Merge pull request #1 from RESTful-Drupal/7.x-1.x

sync with master

.travis.yml

@@ -2,6 +2,7 @@ language: php
 
 php:
   - 5.3
+  - 5.5
 
 mysql:
   database: restful

README.md

@@ -1,4 +1,4 @@
-[![Build Status](https://travis-ci.org/Gizra/restful.svg?branch=7.x-1.x)](https://travis-ci.org/Gizra/restful)
+[![Build Status](https://travis-ci.org/RESTful-Drupal/restful.svg?branch=7.x-1.x)](https://travis-ci.org/RESTful-Drupal/restful)
 
 # RESTful best practices for Drupal
 

includes/RestfulManager.php

@@ -306,6 +306,34 @@ public static function invalidateEntityCache($cid) {
     }
   }
 
+  /**
+   * Get the value from an HTTP header.
+   *
+   * As Apache may be strict with variables with underscore, we check also
+   * the headers directly from Apache, if they are not present in the $_SEVER
+   *
+   * @param string $key
+   *   The key to use.
+   * @param string $default_value
+   *   The default value to return if no value exists. Defaults to NULL.
+   *
+   * @return string
+   *   The value in the HTTP header if exists, other the value of the given
+   *   "default value".
+   */
+  public static function getRequestHttpHeader($key, $default_value = NULL) {
+    $capital_name = 'HTTP_' . strtoupper(str_replace('-', '_', $key));
+
+    $value = !empty($_SERVER[$capital_name]) ? $_SERVER[$capital_name] : $default_value;
+
+    if (!$value && function_exists('apache_request_headers')) {
+      $headers = apache_request_headers();
+      $value = !empty($headers[$key]) ? $headers[$key] : $default_value;
+    }
+
+    return $value;
+  }
+
   /**
    * Helper function to echo static strings.
    *

modules/restful_token_auth/restful_token_auth.info

@@ -3,6 +3,7 @@ description = Authenticate a REST call using a token.
 core = 7.x
 dependencies[] = restful
 dependencies[] = entityreference
+configure = admin/config/services/restful/token-auth
 
 ; Plugins
 files[] = includes/RestfulTokenAuth.php

modules/restful_token_auth/restful_token_auth.module

@@ -49,10 +49,8 @@ function restful_token_auth_restful_parse_request_alter(&$request) {
   $plugin = restful_get_authentication_plugin('token');
   $param_name = $plugin['options']['param_name'];
 
-  $capital_name = strtoupper('HTTP_' . $param_name);
-
   $request['__application'] += array(
-    $param_name => !empty($_SERVER[$capital_name]) ? $_SERVER[$capital_name] : NULL,
+    $param_name => \RestfulManager::getRequestHttpHeader($param_name),
   );
 }
 

plugins/authentication/RestfulAuthenticationCookie.class.php

@@ -43,7 +43,7 @@ public function authenticate(array $request = array(), $method = \RestfulInterfa
    */
   protected function isCli() {
     // Needed to detect if run-tests.sh is running the tests.
-    $cli = isset($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] == 'Drupal command line';
+    $cli = \RestfulManager::getRequestHttpHeader('User-Agent') == 'Drupal command line';
     return $cli || drupal_is_cli();
   }
 

plugins/restful/RestfulBase.php

@@ -1267,7 +1267,7 @@ public function formatterNames() {
   protected function accessByAllowOrigin() {
     // Check the referrer header and return false if it does not match the
     // Access-Control-Allow-Origin
-    $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
+    $referer = \RestfulManager::getRequestHttpHeader('Referer', '');
     // If there is no allow_origin assume that it is allowed. Also, if there is
     // no referer then grant access since the request probably was not
     // originated from a browser.
@@ -1333,10 +1333,11 @@ public static function getVersionFromRequest($path = NULL) {
       return $version;
     }
     // If there is no version in the URL check the header.
-    if (!empty($_SERVER['HTTP_X_API_VERSION'])) {
-      $version =  static::parseVersionString($_SERVER['HTTP_X_API_VERSION'], $resource_name);
+    if ($api_version = \RestfulManager::getRequestHttpHeader('X-API-Version')) {
+      $version =  static::parseVersionString($api_version, $resource_name);
       return $version;
     }
+
     // If there is no version negotiation information return the latest version.
     $version = static::getResourceLastVersion($resource_name);
     return $version;

plugins/restful/RestfulEntityBase.php

@@ -268,6 +268,7 @@ protected function getQueryResultForAutocomplete() {
    * {@inheritdoc}
    */
   public function viewEntity($entity_id) {
+    global $language;
     $request = $this->getRequest();
 
     $cached_data = $this->getRenderedCache(array(
@@ -283,6 +284,7 @@ public function viewEntity($entity_id) {
     }
 
     $wrapper = entity_metadata_wrapper($this->entityType, $entity_id);
+    $wrapper->language($language->language);
     $values = array();
 
     $limit_fields = !empty($request['fields']) ? explode(',', $request['fields']) : array();

restful.api.php

@@ -19,7 +19,7 @@
  */
 function hook_restful_parse_request_alter(&$request) {
   $request['__application'] += array(
-    'some_header' => !empty($_SERVER['X_HTTP_SOME_HEADER']) ? $_SERVER['X_HTTP_SOME_HEADER'] : NULL,
+    'some_header' => \RestfulManager::getRequestHttpHeader('X-Some-Header'),
   );
 }
 

restful.module

@@ -417,8 +417,8 @@ function restful_menu_access_callback($resource_name, $version = NULL) {
   }
 
   $method = strtoupper($_SERVER['REQUEST_METHOD']);
-  if ($method == \RestfulInterface::POST && !empty($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'])) {
-    $method = strtoupper($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']);
+  if ($method == \RestfulInterface::POST && \RestfulManager::getRequestHttpHeader('X-HTTP-Method-Override')) {
+    $method = strtoupper(\RestfulManager::getRequestHttpHeader('X-HTTP-Method-Override'));
   }
 
   if (!\RestfulBase::isValidMethod($method, FALSE)) {
@@ -460,7 +460,7 @@ function restful_menu_process_callback($resource_name, $version = NULL) {
   $headers = $handler->getHttpHeaders();
   $vary = empty($headers['Vary']) ? '' : $headers['Vary'];
   $additional_variations = array($vary, 'Accept');
-  if (!empty($_SERVER['HTTP_X_API_VERSION'])) {
+  if (\RestfulManager::getRequestHttpHeader('X-API-Version')) {
     $additional_variations[] = 'X-API-Version';
   }
   if ($additional_variations) {
@@ -476,8 +476,8 @@ function restful_menu_process_callback($resource_name, $version = NULL) {
 
   $method = strtoupper($_SERVER['REQUEST_METHOD']);
 
-  if ($method == \RestfulInterface::POST && !empty($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'])) {
-    $method = strtoupper($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']);
+  if ($method == \RestfulInterface::POST && \RestfulManager::getRequestHttpHeader('X-HTTP-Method-Override')) {
+    $method = strtoupper(\RestfulManager::getRequestHttpHeader('X-HTTP-Method-Override'));
   }
 
   $method = strtolower($method);
@@ -553,7 +553,7 @@ function restful_parse_request() {
   // CURL";
   $request['__application'] = array(
     'rest_call' => TRUE,
-    'csrf_token' => !empty($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : NULL,
+    'csrf_token' => \RestfulManager::getRequestHttpHeader('X-CSRF-Token'),
   );
 
   // Allow implemeting modules to alter the request.

tests/RestfulHookMenuTestCase.test

@@ -117,7 +117,7 @@ class RestfulHookMenuTestCase extends RestfulCurlBaseTestCase {
    */
   function testVersionNegotiation() {
     // Fake the HTTP header.
-    $original_header = empty($_SERVER['HTTP_X_API_VERSION']) ? NULL : $_SERVER['HTTP_X_API_VERSION'];
+    $original_header = \RestfulManager::getRequestHttpHeader('X-API-Version');
 
     // 1. my-api/v1.1/articles yields version 1.1
     $handler = restful_get_restful_handler_for_path('api/v1.1/articles');