]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | ||
3 | namespace Wallabag\ApiBundle\Controller; | |
4 | ||
5 | use FOS\RestBundle\Controller\FOSRestController; | |
6 | use JMS\Serializer\SerializationContext; | |
7 | use Nelmio\ApiDocBundle\Annotation\ApiDoc; | |
8 | use Symfony\Component\HttpFoundation\JsonResponse; | |
9 | use Symfony\Component\Security\Core\Exception\AccessDeniedException; | |
10 | ||
11 | class WallabagRestController extends FOSRestController | |
12 | { | |
13 | /** | |
14 | * Retrieve version number. | |
15 | * | |
16 | * @ApiDoc() | |
17 | * | |
18 | * @deprecated Should use info endpoint instead | |
19 | * | |
20 | * @return JsonResponse | |
21 | */ | |
22 | public function getVersionAction() | |
23 | { | |
24 | $version = $this->container->getParameter('wallabag_core.version'); | |
25 | $json = $this->get('jms_serializer')->serialize($version, 'json'); | |
26 | ||
27 | return (new JsonResponse())->setJson($json); | |
28 | } | |
29 | ||
30 | /** | |
31 | * Retrieve information about the wallabag instance. | |
32 | * | |
33 | * @ApiDoc() | |
34 | * | |
35 | * @return JsonResponse | |
36 | */ | |
37 | public function getInfoAction() | |
38 | { | |
39 | $info = [ | |
40 | 'appname' => 'wallabag', | |
41 | 'version' => $this->container->getParameter('wallabag_core.version'), | |
42 | 'allowed_registration' => $this->container->getParameter('wallabag_user.registration_enabled'), | |
43 | ]; | |
44 | ||
45 | return (new JsonResponse())->setJson($this->get('jms_serializer')->serialize($info, 'json')); | |
46 | } | |
47 | ||
48 | protected function validateAuthentication() | |
49 | { | |
50 | if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) { | |
51 | throw new AccessDeniedException(); | |
52 | } | |
53 | } | |
54 | ||
55 | /** | |
56 | * Validate that the first id is equal to the second one. | |
57 | * If not, throw exception. It means a user try to access information from an other user. | |
58 | * | |
59 | * @param int $requestUserId User id from the requested source | |
60 | */ | |
61 | protected function validateUserAccess($requestUserId) | |
62 | { | |
63 | $user = $this->get('security.token_storage')->getToken()->getUser(); | |
64 | if ($requestUserId !== $user->getId()) { | |
65 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId()); | |
66 | } | |
67 | } | |
68 | ||
69 | /** | |
70 | * Shortcut to send data serialized in json. | |
71 | * | |
72 | * @param mixed $data | |
73 | * | |
74 | * @return JsonResponse | |
75 | */ | |
76 | protected function sendResponse($data) | |
77 | { | |
78 | // https://github.com/schmittjoh/JMSSerializerBundle/issues/293 | |
79 | $context = new SerializationContext(); | |
80 | $context->setSerializeNull(true); | |
81 | ||
82 | $json = $this->get('jms_serializer')->serialize($data, 'json', $context); | |
83 | ||
84 | return (new JsonResponse())->setJson($json); | |
85 | } | |
86 | } |