]>
Commit | Line | Data |
---|---|---|
f8bf8952 NL |
1 | <?php |
2 | ||
769e19dc | 3 | namespace Wallabag\ApiBundle\Controller; |
f8bf8952 | 4 | |
fcb1fba5 | 5 | use FOS\RestBundle\Controller\FOSRestController; |
b0b893ea | 6 | use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
be463487 | 7 | use Wallabag\CoreBundle\Entity\Entry; |
f8bf8952 | 8 | |
fcb1fba5 | 9 | class WallabagRestController extends FOSRestController |
f8bf8952 | 10 | { |
2b477030 | 11 | /** |
6f8310b4 TC |
12 | * Retrieve version number. |
13 | * | |
14 | * @ApiDoc() | |
2b477030 | 15 | * |
60faee00 | 16 | * @return JsonResponse |
2b477030 V |
17 | */ |
18 | public function getVersionAction() | |
19 | { | |
20 | $version = $this->container->getParameter('wallabag_core.version'); | |
2b477030 | 21 | $json = $this->get('serializer')->serialize($version, 'json'); |
60faee00 | 22 | return (new JsonResponse())->setJson($json); |
2b477030 | 23 | } |
769e19dc | 24 | |
900c8448 | 25 | protected function validateAuthentication() |
ac8cf632 | 26 | { |
18f8f32f | 27 | if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) { |
77273253 | 28 | throw new AccessDeniedException(); |
ac8cf632 | 29 | } |
ac8cf632 JB |
30 | } |
31 | ||
769e19dc J |
32 | /** |
33 | * Validate that the first id is equal to the second one. | |
4346a860 | 34 | * If not, throw exception. It means a user try to access information from an other user. |
769e19dc | 35 | * |
4346a860 | 36 | * @param int $requestUserId User id from the requested source |
769e19dc | 37 | */ |
900c8448 | 38 | protected function validateUserAccess($requestUserId) |
769e19dc | 39 | { |
18f8f32f | 40 | $user = $this->get('security.token_storage')->getToken()->getUser(); |
fcb1fba5 NL |
41 | if ($requestUserId != $user->getId()) { |
42 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId()); | |
769e19dc J |
43 | } |
44 | } | |
7df80cb3 | 45 | } |