koda 0.0.8

data/lib/models/user_context.rb

@@ -0,0 +1,19 @@
+class UserContext
+    
+  def self.user_bag
+    @@user_bag
+  end  
+  
+  def self.user_bag=(value)
+    @@user_bag = value
+  end
+    
+  def self.current_user
+    @@user_bag['koda_user']
+  end
+  
+  def self.current_user=(value)
+    @@user_bag['koda_user'] = value
+  end
+  
+end

data/lib/routes/koda_api.rb

@@ -0,0 +1,392 @@
+get '/koda/*' do
+  response['Allow'] = 'GET'
+  path = File.dirname(__FILE__) + '/../../public' + request.path
+  response['Content-Type'] = 'text/css' if path =~ /.css$/
+  response['Content-Type'] = 'text/javascript' if path =~ /.js$/
+  response['Content-Type'] = 'image/jpeg' if path =~ /.jpg$/
+  response['Content-Type'] = 'image/png' if path =~ /.png$/
+  response['Content-Type'] = 'image/gif' if path =~ /.gif/
+  response['Content-Type'] = 'text/html' if path =~ /.html/
+  File.open(path, 'rb') {|f| f.read}
+end
+
+get '/api' do
+  if(logged_in?) 
+    content_type :json, 'kodameta' => 'list'
+    JSONP @db_wrapper.collection_links current_user
+  else
+    status 405
+  end
+end
+
+get '/api/' do
+  if(logged_in?) 
+    content_type :json, 'kodameta' => 'list'
+    JSONP @db_wrapper.collection_links current_user
+  else
+    status 405
+  end
+end
+
+put '/api' do
+  status 405
+  response['Allow'] = 'GET'
+end
+
+post '/api' do
+  response['Allow'] = 'GET'
+  status 405
+end
+
+delete '/api' do
+  response['Allow'] = 'GET'
+  status 405
+end
+
+options '/api' do
+  response['Allow'] = 'GET'
+end
+
+put '/api' do
+  status 405
+  response['Allow'] = 'GET,POST'
+end
+
+get '/session/current_user' do
+  if(logged_in?) 
+    JSONP current_user
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+end
+
+#
+# Media
+#
+get '/api/_koda_media/?' do
+  content_type :json, 'kodameta' => 'list'
+  media = @grid_wrapper.media_links.to_json
+end
+
+post '/api/_koda_media/?' do  
+
+  if(logged_in?) 
+    media = MongoMedia.new request, params
+    file_name = @grid_wrapper.save_media media
+
+    new_location = '/content/media/' + file_name
+    response['Location'] = new_location
+    status 200
+    result = {
+      'success' => 'true',
+      'location' => new_location,
+    }
+    body result.to_json
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+
+end
+
+delete '/api/_koda_media/?' do
+  response['Allow'] = 'GET,POST'
+  status 405
+end
+
+options '/api/_koda_media/?' do
+  response['Allow'] = 'GET,POST'
+end
+
+get '/content/media/:filename' do
+  media = @grid_wrapper.get_media params[:filename]
+
+  if (media == nil)
+    halt 404
+  end
+
+  last_modified(media.last_updated)  
+
+  content_type media.content_type
+  body media.body  
+end
+
+get '/api/_koda_media/:filename' do
+  media = @grid_wrapper.get_media params[:filename]
+
+  if (media == nil)
+    halt 404
+  end
+
+  last_modified(media.last_updated)  
+
+  content_type media.content_type
+  body media.body  
+end
+
+put '/api/_koda_media/:filename?' do
+
+  if(logged_in?) 
+    media = MongoMedia.new request, params
+    file_name = @grid_wrapper.save_media(media, params[:filename])
+
+    new_location = '/api/_koda_media/' + file_name
+
+    response['Location'] = new_location
+    status 200
+    result = {
+      'success' => 'true',
+      'location' => new_location,
+    }
+    body result.to_json
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+
+end
+
+post '/api/_koda_media/:filename?' do
+  response['Allow'] = 'GET,PUT,DELETE'
+  status 405
+end
+
+delete '/api/_koda_media/:filename?' do
+  if(logged_in?) 
+    @grid_wrapper.delete_media(params[:filename])
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+end
+
+options '/api/_koda_media/:filename' do
+  media = @grid_wrapper.get_media params[:filename]
+
+  if (media == nil)
+    response['Allow'] = 'PUT'
+    return
+  end
+
+  response['Allow'] = 'GET,PUT,DELETE'
+end
+
+#
+# Content
+#
+
+get '/content?' do
+  content_type :json, 'kodameta' => 'list'
+  JSONP @db_wrapper.content_collection_links
+end
+
+get '/content/?' do
+  content_type :json, 'kodameta' => 'list'
+  JSONP @db_wrapper.content_collection_links
+end
+
+get '/content/search/?' do 
+  content_type :json, 'kodameta' => 'list'    
+  JSONP create_content
+end
+
+get '/content/search/:collection/?' do 
+  content_type :json, 'kodameta' => 'list'  
+  collection_name = params[:collection]
+  JSONP @db_wrapper.search params,collection_name
+end
+
+get '/content/:collection/?' do
+  content_type :json, 'kodameta' => 'list'
+  collection_name = params[:collection]
+  
+  sort = [['datecreated', Mongo::DESCENDING]]
+  
+  if(is_public_read? collection_name)
+    halt 404 if not @db_wrapper.contains_collection(collection_name)  
+    JSONP @db_wrapper.collection(collection_name).content_links(params[:take], params[:skip], sort)
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+  
+end
+
+get '/content/:collection/:resource?' do
+  
+  collection_name = params[:collection]
+  doc_ref = params[:resource]
+  
+  if(is_public_read? collection_name)
+    should_include = params[:include] != 'false'
+
+    doc = @db_wrapper.collection(collection_name).find_document(doc_ref)
+    halt 404 if doc==nil
+    last_modified(doc.last_modified)
+  
+    fetch_linked_docs doc if should_include
+
+    JSONP doc.stripped_document
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+
+end
+
+#
+#  Collections
+#
+
+get '/api/:collection/?' do
+  collection_name = params[:collection]
+  
+  if(is_allowed? :read, collection_name)
+    
+    halt 404 if not @db_wrapper.contains_collection(collection_name)  
+    content_type :json, 'kodameta' => 'list'  
+    
+    sort = [['datecreated', Mongo::DESCENDING]]
+    
+    if(is_admin?)
+      JSONP @db_wrapper.collection(collection_name).resource_links(params[:take], params[:skip], sort)
+    else
+      JSONP @db_wrapper.collection(collection_name).resource_links_no_hidden(params[:take], params[:skip], sort)
+    end
+
+  else
+    status 405
+  end
+end
+
+post '/api/:collection/?' do
+  collection_name = params[:collection]
+  
+  if(is_allowed? :write , collection_name)
+      raw_doc = request.env["rack.input"].read
+      hash = JSON.parse raw_doc
+      new_doc = @db_wrapper.collection(collection_name).save_document(hash)
+      refresh_cache
+      response['Location'] = new_doc.url
+      status 201
+      result = {
+        'success' => 'true',
+        'location' => new_doc.url
+      }
+      body new_doc.url
+    else
+      response['Allow'] = 'GET'
+      status 405
+    end
+end
+
+put '/api/:collection/?' do
+  status 405
+  response['Allow'] = 'GET,POST,DELETE'
+end  
+
+delete '/api/:collection/?' do
+  collection_name = params[:collection]
+  
+  if(is_allowed? :modify, collection_name)
+    @db_wrapper.collection(collection_name).delete()
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+end
+
+options '/api/:collection/?' do
+  halt 404 if not @db_wrapper.contains_collection(params[:collection])  
+  response['Allow'] = 'GET,POST,DELETE'
+end
+
+#
+#  Resources
+#
+
+get '/api/:collection/:resource?' do
+  collection_name = params[:collection]
+  
+  if(is_allowed? :read, collection_name)
+    doc_ref = params[:resource]
+    should_include = params[:include] != 'false'
+
+    doc = @db_wrapper.collection(collection_name).find_document(doc_ref)
+    halt 404 if doc==nil
+    last_modified(doc.last_modified)
+
+    fetch_linked_docs doc if should_include
+
+    JSONP doc.standardised_document
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+end
+
+post '/api/:collection/:resource' do
+  status 405
+end
+
+put '/api/:collection/:resource' do
+  collection_name = params[:collection]
+  
+  if(is_allowed? :write, collection_name)
+    resource_name = params[:resource]
+    hash = JSON.parse request.env["rack.input"].read
+  
+    if(hash['linked_documents'] != nil)
+      hash.delete 'linked_documents'
+    end
+
+    doc = @db_wrapper.collection(collection_name).save_document(hash, resource_name)  
+    
+    refresh_cache
+        
+    status 201 if doc.is_new
+
+    response['Location'] = doc.url
+
+    body doc.url
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+end
+
+delete '/api/:collection/:resource' do
+  collection_name = params[:collection]
+
+  if(is_allowed? :modify,collection_name)
+    @db_wrapper.collection(collection_name).delete_document(params[:resource])  
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+end
+
+options '/api/:collection/:resource' do
+  collection_name = params[:collection]
+  
+  if(is_allowed? :read, collection_name)
+      doc_ref = params[:resource]
+
+      doc = @db_wrapper.collection(collection_name).find_document(doc_ref)
+
+      if (doc==nil)
+        response['Allow'] = 'PUT'
+        return
+      end
+
+      response['Allow'] = 'GET,PUT,DELETE'
+  else
+    response['Allow'] = 'GET'
+    status 405
+  end
+end
+
+
+options '*' do
+end

data/lib/routes/koda_site.rb

@@ -0,0 +1,57 @@
+#
+# MODIFY THESE IF YOU WANT A DIFFERENT LOGIN STRATEGY
+#
+get '/console' do
+  if(logged_in?)
+    if(is_allowed_in_console?)
+      show_system :console
+    else
+     redirect  "/access-denied-console"
+    end
+  else
+    session['return_url'] = '/console'
+    redirect '/sign-in'
+  end
+end
+
+get '/explorer' do
+  if(logged_in?)
+    if(is_allowed_in_explorer?)
+      show_system :explorer
+    else
+      redirect "/access-denied-explorer"
+    end
+  else
+    session['return_url'] = '/explorer'
+    redirect '/sign-in'
+  end
+end
+
+get "/sign-in" do
+  show_system :login
+end
+
+get "/sign-out" do
+  log_out
+  redirect '/'
+end
+
+get "/access-denied-console" do
+  @title = "Access denied"
+  @message = 'You need to be an administrator to access the console.'
+  show_system :not_allowed
+end
+
+get "/access-denied-explorer" do
+  @title = "Access denied"
+  @message = 'If you have just registered, you will be able to gain access as soon as an administrator approves you.'
+  show_system :not_allowed
+end
+
+post "/signed-in" do
+  if @uap.authenticate(params[:token])
+    redirect session['return_url']
+  else
+    redirect "/sign-in"
+  end
+end