Committed Luke's Web service API (#241). Provides a simple API for adding a next action with a given description to a context:

int NewTodo(string username, string token, int context_id, string description) Thanks, Luke! git-svn-id: http://www.rousette.org.uk/svn/tracks-repos/trunk@210 a4c988fc-2ded-0310-b66e-134b36920a42
2025-12-16 23:30:12 +01:00 · 2006-03-29 07:17:38 +00:00 · 2006-03-29 07:17:38 +00:00 · 99851e1eab
commit 99851e1eab
parent 10ed289d28
3 changed files with 37 additions and 1 deletions
--- a/tracks/app/apis/todo_api.rb
+++ b/tracks/app/apis/todo_api.rb
@ -0,0 +1,5 @@
+class TodoApi < ActionWebService::API::Base
+  api_method :new_todo,
+             :expects => [{:username => :string}, {:token => :string}, {:context_id => :int}, {:description => :string}],
+             :returns => [:int]
+end
--- a/tracks/app/controllers/backend_controller.rb
+++ b/tracks/app/controllers/backend_controller.rb
@ -0,0 +1,31 @@
+class BackendController < ApplicationController
+  wsdl_service_name 'Backend'
+  web_service_api TodoApi
+  web_service_scaffold :invoke
+  
+  def new_todo(username, token, context_id, description)
+    if !check_token_against_user_word(username, token)
+      raise "invalid token"
+    end
+
+    item = @user.todos.build
+    item.description = description
+    item.context_id = context_id
+    item.save
+    raise item.errors.full_messages.to_s if item.new_record?
+    item.id
+  end
+  
+  protected
+
+    # Check whether the token in the URL matches the word in the User's table
+    def check_token_against_user_word(username, token)
+      @user = User.find_by_login( username )
+      unless ( token == @user.word)
+        render :text => "Sorry, you don't have permission to perform this action."
+        return false
+      end
+      true
+    end
+  
+end
--- a/tracks/app/models/todo.rb
+++ b/tracks/app/models/todo.rb
@ -10,7 +10,7 @@ class Todo < ActiveRecord::Base
  # Notes must be < 60,000 bytes (65,000 actually, but I'm being cautious)
  validates_presence_of :description
  validates_length_of :description, :maximum => 100
-  validates_length_of :notes, :maximum => 60000
+  validates_length_of :notes, :maximum => 60000, :allow_nil => true 

  def self.not_done( id=id )
    self.find(:all, :conditions =>[ "done = ? AND context_id = ?", false, id], :order =>"due IS NULL, due ASC, created_at ASC")