Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
As the title says - previously you could have options on each and every resource method. This was removed when ctools ui was introduced. I've tried to bring back parts of it - the UI works, but I don't think anything is saved correctly :/
Any help on finishing this patch would be appreciated.
Comments
Comment #1
voxpelli CreditAttribution: voxpelli commentedComment #2
voxpelli CreditAttribution: voxpelli commentedThis should probably be a major as it's a pretty serious regression? The usefulness of the Services OAuth module is very limited without this - if it at all works like expected.
Comment #3
kylebrowning CreditAttribution: kylebrowning commentedActually I'm not so sure this is true. You now set controller settings via the authentication tab.
I tested this with oath and it worked as expected
Comment #4
voxpelli CreditAttribution: voxpelli commentedYou can set resource level authentication in the authentication tab now? You couldn't before and I'm not very sure that it would be wise to duplicate the entire list of resources in the authentication tab.
Also - I must insist on the priority of this - it severely hampers the usefulness of the OAuth module (and other advanced authentication modules).
Comment #5
kylebrowning CreditAttribution: kylebrowning commentedCan you refer me to the code where it WAS working that way?
I went through all the way back to last Summer(July 1st) and scoured through the code to find a working version of this. I know you mentioned it was before the Resource UI switch, but I havnt been able to see this.
The patch that you posted seems to add a CONTROLLER SETTINGS to each endpoint. If you look at services_oauth the controller settings refer to this
So, your adding settings to every single method about whether it should be authorized or not? Thats what confused and made me think that that code should be on the Authroization settings tab, not per resource method.
I could be wrong and am happy to get this in before the next RC, i just need to know what specifically it is that is needed by services_oauth.
Can you help me help you?
Comment #6
voxpelli CreditAttribution: voxpelli commentedit was broken when you rewrote the UI to use CTools' Export UI - so any version before that should work (at least on D6 - if it doesn't on D7 then something else has been broken there in either OAuth.module or Services.module)
Use of the authentication modules 'controller_settings' has at least been around since march this year at least: http://drupalcode.org/project/services.git/blob/b8ec687d0874599f76402b4a...
I don't really care where's it is added - but the authentication mechanisms need the 'controller_settings' option since different Services resources and methods may require different access levels. You don't want to give write access to everyone who only needs read access - eg. Twitter has three levels and others has even more.
Seems easier to add it to the existing list of resources and methods instead of having to duplicate that list. If I remember correctly my patch adds the UI elements (to show how this can be solved), but doesn't deal with fixing the data of the changed structure.
Comment #7
kylebrowning CreditAttribution: kylebrowning commentedOk heres an updated patch that brings the functionality full circle and fixes the settings for services oauth.
I have no idea if services authenticated call is working, but that to me is a separate bug/patch.
The reason you see changes to the services_oauth.inc is because I wanted to prove the settings save and show per endpoint.
Comment #8
kylebrowning CreditAttribution: kylebrowning commentedComment #9
kylebrowning CreditAttribution: kylebrowning commentedDoesn't apply, but this is pretty major for oauth to work
Comment #10
kylebrowning CreditAttribution: kylebrowning commentedComment #11
kylebrowning CreditAttribution: kylebrowning commentedHeres an updated version of this that i THINK fully covers the scope of this task.
Please review
Comment #12
ygerasimov CreditAttribution: ygerasimov commentedI can't apply the patch. Also some trailing spaces have been added.
Comment #13
kylebrowning CreditAttribution: kylebrowning commentedForgive me this patch is for 6.x right now as oAuth really only works in 6.x
Comment #14
kylebrowning CreditAttribution: kylebrowning commented#11: 0001-Rich-settings-per-endpoint.patch queued for re-testing.
Comment #15
kylebrowning CreditAttribution: kylebrowning commentedupdated patch.
Comment #16
ksenzeeThe default values for the resources form don't seem to be loading correctly. When I hit admin/build/services/list//resources, none of the checkboxes are checked. If I make changes to the form and hit Save, none of my changes are reflected when the page reloads.
Comment #17
kylebrowning CreditAttribution: kylebrowning commentedOk ill spend a bit more time on this later, anyone else who wants to join in feel free.
Comment #18
teunis CreditAttribution: teunis commentedI'm not entirely sure what it's supposed to do, but I've folded some of the old form into services/authentication form on http://drupal.org/node/1336974#comment-5260612
So, pardon me for being out of the loop - but what is the intent with the above? (I'll gladly help if I understood what it's supposed to do)
Comment #19
kylebrowning CreditAttribution: kylebrowning commentedBasically, it adds rich settings/options to each Resource Method on the REsources page and allows other mothers like oauth to hook into these.
Comment #20
kylebrowning CreditAttribution: kylebrowning commentedOk boys heres a newly updating patch. AGain this does NOT actually work, it just adds the forms back in.
Comment #21
kylebrowning CreditAttribution: kylebrowning commentedComment #22
kylebrowning CreditAttribution: kylebrowning commentedComment #23
kylebrowning CreditAttribution: kylebrowning commentedOk heres a new patch.
This should fix everything and bring it home. Services_oauth still needs work but thats a separate issue.
Comment #24
marcingy CreditAttribution: marcingy commentedThis is just a code review not an actual test...
The $classes array is not actually used and wondering if this easier to read
This can also be simplified
to
Extra line that is not needed
Comment #25
marcingy CreditAttribution: marcingy commentedComment #26
ygerasimov CreditAttribution: ygerasimov commentedHere is simply rerolled patch of #23. I hold on my testing until Hugo finishes refactoring.
Comment #27
Hugo Wetterberg CreditAttribution: Hugo Wetterberg commentedI've kicked off a feature branch instead of doing all this incessant re-rolling: http://drupalcode.org/project/services.git/shortlog/refs/heads/feature/r...
Comment #28
Hugo Wetterberg CreditAttribution: Hugo Wetterberg commentedThe current state of feature/rich-options-for-resources. Changing component from "User interface" to "Code" as the scope has changed a bit, one could argue that (re)adding configuration options to controllers was beyond the scope of "User interface" to begin with. Instead of normalizing the resource definitions on the fly for the admin the resource definition format has been updated to be consistent both with the endpoint format and between all operation classes.
http://drupalcode.org/project/services.git/commit/70916426aafca7fcf52f6b...
Comment #29
kylebrowning CreditAttribution: kylebrowning commentedheres an updated patch.
Comment #30
kylebrowning CreditAttribution: kylebrowning commentedComment #31
kylebrowning CreditAttribution: kylebrowning commentedComment #32
kylebrowning CreditAttribution: kylebrowning commentedRe-queue testing.
Comment #34
kylebrowning CreditAttribution: kylebrowning commentedLets try this one DRUPAL!
Comment #36
kylebrowning CreditAttribution: kylebrowning commentedAlrighty trying this one more time.
Comment #37
kylebrowning CreditAttribution: kylebrowning commentedComment #38
cotto CreditAttribution: cotto commentedAs part of the backport to 6.x-3.x (which is in progress), I'd like to change '#api_version' to remove the octothorpe. It's the only key in the resource array that has a leading octothorpe, and I don't see any reason for the inconsistency. Since there hasn't been a release with this patch, hopefully this change can happen without breaking anything important.
Comment #39
Hugo Wetterberg CreditAttribution: Hugo Wetterberg commentedDo not mistake the recent #-purge in services for a ban on hash signs. The old hashes were removed because they didn't have any function, they were simply there because the services API mimicked the menu API. The hash you want to remove now does, however, have a semantic function. It separates the attribute api_version from its siblings that are arbitrarily named elemements representing resources. Without the hash sign we would have to add the restriction that resources cannot be named api_version; or we'd have to add another level to our data structure where resources are nested under a "resources" element. The first solution lacks elegance and is potentially backwards incompatible. The second solution would be hard to make backwards compatible and really qualifies as an ugly structure in my eyes.
So, keep the semantic meaning of the # in mind: it separates the attributes of an element from its child elements. If there's no need for such a separation we shouldn't go around adding hashes willy nilly (as was previously done). Neither should you reflexively remove hashes when you encounter them, as some kind of coding style review.
Comment #40
kylebrowning CreditAttribution: kylebrowning commentedhere you go, a 6.x version.
Comment #41
kylebrowning CreditAttribution: kylebrowning commentedComment #42
ygerasimov CreditAttribution: ygerasimov commentedWow! Thanks Kyle!
Comment #43
kylebrowning CreditAttribution: kylebrowning commentedyeah big patches, now to get versions in core so we can start making changes to resources!
Comment #45
bojanz CreditAttribution: bojanz commentedUnfortunately, the code doesn't work, resource options aren't passed to the authenticate_call callback. You only get the general, endpoint settings.
You can easily confirm this with the current OAuth integration, set "authorization" to "" and "credentials" to "token" in the endpoint settings.
Then, for the current resource, set "authorization" to "basic" (or some other authorization level) and "credentials" to "consumer".
In the authenticate_call (_services_oauth_authenticate_call), you will only get access to the endpoint settings.
I tried to patch this, but couldn't find a clean way of fetching what I need from the $endpoint object in _services_authenticate_user().
Comment #46
bojanz CreditAttribution: bojanz commentedHere's a patch.
Comment #48
bojanz CreditAttribution: bojanz commentedRerolled.
Ignore it, it's broken.
Comment #50
Anonymous (not verified) CreditAttribution: Anonymous commentedI've re-rolled this patch, and it seems to apply to the current dev.
Please can someone check this through? It should work with both Services OAuth and OAuth2 Server.
Comment #51
Anonymous (not verified) CreditAttribution: Anonymous commentedThere was an error with the last patch, it was not checking to see if operation-specific settings had been applied to the resource and caused test failures.
This one should pass all tests.
Comment #52
zhangx1a0 CreditAttribution: zhangx1a0 commentedworks for me - thanks!
Comment #53
kylebrowning CreditAttribution: kylebrowning commentedComment #54
kylebrowning CreditAttribution: kylebrowning commentedComment #55
kylebrowning CreditAttribution: kylebrowning commentedRE-upload of patch.
Comment #57
Jaypan CreditAttribution: Jaypan commentedIs this patch safe to use? It's not passing testing.
Comment #58
Jaypan CreditAttribution: Jaypan commented55: fix_controller_settings-1154420-51.patch queued for re-testing.
Comment #59
bojanz CreditAttribution: bojanz commentedWe have it in production.
Comment #61
dashohoxha CreditAttribution: dashohoxha commentedI am using this patch (https://drupal.org/node/1154420#comment-7842205) and it works very well. Damn the automatic testers, they are not always right, sometimes they may need to be fixed themselves. I think that this patch should be applied.
Comment #62
dashohoxha CreditAttribution: dashohoxha commentedComment #63
kylebrowning CreditAttribution: kylebrowning commentedThese two errors fail locally with the exact same result as the test bot.
Comment #64
dashohoxha CreditAttribution: dashohoxha commentedHow come that I have applied the patch and everything seems to work fine?
I did not blame the bot, I blamed the tests that are giving these errors.
Comment #65
kylebrowning CreditAttribution: kylebrowning commentedYou can login, and log out again, using standard session authentication? Thats what appears to be breaking in the bot.
Comment #66
dashohoxha CreditAttribution: dashohoxha commentedFirst, I have applied the patch against the latest stable version (7.x-3.5), this issue is filed against the 7.x-3.x-dev.
Second, I am using this module (services) to define my own (custom) web resources. I neither need nor use the 'user' resource. For that matter, I don't need or use the other predefined resources as well. So, as far as I am concerned, it is not a problem for me if 'user/logout' resource does not work.
In my opinion, predefined resources should belong to a separate, optional module, because not everybody needs them.
Comment #67
kylebrowning CreditAttribution: kylebrowning commentedWe have a ticket for that. but just because it doesn't break for you doesn't mean it works.
Give us time to make sure it all works before we just commit it.
Ill try and figurer out whats going on tomorrow.
Comment #68
dashohoxha CreditAttribution: dashohoxha commentedThere is no hurry, I am using it as a patch. But just it should not be pending forever.
Comment #69
marcingy CreditAttribution: marcingy commented@dashohoxha if you want this patch committing help fix the test because unless the tests are fixed the patch will never be committed :( And even if the resources were in a module this would still be the case.
Comment #70
dashohoxha CreditAttribution: dashohoxha commented@marcingly I am not a maintainer of 'services', I am not a maintainer of 'oauth2_server', I am not the author of the patch, why is it me that should fix the tests? It would take me too much time and I have already spent too much time to fix modules that do not work. I tried to help by giving my testimony that I am using it and in my experience everything is working well. Did you try to use this patch and did it create any problems for you?
So, I find your challenge unjust and dishonest. I may try to fix the tests, but not before you give up being a maintainer of 'services'.
Comment #71
kylebrowning CreditAttribution: kylebrowning commenteddashohoxha, Im already working on it, but it very well may be that the tests are accurate.
Lets move the topic of conversation back to the patch and fixes, rather who should fix what.
I appreciate any time and input you have going forward dashohoxha
Comment #72
kylebrowning CreditAttribution: kylebrowning commentedHeres an updated patch, I hope everyone who's uses it can test as I had to add an if(is array())
There error in question when using regular services authentication is....
<b>Fatal error</b>: Unsupported operand types in <b>/Users/kyle.browning/Sites/d7/sites/all/modules/services/includes/services.runtime.inc</b> on line <b>418</b><br />
This patch address that, and all tests seem to pass now.
Can we verify the settings still work?
Comment #73
dashohoxha CreditAttribution: dashohoxha commentedkylebrowning, thanks for fixing it and for your constructive comments.
I have applied the latest patch to 7.x-3.5 and so far everything seems OK.
I think that a positive review from bojanz will definitely validate it, since I don't really understand what this patch does. I am just interested in using services with oauth2_server. Thanks again for being responsive.
Comment #74
kylebrowning CreditAttribution: kylebrowning commentedComment #75
garphy CreditAttribution: garphy commentedCommit Reference: http://drupalcode.org/project/services.git/commit/7b85300aea5dafe82b03ba...
Comment #76
bojanz CreditAttribution: bojanz commentedThanks kylebrowning, works nicely.