/**
* ============ json array ===================
* @Given /^the response contains (\[[^]]*\])$/
*
* ============ json object ==================
* @Given /^the response contains (\{(?>[^\{\}]+|(?1))*\})$/
*
* ============ json string ==================
* @Given /^the response contains ("[^"]*")$/
*
* ============ json int =====================
* @Given /^the response contains ([-+]?[0-9]*\.?[0-9]+)$/
*
* ============ json null or boolean =========
* @Given /^the response contains (null|true|false)$/
*/
public function theResponseContains($response)
{
$data = json_encode($this->_data);
if (!String::contains($data, $response)) {
throw new Exception("Response value does not contain '{$response}' only\n\n" . $this->echoLastResponse());
}
}
/**
* Get the type and associated model
*
* @param ReflectionClass $class
* @param array $scope
*
* @throws RestException
* @throws \Exception
* @return array
*
* @access protected
*/
protected static function getTypeAndModel(ReflectionClass $class, array $scope)
{
$className = $class->getName();
if (isset(static::$models[$className])) {
return static::$models[$className];
}
$children = array();
try {
$props = $class->getProperties(ReflectionProperty::IS_PUBLIC);
foreach ($props as $prop) {
$name = $prop->getName();
$child = array('name' => $name);
if ($c = $prop->getDocComment()) {
$child += Util::nestedValue(CommentParser::parse($c), 'var') ?: [];
} else {
$o = $class->newInstance();
$p = $prop->getValue($o);
if (is_object($p)) {
$child['type'] = get_class($p);
} elseif (is_array($p)) {
$child['type'] = 'array';
if (count($p)) {
$pc = reset($p);
if (is_object($pc)) {
$child['contentType'] = get_class($pc);
}
}
}
}
$child += array('type' => $child['name'] == 'email' ? 'email' : 'string', 'label' => static::label($child['name']));
isset($child[CommentParser::$embeddedDataName]) ? $child[CommentParser::$embeddedDataName] += array('required' => true) : ($child[CommentParser::$embeddedDataName]['required'] = true);
if ($qualified = Scope::resolve($child['type'], $scope)) {
list($child['type'], $child['children']) = static::getTypeAndModel(new ReflectionClass($qualified), $scope);
} elseif (($contentType = Util::nestedValue($child, CommentParser::$embeddedDataName, 'type')) && ($qualified = Scope::resolve($contentType, $scope))) {
list($child['contentType'], $child['children']) = static::getTypeAndModel(new ReflectionClass($qualified), $scope);
}
$children[$name] = $child;
}
} catch (Exception $e) {
if (String::endsWith($e->getFile(), 'CommentParser.php')) {
throw new RestException(500, "Error while parsing comments of `{$className}` class. " . $e->getMessage());
}
throw $e;
}
static::$models[$className] = array($className, $children);
return static::$models[$className];
}
protected function _mapResources(array $allRoutes, array &$map, $version = 1)
{
foreach ($allRoutes as $fullPath => $routes) {
$path = explode('/', $fullPath);
$resource = isset($path[0]) ? $path[0] : '';
if ($resource == 'resources' || String::endsWith($resource, 'index')) {
continue;
}
foreach ($routes as $httpMethod => $route) {
if (in_array($httpMethod, static::$excludedHttpMethods)) {
continue;
}
if (!static::verifyAccess($route)) {
continue;
}
foreach (static::$excludedPaths as $exclude) {
if (empty($exclude)) {
if ($fullPath == $exclude) {
continue 2;
}
} elseif (String::beginsWith($fullPath, $exclude)) {
continue 2;
}
}
$res = $resource ? $version == 1 ? "/resources/{$resource}" : "/v{$version}/resources/{$resource}-v{$version}" : ($version == 1 ? "/resources/root" : "/v{$version}/resources/root-v{$version}");
if (empty($map[$res])) {
$map[$res] = isset($route['metadata']['classDescription']) ? $route['metadata']['classDescription'] : '';
}
}
}
}
/**
* Access verification method.
*
* API access will be denied when this method returns false
*
* @return boolean true when api access is allowed false otherwise
*
* @throws RestException 403 security violation
*/
public function __isAllowed()
{
if (session_id() == '') {
session_start();
}
/** @var Restler $restler */
$restler = $this->restler;
$url = $restler->url;
foreach (static::$excludedPaths as $exclude) {
if (empty($exclude)) {
if ($url == $exclude) {
return true;
}
} elseif (String::beginsWith($url, $exclude)) {
return true;
}
}
$check = static::$filterFormRequestsOnly ? $restler->requestFormat instanceof UrlEncodedFormat || $restler->requestFormat instanceof UploadFormat : true;
if (!empty($_POST) && $check) {
if (isset($_POST[static::FORM_KEY]) && ($target = Util::getRequestMethod() . ' ' . $restler->url) && isset($_SESSION[static::FORM_KEY][$target]) && $_POST[static::FORM_KEY] == $_SESSION[static::FORM_KEY][$target]) {
return true;
}
throw new RestException(403, 'Insecure form submission');
}
return true;
}
