/
comment_rest.php
85 lines (73 loc) · 2.52 KB
/
comment_rest.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php defined("SYSPATH") or die("No direct script access.");
/**
* Gallery - a web based photo album viewer and editor
* Copyright (C) 2000-2010 Bharat Mediratta
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class comment_rest_Core {
static function get($request) {
$comment = rest::resolve($request->url);
access::required("view", $comment->item());
return array(
"url" => $request->url,
"entity" => $comment->as_restful_array(),
"relationships" => rest::relationships("comment", $comment));
}
static function put($request) {
// Only admins can edit comments, for now
if (!identity::active_user()->admin) {
access::forbidden();
}
$comment = rest::resolve($request->url);
$comment = ORM::factory("comment");
$comment->text = $request->params->text;
$comment->save();
}
static function post($request) {
$item = rest::resolve($request->url);
access::required("edit", $item);
$entity = $request->params->entity;
$comment->text = $request->params->text;
$comment->save();
return array("url" => rest::url("comment", $comment));
}
static function delete($request) {
if (!identity::active_user()->admin) {
access::forbidden();
}
$comment = rest::resolve($request->url);
access::required("edit", $comment->item());
$comment->delete();
}
static function relationships($resource_type, $resource) {
switch ($resource_type) {
case "item":
return array(
"comments" => array(
"url" => rest::url("item_comments", $resource)));
}
}
static function resolve($id) {
$comment = ORM::factory("comment", $id);
if (!access::can("view", $comment->item())) {
throw new Kohana_404_Exception();
}
return $comment;
}
static function url($comment) {
return url::abs_site("rest/comment/{$comment->id}");
}
}