]>
Commit | Line | Data |
---|---|---|
f8bf8952 NL |
1 | <?php |
2 | ||
769e19dc | 3 | namespace Wallabag\ApiBundle\Controller; |
f8bf8952 | 4 | |
fcb1fba5 | 5 | use FOS\RestBundle\Controller\FOSRestController; |
864c1dd2 JB |
6 | use Nelmio\ApiDocBundle\Annotation\ApiDoc; |
7 | use Symfony\Component\HttpFoundation\JsonResponse; | |
001cc716 | 8 | use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
f8bf8952 | 9 | |
fcb1fba5 | 10 | class WallabagRestController extends FOSRestController |
f8bf8952 | 11 | { |
2b477030 | 12 | /** |
6f8310b4 TC |
13 | * Retrieve version number. |
14 | * | |
15 | * @ApiDoc() | |
2b477030 | 16 | * |
3bd65991 JB |
17 | * @deprecated Should use info endpoint instead |
18 | * | |
60faee00 | 19 | * @return JsonResponse |
2b477030 V |
20 | */ |
21 | public function getVersionAction() | |
22 | { | |
23 | $version = $this->container->getParameter('wallabag_core.version'); | |
f40c88eb | 24 | $json = $this->get('jms_serializer')->serialize($version, 'json'); |
864c1dd2 | 25 | |
60faee00 | 26 | return (new JsonResponse())->setJson($json); |
2b477030 | 27 | } |
769e19dc | 28 | |
3bd65991 JB |
29 | /** |
30 | * Retrieve information about the wallabag instance. | |
31 | * | |
32 | * @ApiDoc() | |
33 | * | |
34 | * @return JsonResponse | |
35 | */ | |
36 | public function getInfoAction() | |
37 | { | |
38 | $info = [ | |
39 | 'appname' => 'wallabag', | |
40 | 'version' => $this->container->getParameter('wallabag_core.version'), | |
41 | 'allowed_registration' => $this->container->getParameter('wallabag_user.registration_enabled'), | |
42 | ]; | |
43 | ||
44 | return (new JsonResponse())->setJson($this->get('jms_serializer')->serialize($info, 'json')); | |
45 | } | |
46 | ||
900c8448 | 47 | protected function validateAuthentication() |
ac8cf632 | 48 | { |
18f8f32f | 49 | if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) { |
77273253 | 50 | throw new AccessDeniedException(); |
ac8cf632 | 51 | } |
ac8cf632 JB |
52 | } |
53 | ||
769e19dc J |
54 | /** |
55 | * Validate that the first id is equal to the second one. | |
4346a860 | 56 | * If not, throw exception. It means a user try to access information from an other user. |
769e19dc | 57 | * |
4346a860 | 58 | * @param int $requestUserId User id from the requested source |
769e19dc | 59 | */ |
900c8448 | 60 | protected function validateUserAccess($requestUserId) |
769e19dc | 61 | { |
18f8f32f | 62 | $user = $this->get('security.token_storage')->getToken()->getUser(); |
f808b016 JB |
63 | if ($requestUserId !== $user->getId()) { |
64 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId()); | |
769e19dc J |
65 | } |
66 | } | |
7df80cb3 | 67 | } |