url); access::required("view", $comment->item()); return array( "url" => $request->url, "entity" => $comment->as_restful_array(), "relationships" => rest::relationships("comment", $comment)); } static function put($request) { // Only admins can edit comments, for now if (!identity::active_user()->admin) { access::forbidden(); } $comment = rest::resolve($request->url); $comment = ORM::factory("comment"); $comment->text = $request->params->text; $comment->save(); } static function delete($request) { if (!identity::active_user()->admin) { access::forbidden(); } $comment = rest::resolve($request->url); access::required("edit", $comment->item()); $comment->delete(); } static function relationships($resource_type, $resource) { switch ($resource_type) { case "item": return array( "comments" => array( "url" => rest::url("item_comments", $resource))); } } static function resolve($id) { $comment = ORM::factory("comment", $id); if (!access::can("view", $comment->item())) { throw new Kohana_404_Exception(); } return $comment; } static function url($comment) { return url::abs_site("rest/comment/{$comment->id}"); } }