Permalink
Browse files

Remove the REST_Controller and assorted baggage. Completes ticket #917

  • Loading branch information...
1 parent 15cf687 commit dc67cf64813361b34c366123f37d88ef6988fcc8 @talmdal talmdal committed Nov 25, 2009
@@ -1,183 +0,0 @@
-<?php defined("SYSPATH") or die("No direct script access.");
-/**
- * Gallery - a web based photo album viewer and editor
- * Copyright (C) 2000-2009 Bharat Mediratta
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at
- * your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
- */
-/**
- * This abstract controller makes it easy to create a RESTful controller. To use it, create a
- * subclass which defines the resource type and implements get/post/put/delete methods, like this:
- *
- * class Comment_Controller extends REST_Controller {
- * protected $resource_type = "comment"; // this tells REST which model to use
- *
- * public function _index() {
- * // Handle GET request to /controller
- * }
- *
- * public function _show(ORM $comment) {
- * // Handle GET request to /comments/{comment_id}
- * }
- *
- * public function _update(ORM $comment) {
- * // Handle PUT request to /comments/{comment_id}
- * }
- *
- * public function _create(ORM $comment) {
- * // Handle POST request to /comments
- * }
- *
- * public function _delete(ORM $comment) {
- * // Handle DELETE request to /comments/{comments_id}
- * }
- *
- * public function _form_add($parameters) {
- * // Handle GET request to /form/add/comments
- * // Show a form for creating a new comment
- * }
- *
- * public function _form_edit(ORM $comment) {
- * // Handle GET request to /form/edit/comments
- * // Show a form for editing an existing comment
- * }
- *
- * A request to http://example.com/gallery3/comments/3 will result in a call to
- * REST_Controller::__call(3) which will load up the comment associated with id 3. If there's
- * no such comment, it returns a 404. Otherwise, it will then delegate to
- * Comment_Controller::get() with the ORM instance as an argument.
- */
-class REST_Controller extends Controller {
- protected $resource_type = null;
-
- public function __construct() {
- if ($this->resource_type == null) {
- throw new Exception("@todo ERROR_MISSING_RESOURCE_TYPE");
- }
- parent::__construct();
- }
-
- /**
- * Handle dispatching for all REST controllers.
- */
- public function __call($function, $args) {
- // If no parameter was provided after the controller name (eg "/albums") then $function will
- // be set to "index". Otherwise, $function is the first parameter, and $args are all
- // subsequent parameters.
- $request_method = rest::request_method();
- if ($function == "index" && $request_method == "get") {
- return $this->_index();
- }
-
- $resource = ORM::factory($this->resource_type, (int)$function);
- if (!$resource->loaded && $request_method != "post") {
- return Kohana::show_404();
- }
-
- switch ($request_method) {
- case "get":
- return $this->_show($resource);
-
- case "put":
- access::verify_csrf();
- return $this->_update($resource);
-
- case "delete":
- access::verify_csrf();
- return $this->_delete($resource);
-
- case "post":
- access::verify_csrf();
- return $this->_create($resource);
- }
- }
-
- /* We're editing an existing item, load it from the database. */
- public function form_edit($resource_id) {
- if ($this->resource_type == null) {
- throw new Exception("@todo ERROR_MISSING_RESOURCE_TYPE");
- }
-
- $resource = ORM::factory($this->resource_type, $resource_id);
- if (!$resource->loaded) {
- return Kohana::show_404();
- }
-
- // Security checks must be performed in _form_edit
- return $this->_form_edit($resource);
- }
-
- /* We're adding a new item, pass along any additional parameters. */
- public function form_add($parameters) {
- // Security checks must be performed in _form_add
- return $this->_form_add($parameters);
- }
-
- /**
- * Perform a GET request on the controller root
- * (e.g. http://www.example.com/gallery3/comments)
- */
- public function _index() {
- throw new Exception("@todo _create NOT IMPLEMENTED");
- }
-
- /**
- * Perform a POST request on this resource
- * @param ORM $resource the instance of this resource type
- */
- public function _create($resource) {
- throw new Exception("@todo _create NOT IMPLEMENTED");
- }
-
- /**
- * Perform a GET request on this resource
- * @param ORM $resource the instance of this resource type
- */
- public function _show($resource) {
- throw new Exception("@todo _show NOT IMPLEMENTED");
- }
-
- /**
- * Perform a PUT request on this resource
- * @param ORM $resource the instance of this resource type
- */
- public function _update($resource) {
- throw new Exception("@todo _update NOT IMPLEMENTED");
- }
-
- /**
- * Perform a DELETE request on this resource
- * @param ORM $resource the instance of this resource type
- */
- public function _delete($resource) {
- throw new Exception("@todo _delete NOT IMPLEMENTED");
- }
-
- /**
- * Present a form for adding a new resource
- * @param string part of the URI after the controller name
- */
- public function _form_add($parameter) {
- throw new Exception("@todo _form_add NOT IMPLEMENTED");
- }
-
- /**
- * Present a form for editing an existing resource
- * @param ORM $resource the resource container for instances of this resource type
- */
- public function _form_edit($resource) {
- throw new Exception("@todo _form_edit NOT IMPLEMENTED");
- }
-}
@@ -1,116 +0,0 @@
-<?php defined("SYSPATH") or die("No direct script access.");
-/**
- * Gallery - a web based photo album viewer and editor
- * Copyright (C) 2000-2009 Bharat Mediratta
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at
- * your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-class rest_Core {
- const OK = "200 OK";
- const CREATED = "201 Created";
- const ACCEPTED = "202 Accepted";
- const NO_CONTENT = "204 No Content";
- const RESET_CONTENT = "205 Reset Content";
- const PARTIAL_CONTENT = "206 Partial Content";
- const MOVED_PERMANENTLY = "301 Moved Permanently";
- const FOUND = "302 Found";
- const SEE_OTHER = "303 See Other";
- const NOT_MODIFIED = "304 Not Modified";
- const TEMPORARY_REDIRECT = "307 Temporary Redirect";
- const BAD_REQUEST = "400 Bad Request";
- const UNAUTHORIZED = "401 Unauthorized";
- const FORBIDDEN = "403 Forbidden";
- const NOT_FOUND = "404 Not Found";
- const METHOD_NOT_ALLOWED = "405 Method Not Allowed";
- const NOT_ACCEPTABLE = "406 Not Acceptable";
- const CONFLICT = "409 Conflict";
- const GONE = "410 Gone";
- const LENGTH_REQUIRED = "411 Length Required";
- const PRECONDITION_FAILED = "412 Precondition Failed";
- const UNSUPPORTED_MEDIA_TYPE = "415 Unsupported Media Type";
- const EXPECTATION_FAILED = "417 Expectation Failed";
- const INTERNAL_SERVER_ERROR = "500 Internal Server Error";
- const SERVICE_UNAVAILABLE = "503 Service Unavailable";
-
- const XML = "application/xml";
- const ATOM = "application/atom+xml";
- const RSS = "application/rss+xml";
- const JSON = "application/json";
- const HTML = "text/html";
-
- /**
- * We're expecting to run in an environment that only supports GET/POST, so expect to tunnel
- * PUT and DELETE through POST.
- *
- * Returns the HTTP request method taking into consideration PUT/DELETE tunneling.
- * @return string HTTP request method
- */
- static function request_method() {
- if (request::method() == "get") {
- return "get";
- } else {
- $input = Input::instance();
- switch (strtolower($input->post("_method", $input->get("_method", request::method())))) {
- case "put": return "put";
- case "delete": return "delete";
- default: return "post";
- }
- }
- }
-
- /**
- * Choose an output format based on what the client prefers to accept.
- * @return string "html", "xml" or "json"
- */
- static function output_format() {
- // Pick a format, but let it be overridden.
- $input = Input::instance();
- $fmt = $input->get(
- "_format", $input->post(
- "_format", request::preferred_accept(
- array("xhtml", "html", "xml", "json"))));
-
- // Some browsers (Chrome!) prefer xhtml over html, but we'll normalize this to html for now.
- if ($fmt == "xhtml") {
- $fmt = "html";
- }
- return $fmt;
- }
-
- /**
- * Set HTTP response code.
- * @param string Use one of the status code constants defined in this class.
- */
- static function http_status($status_code) {
- header("HTTP/1.1 " . $status_code);
- }
-
- /**
- * Set HTTP Location header.
- * @param string URL
- */
- static function http_location($url) {
- header("Location: " . $url);
- }
-
- /**
- * Set HTTP Content-Type header.
- * @param string content type
- */
- static function http_content_type($type) {
- header("Content-Type: " . $type);
- }
-}
@@ -18,11 +18,6 @@
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class Controller_Auth_Test extends Unit_Test_Case {
- static $rest_methods = array("_index", "_show", "_form_edit", "_form_add", "_create",
- "_update", "_delete");
-
- static $rest_methods_with_csrf_check = array("_update", "_delete", "_create");
-
public function find_missing_auth_test() {
$found = array();
$controllers = explode("\n", `git ls-files '*/*/controllers/*.php'`);
@@ -46,7 +41,6 @@ public function find_missing_auth_test() {
}
$is_admin_controller = false;
- $is_rest_controller = false;
$open_braces = 0;
$function = null;
@@ -64,7 +58,6 @@ public function find_missing_auth_test() {
$function = null;
} else if ($open_braces == 0) {
$is_admin_controller = false;
- $is_rest_controller = false;
}
} else if ($token == "{") {
$open_braces++;
@@ -75,8 +68,6 @@ public function find_missing_auth_test() {
if ($open_braces == 0 && $token[0] == T_EXTENDS) {
if (self::_token_matches(array(T_STRING, "Admin_Controller"), $tokens, $token_number + 1)) {
$is_admin_controller = true;
- } else if (self::_token_matches(array(T_STRING, "REST_Controller"), $tokens, $token_number + 1)) {
- $is_rest_controller = true;
}
} else if ($open_braces == 1 && $token[0] == T_FUNCTION) {
$line = $token[2];
@@ -101,13 +92,8 @@ public function find_missing_auth_test() {
$is_rss_feed = $name == "feed" && strpos(basename($controller), "_rss.php");
- if ((!$is_static || $is_rss_feed) &&
- (!$is_private ||
- ($is_rest_controller && in_array($name, self::$rest_methods)))) {
+ if ((!$is_static || $is_rss_feed) && !$is_private) {
$function = self::_function($name, $line, $is_admin_controller);
- if ($is_rest_controller && in_array($name, self::$rest_methods_with_csrf_check)) {
- $function->checks_csrf(true);
- }
}
}
Oops, something went wrong.

0 comments on commit dc67cf6

Please sign in to comment.