[github/wallabag/wallabag.git] / src / Wallabag / ApiBundle / Controller / WallabagRestController.php

<?php

namespace Wallabag\ApiBundle\Controller;

use FOS\RestBundle\Controller\FOSRestController;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Wallabag\CoreBundle\Entity\Entry;
use Wallabag\CoreBundle\Entity\Tag;
use Hateoas\Configuration\Route;
use Hateoas\Representation\Factory\PagerfantaFactory;

class WallabagRestController extends FOSRestController
{
    /**
     * @param Entry  $entry
     * @param string $tags
     */
    private function assignTagsToEntry(Entry $entry, $tags)
    {
        foreach (explode(',', $tags) as $label) {
            $label = trim($label);
            $tagEntity = $this
                ->getDoctrine()
                ->getRepository('WallabagCoreBundle:Tag')
                ->findOneByLabel($label);

            if (is_null($tagEntity)) {
                $tagEntity = new Tag($this->getUser());
                $tagEntity->setLabel($label);
            }

            // only add the tag on the entry if the relation doesn't exist
            if (!$entry->getTags()->contains($tagEntity)) {
                $entry->addTag($tagEntity);
            }
        }
    }

    private function validateAuthentication()
    {
        if (false === $this->get('security.context')->isGranted('IS_AUTHENTICATED_FULLY')) {
            throw new AccessDeniedException();
        }
    }

    /**
     * Retrieve all entries. It could be filtered by many options.
     *
     * @ApiDoc(
     *       parameters={
     *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."},
     *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."},
     *          {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
     *          {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
     *          {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
     *          {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
     *       }
     * )
     *
     * @return Entry
     */
    public function getEntriesAction(Request $request)
    {
        $this->validateAuthentication();

        $isArchived = $request->query->get('archive');
        $isStarred = $request->query->get('star');
        $sort = $request->query->get('sort', 'created');
        $order = $request->query->get('order', 'desc');
        $page = (int) $request->query->get('page', 1);
        $perPage = (int) $request->query->get('perPage', 30);
        $tags = $request->query->get('tags', []);

        $pager = $this
            ->getDoctrine()
            ->getRepository('WallabagCoreBundle:Entry')
            ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);

        $pager->setCurrentPage($page);
        $pager->setMaxPerPage($perPage);

        $pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
        $paginatedCollection = $pagerfantaFactory->createRepresentation(
            $pager,
            new Route('api_get_entries', [], $absolute = true)
        );

        $json = $this->get('serializer')->serialize($paginatedCollection, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Retrieve a single entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     *
     * @return Entry
     */
    public function getEntryAction(Entry $entry)
    {
        $this->validateAuthentication();
        $this->validateUserAccess($entry->getUser()->getId());

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Create an entry.
     *
     * @ApiDoc(
     *       parameters={
     *          {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
     *          {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
     *       }
     * )
     *
     * @return Entry
     */
    public function postEntriesAction(Request $request)
    {
        $this->validateAuthentication();

        $url = $request->request->get('url');

        $entry = $this->get('wallabag_core.content_proxy')->updateEntry(
            new Entry($this->getUser()),
            $url
        );

        $tags = $request->request->get('tags', '');
        if (!empty($tags)) {
            $this->assignTagsToEntry($entry, $tags);
        }

        $em = $this->getDoctrine()->getManager();
        $em->persist($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Change several properties of an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      },
     *      parameters={
     *          {"name"="title", "dataType"="string", "required"=false},
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
     *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."},
     *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
     *      }
     * )
     *
     * @return Entry
     */
    public function patchEntriesAction(Entry $entry, Request $request)
    {
        $this->validateAuthentication();
        $this->validateUserAccess($entry->getUser()->getId());

        $title = $request->request->get('title');
        $isArchived = $request->request->get('is_archived');
        $isStarred = $request->request->get('is_starred');

        if (!is_null($title)) {
            $entry->setTitle($title);
        }

        if (!is_null($isArchived)) {
            $entry->setArchived($isArchived);
        }

        if (!is_null($isStarred)) {
            $entry->setStarred($isStarred);
        }

        $tags = $request->request->get('tags', '');
        if (!empty($tags)) {
            $this->assignTagsToEntry($entry, $tags);
        }

        $em = $this->getDoctrine()->getManager();
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Delete **permanently** an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     *
     * @return Entry
     */
    public function deleteEntriesAction(Entry $entry)
    {
        $this->validateAuthentication();
        $this->validateUserAccess($entry->getUser()->getId());

        $em = $this->getDoctrine()->getManager();
        $em->remove($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Retrieve all tags for an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     */
    public function getEntriesTagsAction(Entry $entry)
    {
        $this->validateAuthentication();
        $this->validateUserAccess($entry->getUser()->getId());

        $json = $this->get('serializer')->serialize($entry->getTags(), 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Add one or more tags to an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      },
     *      parameters={
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
     *       }
     * )
     */
    public function postEntriesTagsAction(Request $request, Entry $entry)
    {
        $this->validateAuthentication();
        $this->validateUserAccess($entry->getUser()->getId());

        $tags = $request->request->get('tags', '');
        if (!empty($tags)) {
            $this->assignTagsToEntry($entry, $tags);
        }

        $em = $this->getDoctrine()->getManager();
        $em->persist($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Permanently remove one tag for an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     */
    public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
    {
        $this->validateAuthentication();
        $this->validateUserAccess($entry->getUser()->getId());

        $entry->removeTag($tag);
        $em = $this->getDoctrine()->getManager();
        $em->persist($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Retrieve all tags.
     *
     * @ApiDoc()
     */
    public function getTagsAction()
    {
        $this->validateAuthentication();
        $json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Permanently remove one tag from **every** entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
     *      }
     * )
     */
    public function deleteTagAction(Tag $tag)
    {
        $this->validateAuthentication();
        $this->validateUserAccess($tag->getUser()->getId());

        $em = $this->getDoctrine()->getManager();
        $em->remove($tag);
        $em->flush();

        $json = $this->get('serializer')->serialize($tag, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Validate that the first id is equal to the second one.
     * If not, throw exception. It means a user try to access information from an other user.
     *
     * @param int $requestUserId User id from the requested source
     */
    private function validateUserAccess($requestUserId)
    {
        $user = $this->get('security.context')->getToken()->getUser();
        if ($requestUserId != $user->getId()) {
            throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
        }
    }

    /**
     * Send a JSON Response.
     * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
     *
     * @param string $json
     *
     * @return Response
     */
    private function renderJsonResponse($json)
    {
        return new Response($json, 200, array('application/json'));
    }
}
Commit	Line	Data
f8bf8952 NL	1	<?php
f8bf8952 NL	2
769e19dc	3	namespace Wallabag\ApiBundle\Controller;
f8bf8952	4
fcb1fba5	5	use FOS\RestBundle\Controller\FOSRestController;
f8bf8952	6	use Nelmio\ApiDocBundle\Annotation\ApiDoc;
27f15aa4	7	use Symfony\Component\HttpFoundation\Request;
b0cce9e6	8	use Symfony\Component\HttpFoundation\Response;
be463487	9	use Wallabag\CoreBundle\Entity\Entry;
653e8be4	10	use Wallabag\CoreBundle\Entity\Tag;
6e22bd73 WD	11	use Hateoas\Configuration\Route;
6e22bd73 WD	12	use Hateoas\Representation\Factory\PagerfantaFactory;
f8bf8952	13
fcb1fba5	14	class WallabagRestController extends FOSRestController
f8bf8952	15	{
092ca707 NL	16	/**
	17	* @param Entry $entry
	18	* @param string $tags
	19	*/
	20	private function assignTagsToEntry(Entry $entry, $tags)
	21	{
	22	foreach (explode(',', $tags) as $label) {
	23	$label = trim($label);
	24	$tagEntity = $this
	25	->getDoctrine()
	26	->getRepository('WallabagCoreBundle:Tag')
	27	->findOneByLabel($label);
	28
	29	if (is_null($tagEntity)) {
	30	$tagEntity = new Tag($this->getUser());
	31	$tagEntity->setLabel($label);
	32	}
	33
	34	// only add the tag on the entry if the relation doesn't exist
	35	if (!$entry->getTags()->contains($tagEntity)) {
	36	$entry->addTag($tagEntity);
	37	}
	38	}
	39	}
	40
77273253 NL	41	private function validateAuthentication()
	42	{
	43	if (false === $this->get('security.context')->isGranted('IS_AUTHENTICATED_FULLY')) {
	44	throw new AccessDeniedException();
	45	}
	46	}
	47
f8bf8952	48	/**
a8c90c5c	49	* Retrieve all entries. It could be filtered by many options.
f8bf8952 NL	50	*
f8bf8952 NL	51	* @ApiDoc(
a8c90c5c	52	* parameters={
2c093b03 NL	53	* {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."},
2c093b03 NL	54	* {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."},
a8c90c5c NL	55	* {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
	56	* {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
	57	* {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
	58	* {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
	59	* {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
	60	* }
f8bf8952	61	* )
4346a860	62	*
be463487	63	* @return Entry
f8bf8952	64	*/
27f15aa4	65	public function getEntriesAction(Request $request)
f8bf8952	66	{
77273253 NL	67	$this->validateAuthentication();
77273253 NL	68
6e334aba	69	$isArchived = $request->query->get('archive');
8ce32af6 JB	70	$isStarred = $request->query->get('star');
	71	$sort = $request->query->get('sort', 'created');
	72	$order = $request->query->get('order', 'desc');
	73	$page = (int) $request->query->get('page', 1);
	74	$perPage = (int) $request->query->get('perPage', 30);
	75	$tags = $request->query->get('tags', []);
a8c90c5c	76
6e22bd73	77	$pager = $this
a8c90c5c	78	->getDoctrine()
be463487	79	->getRepository('WallabagCoreBundle:Entry')
1d147791	80	->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);
a8c90c5c	81
6e22bd73 WD	82	$pager->setCurrentPage($page);
	83	$pager->setMaxPerPage($perPage);
	84
8ce32af6	85	$pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
6e22bd73 WD	86	$paginatedCollection = $pagerfantaFactory->createRepresentation(
	87	$pager,
	88	new Route('api_get_entries', [], $absolute = true)
	89	);
	90
	91	$json = $this->get('serializer')->serialize($paginatedCollection, 'json');
0f006880	92
769e19dc	93	return $this->renderJsonResponse($json);
f8bf8952 NL	94	}
	95
	96	/**
4346a860	97	* Retrieve a single entry.
f8bf8952 NL	98	*
	99	* @ApiDoc(
	100	* requirements={
	101	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	102	* }
	103	* )
4346a860	104	*
be463487	105	* @return Entry
f8bf8952	106	*/
be463487	107	public function getEntryAction(Entry $entry)
f8bf8952	108	{
77273253	109	$this->validateAuthentication();
fcb1fba5	110	$this->validateUserAccess($entry->getUser()->getId());
092ca707	111
aa4d6562	112	$json = $this->get('serializer')->serialize($entry, 'json');
0f006880	113
769e19dc	114	return $this->renderJsonResponse($json);
f8bf8952 NL	115	}
	116
	117	/**
4346a860	118	* Create an entry.
f8bf8952 NL	119	*
f8bf8952 NL	120	* @ApiDoc(
a8c90c5c NL	121	* parameters={
	122	* {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
	123	* {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
	124	* {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
	125	* }
f8bf8952	126	* )
4346a860	127	*
be463487	128	* @return Entry
f8bf8952	129	*/
843dbe51	130	public function postEntriesAction(Request $request)
f8bf8952	131	{
77273253 NL	132	$this->validateAuthentication();
77273253 NL	133
c3235553 NL	134	$url = $request->request->get('url');
c3235553 NL	135
558d9aab JB	136	$entry = $this->get('wallabag_core.content_proxy')->updateEntry(
	137	new Entry($this->getUser()),
	138	$url
	139	);
092ca707	140
0ca374e6 NL	141	$tags = $request->request->get('tags', '');
	142	if (!empty($tags)) {
	143	$this->assignTagsToEntry($entry, $tags);
	144	}
092ca707	145
843dbe51 NL	146	$em = $this->getDoctrine()->getManager();
	147	$em->persist($entry);
	148	$em->flush();
	149
aa4d6562 NL	150	$json = $this->get('serializer')->serialize($entry, 'json');
aa4d6562 NL	151
769e19dc	152	return $this->renderJsonResponse($json);
f8bf8952 NL	153	}
	154
	155	/**
4346a860	156	* Change several properties of an entry.
f8bf8952 NL	157	*
	158	* @ApiDoc(
	159	* requirements={
	160	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
a8c90c5c NL	161	* },
	162	* parameters={
	163	* {"name"="title", "dataType"="string", "required"=false},
	164	* {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
2c093b03 NL	165	* {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."},
2c093b03 NL	166	* {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
1d147791	167	* }
f8bf8952	168	* )
4346a860	169	*
be463487	170	* @return Entry
f8bf8952	171	*/
be463487	172	public function patchEntriesAction(Entry $entry, Request $request)
f8bf8952	173	{
77273253	174	$this->validateAuthentication();
fcb1fba5	175	$this->validateUserAccess($entry->getUser()->getId());
092ca707	176
8ce32af6	177	$title = $request->request->get('title');
9fb6ac83	178	$isArchived = $request->request->get('is_archived');
8ce32af6	179	$isStarred = $request->request->get('is_starred');
2c093b03 NL	180
	181	if (!is_null($title)) {
	182	$entry->setTitle($title);
	183	}
	184
	185	if (!is_null($isArchived)) {
905ae369	186	$entry->setArchived($isArchived);
2c093b03 NL	187	}
2c093b03 NL	188
2c093b03	189	if (!is_null($isStarred)) {
905ae369	190	$entry->setStarred($isStarred);
2c093b03 NL	191	}
2c093b03 NL	192
0ca374e6 NL	193	$tags = $request->request->get('tags', '');
	194	if (!empty($tags)) {
	195	$this->assignTagsToEntry($entry, $tags);
	196	}
092ca707	197
2c093b03	198	$em = $this->getDoctrine()->getManager();
2c093b03 NL	199	$em->flush();
2c093b03 NL	200
0ca374e6 NL	201	$json = $this->get('serializer')->serialize($entry, 'json');
0ca374e6 NL	202
769e19dc	203	return $this->renderJsonResponse($json);
f8bf8952 NL	204	}
	205
	206	/**
4346a860	207	* Delete permanently an entry.
f8bf8952 NL	208	*
f8bf8952 NL	209	* @ApiDoc(
a8c90c5c NL	210	* requirements={
	211	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	212	* }
f8bf8952	213	* )
4346a860	214	*
be463487	215	* @return Entry
f8bf8952	216	*/
be463487	217	public function deleteEntriesAction(Entry $entry)
f8bf8952	218	{
77273253	219	$this->validateAuthentication();
fcb1fba5	220	$this->validateUserAccess($entry->getUser()->getId());
092ca707	221
42a90646	222	$em = $this->getDoctrine()->getManager();
1d147791	223	$em->remove($entry);
42a90646 NL	224	$em->flush();
42a90646 NL	225
1d147791 NL	226	$json = $this->get('serializer')->serialize($entry, 'json');
1d147791 NL	227
769e19dc	228	return $this->renderJsonResponse($json);
f8bf8952 NL	229	}
	230
	231	/**
4346a860	232	* Retrieve all tags for an entry.
f8bf8952 NL	233	*
	234	* @ApiDoc(
	235	* requirements={
	236	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	237	* }
	238	* )
	239	*/
be463487	240	public function getEntriesTagsAction(Entry $entry)
7df80cb3	241	{
77273253	242	$this->validateAuthentication();
fcb1fba5	243	$this->validateUserAccess($entry->getUser()->getId());
092ca707	244
1bd12b62	245	$json = $this->get('serializer')->serialize($entry->getTags(), 'json');
0a018fe0	246
769e19dc	247	return $this->renderJsonResponse($json);
f8bf8952 NL	248	}
	249
	250	/**
4346a860	251	* Add one or more tags to an entry.
f8bf8952 NL	252	*
	253	* @ApiDoc(
	254	* requirements={
	255	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
a8c90c5c NL	256	* },
	257	* parameters={
	258	* {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
	259	* }
f8bf8952 NL	260	* )
f8bf8952 NL	261	*/
a36737f4	262	public function postEntriesTagsAction(Request $request, Entry $entry)
7df80cb3	263	{
77273253	264	$this->validateAuthentication();
fcb1fba5	265	$this->validateUserAccess($entry->getUser()->getId());
a36737f4	266
0ca374e6 NL	267	$tags = $request->request->get('tags', '');
	268	if (!empty($tags)) {
	269	$this->assignTagsToEntry($entry, $tags);
	270	}
092ca707	271
a36737f4 NL	272	$em = $this->getDoctrine()->getManager();
	273	$em->persist($entry);
	274	$em->flush();
	275
	276	$json = $this->get('serializer')->serialize($entry, 'json');
	277
769e19dc	278	return $this->renderJsonResponse($json);
f8bf8952 NL	279	}
	280
	281	/**
4346a860	282	* Permanently remove one tag for an entry.
f8bf8952 NL	283	*
	284	* @ApiDoc(
	285	* requirements={
769e19dc	286	* {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
f8bf8952 NL	287	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	288	* }
	289	* )
	290	*/
653e8be4	291	public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
f8bf8952	292	{
77273253	293	$this->validateAuthentication();
fcb1fba5	294	$this->validateUserAccess($entry->getUser()->getId());
092ca707 NL	295
	296	$entry->removeTag($tag);
	297	$em = $this->getDoctrine()->getManager();
	298	$em->persist($entry);
	299	$em->flush();
	300
	301	$json = $this->get('serializer')->serialize($entry, 'json');
	302
769e19dc	303	return $this->renderJsonResponse($json);
f8bf8952 NL	304	}
	305
	306	/**
4346a860	307	* Retrieve all tags.
f8bf8952	308	*
092ca707	309	* @ApiDoc()
f8bf8952	310	*/
092ca707	311	public function getTagsAction()
7df80cb3	312	{
77273253	313	$this->validateAuthentication();
092ca707 NL	314	$json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json');
092ca707 NL	315
769e19dc	316	return $this->renderJsonResponse($json);
f8bf8952 NL	317	}
f8bf8952 NL	318
f8bf8952	319	/**
4346a860	320	* Permanently remove one tag from every entry.
f8bf8952 NL	321	*
	322	* @ApiDoc(
	323	* requirements={
769e19dc	324	* {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
f8bf8952 NL	325	* }
	326	* )
	327	*/
653e8be4	328	public function deleteTagAction(Tag $tag)
f8bf8952	329	{
77273253	330	$this->validateAuthentication();
fcb1fba5	331	$this->validateUserAccess($tag->getUser()->getId());
092ca707 NL	332
	333	$em = $this->getDoctrine()->getManager();
	334	$em->remove($tag);
	335	$em->flush();
	336
	337	$json = $this->get('serializer')->serialize($tag, 'json');
	338
769e19dc J	339	return $this->renderJsonResponse($json);
	340	}
	341
	342	/**
	343	* Validate that the first id is equal to the second one.
4346a860	344	* If not, throw exception. It means a user try to access information from an other user.
769e19dc	345	*
4346a860	346	* @param int $requestUserId User id from the requested source
769e19dc	347	*/
fcb1fba5	348	private function validateUserAccess($requestUserId)
769e19dc	349	{
fcb1fba5 NL	350	$user = $this->get('security.context')->getToken()->getUser();
	351	if ($requestUserId != $user->getId()) {
	352	throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
769e19dc J	353	}
	354	}
	355
	356	/**
	357	* Send a JSON Response.
4346a860	358	* We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
769e19dc J	359	*
	360	* @param string $json
	361	*
	362	* @return Response
	363	*/
	364	private function renderJsonResponse($json)
	365	{
db2b4bf6	366	return new Response($json, 200, array('application/json'));
f8bf8952	367	}
7df80cb3	368	}