src/Wallabag/ApiBundle/Controller/WallabagRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use FOS\RestBundle\Controller\AbstractFOSRestController;
   6 use JMS\Serializer\SerializationContext;
   7 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   8 use Symfony\Component\HttpFoundation\JsonResponse;
   9 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  10
  11 class WallabagRestController extends AbstractFOSRestController
  12 {
  13     /**
  14      * Retrieve version number.
  15      *
  16      * @ApiDoc()
  17      *
  18      * @deprecated Should use info endpoint instead
  19      *
  20      * @return JsonResponse
  21      */
  22     public function getVersionAction()
  23     {
  24         $version = $this->container->getParameter('wallabag_core.version');
  25         $json = $this->get('jms_serializer')->serialize($version, 'json');
  26
  27         return (new JsonResponse())->setJson($json);
  28     }
  29
  30     /**
  31      * Retrieve information about the wallabag instance.
  32      *
  33      * @ApiDoc()
  34      *
  35      * @return JsonResponse
  36      */
  37     public function getInfoAction()
  38     {
  39         $info = [
  40             'appname' => 'wallabag',
  41             'version' => $this->container->getParameter('wallabag_core.version'),
  42             'allowed_registration' => $this->container->getParameter('wallabag_user.registration_enabled'),
  43         ];
  44
  45         return (new JsonResponse())->setJson($this->get('jms_serializer')->serialize($info, 'json'));
  46     }
  47
  48     protected function validateAuthentication()
  49     {
  50         if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  51             throw new AccessDeniedException();
  52         }
  53     }
  54
  55     /**
  56      * Validate that the first id is equal to the second one.
  57      * If not, throw exception. It means a user try to access information from an other user.
  58      *
  59      * @param int $requestUserId User id from the requested source
  60      */
  61     protected function validateUserAccess($requestUserId)
  62     {
  63         $user = $this->get('security.token_storage')->getToken()->getUser();
  64         if ($requestUserId !== $user->getId()) {
  65             throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId());
  66         }
  67     }
  68
  69     /**
  70      * Shortcut to send data serialized in json.
  71      *
  72      * @param mixed $data
  73      *
  74      * @return JsonResponse
  75      */
  76     protected function sendResponse($data)
  77     {
  78         // https://github.com/schmittjoh/JMSSerializerBundle/issues/293
  79         $context = new SerializationContext();
  80         $context->setSerializeNull(true);
  81
  82         $json = $this->get('jms_serializer')->serialize($data, 'json', $context);
  83
  84         return (new JsonResponse())->setJson($json);
  85     }
  86 }