diff --git a/airtime_mvc/application/controllers/RenderController.php b/airtime_mvc/application/controllers/RenderController.php new file mode 100644 index 000000000..be190a963 --- /dev/null +++ b/airtime_mvc/application/controllers/RenderController.php @@ -0,0 +1,20 @@ +view->layout()->disableLayout(); + $this->_helper->viewRenderer->setNoRender(true); + + $csrf_namespace = new Zend_Session_Namespace('csrf_namespace'); + $csrf_element = new Zend_Form_Element_Hidden('csrf_token'); + $csrf_element->setValue($csrf_namespace->authtoken)->setRequired('true')->removeDecorator('HtmlTag')->removeDecorator('Label'); + $this->view->csrf = $csrf_element; + } + + public function podcastUrlDialogAction() { + $path = 'podcast/podcast_url_dialog.phtml'; + $this->_helper->json->sendJson(array("html"=>$this->view->render($path))); + } + +} \ No newline at end of file diff --git a/airtime_mvc/application/controllers/plugins/Acl_plugin.php b/airtime_mvc/application/controllers/plugins/Acl_plugin.php index 18f1c69a5..06f84b834 100644 --- a/airtime_mvc/application/controllers/plugins/Acl_plugin.php +++ b/airtime_mvc/application/controllers/plugins/Acl_plugin.php @@ -200,7 +200,7 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract /** Check if the controller/action can be accessed by the current user */ if (!$this->getAcl()->has($resourceName) - || !$this->getAcl()->isAllowed($this->_roleName, + || !$this->getAcl()->isAllowed($this->_roleName, $resourceName, $request->getActionName())) { /** Redirect to access denied page */ @@ -226,7 +226,6 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract $current_namespace = new Zend_Session_Namespace('csrf_namespace'); $observed_csrf_token = $token; $expected_csrf_token = $current_namespace->authtoken; - return ($observed_csrf_token == $expected_csrf_token); } diff --git a/airtime_mvc/application/models/airtime/Podcast.php b/airtime_mvc/application/models/airtime/Podcast.php index cf024b031..4d3b91254 100644 --- a/airtime_mvc/application/models/airtime/Podcast.php +++ b/airtime_mvc/application/models/airtime/Podcast.php @@ -51,20 +51,28 @@ class Podcast extends BasePodcast } try { + // Kind of a pain; since the rss fields are SimpleXMLElements, + // we need to explicitly cast them to strings $podcast = new Podcast(); $podcast->setDbUrl($podcastArray["url"]); - $podcast->setDbTitle($rss->title); - $podcast->setDbCreator($rss->author); - $podcast->setDbDescription($rss->description); + $podcast->setDbTitle((string)$rss->title); + $podcast->setDbCreator((string)$rss->author); + $podcast->setDbDescription((string)$rss->description); $podcast->setDbOwner(self::getOwnerId()); $podcast->setDbType(IMPORTED_PODCAST); $podcast->save(); - $podcastArray = array(); - array_push($podcastArray, $podcast->toArray(BasePeer::TYPE_FIELDNAME)); + // $podcastArray = array(); + // array_push($podcastArray, $podcast->toArray(BasePeer::TYPE_FIELDNAME)); + + $podcastArray = $podcast->toArray(BasePeer::TYPE_FIELDNAME); $podcastArray["episodes"] = array(); foreach ($rss->item as $item) { + // Same as above, we need to explicitly cast the SimpleXMLElement 'array' into an actual array + foreach($item as $k => $v) { + $array[$k] = (string)$v; + } array_push($podcastArray["episodes"], $item); } return $podcastArray; @@ -96,11 +104,15 @@ class Podcast extends BasePodcast throw new PodcastNotFoundException(); } - $podcastArray = array(); - array_push($podcastArray, $podcast->toArray(BasePeer::TYPE_FIELDNAME)); + // FIXME: Get rid of this duplication and move into a new function (serializer/deserializer) + $podcastArray = $podcast->toArray(BasePeer::TYPE_FIELDNAME); $podcastArray["episodes"] = array(); foreach ($rss->item as $item) { + // Same as above, we need to explicitly cast the SimpleXMLElement 'array' into an actual array + foreach($item as $k => $v) { + $array[$k] = (string)$v; + } array_push($podcastArray["episodes"], $item); } diff --git a/airtime_mvc/application/modules/rest/Bootstrap.php b/airtime_mvc/application/modules/rest/Bootstrap.php index 4d6603093..247e18887 100644 --- a/airtime_mvc/application/modules/rest/Bootstrap.php +++ b/airtime_mvc/application/modules/rest/Bootstrap.php @@ -13,6 +13,16 @@ class Rest_Bootstrap extends Zend_Application_Module_Bootstrap 'rest'=> array('media', 'show-image', 'podcast', 'podcast-episodes'))); assert($router->addRoute('rest', $restRoute)); + $podcastBulkRoute = new Zend_Controller_Router_Route( + 'rest/podcast/bulk', + array( + 'controller' => 'podcast', + 'action' => 'bulk', + 'module' => 'rest' + ) + ); + $router->addRoute('podcast-bulk', $podcastBulkRoute); + $route = new Rest_RouteController($front, 'rest/podcast/:id/episodes', array( @@ -38,7 +48,6 @@ class Rest_Bootstrap extends Zend_Application_Module_Bootstrap ); $router->addRoute('podcast-episodes', $route); - /** MediaController Routes **/ $downloadRoute = new Zend_Controller_Router_Route( 'rest/media/:id/download', diff --git a/airtime_mvc/application/modules/rest/controllers/PodcastController.php b/airtime_mvc/application/modules/rest/controllers/PodcastController.php index 2f54d537d..86aa767ae 100644 --- a/airtime_mvc/application/modules/rest/controllers/PodcastController.php +++ b/airtime_mvc/application/modules/rest/controllers/PodcastController.php @@ -8,6 +8,7 @@ class Rest_PodcastController extends Zend_Rest_Controller // Remove reliance on .phtml files to render requests $this->_helper->viewRenderer->setNoRender(true); + $this->view->setScriptPath(APPLICATION_PATH . 'views/scripts/'); } public function indexAction() @@ -73,12 +74,23 @@ class Rest_PodcastController extends Zend_Rest_Controller } try { - $requestData = json_decode($this->getRequest()->getRawBody(), true); + // $requestData = json_decode($this->getRequest()->getRawBody(), true); + $requestData = $this->getRequest()->getPost(); $podcast = Podcast::create($requestData); - $this->getResponse() - ->setHttpResponseCode(201) - ->appendBody(json_encode($podcast)); + $path = 'podcast/podcast.phtml'; + $this->view->podcast = $podcast; + $this->_helper->json->sendJson(array( + "podcast"=>json_encode($podcast), + "html"=>$this->view->render($path), + "type"=>"podcast", // TODO: get rid of these extraneous fields + "id"=>$podcast["id"] + // "id"=>$podcast->getDbId() + )); + + // $this->getResponse() + // ->setHttpResponseCode(201) + // ->appendBody(json_encode($podcast)); } catch (PodcastLimitReachedException $e) { $this->getResponse() @@ -145,6 +157,46 @@ class Rest_PodcastController extends Zend_Rest_Controller } } + /** + * Endpoint for performing bulk actions (deleting multiple podcasts, opening multiple editors) + */ + public function bulkAction() { + if ($this->_request->getMethod() != "POST") { + $this->getResponse() + ->setHttpResponseCode(405) + ->appendBody("ERROR: Method not accepted"); + return; + } + + $ids = $this->_getParam('ids', []); + $method = $this->_getParam('method', 'GET'); + $path = 'podcast/podcast.phtml'; + $responseBody = []; + + switch($method) { + case "DELETE": + foreach($ids as $id) { + Podcast::deleteById($id); + $responseBody = "Success"; // TODO + } + break; + case "GET": + foreach($ids as $id) { + $podcast = Podcast::getPodcastById($id); + $responseBody[] = array( + "podcast"=>json_encode($podcast), + "html"=>$this->view->render($path), + "type"=>"podcast", // TODO: get rid of these extraneous fields + "id"=>$podcast["id"] + // "id"=>$podcast->getDbId() + ); + } + break; + } + + $this->_helper->json->sendJson($responseBody); + } + private function getId() { if (!$id = $this->_getParam('id', false)) { diff --git a/airtime_mvc/application/views/scripts/podcast/podcast.phtml b/airtime_mvc/application/views/scripts/podcast/podcast.phtml new file mode 100644 index 000000000..eb95e5987 --- /dev/null +++ b/airtime_mvc/application/views/scripts/podcast/podcast.phtml @@ -0,0 +1,34 @@ +
+
+

+ "" +

+
+
+ + + +
+ +
+ +
+
+ +
+
+ +
+ +
+
\ No newline at end of file