init

vendor/yiisoft/yii2/rest/ActiveController.php

@@ -0,0 +1,137 @@
+<?php
+/**
+ * @link http://www.yiiframework.com/
+ * @copyright Copyright (c) 2008 Yii Software LLC
+ * @license http://www.yiiframework.com/license/
+ */
+
+namespace yii\rest;
+
+use yii\base\InvalidConfigException;
+use yii\base\Model;
+use yii\web\ForbiddenHttpException;
+
+/**
+ * ActiveController implements a common set of actions for supporting RESTful access to ActiveRecord.
+ *
+ * The class of the ActiveRecord should be specified via [[modelClass]], which must implement [[\yii\db\ActiveRecordInterface]].
+ * By default, the following actions are supported:
+ *
+ * - `index`: list of models
+ * - `view`: return the details of a model
+ * - `create`: create a new model
+ * - `update`: update an existing model
+ * - `delete`: delete an existing model
+ * - `options`: return the allowed HTTP methods
+ *
+ * You may disable some of these actions by overriding [[actions()]] and unsetting the corresponding actions.
+ *
+ * To add a new action, either override [[actions()]] by appending a new action class or write a new action method.
+ * Make sure you also override [[verbs()]] to properly declare what HTTP methods are allowed by the new action.
+ *
+ * You should usually override [[checkAccess()]] to check whether the current user has the privilege to perform
+ * the specified action against the specified model.
+ *
+ * For more details and usage information on ActiveController, see the [guide article on rest controllers](guide:rest-controllers).
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @since 2.0
+ */
+class ActiveController extends Controller
+{
+    /**
+     * @var string the model class name. This property must be set.
+     */
+    public $modelClass;
+    /**
+     * @var string the scenario used for updating a model.
+     * @see \yii\base\Model::scenarios()
+     */
+    public $updateScenario = Model::SCENARIO_DEFAULT;
+    /**
+     * @var string the scenario used for creating a model.
+     * @see \yii\base\Model::scenarios()
+     */
+    public $createScenario = Model::SCENARIO_DEFAULT;
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public function init()
+    {
+        parent::init();
+        if ($this->modelClass === null) {
+            throw new InvalidConfigException('The "modelClass" property must be set.');
+        }
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function actions()
+    {
+        return [
+            'index' => [
+                'class' => 'yii\rest\IndexAction',
+                'modelClass' => $this->modelClass,
+                'checkAccess' => [$this, 'checkAccess'],
+            ],
+            'view' => [
+                'class' => 'yii\rest\ViewAction',
+                'modelClass' => $this->modelClass,
+                'checkAccess' => [$this, 'checkAccess'],
+            ],
+            'create' => [
+                'class' => 'yii\rest\CreateAction',
+                'modelClass' => $this->modelClass,
+                'checkAccess' => [$this, 'checkAccess'],
+                'scenario' => $this->createScenario,
+            ],
+            'update' => [
+                'class' => 'yii\rest\UpdateAction',
+                'modelClass' => $this->modelClass,
+                'checkAccess' => [$this, 'checkAccess'],
+                'scenario' => $this->updateScenario,
+            ],
+            'delete' => [
+                'class' => 'yii\rest\DeleteAction',
+                'modelClass' => $this->modelClass,
+                'checkAccess' => [$this, 'checkAccess'],
+            ],
+            'options' => [
+                'class' => 'yii\rest\OptionsAction',
+            ],
+        ];
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function verbs()
+    {
+        return [
+            'index' => ['GET', 'HEAD'],
+            'view' => ['GET', 'HEAD'],
+            'create' => ['POST'],
+            'update' => ['PUT', 'PATCH'],
+            'delete' => ['DELETE'],
+        ];
+    }
+
+    /**
+     * Checks the privilege of the current user.
+     *
+     * This method should be overridden to check whether the current user has the privilege
+     * to run the specified action against the specified data model.
+     * If the user does not have access, a [[ForbiddenHttpException]] should be thrown.
+     *
+     * @param string $action the ID of the action to be executed
+     * @param object $model the model to be accessed. If null, it means no specific model is being accessed.
+     * @param array $params additional parameters
+     * @throws ForbiddenHttpException if the user does not have access
+     */
+    public function checkAccess($action, $model = null, $params = [])
+    {
+    }
+}