37b93a7eb If the return object is empty still return the empty object in the json response. 2010-02-14 07:31:11 -08:00
Bharat Mediratta c050acf30a Fix lots of warnings that pop up when we're in E_STRICT mode. They're
mostly issues around uninitialized variables, calling non-static
functions in a static context, calling Session functions directly
instead of on its singleton, passing non-variables by reference, and
subclasses not using the same interface as the parent class.
2010-01-31 16:07:41 -08:00
Andy Staudacher 1470b99d1f Protect REST login controller from brute force attacks too.
And make the REST auth token less predictable by using a better source for randomness.
2010-01-30 21:42:57 -08:00
Bharat Mediratta dcba664f74 Use ? or & as appropriate when appending output=html. 2010-01-29 20:37:48 -08:00
Bharat Mediratta a95609849e Use var_export instead of print_r for better clarity. 2010-01-29 14:53:40 -08:00
Bharat Mediratta a0c6d055d1 output_type --> output 2010-01-22 00:53:44 -08:00
Bharat Mediratta bcf1caad14 Reshape the rest code to be more consistent with regards to
relationships.  Now when you view a resource, it has 4 top level
elements:

url: the url of this resource
resource: array of key value pairs describing the resource
members: array of urls to members of this collection
relationships: array of array of members.

Relationships are a special type of collection that links two
different resources together.  To remove a relationship, just
DELETE its url.  To create a relationship, POST to its
collection.

Individual modules can add their own relationships to any
resource via a callback mechanism.

Example:
  Array(
    [url] => http://g3.com/rest/item/1
    [resource] => Array (
      [id] => 1
      [album_cover_item_id] => 4
      [captured] =>
      [created] => 1264056417
      [description] =>
      [height] =>
      ...
    )
    [members] => Array(
      [0] => http://g3.com/rest/item/2
      [1] => http://g3.com/rest/item/3
      [2] => http://g3.com/rest/item/4
      [3] => http://g3.com/rest/item/5
      ...
    )
    [relationships] => Array(
      [tags] => Array (
      [0] => http://g3.com/rest/tag_item/2,1
      [1] => http://g3.com/rest/tag_item/23,1
      )
    )
  )
2010-01-22 00:27:00 -08:00
Bharat Mediratta a0c9979418 whitespace. 2010-01-21 20:12:28 -08:00
Bharat Mediratta 3a26ace065 Improve robustness in resolve() against bad urls.. 2010-01-20 21:15:44 -08:00
Bharat Mediratta 5119d58e7f Move access key creation into a helper function. 2010-01-20 00:07:03 -08:00
Bharat Mediratta c65eca0607 Move rest::send_headers back into Rest_Exception. 2010-01-19 23:30:09 -08:00
Bharat Mediratta a774dc5447 Don't send headers if they're already sent. 2010-01-19 22:38:03 -08:00
Bharat Mediratta b8c09b6d87 Use an appropriate json content type 2010-01-19 19:31:24 -08:00
Bharat Mediratta c590fed132 Change rest::url() to take a module name and a resource. The module
does the rest.  This function is symmetrical to rest::resolve.
2010-01-19 01:33:57 -08:00
Bharat Mediratta 2c0b0aaebc Add rest::url() for convenience. 2010-01-19 00:35:32 -08:00
Bharat Mediratta d43badb4ec Change url parsing in resolve() to ignore the query string. 2010-01-08 11:11:38 -08:00
Bharat Mediratta 3fffa18e65 Further progress on refining the REST server side code.
1) Deal in fully qualified URL resources through the rest
   interface.  All rest methods are now passed the complete url in
   request->url.

2) Create rest::resolve() which lets individual resource definition
   code convert a full url into the appropriate matching resource.
   Implement gallery_rest::resolve() and tag_rest::resolve()

3) Reimplement tag_rest's get() and post() methods.  They're much
   simpler now.

4) Implement the tags_rest helper which supports working with the
   entire tags collection.
2010-01-04 21:48:21 -08:00
Bharat Mediratta 0e3327bca7 Simplify the REST API code. Here's what I did:
1) Simplify gallery_rest to return flat models, no children and do no
   validation for now.
2) Flatten the REST replies and use HTTP codes to indicate
   success/failure instead of additional status messages.
3) Use the message and error code support in the base Exception class,
   instead of brewing our own in Rest_Exception.
4) Get rid of rest::success() and rest::fail() -- we only need
   rest::reply() since all failures are covered by throwing an
   exception.
5) Get rid of /rest/access_key and just use /rest for authentication.
6) Inline and simplify rest::normalize_request since we only use it once
7) Change rest::set_active_user to succeed or throw an exception
8) Extract Rest_Exception::sendHeaders into rest::send_headers()

Here's what's currently broken:
1) Data validation.  There currently is none
2) Logging.  That's gone too
3) image block and tag code is broken
4) Tests are broken
5) No movie support
2010-01-03 20:30:35 -08:00
Tim Almdal 5b9801092b Remove the Rest_Exception::trigger method. 2010-01-02 16:55:06 -08:00
Tim Almdal 28597ba533 Correct file structure tests, Have the tests delete the userid they create so as not to impact other tests. 2010-01-02 14:31:59 -08:00
Tim Almdal 4611eb2142 Move the set_active_user and normalize_request methods to rest.php helper 2009-12-31 12:32:54 -08:00
Tim Almdal 1a12a5e3c8 Create a Rest_Exception class and use it to convey status to the client instead of calling rest::forbidden and other rest helper error messages. 2009-12-31 11:51:51 -08:00
Tim Almdal 11792a12bb 1) Remove the rest::not_found method and replace it with "throw new Kohana_404_Exception
2) Don't use the input path to lookup the item via relative_path_cache.  Instead use url::get_item_from_uri method.
2009-12-30 17:08:01 -08:00
Tim Almdal bccb6fc021 Clean up validation the check for duplicate names or slugs, finish converting the rest API to Kohana 2.4 2009-12-27 08:32:12 -08:00
Tim Almdal fd7990735c Added validation to the edit functionality, since we can't trust any input 2009-12-21 11:25:11 -08:00
Tim Almdal dfc556e8a6 Implement the RESTful interface for albums/photos/movies 2009-12-09 12:06:45 -08:00
Tim Almdal 9319f37c4f Correct the error message when the item is not found; remove the check for no request_key (access_token) as athat is treated as public permissions 2009-12-08 23:27:43 -08:00