|
@@ -37,8 +37,9 @@ class API
|
37
|
37
|
'database'=>MySQL_CRUD_API_Config::$database,
|
38
|
38
|
// callbacks
|
39
|
39
|
'table_authorizer'=>function($action,$database,$table) { return true; },
|
40
|
|
- 'record_filter'=>function($action,$database,$table) { return ($table=='users'&&$action!='list')?array('id,eq,1'):false; },
|
41
|
40
|
'column_authorizer'=>function($action,$database,$table,$column) { return !($column=='password'&&$action=='list'); },
|
|
41
|
+ 'record_filter'=>function($action,$database,$table) { return ($table=='posts')?array('id,ne,13'):false; },
|
|
42
|
+ 'tenancy_function'=>function($action,$database,$table,$column) { return ($table=='users'&&$column=='id')?1:null; },
|
42
|
43
|
'input_sanitizer'=>function($action,$database,$table,$column,$type,$value) { return $value===null?null:strip_tags($value); },
|
43
|
44
|
'input_validator'=>function($action,$database,$table,$column,$type,$value,$context) { return ($column=='category_id' && !is_numeric($value))?'must be numeric':true; },
|
44
|
45
|
// for tests
|
|
@@ -305,14 +306,14 @@ class MySQL_CRUD_API_Test extends PHPUnit_Framework_TestCase
|
305
|
306
|
$test->expect(4+$i);
|
306
|
307
|
}
|
307
|
308
|
$test->get('/posts?page=2,2&order=id');
|
308
|
|
- $test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["5","1","1","#1"],["6","1","1","#2"]],"results":12}}');
|
|
309
|
+ $test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["5","1","1","#1"],["6","1","1","#2"]],"results":11}}');
|
309
|
310
|
}
|
310
|
311
|
|
311
|
312
|
public function testListWithPaginateLastPage()
|
312
|
313
|
{
|
313
|
314
|
$test = new API($this);
|
314
|
315
|
$test->get('/posts?page=3,5&order=id');
|
315
|
|
- $test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["13","1","1","#9"],["14","1","1","#10"]],"results":12}}');
|
|
316
|
+ $test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["14","1","1","#10"]],"results":11}}');
|
316
|
317
|
}
|
317
|
318
|
|
318
|
319
|
public function testListExampleFromReadme()
|
|
@@ -438,7 +439,7 @@ class MySQL_CRUD_API_Test extends PHPUnit_Framework_TestCase
|
438
|
439
|
{
|
439
|
440
|
$test = new API($this);
|
440
|
441
|
$test->get('/users,posts,tags');
|
441
|
|
- $test->expect('{"users":{"columns":["id","username"],"records":[["1","user1"],["2","user2"]]},"posts":{"relations":{"user_id":"users.id"},"columns":["id","user_id","category_id","content"],"records":[["1","1","1","blog started"],["2","1","2","\u20ac Hello world, \u039a\u03b1\u03bb\u03b7\u03bc\u1f73\u03c1\u03b1 \u03ba\u1f79\u03c3\u03bc\u03b5, \u30b3\u30f3\u30cb\u30c1\u30cf"],["5","1","1","#1"],["6","1","1","#2"],["7","1","1","#3"],["8","1","1","#4"],["9","1","1","#5"],["10","1","1","#6"],["11","1","1","#7"],["12","1","1","#8"],["13","1","1","#9"],["14","1","1","#10"]]},"post_tags":{"relations":{"post_id":"posts.id"},"columns":["id","post_id","tag_id"],"records":[["1","1","1"],["2","1","2"],["3","2","1"],["4","2","2"]]},"tags":{"relations":{"id":"post_tags.tag_id"},"columns":["id","name"],"records":[["1","funny"],["2","important"]]}}');
|
|
442
|
+ $test->expect('{"users":{"columns":["id","username"],"records":[["1","user1"]]},"posts":{"relations":{"user_id":"users.id"},"columns":["id","user_id","category_id","content"],"records":[["1","1","1","blog started"],["2","1","2","\u20ac Hello world, \u039a\u03b1\u03bb\u03b7\u03bc\u1f73\u03c1\u03b1 \u03ba\u1f79\u03c3\u03bc\u03b5, \u30b3\u30f3\u30cb\u30c1\u30cf"],["5","1","1","#1"],["6","1","1","#2"],["7","1","1","#3"],["8","1","1","#4"],["9","1","1","#5"],["10","1","1","#6"],["11","1","1","#7"],["12","1","1","#8"],["14","1","1","#10"]]},"post_tags":{"relations":{"post_id":"posts.id"},"columns":["id","post_id","tag_id"],"records":[["1","1","1"],["2","1","2"],["3","2","1"],["4","2","2"]]},"tags":{"relations":{"id":"post_tags.tag_id"},"columns":["id","name"],"records":[["1","funny"],["2","important"]]}}');
|
442
|
443
|
}
|
443
|
444
|
|
444
|
445
|
public function testEditUser()
|
|
@@ -448,6 +449,22 @@ class MySQL_CRUD_API_Test extends PHPUnit_Framework_TestCase
|
448
|
449
|
$test->expect('1');
|
449
|
450
|
}
|
450
|
451
|
|
|
452
|
+ public function testEditUserWithId()
|
|
453
|
+ {
|
|
454
|
+ $test = new API($this);
|
|
455
|
+ $test->put('/users/1','{"id":"2","password":"testtest2"}');
|
|
456
|
+ $test->expect('1');
|
|
457
|
+ $test->get('/users/1');
|
|
458
|
+ $test->expect('{"id":"1","username":"user1","password":"testtest2"}');
|
|
459
|
+ }
|
|
460
|
+
|
|
461
|
+ public function testReadOtherUser()
|
|
462
|
+ {
|
|
463
|
+ $test = new API($this);
|
|
464
|
+ $test->get('/users/2');
|
|
465
|
+ $test->expect(false,'Not found (object)');
|
|
466
|
+ }
|
|
467
|
+
|
451
|
468
|
public function testEditOtherUser()
|
452
|
469
|
{
|
453
|
470
|
$test = new API($this);
|