summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDries2012-12-14 16:33:32 (GMT)
committerDries2012-12-14 16:33:32 (GMT)
commit70b7301520ce69dc4e98416072fe6e73a09a10ef (patch)
treecca5c7aef259adc33d9274c18d830a5a91df17ca
parentf03337ade50bffa1208ab9ffffca57013d37b048 (diff)
Issue #1846582 by klausi, katbailey: restrict data retrieving routes to media type.
-rw-r--r--core/includes/module.inc4
-rw-r--r--core/modules/jsonld/lib/Drupal/jsonld/EventSubscriber/JsonldSubscriber.php42
-rw-r--r--core/modules/jsonld/lib/Drupal/jsonld/JsonldBundle.php3
-rw-r--r--core/modules/rest/lib/Drupal/rest/Plugin/ResourceBase.php54
-rw-r--r--core/modules/rest/lib/Drupal/rest/Plugin/rest/resource/DBLogResource.php2
-rw-r--r--core/modules/rest/lib/Drupal/rest/Tests/DBLogTest.php6
-rw-r--r--core/modules/rest/lib/Drupal/rest/Tests/RESTTestBase.php3
-rw-r--r--core/modules/rest/lib/Drupal/rest/Tests/ReadTest.php6
8 files changed, 88 insertions, 32 deletions
diff --git a/core/includes/module.inc b/core/includes/module.inc
index abe03dd..9be96cd 100644
--- a/core/includes/module.inc
+++ b/core/includes/module.inc
@@ -493,6 +493,7 @@ function module_enable($module_list, $enable_dependencies = TRUE) {
$schema_store = drupal_container()->get('keyvalue')->get('system.schema');
$module_config = config('system.module');
$disabled_config = config('system.module.disabled');
+ $module_filenames = drupal_container()->getParameter('container.modules');
foreach ($module_list as $module) {
// Only process modules that are not already enabled.
$enabled = $module_config->get("enabled.$module") !== NULL;
@@ -516,11 +517,12 @@ function module_enable($module_list, $enable_dependencies = TRUE) {
system_list_reset();
module_implements_reset();
_system_update_bootstrap_status();
+ $module_filenames[$module] = drupal_get_filename('module', $module);
// Update the kernel to include it.
// @todo The if statement is here because install_begin_request() creates
// a container without a kernel. It probably shouldn't.
if ($kernel = drupal_container()->get('kernel', ContainerInterface::NULL_ON_INVALID_REFERENCE)) {
- $kernel->updateModules(module_list(), array($module => drupal_get_filename('module', $module)));
+ $kernel->updateModules(module_list(), $module_filenames);
}
// Refresh the schema to include it.
drupal_get_schema(NULL, TRUE);
diff --git a/core/modules/jsonld/lib/Drupal/jsonld/EventSubscriber/JsonldSubscriber.php b/core/modules/jsonld/lib/Drupal/jsonld/EventSubscriber/JsonldSubscriber.php
new file mode 100644
index 0000000..38a06ec
--- /dev/null
+++ b/core/modules/jsonld/lib/Drupal/jsonld/EventSubscriber/JsonldSubscriber.php
@@ -0,0 +1,42 @@
+<?php
+
+/**
+ * @file
+ * Contains Drupal\jsonld\EventSubscriber\JsonldSubscriber.
+ */
+
+namespace Drupal\jsonld\EventSubscriber;
+
+use Symfony\Component\HttpKernel\KernelEvents;
+use Symfony\Component\HttpKernel\Event\GetResponseEvent;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+
+/**
+ * Subscribes to the kernel request event to add JSON-LD media formats.
+ */
+class JsonldSubscriber implements EventSubscriberInterface {
+
+ /**
+ * Registers JSON-LD formats with the Request class.
+ *
+ * @param Symfony\Component\HttpKernel\Event\GetResponseEvent $event
+ * The event to process.
+ */
+ public function onKernelRequest(GetResponseEvent $event) {
+ $request = $event->getRequest();
+ $request->setFormat('drupal_jsonld', 'application/vnd.drupal.ld+json');
+ $request->setFormat('jsonld', 'application/ld+json');
+ }
+
+ /**
+ * Registers the methods in this class that should be listeners.
+ *
+ * @return array
+ * An array of event listener definitions.
+ */
+ static function getSubscribedEvents() {
+ $events[KernelEvents::REQUEST][] = array('onKernelRequest', 40);
+ return $events;
+ }
+
+}
diff --git a/core/modules/jsonld/lib/Drupal/jsonld/JsonldBundle.php b/core/modules/jsonld/lib/Drupal/jsonld/JsonldBundle.php
index 4d086d1..538f4d0 100644
--- a/core/modules/jsonld/lib/Drupal/jsonld/JsonldBundle.php
+++ b/core/modules/jsonld/lib/Drupal/jsonld/JsonldBundle.php
@@ -58,5 +58,8 @@ class JsonldBundle extends Bundle {
$container->register("serializer.encoder.{$format}", $encoder_class)
->addTag('encoder', array('priority' => $priority));
}
+
+ $container->register('jsonld.subscriber', 'Drupal\jsonld\EventSubscriber\JsonldSubscriber')
+ ->addTag('event_subscriber');
}
}
diff --git a/core/modules/rest/lib/Drupal/rest/Plugin/ResourceBase.php b/core/modules/rest/lib/Drupal/rest/Plugin/ResourceBase.php
index fa53bbb..f3292b7 100644
--- a/core/modules/rest/lib/Drupal/rest/Plugin/ResourceBase.php
+++ b/core/modules/rest/lib/Drupal/rest/Plugin/ResourceBase.php
@@ -53,37 +53,41 @@ abstract class ResourceBase extends PluginBase {
*/
public function routes() {
$collection = new RouteCollection();
- $name = strtr($this->plugin_id, ':', '.');
- $prefix = strtr($this->plugin_id, ':', '/');
+ $path_prefix = strtr($this->plugin_id, ':', '/');
+ $route_name = strtr($this->plugin_id, ':', '.');
+
$methods = $this->requestMethods();
foreach ($methods as $method) {
$lower_method = strtolower($method);
// Only expose routes where the HTTP request method exists on the plugin.
if (method_exists($this, $lower_method)) {
- // Special case for resource creation via POST: Add a route that does
- // not require an ID.
- if ($method == 'POST') {
- $route = new Route("/$prefix", array(
- '_controller' => 'Drupal\rest\RequestHandler::handle',
- '_plugin' => $this->plugin_id,
- 'id' => NULL,
- ), array(
- // The HTTP method is a requirement for this route.
- '_method' => $method,
- '_permission' => "restful $lower_method $this->plugin_id",
- ));
- }
- else {
- $route = new Route("/$prefix/{id}", array(
- '_controller' => 'Drupal\rest\RequestHandler::handle',
- '_plugin' => $this->plugin_id,
- ), array(
- // The HTTP method is a requirement for this route.
- '_method' => $method,
- '_permission' => "restful $lower_method $this->plugin_id",
- ));
+ $route = new Route("/$path_prefix/{id}", array(
+ '_controller' => 'Drupal\rest\RequestHandler::handle',
+ // Pass the resource plugin ID along as default property.
+ '_plugin' => $this->plugin_id,
+ ), array(
+ // The HTTP method is a requirement for this route.
+ '_method' => $method,
+ '_permission' => "restful $lower_method $this->plugin_id",
+ ));
+
+ switch ($method) {
+ case 'POST':
+ // POST routes do not require an ID in the URL path.
+ $route->setPattern("/$path_prefix");
+ $route->addDefaults(array('id' => NULL));
+ break;
+
+ case 'GET':
+ case 'HEAD':
+ // Restrict GET and HEAD requests to the media type specified in the
+ // HTTP Accept headers.
+ // @todo Replace hard coded format here with available formats.
+ $route->addRequirements(array('_format' => 'drupal_jsonld'));
+ break;
}
- $collection->add("$name.$method", $route);
+
+ $collection->add("$route_name.$method", $route);
}
}
diff --git a/core/modules/rest/lib/Drupal/rest/Plugin/rest/resource/DBLogResource.php b/core/modules/rest/lib/Drupal/rest/Plugin/rest/resource/DBLogResource.php
index 13af57b..60a16b9 100644
--- a/core/modules/rest/lib/Drupal/rest/Plugin/rest/resource/DBLogResource.php
+++ b/core/modules/rest/lib/Drupal/rest/Plugin/rest/resource/DBLogResource.php
@@ -52,7 +52,7 @@ class DBLogResource extends ResourceBase {
if (!empty($record)) {
// Serialization is done here, so we indicate with NULL that there is no
// subsequent serialization necessary.
- $response = new ResourceResponse(NULL, 200, array('Content-Type' => 'application/json'));
+ $response = new ResourceResponse(NULL, 200, array('Content-Type' => 'application/vnd.drupal.ld+json'));
// @todo remove hard coded format here.
$response->setContent(drupal_json_encode($record));
return $response;
diff --git a/core/modules/rest/lib/Drupal/rest/Tests/DBLogTest.php b/core/modules/rest/lib/Drupal/rest/Tests/DBLogTest.php
index 9ea37c1..2595735 100644
--- a/core/modules/rest/lib/Drupal/rest/Tests/DBLogTest.php
+++ b/core/modules/rest/lib/Drupal/rest/Tests/DBLogTest.php
@@ -50,16 +50,16 @@ class DBLogTest extends RESTTestBase {
$account = $this->drupalCreateUser(array('restful get dblog'));
$this->drupalLogin($account);
- $response = $this->httpRequest("dblog/$id", 'GET', NULL, 'application/json');
+ $response = $this->httpRequest("dblog/$id", 'GET', NULL, 'application/vnd.drupal.ld+json');
$this->assertResponse(200);
- $this->assertHeader('content-type', 'application/json');
+ $this->assertHeader('content-type', 'application/vnd.drupal.ld+json');
$log = drupal_json_decode($response);
$this->assertEqual($log['wid'], $id, 'Log ID is correct.');
$this->assertEqual($log['type'], 'rest_test', 'Type of log message is correct.');
$this->assertEqual($log['message'], 'Test message', 'Log message text is correct.');
// Request an unknown log entry.
- $response = $this->httpRequest("dblog/9999", 'GET', NULL, 'application/json');
+ $response = $this->httpRequest("dblog/9999", 'GET', NULL, 'application/vnd.drupal.ld+json');
$this->assertResponse(404);
$this->assertEqual($response, 'Not Found', 'Response message is correct.');
}
diff --git a/core/modules/rest/lib/Drupal/rest/Tests/RESTTestBase.php b/core/modules/rest/lib/Drupal/rest/Tests/RESTTestBase.php
index 3640e48..0f8e7c6 100644
--- a/core/modules/rest/lib/Drupal/rest/Tests/RESTTestBase.php
+++ b/core/modules/rest/lib/Drupal/rest/Tests/RESTTestBase.php
@@ -41,7 +41,8 @@ abstract class RESTTestBase extends WebTestBase {
$curl_options = array(
CURLOPT_HTTPGET => TRUE,
CURLOPT_URL => url($url, $options),
- CURLOPT_NOBODY => FALSE
+ CURLOPT_NOBODY => FALSE,
+ CURLOPT_HTTPHEADER => array('Accept: ' . $format),
);
break;
diff --git a/core/modules/rest/lib/Drupal/rest/Tests/ReadTest.php b/core/modules/rest/lib/Drupal/rest/Tests/ReadTest.php
index 7ebe5f2..6808020 100644
--- a/core/modules/rest/lib/Drupal/rest/Tests/ReadTest.php
+++ b/core/modules/rest/lib/Drupal/rest/Tests/ReadTest.php
@@ -59,8 +59,12 @@ class ReadTest extends RESTTestBase {
// checked in serialization tests.
$this->assertEqual($data['uuid'][LANGUAGE_DEFAULT][0]['value'], $entity->uuid(), 'Entity UUID is correct');
+ // Try to read the entity with an unsupported media format.
+ $response = $this->httpRequest('entity/' . $entity_type . '/' . $entity->id(), 'GET', NULL, 'application/wrongformat');
+ $this->assertResponse(415);
+
// Try to read an entity that does not exist.
- $response = $this->httpRequest('entity/' . $entity_type . '/9999', 'GET', NULL, 'application/ld+json');
+ $response = $this->httpRequest('entity/' . $entity_type . '/9999', 'GET', NULL, 'application/vnd.drupal.ld+json');
$this->assertResponse(404);
$this->assertEqual($response, 'Entity with ID 9999 not found', 'Response message is correct.');