source: Dev/branches/rest-dojo-ui/server/api.php @ 292

<?php

error_reporting(E_ALL);
ini_set('display_errors', True);

require_once 'tonic/lib/tonic.php';
require_once 'classes/master.php';

use Tonic\Request as Request;
use Tonic\Response as Response;
use Tonic\ResponseException as ResponseException;
use Tonic\Resource as Resource;

function set_session_cookie($response, $user) {
    $response->addHeader('Set-Cookie', 'rft_uid=' . $user->uid . '; Max-Age: 3600; Path=' . $response->request->baseUri);
}

function restore_session($response) {
    if (isset($_COOKIE['rft_uid'])) {
        $user = Auth::restore($_COOKIE['rft_uid']);
        if ($user) {
            set_session_cookie($response, $user);
            return $user;
        }
    }
    throw new ResponseException("No valid session found", Response::UNAUTHORIZED);
}

function get_clean_uri($request) {
    return substr($request->uri, strlen($request->baseUri));
}

function add_default_headers($response) {
    $response->addHeader('Content-Type', 'application/json');
    $response->addHeader('Cache-Control', 'no-cache, must-revalidate');
    $response->addHeader('Expires', 'Sat, 26 Jul 1997 05:00:00 GMT');
}

/**
 *  @uri /login
 */
class LoginResource extends Resource {

    function post($request) {
        $response = new Response($request);

        $user = null;
        if (!empty($request->data)) {
            $user = Auth::login($request->data['email'], $request->data['password']);
            if (!$user) {
                throw new ResponseException("Incorrect email and password", Response::UNAUTHORIZED);
            }
            set_session_cookie($response, $user);
        } else {
            $user = restore_session($response);
        }
        $response->body = $user;
        return $response;
    }

}

/**
 *  @uri /register
 */
class RegisterResource extends Resource {

    function post($request) {
        $response = new Response($request);

        $user = null;
        if (!empty($request->data)) {
            $user = Auth::register($request->data['email'], $request->data['password']);
            set_session_cookie($response, $user);
        } else {
            throw new ResponseException("No email and password provided.", Response::BADREQUEST);
        }
        $response->body = $user;
        return $response;
    }

}

/**
 * @uri /data/\w+(/\w+)?
 */
class DataResource extends Resource {

    function getTypeAndUid($request) {
        $uri = get_clean_uri($request);
        $path = explode('/', $uri);

        $info = array();
        $info['type'] = $path[2];
        if (isset($path[3])) {
            $info['uid'] = $path[3];
        }
        
        return $info;
    }

    function get($request) {
        $response = new Response($request);
        restore_session($response);

        $info = $this->getTypeAndUid($request);
        if (isset($info['uid'])) {
            $objects = $info['type']::get(array('uid' => $info['uid']));
            if (empty($objects)) {
                throw new ResponseException("Object not found", Response::NOTFOUND);
            }
            $response->body = $objects[0];
        } else {
            $objects = $info['type']::get(array());
            $response->body = $objects;
        }

        return $response;
    }

    function post($request) {
        $response = new Response($request);
        $user = restore_session($response);

        $info = $this->getTypeAndUid($request);
        $onlyAdd = $request->ifNoneMatch('*');
        $onlyUpdate = $request->ifMatch('*');

        $uid = null;
        if (isset($info['uid'])) {
            $uid = $info['uid'];
        } else if (isset($request->data->uid)) {
            $uid = $request->data->uid;
        }

        $object = null;
        if ($uid) {
            $objects = $info['type']::get(array('uid' => $uid));
            if (!empty($objects)) {
                $object = $objects[0];
            }
        }

        if (( $onlyUpdate && !$object ) || ( $onlyAdd && $object )) {
            throw new ResponseException("Update/Create and existing object mismatch", Response::PRECONDITIONFAILED);
        }

        if (!$object) {
            $object = new $info['type']($uid);
            $response->code = Response::CREATED;
        } else {
            $response->code = Response::OK;
        }
        foreach ($request->data as $key => $val) {
            $object->$key = $val;
        }
        if (isset($object->creator)) {
            $object->creator = $user;
        }
        if (!$object->save()) {
            throw new ResponseException("Save failed", Response::INTERNALSERVERERROR);
        }

        $response->body = $object;
        return $response;
    }

    function put($request) {
        return $this->post($request);
    }

    function delete($request) {
        restore_session(new Response($request));
        throw new ReponseException("Delete not implemented", Response::METHODNOTALLOWED);
    }

}

$request = new Request();
$path = $request->uri;
$idx = strrpos($path, 'api.php');
if ($idx !== FALSE) {
    $baseUri = substr($path, 0, $idx + 7);
    $request->baseUri = $baseUri;
}
$request->data = Marshaller::unmarshall(json_decode($request->data));
try {
    $resource = $request->loadResource();
    $response = $resource->exec($request);
} catch (ResponseException $e) {
    $response = $e->response($request);
    $response->body = array('errorMsg' => $response->body);
} catch (Exception $e) {
    $response = new Response($request);
    $response->code = Response::INTERNALSERVERERROR;
    $response->body = array('errorMsg' => "Unhandled exception: " . $e);
}
add_default_headers($response);
$response->body = json_encode(Marshaller::marshall($response->body));
$response->output();

?>