Migrate API controllers to lumen #1674
Conversation
rjmackay
force-pushed
the
lumen-controllers
branch
2 times, most recently
from
6050834 to
cdb48fe
Compare
rjmackay
force-pushed
the
lumen-controllers
branch
2 times, most recently
from
fcc76b7 to
aa96ca9
Compare
rjmackay
force-pushed
the
lumen-controllers
branch
2 times, most recently
from
4f22036 to
4bf6300
Compare
rjmackay
force-pushed
the
lumen-controllers
branch
from
282b36a to
a0cd168
Compare
rjmackay
force-pushed
the
lumen-controllers
branch
4 times, most recently
from
0248d2f to
9c197a8
Compare
- Create base REST Controller w/ pre + post processing - Call usecases - Make errors JSON if the request asks for JSON - Minor fixes to REST controller - Add CORS Middleware to set headers - Add config controller to test with
- Hook up auth to our UserRepo - Add migrations for passport - Connect Passport to Ushahidi Users so that auth actually works!
- Add posts, revisions, translations APIs - Add export and geojson api - Fix up RestContext issues in testing - Excluding updates API - Still need to fix up validation error output
- Make sure we're outputting JSON errors - No longer accepting access token via query param - Return 401 not 400 for missing access token - Return 401 not 400 for incorrect password
rjmackay
force-pushed
the
lumen-controllers
branch
from
3ea2ab4 to
87e62f1
Compare
- Remove custom CORS middleware - Add tests for preflight requests - Add tests for CORS requests - Add tests for vanilla OPTIONS requests - Add routes for /config and /posts OPTIONS requests
rjmackay
changed the title
|
@willdoran given this is kinda huge heres the minimum that I think you need to review:
|
|
@rjmackay It all looks like it's coming along, I don't see anything wrong, the tests look good generally. I like the directory structure generally, though I wonder about whether we could adopt the approach of moving the tests right beside the code. I found that structure very effective in the rollcall js client. Though it may not be strictly kosher in the lumen structure. My main concern looking at the Repos is that our data model needs to be restructured specifically for forms, stages, attributes and posts. If nothing else we should take the chance to rename them to match the client. That is probably true for Tags as well. May be in Ireland we can updatet the data model. I think involving Dale in that would be good. By then we'll have basically 3/3.5 clients(mobile, facebot, comrades, client) and that should give us a good idea of common needs. Mobile particularly seems like it should force us down the road of lighter requests. |
Agreed. I'm trying to just get rid of Kohana first, without rewriting the world in the process. So I'll get through the bulk of this, and the data provider refactor before I tackle the data model shift... We'll have to come up with a plan for managing old clients if we shift the data model. |
| ]; | ||
| } | ||
|
|
||
| protected function getPayload(Request $request) |
There was a problem hiding this comment.
Will this eventually be redundant in relation to the one getFilters(or vice versa) or is it just a place holder for now?
There was a problem hiding this comment.
No. Filters are built from the query string, payload is built from the JSON body of a request.
| * | ||
| * @return void | ||
| */ | ||
| public function store(Request $request) |
There was a problem hiding this comment.
It's nice to have clear verbs
| class RevisionsController extends PostsController |
| * @return string | ||
| * @todo move this somewhere sensible | ||
| */ | ||
| public static function url($resource, $id = null) |
There was a problem hiding this comment.
I feel like this is part of a Util class - which I think should usually be called a misc class. Would it be better as a service class?
There was a problem hiding this comment.
Yup. See the @todo move this somewhere sensible :)
| } | ||
|
|
||
| // Should we prevent this request from being cached? | ||
| if (! in_array($request->method(), $this->cacheableMethods)) { |
There was a problem hiding this comment.
This seems very manual, should cache control not belong to the web server?
There was a problem hiding this comment.
This is straight from the Kohana version, but in short no. The web server knows nothing about the content its serving, so it doesn't know if its safe to cache or not.
I think originally this was used to make sure GET responses were cachable, but POST/PUT/DELETE were not. I suspect its not actually working now
| Passport::loadKeysFrom(storage_path('passport/')); | ||
| // Define possible scopes | ||
| // @todo simplify / improve these | ||
| Passport::tokensCan([ |
There was a problem hiding this comment.
I like that these come with descriptions
| @@ -45,7 +45,7 @@ Feature: Testing OAuth2 endpoints | |||
| Scenario: Authorized Posts Request | |||
| Given that I want to update a "Post" | |||
| And that its "id" is "95" | |||
| And that the request "Authorization" header is "Bearer testingtoken" | |||
| And that the oauth token is "testingtoken" | |||
There was a problem hiding this comment.
I like the language simplifications
There was a problem hiding this comment.
Mostly due to having to generate JWT tokens in RestContext grr.
This pull request makes the following changes:
Test these changes by:
Fixes #1372
Ping @ushahidi/platform
This change is