[Jifty-commit] r6635 - in jifty/trunk: lib/Jifty/Plugin/REST

Jifty commits jifty-commit at lists.jifty.org
Tue Mar 17 14:49:18 EDT 2009


Author: sartak
Date: Tue Mar 17 14:49:18 2009
New Revision: 6635

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/lib/Jifty/Plugin/REST/Dispatcher.pm

Log:
 r81317 at onn:  sartak | 2009-03-17 14:49:13 -0400
 Better errors from the REST API for hidden/denied actions


Modified: jifty/trunk/lib/Jifty/Plugin/REST/Dispatcher.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/REST/Dispatcher.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/REST/Dispatcher.pm	Tue Mar 17 14:49:18 2009
@@ -414,37 +414,63 @@
      return  dl( map {dt($_), dd($hash{$_}) } keys %hash )
 }
 
-=head2 action ACTION, [CODE]
+=head2 action ACTION
 
-Canonicalizes ACTION into the form preferred by the code. (Cleans up casing, canonicalizing, etc. Returns CODE (defaulting to 404) if it can't work its magic
+Canonicalizes ACTION into the class-name form preferred by Jifty by cleaning up
+casing, delimiters, etc. Throws an appropriate HTTP error code if the action is
+unavailable.
 
 =cut
 
 
-sub action {  _resolve($_[0], 'Jifty::Action', [Jifty->api->visible_actions], $_[1]) }
+sub action {
+    _resolve(
+        name          => $_[0],
+        base          => 'Jifty::Action',
+        possibilities => [Jifty->api->visible_actions],
+        is_allowed    => sub { Jifty->api->is_allowed(shift) },
+    );
+}
 
 =head2 model MODEL
 
-Canonicalizes MODEL into the form preferred by the code. (Cleans up casing, canonicalizing, etc. Returns CODE (defaulting to 404) if it can't work its magic
+Canonicalizes MODEL into the class-name form preferred by Jifty by cleaning up
+casing, delimiters, etc. Throws an appropriate HTTP error code if the model is
+unavailable.
 
 =cut
 
-sub model  { _resolve($_[0], 'Jifty::Record', [grep {not $_->is_private} Jifty->class_loader->models], $_[1]) }
+sub model {
+    _resolve(
+        name          => $_[0],
+        base          => 'Jifty::Record',
+        possibilities => [Jifty->class_loader->models],
+        is_allowed    => sub { not shift->is_private },
+    );
+}
 
 sub _resolve {
-    my($name, $base, $classes, $code) = @_;
+    my %args = @_;
 
     # we display actions as "AppName.Action.Foo", so we want to convert those
     # heathen names to be Perl-style
-    $name =~ s/\./::/g;
+    $args{name} =~ s/\./::/g;
 
-    my $re = qr/(?:^|::)\Q$name\E$/i;
+    my $re = qr/(?:^|::)\Q$args{name}\E$/i;
 
-    foreach my $cls (@{$classes || []}) {
-        return $cls if $cls =~ $re && $cls->isa($base);
+    my $hit;
+    foreach my $class (@{ $args{possibilities} }) {
+        if ($class =~ $re && $class->isa($args{base})) {
+            $hit = $class;
+            last;
+        }
     }
 
-    abort($code || 404);
+    abort(404) if !defined($hit);
+
+    abort(403) unless $args{is_allowed}->($hit);
+
+    return $hit;
 }
 
 
@@ -773,7 +799,7 @@
     $class =~ s/^[\w\.]+\.//;
 
     # 403 unless the action exists
-    my $action = action( $prefix . $class, 403 );
+    my $action = action($prefix . $class);
 
     if ( defined $column and defined $key ) {
         Jifty->web->request->argument( $column => $key );


More information about the Jifty-commit mailing list