]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | ||
3 | namespace Wallabag\ApiBundle\Controller; | |
4 | ||
5 | use Nelmio\ApiDocBundle\Annotation\ApiDoc; | |
6 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | |
7 | use Symfony\Component\HttpFoundation\Request; | |
8 | use Symfony\Component\HttpFoundation\Response; | |
9 | use Wallabag\CoreBundle\Entity\Entry; | |
10 | use Wallabag\CoreBundle\Entity\Tag; | |
11 | use Wallabag\CoreBundle\Service\Extractor; | |
12 | use Hateoas\Configuration\Route; | |
13 | use Hateoas\Representation\Factory\PagerfantaFactory; | |
14 | ||
15 | class WallabagRestController extends Controller | |
16 | { | |
17 | /** | |
18 | * @param Entry $entry | |
19 | * @param string $tags | |
20 | */ | |
21 | private function assignTagsToEntry(Entry $entry, $tags) | |
22 | { | |
23 | foreach (explode(',', $tags) as $label) { | |
24 | $label = trim($label); | |
25 | $tagEntity = $this | |
26 | ->getDoctrine() | |
27 | ->getRepository('WallabagCoreBundle:Tag') | |
28 | ->findOneByLabel($label); | |
29 | ||
30 | if (is_null($tagEntity)) { | |
31 | $tagEntity = new Tag($this->getUser()); | |
32 | $tagEntity->setLabel($label); | |
33 | } | |
34 | ||
35 | // only add the tag on the entry if the relation doesn't exist | |
36 | if (!$entry->getTags()->contains($tagEntity)) { | |
37 | $entry->addTag($tagEntity); | |
38 | } | |
39 | } | |
40 | } | |
41 | ||
42 | /** | |
43 | * Retrieve salt for a giver user. | |
44 | * | |
45 | * @ApiDoc( | |
46 | * parameters={ | |
47 | * {"name"="username", "dataType"="string", "required"=true, "description"="username"} | |
48 | * } | |
49 | * ) | |
50 | * | |
51 | * @return array | |
52 | */ | |
53 | public function getSaltAction($username) | |
54 | { | |
55 | $user = $this | |
56 | ->getDoctrine() | |
57 | ->getRepository('WallabagCoreBundle:User') | |
58 | ->findOneByUsername($username); | |
59 | ||
60 | if (is_null($user)) { | |
61 | throw $this->createNotFoundException(); | |
62 | } | |
63 | ||
64 | return array($user->getSalt() ?: null); | |
65 | } | |
66 | ||
67 | /** | |
68 | * Retrieve all entries. It could be filtered by many options. | |
69 | * | |
70 | * @ApiDoc( | |
71 | * parameters={ | |
72 | * {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."}, | |
73 | * {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."}, | |
74 | * {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."}, | |
75 | * {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."}, | |
76 | * {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."}, | |
77 | * {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."}, | |
78 | * {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."}, | |
79 | * } | |
80 | * ) | |
81 | * | |
82 | * @return Entry | |
83 | */ | |
84 | public function getEntriesAction(Request $request) | |
85 | { | |
86 | $isArchived = $request->query->get('archive'); | |
87 | $isStarred = $request->query->get('star'); | |
88 | $sort = $request->query->get('sort', 'created'); | |
89 | $order = $request->query->get('order', 'desc'); | |
90 | $page = (int) $request->query->get('page', 1); | |
91 | $perPage = (int) $request->query->get('perPage', 30); | |
92 | $tags = $request->query->get('tags', []); | |
93 | ||
94 | $pager = $this | |
95 | ->getDoctrine() | |
96 | ->getRepository('WallabagCoreBundle:Entry') | |
97 | ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order); | |
98 | ||
99 | $pager->setCurrentPage($page); | |
100 | $pager->setMaxPerPage($perPage); | |
101 | ||
102 | $pagerfantaFactory = new PagerfantaFactory('page', 'perPage'); | |
103 | $paginatedCollection = $pagerfantaFactory->createRepresentation( | |
104 | $pager, | |
105 | new Route('api_get_entries', [], $absolute = true) | |
106 | ); | |
107 | ||
108 | $json = $this->get('serializer')->serialize($paginatedCollection, 'json'); | |
109 | ||
110 | return $this->renderJsonResponse($json); | |
111 | } | |
112 | ||
113 | /** | |
114 | * Retrieve a single entry. | |
115 | * | |
116 | * @ApiDoc( | |
117 | * requirements={ | |
118 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | |
119 | * } | |
120 | * ) | |
121 | * | |
122 | * @return Entry | |
123 | */ | |
124 | public function getEntryAction(Entry $entry) | |
125 | { | |
126 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | |
127 | ||
128 | $json = $this->get('serializer')->serialize($entry, 'json'); | |
129 | ||
130 | return $this->renderJsonResponse($json); | |
131 | } | |
132 | ||
133 | /** | |
134 | * Create an entry. | |
135 | * | |
136 | * @ApiDoc( | |
137 | * parameters={ | |
138 | * {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."}, | |
139 | * {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."}, | |
140 | * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, | |
141 | * } | |
142 | * ) | |
143 | * | |
144 | * @return Entry | |
145 | */ | |
146 | public function postEntriesAction(Request $request) | |
147 | { | |
148 | $url = $request->request->get('url'); | |
149 | ||
150 | $content = Extractor::extract($url); | |
151 | $entry = new Entry($this->getUser()); | |
152 | $entry->setUrl($url); | |
153 | $entry->setTitle($request->request->get('title') ?: $content->getTitle()); | |
154 | $entry->setContent($content->getBody()); | |
155 | ||
156 | $tags = $request->request->get('tags', ''); | |
157 | if (!empty($tags)) { | |
158 | $this->assignTagsToEntry($entry, $tags); | |
159 | } | |
160 | ||
161 | $em = $this->getDoctrine()->getManager(); | |
162 | $em->persist($entry); | |
163 | $em->flush(); | |
164 | ||
165 | $json = $this->get('serializer')->serialize($entry, 'json'); | |
166 | ||
167 | return $this->renderJsonResponse($json); | |
168 | } | |
169 | ||
170 | /** | |
171 | * Change several properties of an entry. | |
172 | * | |
173 | * @ApiDoc( | |
174 | * requirements={ | |
175 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | |
176 | * }, | |
177 | * parameters={ | |
178 | * {"name"="title", "dataType"="string", "required"=false}, | |
179 | * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, | |
180 | * {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."}, | |
181 | * {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."}, | |
182 | * } | |
183 | * ) | |
184 | * | |
185 | * @return Entry | |
186 | */ | |
187 | public function patchEntriesAction(Entry $entry, Request $request) | |
188 | { | |
189 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | |
190 | ||
191 | $title = $request->request->get('title'); | |
192 | $isArchived = $request->request->get('is_archived'); | |
193 | $isStarred = $request->request->get('is_starred'); | |
194 | ||
195 | if (!is_null($title)) { | |
196 | $entry->setTitle($title); | |
197 | } | |
198 | ||
199 | if (!is_null($isArchived)) { | |
200 | $entry->setArchived($isArchived); | |
201 | } | |
202 | ||
203 | if (!is_null($isStarred)) { | |
204 | $entry->setStarred($isStarred); | |
205 | } | |
206 | ||
207 | $tags = $request->request->get('tags', ''); | |
208 | if (!empty($tags)) { | |
209 | $this->assignTagsToEntry($entry, $tags); | |
210 | } | |
211 | ||
212 | $em = $this->getDoctrine()->getManager(); | |
213 | $em->flush(); | |
214 | ||
215 | $json = $this->get('serializer')->serialize($entry, 'json'); | |
216 | ||
217 | return $this->renderJsonResponse($json); | |
218 | } | |
219 | ||
220 | /** | |
221 | * Delete **permanently** an entry. | |
222 | * | |
223 | * @ApiDoc( | |
224 | * requirements={ | |
225 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | |
226 | * } | |
227 | * ) | |
228 | * | |
229 | * @return Entry | |
230 | */ | |
231 | public function deleteEntriesAction(Entry $entry) | |
232 | { | |
233 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | |
234 | ||
235 | $em = $this->getDoctrine()->getManager(); | |
236 | $em->remove($entry); | |
237 | $em->flush(); | |
238 | ||
239 | $json = $this->get('serializer')->serialize($entry, 'json'); | |
240 | ||
241 | return $this->renderJsonResponse($json); | |
242 | } | |
243 | ||
244 | /** | |
245 | * Retrieve all tags for an entry. | |
246 | * | |
247 | * @ApiDoc( | |
248 | * requirements={ | |
249 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | |
250 | * } | |
251 | * ) | |
252 | */ | |
253 | public function getEntriesTagsAction(Entry $entry) | |
254 | { | |
255 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | |
256 | ||
257 | $json = $this->get('serializer')->serialize($entry->getTags(), 'json'); | |
258 | ||
259 | return $this->renderJsonResponse($json); | |
260 | } | |
261 | ||
262 | /** | |
263 | * Add one or more tags to an entry. | |
264 | * | |
265 | * @ApiDoc( | |
266 | * requirements={ | |
267 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | |
268 | * }, | |
269 | * parameters={ | |
270 | * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, | |
271 | * } | |
272 | * ) | |
273 | */ | |
274 | public function postEntriesTagsAction(Request $request, Entry $entry) | |
275 | { | |
276 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | |
277 | ||
278 | $tags = $request->request->get('tags', ''); | |
279 | if (!empty($tags)) { | |
280 | $this->assignTagsToEntry($entry, $tags); | |
281 | } | |
282 | ||
283 | $em = $this->getDoctrine()->getManager(); | |
284 | $em->persist($entry); | |
285 | $em->flush(); | |
286 | ||
287 | $json = $this->get('serializer')->serialize($entry, 'json'); | |
288 | ||
289 | return $this->renderJsonResponse($json); | |
290 | } | |
291 | ||
292 | /** | |
293 | * Permanently remove one tag for an entry. | |
294 | * | |
295 | * @ApiDoc( | |
296 | * requirements={ | |
297 | * {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"}, | |
298 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | |
299 | * } | |
300 | * ) | |
301 | */ | |
302 | public function deleteEntriesTagsAction(Entry $entry, Tag $tag) | |
303 | { | |
304 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | |
305 | ||
306 | $entry->removeTag($tag); | |
307 | $em = $this->getDoctrine()->getManager(); | |
308 | $em->persist($entry); | |
309 | $em->flush(); | |
310 | ||
311 | $json = $this->get('serializer')->serialize($entry, 'json'); | |
312 | ||
313 | return $this->renderJsonResponse($json); | |
314 | } | |
315 | ||
316 | /** | |
317 | * Retrieve all tags. | |
318 | * | |
319 | * @ApiDoc() | |
320 | */ | |
321 | public function getTagsAction() | |
322 | { | |
323 | $json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json'); | |
324 | ||
325 | return $this->renderJsonResponse($json); | |
326 | } | |
327 | ||
328 | /** | |
329 | * Permanently remove one tag from **every** entry. | |
330 | * | |
331 | * @ApiDoc( | |
332 | * requirements={ | |
333 | * {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"} | |
334 | * } | |
335 | * ) | |
336 | */ | |
337 | public function deleteTagAction(Tag $tag) | |
338 | { | |
339 | $this->validateUserAccess($tag->getUser()->getId(), $this->getUser()->getId()); | |
340 | ||
341 | $em = $this->getDoctrine()->getManager(); | |
342 | $em->remove($tag); | |
343 | $em->flush(); | |
344 | ||
345 | $json = $this->get('serializer')->serialize($tag, 'json'); | |
346 | ||
347 | return $this->renderJsonResponse($json); | |
348 | } | |
349 | ||
350 | /** | |
351 | * Validate that the first id is equal to the second one. | |
352 | * If not, throw exception. It means a user try to access information from an other user. | |
353 | * | |
354 | * @param int $requestUserId User id from the requested source | |
355 | * @param int $currentUserId User id from the retrieved source | |
356 | */ | |
357 | private function validateUserAccess($requestUserId, $currentUserId) | |
358 | { | |
359 | if ($requestUserId != $currentUserId) { | |
360 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$currentUserId); | |
361 | } | |
362 | } | |
363 | ||
364 | /** | |
365 | * Send a JSON Response. | |
366 | * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string. | |
367 | * | |
368 | * @param string $json | |
369 | * | |
370 | * @return Response | |
371 | */ | |
372 | private function renderJsonResponse($json) | |
373 | { | |
374 | return new Response($json, 200, array('application/json')); | |
375 | } | |
376 | } |