Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #407 from shadlaws/fixes_20130614
Fixes 20130614
- Loading branch information
Showing
13 changed files
with
292 additions
and
211 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
<?php defined("SYSPATH") or die("No direct script access."); | ||
|
||
class Controller_Rest_UserComments extends Gallery_Controller_Rest_UserComments {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
<?php defined("SYSPATH") or die("No direct script access."); | ||
|
||
class Controller_Rest_UserItems extends Gallery_Controller_Rest_UserItems {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
120 changes: 120 additions & 0 deletions
120
modules/gallery/classes/Gallery/Controller/Rest/UserComments.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,120 @@ | ||
<?php defined("SYSPATH") or die("No direct script access."); | ||
/** | ||
* Gallery - a web based photo album viewer and editor | ||
* Copyright (C) 2000-2013 Bharat Mediratta | ||
* | ||
* This program is free software; you can redistribute it and/or modify | ||
* it under the terms of the GNU General Public License as published by | ||
* the Free Software Foundation; either version 2 of the License, or (at | ||
* your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, but | ||
* WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
* General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU General Public License | ||
* along with this program; if not, write to the Free Software | ||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. | ||
*/ | ||
class Gallery_Controller_Rest_UserComments extends Controller_Rest { | ||
/** | ||
* This resource represents a collection of comment resources authored by a specific user. | ||
* | ||
* GET displays the collection of comments (no parameters accepted). | ||
* @see Controller_Rest_UserComments::get_members() | ||
* | ||
* PUT can accept the following post parameters: | ||
* members | ||
* Replace the collection of comments by the user with this list (remove only, no add) | ||
* @see Controller_Rest_UserComments::put_members() | ||
* | ||
* DELETE removes all of the user's comments (no parameters accepted). | ||
* @see Controller_Rest_UserComments::delete() | ||
* | ||
* RELATIONSHIPS: "user_comments" is the "comments" relationship of an "user" resource. | ||
*/ | ||
|
||
/** | ||
* GET the comment members of the user_comments resource. | ||
* @see Controller_Rest_Comments::get_members(). | ||
*/ | ||
static function get_members($id, $params) { | ||
$user = Identity::lookup_user($id); | ||
if (!Identity::can_view_profile($user)) { | ||
throw Rest_Exception::factory(404); | ||
} | ||
|
||
// Note: we can't simply do "$user->comments" since we have no guarantee | ||
// that the user is an ORM model with an established relationship. | ||
$members = ORM::factory("Comment") | ||
->where("author_id", "=", $user->id) | ||
->order_by("created", "DESC") | ||
->limit(Arr::get($params, "num", static::$default_params["num"])) | ||
->offset(Arr::get($params, "start", static::$default_params["start"])); | ||
|
||
$data = array(); | ||
foreach ($members->find_all() as $member) { | ||
$data[] = array("comment", $member->id); | ||
} | ||
|
||
return $data; | ||
} | ||
|
||
/** | ||
* PUT the comment members of the user_comments resource. This replaces the comments list | ||
* with this one, and removes (but doesn't add) comments as needed. This is only for admins. | ||
* @see Controller_Rest_ItemComments::put_members() | ||
*/ | ||
static function put_members($id, $params) { | ||
if (!Identity::active_user()->admin) { | ||
throw Rest_Exception::factory(403); | ||
} | ||
|
||
$user = Identity::lookup_user($id); | ||
if (!Identity::can_view_profile($user)) { | ||
throw Rest_Exception::factory(404); | ||
} | ||
|
||
// Resolve our members list into an array of comment ids. | ||
$member_ids = Rest::resolve_members($params["members"], | ||
function($type, $id, $params, $data) { | ||
$comment = ORM::factory("Comment", $id); | ||
return (($type == "comment") && ($comment->author_id == $data)) ? $id : false; | ||
}, $user->id); | ||
|
||
// Delete any comments that are not in the list. | ||
foreach (ORM::factory("Comment")->where("author_id", "=", $user->id)->find_all() as $comment) { | ||
if (!in_array($comment->id, $member_ids)) { | ||
$comment->delete(); | ||
} | ||
} | ||
} | ||
|
||
/** | ||
* DELETE removes all of the user's comments, and is only for admins. | ||
*/ | ||
static function delete($id, $params) { | ||
if (!Identity::active_user()->admin) { | ||
throw Rest_Exception::factory(403); | ||
} | ||
|
||
$user = Identity::lookup_user($id); | ||
if (!Identity::can_view_profile($user)) { | ||
throw Rest_Exception::factory(404); | ||
} | ||
|
||
// Delete all of the user's comments. | ||
foreach (ORM::factory("Comment")->where("author_id", "=", $user->id)->find_all() as $comment) { | ||
$comment->delete(); | ||
} | ||
} | ||
|
||
/** | ||
* Return the relationship established by user_comments. This adds "comments" | ||
* as a relationship of an "user" resource. | ||
*/ | ||
static function relationships($type, $id, $params) { | ||
return ($type == "user") ? array("comments" => array("user_comments", $id)) : null; | ||
} | ||
} |
141 changes: 141 additions & 0 deletions
141
modules/gallery/classes/Gallery/Controller/Rest/UserItems.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,141 @@ | ||
<?php defined("SYSPATH") or die("No direct script access."); | ||
/** | ||
* Gallery - a web based photo album viewer and editor | ||
* Copyright (C) 2000-2013 Bharat Mediratta | ||
* | ||
* This program is free software; you can redistribute it and/or modify | ||
* it under the terms of the GNU General Public License as published by | ||
* the Free Software Foundation; either version 2 of the License, or (at | ||
* your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, but | ||
* WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
* General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU General Public License | ||
* along with this program; if not, write to the Free Software | ||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. | ||
*/ | ||
class Gallery_Controller_Rest_UserItems extends Controller_Rest { | ||
/** | ||
* This resource represents a collection of item resources owned by a specific user. | ||
* | ||
* GET can accept the following query parameters: | ||
* name=<substring> | ||
* Only return items where the name contains this substring. | ||
* type=<comma-separated list of photo, movie or album> | ||
* Limit the type to types in this list (e.g. "type=photo,movie"). | ||
* Also limits the types returned in the member collections (i.e. sub-albums). | ||
* @see Controller_Rest_UserItems::get_members() | ||
* | ||
* PUT can accept the following post parameters: | ||
* members | ||
* Replace the collection of items by the user with this list (remove only, no add) | ||
* @see Controller_Rest_UserItems::put_members() | ||
* | ||
* DELETE removes all of the user's items (no parameters accepted). | ||
* @see Controller_Rest_UserItems::delete() | ||
* | ||
* RELATIONSHIPS: "user_items" is the "items" relationship of a "user" resource. | ||
* | ||
* Note: similar to the standard UI, only admins can PUT or DELETE user_items. | ||
*/ | ||
|
||
/** | ||
* GET the item members of the user_items resource. | ||
* @see Controller_Rest_Items::get_members(). | ||
*/ | ||
static function get_members($id, $params) { | ||
$user = Identity::lookup_user($id); | ||
if (!Identity::can_view_profile($user)) { | ||
throw Rest_Exception::factory(404); | ||
} | ||
|
||
// Note: we can't simply do "$user->items" since we have no guarantee | ||
// that the user is an ORM model with an established relationship. | ||
$members = ORM::factory("Item")->viewable() | ||
->where("owner_id", "=", $user->id) | ||
->limit(Arr::get($params, "num", static::$default_params["num"])) | ||
->offset(Arr::get($params, "start", static::$default_params["start"])); | ||
|
||
if (isset($params["type"])) { | ||
$members->where("type", "IN", $params["type"]); | ||
} | ||
|
||
if (isset($params["name"])) { | ||
$members->where("name", "LIKE", "%" . Database::escape_for_like($params["name"]) . "%"); | ||
} | ||
|
||
$data = array(); | ||
foreach ($members->find_all() as $member) { | ||
$data[] = array("item", $member->id); | ||
} | ||
|
||
return $data; | ||
} | ||
|
||
/** | ||
* PUT the item members of the user_items resource. This replaces the items list | ||
* with this one, and removes (but doesn't add) items as needed. This is only for admins. | ||
*/ | ||
static function put_members($id, $params) { | ||
if (!Identity::active_user()->admin) { | ||
throw Rest_Exception::factory(403); | ||
} | ||
|
||
$user = Identity::lookup_user($id); | ||
if (!Identity::can_view_profile($user)) { | ||
throw Rest_Exception::factory(404); | ||
} | ||
|
||
// Resolve our members list into an array of item ids. | ||
$member_ids = Rest::resolve_members($params["members"], | ||
function($type, $id, $params, $data) { | ||
$item = ORM::factory("Item", $id); | ||
return (($type == "item") && ($item->owner_id == $data)) ? $id : false; | ||
}, $user->id); | ||
|
||
// Delete any items that are not in the list. | ||
foreach (ORM::factory("Item") | ||
->where("owner_id", "=", $user->id) | ||
->where("id", "<>", Item::root()->id) // If root included, Model_Item will throw a 500. | ||
->order_by("left_ptr", "DESC") // Delete children before parents. | ||
->find_all() as $item) { | ||
if (!in_array($item->id, $member_ids)) { | ||
$item->delete(); | ||
} | ||
} | ||
} | ||
|
||
/** | ||
* DELETE removes all of the user's items, and is only for admins. | ||
*/ | ||
static function delete($id, $params) { | ||
if (!Identity::active_user()->admin) { | ||
throw Rest_Exception::factory(403); | ||
} | ||
|
||
$user = Identity::lookup_user($id); | ||
if (!Identity::can_view_profile($user)) { | ||
throw Rest_Exception::factory(404); | ||
} | ||
|
||
// Delete all of the user's items. | ||
foreach (ORM::factory("Item") | ||
->where("owner_id", "=", $user->id) | ||
->where("id", "<>", Item::root()->id) // If root included, Model_Item will throw a 500. | ||
->order_by("left_ptr", "DESC") // Delete children before parents. | ||
->find_all() as $item) { | ||
$item->delete(); | ||
} | ||
} | ||
|
||
/** | ||
* Return the relationship established by user_items. This adds "items" | ||
* as a relationship of a "user" resource. | ||
*/ | ||
static function relationships($type, $id, $params) { | ||
return ($type == "user") ? array("items" => array("user_items", $id)) : null; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.