bachir/popsu-d7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
popsu-d7/sites/all/modules/uuid/uuid_services/uuid_services.module

272 lines
11 KiB
Plaintext
Raw Blame History

<?php
/**
* @file
* UUID Services module functions.
*/
/**
* Defines defaults for UUID_SERVICES_ALLOWED_MEDIA_MIMES.
*/
define('UUID_SERVICES_DEFAULT_ALLOWED_MEDIA_MIMES',
'video/brightcove
video/youtube'
);
/**
* Implements hook_menu().
*/
function uuid_services_menu() {
$items['admin/config/services/uuid-services'] = array(
'title' => 'UUID Services',
'description' => 'Configure settings for UUID Services.',
'access arguments' => array('administer services'),
'page callback' => 'drupal_get_form',
'page arguments' => array('uuid_services_settings'),
'file' => 'uuid_services.admin.inc',
);
return $items;
}
/**
* Implements hook_services_resources_alter().
*
* Alter all resources that support UUIDs, to make use this functionality when
* exposing them through Services.
*
* Since we are working with UUID enabled entities, the 'create' method is
* redundant. Instead, clients should do a PUT to '<entity_type>/<uuid>'. This
* will route through the 'update' method and create the entity if it doesn't
* exist. This is the most logical thing to do, since it's up to the client to
* generate and set the UUID on the entity.
*/
function uuid_services_services_resources_alter(&$resources, &$endpoint) {
foreach (entity_get_info() as $entity_type => $entity_info) {
if (isset($entity_info['uuid']) && $entity_info['uuid'] == TRUE && (isset($resources[$entity_type]) || variable_get('uuid_services_support_all_entity_types', FALSE))) {
unset($resources[$entity_type]['operations']['create']);
// Alter 'retrieve' method to use UUID enabled functions and arguments.
$resources[$entity_type]['operations']['retrieve']['help'] = t('Retrieve %label entities based on UUID.', array('%label' => $entity_info['label']));
$resources[$entity_type]['operations']['retrieve']['callback'] = '_uuid_services_entity_retrieve';
$resources[$entity_type]['operations']['retrieve']['access callback'] = '_uuid_services_entity_access';
$resources[$entity_type]['operations']['retrieve']['access arguments'] = array('view');
$resources[$entity_type]['operations']['retrieve']['access arguments append'] = TRUE;
$resources[$entity_type]['operations']['retrieve']['args'] = array(
// This argument isn't exposed in the service, only used internally..
array(
'name' => 'entity_type',
'description' => t('The entity type.'),
'type' => 'string',
'default value' => $entity_type,
'optional' => TRUE,
),
array(
'name' => 'uuid',
'description' => t('The %label UUID.', array('%label' => $entity_info['label'])),
'type' => 'text',
'source' => array('path' => 0),
),
);
// Alter 'update' method to use UUID enabled functions and arguments.
$resources[$entity_type]['operations']['update']['help'] = t('Update or create %label entities based on UUID. The payload must be formatted according to the <a href="!url">OData protocol</a>.', array('%label' => $entity_info['label'], '!url' => 'http://www.odata.org/developers/protocols'));
$resources[$entity_type]['operations']['update']['callback'] = '_uuid_services_entity_update';
$resources[$entity_type]['operations']['update']['access callback'] = '_uuid_services_entity_access';
$resources[$entity_type]['operations']['update']['access arguments'] = array('update');
$resources[$entity_type]['operations']['update']['access arguments append'] = TRUE;
$resources[$entity_type]['operations']['update']['args'] = array(
// This argument isn't exposed in the service, only used internally..
array(
'name' => 'entity_type',
'description' => t('The entity type.'),
'type' => 'string',
'default value' => $entity_type,
'optional' => TRUE,
),
array(
'name' => 'uuid',
'description' => t('The %label UUID.', array('%label' => $entity_info['label'])),
'type' => 'text',
'source' => array('path' => 0),
),
array(
'name' => 'entity',
'description' => t('The %label entity object.', array('%label' => $entity_info['label'])),
'type' => 'struct',
'source' => 'data',
),
);
// Alter 'delete' method to use UUID enabled functions and arguments.
$resources[$entity_type]['operations']['delete']['help'] = t('Delete %label entities based on UUID.', array('%label' => $entity_info['label']));
$resources[$entity_type]['operations']['delete']['callback'] = '_uuid_services_entity_delete';
$resources[$entity_type]['operations']['delete']['access callback'] = '_uuid_services_entity_access';
$resources[$entity_type]['operations']['delete']['access arguments'] = array('delete');
$resources[$entity_type]['operations']['delete']['access arguments append'] = TRUE;
$resources[$entity_type]['operations']['delete']['args'] = array(
// This argument isn't exposed in the service, only used internally..
array(
'name' => 'entity_type',
'description' => t('The entity type.'),
'type' => 'string',
'default value' => $entity_type,
'optional' => TRUE,
),
array(
'name' => 'uuid',
'description' => t('The %label UUID.', array('%label' => $entity_info['label'])),
'type' => 'text',
'source' => array('path' => 0),
),
);
}
}
}
/**
* Callback for the 'retrieve' method.
*
* @see entity_uuid_load()
*/
function _uuid_services_entity_retrieve($entity_type, $uuid) {
try {
$entities = entity_uuid_load($entity_type, array($uuid));
$entity = reset($entities);
return $entity;
}
catch (Exception $exception) {
watchdog_exception('uuid_services', $exception);
return services_error($exception, 406, $uuid);
}
}
/**
* Callback for the 'update' method.
*
* @see entity_uuid_save()
*/
function _uuid_services_entity_update($entity_type, $uuid, $entity) {
try {
$controller = entity_get_controller($entity_type);
if ($controller instanceof EntityAPIControllerInterface) {
$entity = $controller->create($entity);
}
else {
$entity = (object) $entity;
}
$entity->uuid_services = TRUE;
// Check that the mime type is whitelisted.
$valid_media_mimes = variable_get('uuid_services_allowed_media_mimes', UUID_SERVICES_DEFAULT_ALLOWED_MEDIA_MIMES);
// Sanitize file user input.
if ($entity_type == 'file') {
// We have to make sure to whitelist mime types, to avoid the video files
// getting converted into text files, when deployed from one env to other.
if (!in_array($entity->filemime, preg_split('/\r?\n/', $valid_media_mimes))) {
$entity->filename = _services_file_check_name_extension($entity->filename);
$entity->uri = _services_file_check_destination_uri($entity->uri);
if (!empty($entity->filepath)) {
$entity->filepath = _services_file_check_destination($entity->filepath);
}
}
}
// Sanitize user roles if user is not allowed to modify them.
if ($entity_type == 'user' && !empty($entity->roles) && !user_access('administer permissions')) {
$original_user = user_load(entity_get_id_by_uuid('user', array($entity->uuid))[$entity->uuid]);
$entity->roles = $original_user->roles;
}
entity_uuid_save($entity_type, $entity);
return $entity;
}
catch (Exception $exception) {
watchdog_exception('uuid_services', $exception);
return services_error($exception, 406, $entity);
}
}
/**
* Callback for the 'delete' method.
*
* @see entity_uuid_delete()
*/
function _uuid_services_entity_delete($entity_type, $uuid) {
try {
$uuid_exist = (bool) entity_get_id_by_uuid($entity_type, array($uuid));
if (!$uuid_exist) {
/* UUID not found. Don't try to delete something that doesn't exist. */
$args = array('@uuid' => $uuid, '@type' => $entity_type);
watchdog('uuid_services', 'UUID @uuid not found for entity type @type', $args, WATCHDOG_WARNING);
return TRUE;
}
$return = entity_uuid_delete($entity_type, $uuid) !== FALSE;
return $return;
}
catch (Exception $exception) {
watchdog_exception('uuid_services', $exception);
return services_error($exception, 406, $uuid);
}
}
/**
* Access callback.
*
* @param string $op
* The operation we are trying to do on the entity. Can only be:
* - "view"
* - "update"
* - "delete"
* See 'uuid_services_services_resources_alter()' for an explanation why
* 'create' is missing.
* @param array $args
* The arguments passed to the method. The keys are holding the following:
* 0. <entity_type>
* 1. <uuid>
* 2. <entity> (only available if $op == 'update')
*/
function _uuid_services_entity_access($op, $args) {
try {
// Fetch the information we have to work with.
$entity_type = $args[0];
// Load functions always deal with multiple entities. So does this lookup
// function. But in practice this will always only be one id.
$entity_ids = entity_get_id_by_uuid($entity_type, array($args[1]));
$entity = NULL;
if (!empty($args[2])) {
$entity = entity_create($entity_type, $args[2]);
// We have to make the entity local (i.e. only have local references), for
// access functions to work on it.
entity_make_entity_local($entity_type, $entity);
}
// Fetch the local entity if we've got an id.
elseif (!empty($entity_ids)) {
$entities = entity_load($entity_type, $entity_ids);
$entity = reset($entities);
}
// If we've been routed to the 'update' method and the entity we are
// operating on doesn't exist yet, that should be reflected.
if ($op == 'update' && empty($entity_ids)) {
$op = 'create';
}
// If the user doesn't exist return 406 like services does.
if (($entity_type == 'user' && empty($entity) && $op == 'view')) {
return services_error(t('There is no user with UUID @uuid.', array('@uuid' => $args[1])), 406);;
}
// The following code is taken from entity_access() with some extra logic
// to handle the case where an entity type is not defining an access
// callback. With this logic, it's important that all entity types that
// needs access control have an access callback defined.
if (($info = entity_get_info()) && isset($info[$entity_type]['access callback'])) {
return $info[$entity_type]['access callback']($op, $entity, NULL, $entity_type);
}
return TRUE;
}
catch (Exception $exception) {
watchdog_exception('uuid_services', $exception);
return services_error($exception, 406, $entity_type);
}
}
Reference in New Issue View Git Blame Copy Permalink