[github/wallabag/wallabag.git] / src / Wallabag / ApiBundle / Controller / WallabagRestController.php

<?php

namespace Wallabag\ApiBundle\Controller;

use FOS\RestBundle\Controller\FOSRestController;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Wallabag\CoreBundle\Entity\Entry;
use Wallabag\CoreBundle\Entity\Tag;
use Hateoas\Configuration\Route;
use Hateoas\Representation\Factory\PagerfantaFactory;

class WallabagRestController extends FOSRestController
{
    /**
     * @param Entry  $entry
     * @param string $tags
     */
    private function assignTagsToEntry(Entry $entry, $tags)
    {
        foreach (explode(',', $tags) as $label) {
            $label = trim($label);
            $tagEntity = $this
                ->getDoctrine()
                ->getRepository('WallabagCoreBundle:Tag')
                ->findOneByLabel($label);

            if (is_null($tagEntity)) {
                $tagEntity = new Tag($this->getUser());
                $tagEntity->setLabel($label);
            }

            // only add the tag on the entry if the relation doesn't exist
            if (!$entry->getTags()->contains($tagEntity)) {
                $entry->addTag($tagEntity);
            }
        }
    }

    /**
     * Retrieve all entries. It could be filtered by many options.
     *
     * @ApiDoc(
     *       parameters={
     *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."},
     *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."},
     *          {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
     *          {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
     *          {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
     *          {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
     *       }
     * )
     *
     * @return Entry
     */
    public function getEntriesAction(Request $request)
    {
        $isArchived = $request->query->get('archive');
        $isStarred = $request->query->get('star');
        $sort = $request->query->get('sort', 'created');
        $order = $request->query->get('order', 'desc');
        $page = (int) $request->query->get('page', 1);
        $perPage = (int) $request->query->get('perPage', 30);
        $tags = $request->query->get('tags', []);

        $pager = $this
            ->getDoctrine()
            ->getRepository('WallabagCoreBundle:Entry')
            ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);

        $pager->setCurrentPage($page);
        $pager->setMaxPerPage($perPage);

        $pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
        $paginatedCollection = $pagerfantaFactory->createRepresentation(
            $pager,
            new Route('api_get_entries', [], $absolute = true)
        );

        $json = $this->get('serializer')->serialize($paginatedCollection, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Retrieve a single entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     *
     * @return Entry
     */
    public function getEntryAction(Entry $entry)
    {
        $this->validateUserAccess($entry->getUser()->getId());

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Create an entry.
     *
     * @ApiDoc(
     *       parameters={
     *          {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
     *          {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
     *       }
     * )
     *
     * @return Entry
     */
    public function postEntriesAction(Request $request)
    {
        $url = $request->request->get('url');

        $entry = $this->get('wallabag_core.content_proxy')->updateEntry(
            new Entry($this->getUser()),
            $url
        );

        $tags = $request->request->get('tags', '');
        if (!empty($tags)) {
            $this->assignTagsToEntry($entry, $tags);
        }

        $em = $this->getDoctrine()->getManager();
        $em->persist($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Change several properties of an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      },
     *      parameters={
     *          {"name"="title", "dataType"="string", "required"=false},
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
     *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."},
     *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
     *      }
     * )
     *
     * @return Entry
     */
    public function patchEntriesAction(Entry $entry, Request $request)
    {
        $this->validateUserAccess($entry->getUser()->getId());

        $title = $request->request->get('title');
        $isArchived = $request->request->get('is_archived');
        $isStarred = $request->request->get('is_starred');

        if (!is_null($title)) {
            $entry->setTitle($title);
        }

        if (!is_null($isArchived)) {
            $entry->setArchived($isArchived);
        }

        if (!is_null($isStarred)) {
            $entry->setStarred($isStarred);
        }

        $tags = $request->request->get('tags', '');
        if (!empty($tags)) {
            $this->assignTagsToEntry($entry, $tags);
        }

        $em = $this->getDoctrine()->getManager();
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Delete **permanently** an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     *
     * @return Entry
     */
    public function deleteEntriesAction(Entry $entry)
    {
        $this->validateUserAccess($entry->getUser()->getId());

        $em = $this->getDoctrine()->getManager();
        $em->remove($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Retrieve all tags for an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     */
    public function getEntriesTagsAction(Entry $entry)
    {
        $this->validateUserAccess($entry->getUser()->getId());

        $json = $this->get('serializer')->serialize($entry->getTags(), 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Add one or more tags to an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      },
     *      parameters={
     *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
     *       }
     * )
     */
    public function postEntriesTagsAction(Request $request, Entry $entry)
    {
        $this->validateUserAccess($entry->getUser()->getId());

        $tags = $request->request->get('tags', '');
        if (!empty($tags)) {
            $this->assignTagsToEntry($entry, $tags);
        }

        $em = $this->getDoctrine()->getManager();
        $em->persist($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Permanently remove one tag for an entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
     *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
     *      }
     * )
     */
    public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
    {
        $this->validateUserAccess($entry->getUser()->getId());

        $entry->removeTag($tag);
        $em = $this->getDoctrine()->getManager();
        $em->persist($entry);
        $em->flush();

        $json = $this->get('serializer')->serialize($entry, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Retrieve all tags.
     *
     * @ApiDoc()
     */
    public function getTagsAction()
    {
        $json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Permanently remove one tag from **every** entry.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
     *      }
     * )
     */
    public function deleteTagAction(Tag $tag)
    {
        $this->validateUserAccess($tag->getUser()->getId());

        $em = $this->getDoctrine()->getManager();
        $em->remove($tag);
        $em->flush();

        $json = $this->get('serializer')->serialize($tag, 'json');

        return $this->renderJsonResponse($json);
    }

    /**
     * Validate that the first id is equal to the second one.
     * If not, throw exception. It means a user try to access information from an other user.
     *
     * @param int $requestUserId User id from the requested source
     */
    private function validateUserAccess($requestUserId)
    {
        $user = $this->get('security.context')->getToken()->getUser();
        if ($requestUserId != $user->getId()) {
            throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
        }
    }

    /**
     * Send a JSON Response.
     * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
     *
     * @param string $json
     *
     * @return Response
     */
    private function renderJsonResponse($json)
    {
        return new Response($json, 200, array('application/json'));
    }
}
Commit	Line	Data
	1	<?php
	2
	3	namespace Wallabag\ApiBundle\Controller;
	4
	5	use FOS\RestBundle\Controller\FOSRestController;
	6	use Nelmio\ApiDocBundle\Annotation\ApiDoc;
	7	use Symfony\Component\HttpFoundation\Request;
	8	use Symfony\Component\HttpFoundation\Response;
	9	use Wallabag\CoreBundle\Entity\Entry;
	10	use Wallabag\CoreBundle\Entity\Tag;
	11	use Hateoas\Configuration\Route;
	12	use Hateoas\Representation\Factory\PagerfantaFactory;
	13
	14	class WallabagRestController extends FOSRestController
	15	{
	16	/**
	17	* @param Entry $entry
	18	* @param string $tags
	19	*/
	20	private function assignTagsToEntry(Entry $entry, $tags)
	21	{
	22	foreach (explode(',', $tags) as $label) {
	23	$label = trim($label);
	24	$tagEntity = $this
	25	->getDoctrine()
	26	->getRepository('WallabagCoreBundle:Tag')
	27	->findOneByLabel($label);
	28
	29	if (is_null($tagEntity)) {
	30	$tagEntity = new Tag($this->getUser());
	31	$tagEntity->setLabel($label);
	32	}
	33
	34	// only add the tag on the entry if the relation doesn't exist
	35	if (!$entry->getTags()->contains($tagEntity)) {
	36	$entry->addTag($tagEntity);
	37	}
	38	}
	39	}
	40
	41	/**
	42	* Retrieve all entries. It could be filtered by many options.
	43	*
	44	* @ApiDoc(
	45	* parameters={
	46	* {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."},
	47	* {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."},
	48	* {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
	49	* {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
	50	* {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
	51	* {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
	52	* {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
	53	* }
	54	* )
	55	*
	56	* @return Entry
	57	*/
	58	public function getEntriesAction(Request $request)
	59	{
	60	$isArchived = $request->query->get('archive');
	61	$isStarred = $request->query->get('star');
	62	$sort = $request->query->get('sort', 'created');
	63	$order = $request->query->get('order', 'desc');
	64	$page = (int) $request->query->get('page', 1);
	65	$perPage = (int) $request->query->get('perPage', 30);
	66	$tags = $request->query->get('tags', []);
	67
	68	$pager = $this
	69	->getDoctrine()
	70	->getRepository('WallabagCoreBundle:Entry')
	71	->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);
	72
	73	$pager->setCurrentPage($page);
	74	$pager->setMaxPerPage($perPage);
	75
	76	$pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
	77	$paginatedCollection = $pagerfantaFactory->createRepresentation(
	78	$pager,
	79	new Route('api_get_entries', [], $absolute = true)
	80	);
	81
	82	$json = $this->get('serializer')->serialize($paginatedCollection, 'json');
	83
	84	return $this->renderJsonResponse($json);
	85	}
	86
	87	/**
	88	* Retrieve a single entry.
	89	*
	90	* @ApiDoc(
	91	* requirements={
	92	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	93	* }
	94	* )
	95	*
	96	* @return Entry
	97	*/
	98	public function getEntryAction(Entry $entry)
	99	{
	100	$this->validateUserAccess($entry->getUser()->getId());
	101
	102	$json = $this->get('serializer')->serialize($entry, 'json');
	103
	104	return $this->renderJsonResponse($json);
	105	}
	106
	107	/**
	108	* Create an entry.
	109	*
	110	* @ApiDoc(
	111	* parameters={
	112	* {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
	113	* {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
	114	* {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
	115	* }
	116	* )
	117	*
	118	* @return Entry
	119	*/
	120	public function postEntriesAction(Request $request)
	121	{
	122	$url = $request->request->get('url');
	123
	124	$entry = $this->get('wallabag_core.content_proxy')->updateEntry(
	125	new Entry($this->getUser()),
	126	$url
	127	);
	128
	129	$tags = $request->request->get('tags', '');
	130	if (!empty($tags)) {
	131	$this->assignTagsToEntry($entry, $tags);
	132	}
	133
	134	$em = $this->getDoctrine()->getManager();
	135	$em->persist($entry);
	136	$em->flush();
	137
	138	$json = $this->get('serializer')->serialize($entry, 'json');
	139
	140	return $this->renderJsonResponse($json);
	141	}
	142
	143	/**
	144	* Change several properties of an entry.
	145	*
	146	* @ApiDoc(
	147	* requirements={
	148	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	149	* },
	150	* parameters={
	151	* {"name"="title", "dataType"="string", "required"=false},
	152	* {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
	153	* {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."},
	154	* {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
	155	* }
	156	* )
	157	*
	158	* @return Entry
	159	*/
	160	public function patchEntriesAction(Entry $entry, Request $request)
	161	{
	162	$this->validateUserAccess($entry->getUser()->getId());
	163
	164	$title = $request->request->get('title');
	165	$isArchived = $request->request->get('is_archived');
	166	$isStarred = $request->request->get('is_starred');
	167
	168	if (!is_null($title)) {
	169	$entry->setTitle($title);
	170	}
	171
	172	if (!is_null($isArchived)) {
	173	$entry->setArchived($isArchived);
	174	}
	175
	176	if (!is_null($isStarred)) {
	177	$entry->setStarred($isStarred);
	178	}
	179
	180	$tags = $request->request->get('tags', '');
	181	if (!empty($tags)) {
	182	$this->assignTagsToEntry($entry, $tags);
	183	}
	184
	185	$em = $this->getDoctrine()->getManager();
	186	$em->flush();
	187
	188	$json = $this->get('serializer')->serialize($entry, 'json');
	189
	190	return $this->renderJsonResponse($json);
	191	}
	192
	193	/**
	194	* Delete permanently an entry.
	195	*
	196	* @ApiDoc(
	197	* requirements={
	198	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	199	* }
	200	* )
	201	*
	202	* @return Entry
	203	*/
	204	public function deleteEntriesAction(Entry $entry)
	205	{
	206	$this->validateUserAccess($entry->getUser()->getId());
	207
	208	$em = $this->getDoctrine()->getManager();
	209	$em->remove($entry);
	210	$em->flush();
	211
	212	$json = $this->get('serializer')->serialize($entry, 'json');
	213
	214	return $this->renderJsonResponse($json);
	215	}
	216
	217	/**
	218	* Retrieve all tags for an entry.
	219	*
	220	* @ApiDoc(
	221	* requirements={
	222	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	223	* }
	224	* )
	225	*/
	226	public function getEntriesTagsAction(Entry $entry)
	227	{
	228	$this->validateUserAccess($entry->getUser()->getId());
	229
	230	$json = $this->get('serializer')->serialize($entry->getTags(), 'json');
	231
	232	return $this->renderJsonResponse($json);
	233	}
	234
	235	/**
	236	* Add one or more tags to an entry.
	237	*
	238	* @ApiDoc(
	239	* requirements={
	240	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	241	* },
	242	* parameters={
	243	* {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
	244	* }
	245	* )
	246	*/
	247	public function postEntriesTagsAction(Request $request, Entry $entry)
	248	{
	249	$this->validateUserAccess($entry->getUser()->getId());
	250
	251	$tags = $request->request->get('tags', '');
	252	if (!empty($tags)) {
	253	$this->assignTagsToEntry($entry, $tags);
	254	}
	255
	256	$em = $this->getDoctrine()->getManager();
	257	$em->persist($entry);
	258	$em->flush();
	259
	260	$json = $this->get('serializer')->serialize($entry, 'json');
	261
	262	return $this->renderJsonResponse($json);
	263	}
	264
	265	/**
	266	* Permanently remove one tag for an entry.
	267	*
	268	* @ApiDoc(
	269	* requirements={
	270	* {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
	271	* {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
	272	* }
	273	* )
	274	*/
	275	public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
	276	{
	277	$this->validateUserAccess($entry->getUser()->getId());
	278
	279	$entry->removeTag($tag);
	280	$em = $this->getDoctrine()->getManager();
	281	$em->persist($entry);
	282	$em->flush();
	283
	284	$json = $this->get('serializer')->serialize($entry, 'json');
	285
	286	return $this->renderJsonResponse($json);
	287	}
	288
	289	/**
	290	* Retrieve all tags.
	291	*
	292	* @ApiDoc()
	293	*/
	294	public function getTagsAction()
	295	{
	296	$json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json');
	297
	298	return $this->renderJsonResponse($json);
	299	}
	300
	301	/**
	302	* Permanently remove one tag from every entry.
	303	*
	304	* @ApiDoc(
	305	* requirements={
	306	* {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
	307	* }
	308	* )
	309	*/
	310	public function deleteTagAction(Tag $tag)
	311	{
	312	$this->validateUserAccess($tag->getUser()->getId());
	313
	314	$em = $this->getDoctrine()->getManager();
	315	$em->remove($tag);
	316	$em->flush();
	317
	318	$json = $this->get('serializer')->serialize($tag, 'json');
	319
	320	return $this->renderJsonResponse($json);
	321	}
	322
	323	/**
	324	* Validate that the first id is equal to the second one.
	325	* If not, throw exception. It means a user try to access information from an other user.
	326	*
	327	* @param int $requestUserId User id from the requested source
	328	*/
	329	private function validateUserAccess($requestUserId)
	330	{
	331	$user = $this->get('security.context')->getToken()->getUser();
	332	if ($requestUserId != $user->getId()) {
	333	throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
	334	}
	335	}
	336
	337	/**
	338	* Send a JSON Response.
	339	* We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
	340	*
	341	* @param string $json
	342	*
	343	* @return Response
	344	*/
	345	private function renderJsonResponse($json)
	346	{
	347	return new Response($json, 200, array('application/json'));
	348	}
	349	}