1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
<?php
/**
* Zend Framework (http://framework.zend.com/)
*
* @link http://github.com/zendframework/zf2 for the canonical source repository
* @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
namespace Zend\Mvc\Controller;
use Zend\Http\Request as HttpRequest;
use Zend\Json\Json;
use Zend\Mvc\Exception;
use Zend\Mvc\MvcEvent;
use Zend\Stdlib\RequestInterface as Request;
use Zend\Stdlib\ResponseInterface as Response;
/**
* Abstract RESTful controller
*/
abstract class AbstractRestfulController extends AbstractController
{
const CONTENT_TYPE_JSON = 'json';
/**
* {@inheritDoc}
*/
protected $eventIdentifier = __CLASS__;
/**
* @var array
*/
protected $contentTypes = [
self::CONTENT_TYPE_JSON => [
'application/hal+json',
'application/json'
]
];
/**
* Name of request or query parameter containing identifier
*
* @var string
*/
protected $identifierName = 'id';
/**
* @var int From Zend\Json\Json
*/
protected $jsonDecodeType = Json::TYPE_ARRAY;
/**
* Map of custom HTTP methods and their handlers
*
* @var array
*/
protected $customHttpMethodsMap = [];
/**
* Set the route match/query parameter name containing the identifier
*
* @param string $name
* @return self
*/
public function setIdentifierName($name)
{
$this->identifierName = (string) $name;
return $this;
}
/**
* Retrieve the route match/query parameter name containing the identifier
*
* @return string
*/
public function getIdentifierName()
{
return $this->identifierName;
}
/**
* Create a new resource
*
* @param mixed $data
* @return mixed
*/
public function create($data)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Delete an existing resource
*
* @param mixed $id
* @return mixed
*/
public function delete($id)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Delete the entire resource collection
*
* Not marked as abstract, as that would introduce a BC break
* (introduced in 2.1.0); instead, raises an exception if not implemented.
*
* @return mixed
*/
public function deleteList($data)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Return single resource
*
* @param mixed $id
* @return mixed
*/
public function get($id)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Return list of resources
*
* @return mixed
*/
public function getList()
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Retrieve HEAD metadata for the resource
*
* Not marked as abstract, as that would introduce a BC break
* (introduced in 2.1.0); instead, raises an exception if not implemented.
*
* @param null|mixed $id
* @return mixed
*/
public function head($id = null)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Respond to the OPTIONS method
*
* Typically, set the Allow header with allowed HTTP methods, and
* return the response.
*
* Not marked as abstract, as that would introduce a BC break
* (introduced in 2.1.0); instead, raises an exception if not implemented.
*
* @return mixed
*/
public function options()
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Respond to the PATCH method
*
* Not marked as abstract, as that would introduce a BC break
* (introduced in 2.1.0); instead, raises an exception if not implemented.
*
* @param $id
* @param $data
* @return array
*/
public function patch($id, $data)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Replace an entire resource collection
*
* Not marked as abstract, as that would introduce a BC break
* (introduced in 2.1.0); instead, raises an exception if not implemented.
*
* @param mixed $data
* @return mixed
*/
public function replaceList($data)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Modify a resource collection without completely replacing it
*
* Not marked as abstract, as that would introduce a BC break
* (introduced in 2.2.0); instead, raises an exception if not implemented.
*
* @param mixed $data
* @return mixed
*/
public function patchList($data)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Update an existing resource
*
* @param mixed $id
* @param mixed $data
* @return mixed
*/
public function update($id, $data)
{
$this->response->setStatusCode(405);
return [
'content' => 'Method Not Allowed'
];
}
/**
* Basic functionality for when a page is not available
*
* @return array
*/
public function notFoundAction()
{
$this->response->setStatusCode(404);
return [
'content' => 'Page not found'
];
}
/**
* Dispatch a request
*
* If the route match includes an "action" key, then this acts basically like
* a standard action controller. Otherwise, it introspects the HTTP method
* to determine how to handle the request, and which method to delegate to.
*
* @events dispatch.pre, dispatch.post
* @param Request $request
* @param null|Response $response
* @return mixed|Response
* @throws Exception\InvalidArgumentException
*/
public function dispatch(Request $request, Response $response = null)
{
if (! $request instanceof HttpRequest) {
throw new Exception\InvalidArgumentException(
'Expected an HTTP request');
}
return parent::dispatch($request, $response);
}
/**
* Handle the request
*
* @todo try-catch in "patch" for patchList should be removed in the future
* @param MvcEvent $e
* @return mixed
* @throws Exception\DomainException if no route matches in event or invalid HTTP method
*/
public function onDispatch(MvcEvent $e)
{
$routeMatch = $e->getRouteMatch();
if (! $routeMatch) {
/**
* @todo Determine requirements for when route match is missing.
* Potentially allow pulling directly from request metadata?
*/
throw new Exception\DomainException(
'Missing route matches; unsure how to retrieve action');
}
$request = $e->getRequest();
// Was an "action" requested?
$action = $routeMatch->getParam('action', false);
if ($action) {
// Handle arbitrary methods, ending in Action
$method = static::getMethodFromAction($action);
if (! method_exists($this, $method)) {
$method = 'notFoundAction';
}
$return = $this->$method();
$e->setResult($return);
return $return;
}
// RESTful methods
$method = strtolower($request->getMethod());
switch ($method) {
// Custom HTTP methods (or custom overrides for standard methods)
case (isset($this->customHttpMethodsMap[$method])):
$callable = $this->customHttpMethodsMap[$method];
$action = $method;
$return = call_user_func($callable, $e);
break;
// DELETE
case 'delete':
$id = $this->getIdentifier($routeMatch, $request);
$data = $this->processBodyContent($request);
if ($id !== false) {
$action = 'delete';
$return = $this->delete($id);
break;
}
$action = 'deleteList';
$return = $this->deleteList($data);
break;
// GET
case 'get':
$id = $this->getIdentifier($routeMatch, $request);
if ($id !== false) {
$action = 'get';
$return = $this->get($id);
break;
}
$action = 'getList';
$return = $this->getList();
break;
// HEAD
case 'head':
$id = $this->getIdentifier($routeMatch, $request);
if ($id === false) {
$id = null;
}
$action = 'head';
$headResult = $this->head($id);
$response = ($headResult instanceof Response) ? clone $headResult : $e->getResponse();
$response->setContent('');
$return = $response;
break;
// OPTIONS
case 'options':
$action = 'options';
$this->options();
$return = $e->getResponse();
break;
// PATCH
case 'patch':
$id = $this->getIdentifier($routeMatch, $request);
$data = $this->processBodyContent($request);
if ($id !== false) {
$action = 'patch';
$return = $this->patch($id, $data);
break;
}
// TODO: This try-catch should be removed in the future, but it
// will create a BC break for pre-2.2.0 apps that expect a 405
// instead of going to patchList
try {
$action = 'patchList';
$return = $this->patchList($data);
} catch (Exception\RuntimeException $ex) {
$response = $e->getResponse();
$response->setStatusCode(405);
return $response;
}
break;
// POST
case 'post':
$action = 'create';
$return = $this->processPostData($request);
break;
// PUT
case 'put':
$id = $this->getIdentifier($routeMatch, $request);
$data = $this->processBodyContent($request);
if ($id !== false) {
$action = 'update';
$return = $this->update($id, $data);
break;
}
$action = 'replaceList';
$return = $this->replaceList($data);
break;
// All others...
default:
$response = $e->getResponse();
$response->setStatusCode(405);
return $response;
}
$routeMatch->setParam('action', $action);
$e->setResult($return);
return $return;
}
/**
* Process post data and call create
*
* @param Request $request
* @return mixed
*/
public function processPostData(Request $request)
{
if ($this->requestHasContentType($request, self::CONTENT_TYPE_JSON)) {
$data = Json::decode($request->getContent(), $this->jsonDecodeType);
} else {
$data = $request->getPost()->toArray();
}
return $this->create($data);
}
/**
* Check if request has certain content type
*
* @param Request $request
* @param string|null $contentType
* @return bool
*/
public function requestHasContentType(Request $request, $contentType = '')
{
/** @var $headerContentType \Zend\Http\Header\ContentType */
$headerContentType = $request->getHeaders()->get('content-type');
if (!$headerContentType) {
return false;
}
$requestedContentType = $headerContentType->getFieldValue();
if (strstr($requestedContentType, ';')) {
$headerData = explode(';', $requestedContentType);
$requestedContentType = array_shift($headerData);
}
$requestedContentType = trim($requestedContentType);
if (array_key_exists($contentType, $this->contentTypes)) {
foreach ($this->contentTypes[$contentType] as $contentTypeValue) {
if (stripos($contentTypeValue, $requestedContentType) === 0) {
return true;
}
}
}
return false;
}
/**
* Register a handler for a custom HTTP method
*
* This method allows you to handle arbitrary HTTP method types, mapping
* them to callables. Typically, these will be methods of the controller
* instance: e.g., array($this, 'foobar'). The typical place to register
* these is in your constructor.
*
* Additionally, as this map is checked prior to testing the standard HTTP
* methods, this is a way to override what methods will handle the standard
* HTTP methods. However, if you do this, you will have to retrieve the
* identifier and any request content manually.
*
* Callbacks will be passed the current MvcEvent instance.
*
* To retrieve the identifier, you can use "$id =
* $this->getIdentifier($routeMatch, $request)",
* passing the appropriate objects.
*
* To retrieve the body content data, use "$data = $this->processBodyContent($request)";
* that method will return a string, array, or, in the case of JSON, an object.
*
* @param string $method
* @param Callable $handler
* @return AbstractRestfulController
*/
public function addHttpMethodHandler($method, /* Callable */ $handler)
{
if (!is_callable($handler)) {
throw new Exception\InvalidArgumentException(sprintf(
'Invalid HTTP method handler: must be a callable; received "%s"',
(is_object($handler) ? get_class($handler) : gettype($handler))
));
}
$method = strtolower($method);
$this->customHttpMethodsMap[$method] = $handler;
return $this;
}
/**
* Retrieve the identifier, if any
*
* Attempts to see if an identifier was passed in either the URI or the
* query string, returning it if found. Otherwise, returns a boolean false.
*
* @param \Zend\Mvc\Router\RouteMatch $routeMatch
* @param Request $request
* @return false|mixed
*/
protected function getIdentifier($routeMatch, $request)
{
$identifier = $this->getIdentifierName();
$id = $routeMatch->getParam($identifier, false);
if ($id !== false) {
return $id;
}
$id = $request->getQuery()->get($identifier, false);
if ($id !== false) {
return $id;
}
return false;
}
/**
* Process the raw body content
*
* If the content-type indicates a JSON payload, the payload is immediately
* decoded and the data returned. Otherwise, the data is passed to
* parse_str(). If that function returns a single-member array with a empty
* value, the method assumes that we have non-urlencoded content and
* returns the raw content; otherwise, the array created is returned.
*
* @param mixed $request
* @return object|string|array
*/
protected function processBodyContent($request)
{
$content = $request->getContent();
// JSON content? decode and return it.
if ($this->requestHasContentType($request, self::CONTENT_TYPE_JSON)) {
return Json::decode($content, $this->jsonDecodeType);
}
parse_str($content, $parsedParams);
// If parse_str fails to decode, or we have a single element with empty value
if (!is_array($parsedParams) || empty($parsedParams)
|| (1 == count($parsedParams) && '' === reset($parsedParams))
) {
return $content;
}
return $parsedParams;
}
}