stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-04-11 08:25:21 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,668 Commits 4 Branches 0 Tags
ec052d71301acbf519947897f8adda7fdcf7fefb
Commit Graph

97 Commits

Author SHA1 Message Date
Bharat Mediratta
ab9049d531 Remove trailing ?> 2010-06-20 09:05:25 -07:00
Bharat Mediratta
f6025026eb Rename error_rest.php to error_rest.json.php so that we specify the 
result type in the filename as is our convention for views.
 2010-06-20 08:50:19 -07:00
Bharat Mediratta
cd96ed8873 $response is optional in the Rest_Exception constructor. 2010-06-19 14:13:34 -07:00
Bharat Mediratta
456d54ea2d Throw exceptions as appropriate, but allow the Kohana exception 
handling framework to handle the exception and delegate to our
template, which will JSON encode the response.
 2010-06-19 14:07:37 -07:00
Bharat Mediratta
fa404589d6 Oops. Fix up a bad instance of $user in rest::access_key() introduced 
in my last change.
 2010-06-19 10:24:26 -07:00
Bharat Mediratta
9b78867427 Simplify rest::get_access_key($user) to rest::access_key() that 
returns just the access key string for the active user.  That's how we
use the API, so keep it simple.
 2010-06-18 20:43:14 -07:00
Bharat Mediratta
295a42e0f1 change single to double quotes. 2010-06-18 20:20:05 -07:00
Bharat Mediratta
57b53e6193 Guard against relationships() not returning an array. 2010-06-15 20:21:10 -07:00
Bharat Mediratta
78186c262c Update the description. 2010-06-15 16:09:45 -07:00
Tim Almdal
938eea7fc4 Merge branch 'master' into talmdal_dev 2010-06-13 09:59:27 -07:00
Bharat Mediratta
2c1e3800ef Send back the REST API version as a header. It's on every request, 
which sucks, but it's totally unobtrusive because it's a header so
that's ok.  Decided that the current version is "3.0" although it will
surely change before the final 3.0 release.

Fixes ticket #1148
 2010-06-11 14:59:17 -07:00
Tim Almdal
30849d10b1 Tweak the error response for rest requests to make it easier for the client to extract error information. 2010-06-10 08:18:15 -07:00
Tim Almdal
d5b80f2944 Don't use the standard error formatting for exceptions that have occurred as part of a REST request. Format the exception as a json encoded text string so the client can extract the fault information if they so choose. 2010-06-08 14:35:35 -07:00
Tim Almdal
0aafec0e59 The status message for an HTTP 400 status should always be 'Bad Request', if I'm reading the specification right. 2010-06-08 14:32:53 -07:00
Tim Almdal
32241cd143 Merge branch 'master' into talmdal_dev 2010-06-07 07:18:20 -07:00
Tim Almdal
fef5cf9865 If the identity provider changes then delete all the rest user_access_keys, as they are no longer valid. (i.e. all the related users have been deleted.) 2010-06-07 07:09:39 -07:00
Tim Almdal
097ef934c6 Merge branch 'master' into talmdal_dev 2010-06-06 15:45:03 -07:00
Bharat Mediratta
481ef823dd Add an advanced setting to allow developers to allow guest access to 
REST entities.
 2010-06-05 19:45:15 -07:00
Tim Almdal
0565d9f0f9 Merge branch 'master' into talmdal_dev 2010-04-21 06:48:08 -07:00
Bharat Mediratta
af71df3d0f Update tests to reflect recent changes to the REST API. 2010-04-17 15:35:09 -07:00
Tim Almdal
9bb4c954bb Merge bharat_dev rest implementation 2010-04-07 08:07:41 -07:00
Tim Almdal
50b0b73345 Merge branch 'master' into talmdal_dev 2010-04-06 06:08:17 -07:00
Bharat Mediratta
5679e30ef6 REST changes: Allow PUT and POST requests to modify members, not 
just entity.

TESTS ARE NOT UPDATED YET.

- Fix item_rest::get() to maintain the proper sort order, which
  requires duplicating some Item_Model code.

- Elide "weight" from the REST version of item

- Adjust the weight of members according to the order they're returned
  from the client.  You can't add or remove members here, you can only
  reorder them.

- Changed the wire protocol to handle more complex values.
  Now "entity" and "members" are JSON encoded.  The Gallery3
  helper does this correctly.

- Changed the wire protocol for tag_item -- now it stores the
  tag and item urls in the entity, not as members.  This is more
  consistent.

- Added missing security for renaming and deleting tags.

- Got rid of vestigial tag_rest::post().  We add/remove tags
  via the relationship.
 2010-04-04 11:55:54 -07:00
Tim Almdal
f2ed1eeab2 Merge branch 'master' into talmdal_dev 
Conflicts:
	modules/rest/controllers/rest.php
 2010-03-31 07:14:06 -07:00
Bharat Mediratta
668c12da1c Rest -> REST 2010-03-30 20:47:45 -07:00
Bharat Mediratta
ca977dce51 Rename "access_token" to "access_key" in the code for consistency. 2010-03-30 14:01:40 -07:00
Bharat Mediratta
59b6cd30e6 Rename "user_access_tokens" table to "user_access_keys" as step 1 of a 
multi step process to refer to REST access keys as "access_key"
everywhere.  Bump the rest module to version 2.
 2010-03-30 13:53:14 -07:00
Tim Almdal
7b35091b47 If the access token is not set, then look in the post data. 2010-03-21 20:45:22 -07:00
Tim Almdal
48b8b4f689 Merge branch 'master' into talmdal_dev 2010-03-13 23:11:53 -08:00
Tim Almdal
13f5d3aa33 Whitespace correction 2010-03-13 23:11:33 -08:00
Tim Almdal
5467e21e8b Changes to support updating the child elements within an album. In this change the urls of the children are sent up asan array of post fields children[0].... children[n]. If an existing child is not included it is deleted. Including a url to an child in another album will move the child. Changing the order of the children will respect the order of the children, if the sort column is 'weight' 2010-03-13 08:39:06 -08:00
Bharat Mediratta
9314533048 Update tests to reflect the fact that you have to be logged in to do anything. 2010-03-13 08:39:05 -08:00
Bharat Mediratta
c69f5f4906 Guests don't get access to the REST API. 2010-03-13 08:39:05 -08:00
Bharat Mediratta
be580c9554 Update tests to reflect the fact that you have to be logged in to do anything. 2010-03-05 21:42:39 -08:00
Bharat Mediratta
05d345e16d Guests don't get access to the REST API. 2010-03-03 10:17:48 -08:00
Bharat Mediratta
c3c2b45280 Update the copyright to 2010. It's only 3 months into the year :-) 2010-03-03 10:15:34 -08:00
Tim Almdal
7d7da6eb0a Remove redundant print statement. rest::reply() does the print so having the extra print statement could lead to problems. 2010-02-24 11:49:53 -08:00
Bharat Mediratta
1377b2c7b3 When using rest::reply(), don't call var_export() if the response is empty. 2010-02-20 10:24:29 -08:00
Bharat Mediratta
d388e4bb86 Refactor away the "display_all" construct in User_Profile_Controller. 
"display_all" is too coarse, and we should be letting event handlers
make the appropriate decision on what to display and when.  This
duplicates some code, but it's now very clear in the event handlers
what's getting shown.

Throw a 404 if we try to view the user profile for a missing user.

The only feature change in this should be that we now display the
name, full name and website for a user to any other registered user,
which makes sense since these are typically public fields.

Don't show any of the edit buttons unless identity::is_writable()
 2010-02-19 11:40:49 -08:00
Tim Almdal
f37b93a7eb If the return object is empty still return the empty object in the json response. 2010-02-14 07:31:11 -08:00
Bharat Mediratta
aff5d1cef4 Create the concept of a "failed authentication" as semantically 
separate from a successful or failed login.

1) Rename user_login_failed event to user_authenticate_failed

2) Rename failed_logins table to failed_auth (bump Gallery module to
   v27 to rename the table)

3) auth::too_many_failed_logins -> auth::too_many_failures

4) auth::record_failed_auth_attempts -> auth::record_failed_attempts
   auth::clear_failed_auth_attempts  -> auth::clear_failed_attempts
 2010-02-07 08:45:10 -08:00
Bharat Mediratta
c050acf30a Fix lots of warnings that pop up when we're in E_STRICT mode. They're 
mostly issues around uninitialized variables, calling non-static
functions in a static context, calling Session functions directly
instead of on its singleton, passing non-variables by reference, and
subclasses not using the same interface as the parent class.
 2010-01-31 16:07:41 -08:00
Bharat Mediratta
d92ee7954e Refactory auth::too_many_failed_logins() out of 
auth::validate_too_many_failed_logins() to conceptually separate the
two.
 2010-01-30 23:15:18 -08:00
Andy Staudacher
1470b99d1f Protect REST login controller from brute force attacks too. 
And make the REST auth token less predictable by using a better source for randomness.
 2010-01-30 21:42:57 -08:00
Bharat Mediratta
dcba664f74 Use ? or & as appropriate when appending output=html. 2010-01-29 20:37:48 -08:00
Bharat Mediratta
a95609849e Use var_export instead of print_r for better clarity. 2010-01-29 14:53:40 -08:00
Tim Almdal
cedbc82dcc Do all the html::clean|purify calls in the views and not the controller. Also clean the subject line and email message body of the contact user email. 2010-01-28 07:44:58 -08:00
Bharat Mediratta
1606961153 Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 
Conflicts:
	modules/gallery/libraries/MY_ORM.php
 2010-01-25 19:49:17 -08:00
Tim Almdal
865995305c Add the active notifications and rest api key to user profile page. 2010-01-24 20:14:01 -08:00
Bharat Mediratta
a609694018 Update tests for recent REST changes. 2010-01-23 12:13:14 -08:00