wip

Author: tobyzerner

src/Handler/Concerns/IncludesData.php

@@ -57,9 +57,11 @@ private function validateInclude(ResourceType $resource, array $include, string
                 throw new BadRequestException("Invalid include [{$path}{$name}]", 'include');
             }
 
-            $relatedResource = $this->api->getResource($schema->fields[$name]->resource);
+            if (is_string($schema->fields[$name]->resource)) {
+                $relatedResource = $this->api->getResource($schema->fields[$name]->resource);
 
-            $this->validateInclude($relatedResource, $nested, $name.'.');
+                $this->validateInclude($relatedResource, $nested, $name.'.');
+            }
         }
     }
 
@@ -75,17 +77,19 @@ private function buildRelationshipTrails(ResourceType $resource, array $include)
                 $trails[] = [$relationship];
             }
 
-            $relatedResource = $this->api->getResource($relationship->resource);
-
-            $trails = array_merge(
-                $trails,
-                array_map(
-                    function ($trail) use ($relationship) {
-                        return array_merge([$relationship], $trail);
-                    },
-                    $this->buildRelationshipTrails($relatedResource, $nested)
-                )
-            );
+            if (is_string($schema->fields[$name]->resource)) {
+                $relatedResource = $this->api->getResource($relationship->resource);
+
+                $trails = array_merge(
+                    $trails,
+                    array_map(
+                        function ($trail) use ($relationship) {
+                            return array_merge([$relationship], $trail);
+                        },
+                        $this->buildRelationshipTrails($relatedResource, $nested)
+                    )
+                );
+            }
         }
 
         return $trails;
@@ -101,13 +105,21 @@ private function loadRelationships(array $models, array $include, Request $reque
                 continue;
             }
 
-            $adapter->loadIds($models, $field);
+            if ($field->loader) {
+                ($field->loader)($models, true);
+            } else {
+                $adapter->loadIds($models, $field);
+            }
         }
 
         $trails = $this->buildRelationshipTrails($this->resource, $include);
 
         foreach ($trails as $relationships) {
-            $adapter->load($models, $relationships);
+            if ($loader = end($relationships)->loader) {
+                ($loader)($models, false);
+            } else {
+                $adapter->load($models, $relationships);
+            }
         }
     }
 }

src/Handler/Index.php

@@ -10,6 +10,7 @@
 use Psr\Http\Server\RequestHandlerInterface;
 use Tobscure\JsonApiServer\Api;
 use Tobscure\JsonApiServer\Exception\BadRequestException;
+use Tobscure\JsonApiServer\Exception\ForbiddenException;
 use Tobscure\JsonApiServer\JsonApiResponse;
 use Tobscure\JsonApiServer\ResourceType;
 use Tobscure\JsonApiServer\Schema;
@@ -37,6 +38,10 @@ public function handle(Request $request): Response
         $adapter = $this->resource->getAdapter();
         $schema = $this->resource->getSchema();
 
+        if (! ($schema->isVisible)($request)) {
+            throw new ForbiddenException('You cannot view this resource');
+        }
+
         $query = $adapter->query();
 
         foreach ($schema->scopes as $scope) {
@@ -219,7 +224,7 @@ private function sort($query, array $sort, Request $request)
             $attribute = $schema->fields[$name];
 
             if ($attribute->sorter) {
-                ($attribute->sorter)($query, $direction, $request);
+                ($attribute->sorter)($request, $query, $direction);
             } else {
                 $adapter->sortByAttribute($query, $attribute, $direction);
             }

src/Handler/Show.php

@@ -7,6 +7,7 @@
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Server\RequestHandlerInterface;
 use Tobscure\JsonApiServer\Api;
+use Tobscure\JsonApiServer\Exception\ForbiddenException;
 use Tobscure\JsonApiServer\JsonApiResponse;
 use Tobscure\JsonApiServer\ResourceType;
 use Tobscure\JsonApiServer\Serializer;
@@ -28,6 +29,12 @@ public function __construct(Api $api, ResourceType $resource, $model)
 
     public function handle(Request $request): Response
     {
+        $schema = $this->resource->getSchema();
+
+        if (! ($schema->isVisible)($request)) {
+            throw new ForbiddenException('You cannot view this resource');
+        }
+
         $include = $this->getInclude($request);
 
         $this->loadRelationships([$this->model], $include, $request);

src/Schema/Builder.php

@@ -30,6 +30,7 @@ class Builder
 
     public function __construct()
     {
+        $this->visible();
         $this->notCreatable();
         $this->notUpdatable();
         $this->notDeletable();
@@ -40,7 +41,7 @@ public function attribute(string $name, string $property = null): Attribute
         return $this->field(Attribute::class, $name, $property);
     }
 
-    public function hasOne(string $name, string $resource = null, string $property = null): HasOne
+    public function hasOne(string $name, $resource = null, string $property = null): HasOne
     {
         $field = $this->field(HasOne::class, $name, $property);
 
@@ -51,7 +52,7 @@ public function hasOne(string $name, string $resource = null, string $property =
         return $field;
     }
 
-    public function hasMany(string $name, string $resource = null, string $property = null): HasMany
+    public function hasMany(string $name, $resource = null, string $property = null): HasMany
     {
         $field = $this->field(HasMany::class, $name, $property);
 
@@ -107,6 +108,34 @@ public function scopeSingle(Closure $callback)
         $this->singleScopes[] = $callback;
     }
 
+    public function visibleIf(Closure $condition)
+    {
+        $this->isVisible = $condition;
+
+        return $this;
+    }
+
+    public function visible()
+    {
+        return $this->visibleIf(function () {
+            return true;
+        });
+    }
+
+    public function notVisibleIf(Closure $condition)
+    {
+        return $this->visibleIf(function (...$args) use ($condition) {
+            return ! $condition(...$args);
+        });
+    }
+
+    public function notVisible()
+    {
+        return $this->notVisibleIf(function () {
+            return true;
+        });
+    }
+
     public function creatableIf(Closure $condition)
     {
         $this->isCreatable = $condition;

src/Schema/Relationship.php

@@ -11,6 +11,7 @@ abstract class Relationship extends Field
     public $linkage;
     public $hasLinks = true;
     public $loadable = true;
+    public $loader;
     public $included = false;
     public $resource;
 
@@ -70,6 +71,13 @@ public function notLoadable()
         return $this;
     }
 
+    public function load(Closure $callback)
+    {
+        $this->loader = $callback;
+
+        return $this;
+    }
+
     public function included()
     {
         $this->included = true;

src/Serializer.php

@@ -184,7 +184,17 @@ private function getRelationshipLinks(Schema\Relationship $field, string $resour
 
     private function addRelated(Schema\Relationship $field, $model, array $include): JsonApi\ResourceIdentifier
     {
-        $relatedResource = $this->api->getResource($field->resource);
+        if (is_array($field->resource)) {
+            foreach ($field->resource as $class => $resource) {
+                if ($model instanceof $class) {
+                    break;
+                }
+            }
+        } else {
+            $resource = $field->resource;
+        }
+
+        $relatedResource = $this->api->getResource($resource);
 
         return $this->resourceIdentifier(
             $this->addToMap($relatedResource, $model, $include)