src/Wallabag/ApiBundle/Controller/WallabagRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use FOS\RestBundle\Controller\FOSRestController;
   6 use Hateoas\Configuration\Route;
   7 use Hateoas\Representation\Factory\PagerfantaFactory;
   8 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   9 use Symfony\Component\HttpFoundation\Request;
  10 use Symfony\Component\HttpFoundation\Response;
  11 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  12 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  13 use Wallabag\CoreBundle\Entity\Entry;
  14 use Wallabag\CoreBundle\Entity\Tag;
  15
  16 class WallabagRestController extends FOSRestController
  17 {
  18     private function validateAuthentication()
  19     {
  20         if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  21             throw new AccessDeniedException();
  22         }
  23     }
  24
  25     /**
  26      * Retrieve all entries. It could be filtered by many options.
  27      *
  28      * @ApiDoc(
  29      *       parameters={
  30      *          {"name"="archive", "dataType"="integer", "required"=false, "format"="1 or 0, all entries by default", "description"="filter by archived status."},
  31      *          {"name"="starred", "dataType"="integer", "required"=false, "format"="1 or 0, all entries by default", "description"="filter by starred status."},
  32      *          {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
  33      *          {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
  34      *          {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
  35      *          {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
  36      *          {"name"="tags", "dataType"="string", "required"=false, "format"="api,rest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
  37      *          {"name"="since", "dataType"="integer", "required"=false, "format"="default '0'", "description"="The timestamp since when you want entries updated."},
  38      *       }
  39      * )
  40      *
  41      * @return Response
  42      */
  43     public function getEntriesAction(Request $request)
  44     {
  45         $this->validateAuthentication();
  46
  47         $isArchived = (null === $request->query->get('archive')) ? null : (bool) $request->query->get('archive');
  48         $isStarred = (null === $request->query->get('starred')) ? null : (bool) $request->query->get('starred');
  49         $sort = $request->query->get('sort', 'created');
  50         $order = $request->query->get('order', 'desc');
  51         $page = (int) $request->query->get('page', 1);
  52         $perPage = (int) $request->query->get('perPage', 30);
  53         $since = $request->query->get('since', 0);
  54
  55         $pager = $this->getDoctrine()
  56             ->getRepository('WallabagCoreBundle:Entry')
  57             ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order, $since);
  58
  59         $pager->setCurrentPage($page);
  60         $pager->setMaxPerPage($perPage);
  61
  62         $pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
  63         $paginatedCollection = $pagerfantaFactory->createRepresentation(
  64             $pager,
  65             new Route('api_get_entries', [], UrlGeneratorInterface::ABSOLUTE_URL)
  66         );
  67
  68         $json = $this->get('serializer')->serialize($paginatedCollection, 'json');
  69
  70         return $this->renderJsonResponse($json);
  71     }
  72
  73     /**
  74      * Retrieve a single entry.
  75      *
  76      * @ApiDoc(
  77      *      requirements={
  78      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
  79      *      }
  80      * )
  81      *
  82      * @return Response
  83      */
  84     public function getEntryAction(Entry $entry)
  85     {
  86         $this->validateAuthentication();
  87         $this->validateUserAccess($entry->getUser()->getId());
  88
  89         $json = $this->get('serializer')->serialize($entry, 'json');
  90
  91         return $this->renderJsonResponse($json);
  92     }
  93
  94     /**
  95      * Create an entry.
  96      *
  97      * @ApiDoc(
  98      *       parameters={
  99      *          {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
 100      *          {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
 101      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 102      *          {"name"="starred", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="entry already starred"},
 103      *          {"name"="archive", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="entry already archived"},
 104      *       }
 105      * )
 106      *
 107      * @return Response
 108      */
 109     public function postEntriesAction(Request $request)
 110     {
 111         $this->validateAuthentication();
 112
 113         $url = $request->request->get('url');
 114         $title = $request->request->get('title');
 115         $isArchived = $request->request->get('archive');
 116         $isStarred = $request->request->get('starred');
 117
 118         $entry = $this->get('wallabag_core.entry_repository')->findByUrlAndUserId($url, $this->getUser()->getId());
 119
 120         if (false === $entry) {
 121             $entry = $this->get('wallabag_core.content_proxy')->updateEntry(
 122                 new Entry($this->getUser()),
 123                 $url
 124             );
 125         }
 126
 127         if (!is_null($title)) {
 128             $entry->setTitle($title);
 129         }
 130
 131         $tags = $request->request->get('tags', '');
 132         if (!empty($tags)) {
 133             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 134         }
 135
 136         if (!is_null($isStarred)) {
 137             $entry->setStarred((bool) $isStarred);
 138         }
 139
 140         if (!is_null($isArchived)) {
 141             $entry->setArchived((bool) $isArchived);
 142         }
 143
 144         $em = $this->getDoctrine()->getManager();
 145         $em->persist($entry);
 146
 147         $em->flush();
 148
 149         $json = $this->get('serializer')->serialize($entry, 'json');
 150
 151         return $this->renderJsonResponse($json);
 152     }
 153
 154     /**
 155      * Change several properties of an entry.
 156      *
 157      * @ApiDoc(
 158      *      requirements={
 159      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 160      *      },
 161      *      parameters={
 162      *          {"name"="title", "dataType"="string", "required"=false},
 163      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 164      *          {"name"="archive", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="archived the entry."},
 165      *          {"name"="starred", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="starred the entry."},
 166      *      }
 167      * )
 168      *
 169      * @return Response
 170      */
 171     public function patchEntriesAction(Entry $entry, Request $request)
 172     {
 173         $this->validateAuthentication();
 174         $this->validateUserAccess($entry->getUser()->getId());
 175
 176         $title = $request->request->get('title');
 177         $isArchived = $request->request->get('archive');
 178         $isStarred = $request->request->get('starred');
 179
 180         if (!is_null($title)) {
 181             $entry->setTitle($title);
 182         }
 183
 184         if (!is_null($isArchived)) {
 185             $entry->setArchived((bool) $isArchived);
 186         }
 187
 188         if (!is_null($isStarred)) {
 189             $entry->setStarred((bool) $isStarred);
 190         }
 191
 192         $tags = $request->request->get('tags', '');
 193         if (!empty($tags)) {
 194             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 195         }
 196
 197         $em = $this->getDoctrine()->getManager();
 198         $em->flush();
 199
 200         $json = $this->get('serializer')->serialize($entry, 'json');
 201
 202         return $this->renderJsonResponse($json);
 203     }
 204
 205     /**
 206      * Delete **permanently** an entry.
 207      *
 208      * @ApiDoc(
 209      *      requirements={
 210      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 211      *      }
 212      * )
 213      *
 214      * @return Response
 215      */
 216     public function deleteEntriesAction(Entry $entry)
 217     {
 218         $this->validateAuthentication();
 219         $this->validateUserAccess($entry->getUser()->getId());
 220
 221         $em = $this->getDoctrine()->getManager();
 222         $em->remove($entry);
 223         $em->flush();
 224
 225         $json = $this->get('serializer')->serialize($entry, 'json');
 226
 227         return $this->renderJsonResponse($json);
 228     }
 229
 230     /**
 231      * Retrieve all tags for an entry.
 232      *
 233      * @ApiDoc(
 234      *      requirements={
 235      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 236      *      }
 237      * )
 238      *
 239      * @return Response
 240      */
 241     public function getEntriesTagsAction(Entry $entry)
 242     {
 243         $this->validateAuthentication();
 244         $this->validateUserAccess($entry->getUser()->getId());
 245
 246         $json = $this->get('serializer')->serialize($entry->getTags(), 'json');
 247
 248         return $this->renderJsonResponse($json);
 249     }
 250
 251     /**
 252      * Add one or more tags to an entry.
 253      *
 254      * @ApiDoc(
 255      *      requirements={
 256      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 257      *      },
 258      *      parameters={
 259      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 260      *       }
 261      * )
 262      *
 263      * @return Response
 264      */
 265     public function postEntriesTagsAction(Request $request, Entry $entry)
 266     {
 267         $this->validateAuthentication();
 268         $this->validateUserAccess($entry->getUser()->getId());
 269
 270         $tags = $request->request->get('tags', '');
 271         if (!empty($tags)) {
 272             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 273         }
 274
 275         $em = $this->getDoctrine()->getManager();
 276         $em->persist($entry);
 277         $em->flush();
 278
 279         $json = $this->get('serializer')->serialize($entry, 'json');
 280
 281         return $this->renderJsonResponse($json);
 282     }
 283
 284     /**
 285      * Permanently remove one tag for an entry.
 286      *
 287      * @ApiDoc(
 288      *      requirements={
 289      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
 290      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 291      *      }
 292      * )
 293      *
 294      * @return Response
 295      */
 296     public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
 297     {
 298         $this->validateAuthentication();
 299         $this->validateUserAccess($entry->getUser()->getId());
 300
 301         $entry->removeTag($tag);
 302         $em = $this->getDoctrine()->getManager();
 303         $em->persist($entry);
 304         $em->flush();
 305
 306         $json = $this->get('serializer')->serialize($entry, 'json');
 307
 308         return $this->renderJsonResponse($json);
 309     }
 310
 311     /**
 312      * Retrieve all tags.
 313      *
 314      * @ApiDoc()
 315      *
 316      * @return Response
 317      */
 318     public function getTagsAction()
 319     {
 320         $this->validateAuthentication();
 321
 322         $tags = $this->getDoctrine()
 323             ->getRepository('WallabagCoreBundle:Tag')
 324             ->findAllTags($this->getUser()->getId());
 325
 326         $json = $this->get('serializer')->serialize($tags, 'json');
 327
 328         return $this->renderJsonResponse($json);
 329     }
 330
 331     /**
 332      * Permanently remove one tag from **every** entry.
 333      *
 334      * @ApiDoc(
 335      *      requirements={
 336      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
 337      *      }
 338      * )
 339      *
 340      * @return Response
 341      */
 342     public function deleteTagAction(Tag $tag)
 343     {
 344         $this->validateAuthentication();
 345
 346         $this->getDoctrine()
 347             ->getRepository('WallabagCoreBundle:Entry')
 348             ->removeTag($this->getUser()->getId(), $tag);
 349
 350         $json = $this->get('serializer')->serialize($tag, 'json');
 351
 352         return $this->renderJsonResponse($json);
 353     }
 354     /**
 355      * Retrieve version number.
 356      *
 357      * @ApiDoc()
 358      *
 359      * @return Response
 360      */
 361     public function getVersionAction()
 362     {
 363         $version = $this->container->getParameter('wallabag_core.version');
 364
 365         $json = $this->get('serializer')->serialize($version, 'json');
 366
 367         return $this->renderJsonResponse($json);
 368     }
 369
 370     /**
 371      * Validate that the first id is equal to the second one.
 372      * If not, throw exception. It means a user try to access information from an other user.
 373      *
 374      * @param int $requestUserId User id from the requested source
 375      */
 376     private function validateUserAccess($requestUserId)
 377     {
 378         $user = $this->get('security.token_storage')->getToken()->getUser();
 379         if ($requestUserId != $user->getId()) {
 380             throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
 381         }
 382     }
 383
 384     /**
 385      * Send a JSON Response.
 386      * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
 387      *
 388      * @param string $json
 389      *
 390      * @return Response
 391      */
 392     private function renderJsonResponse($json)
 393     {
 394         return new Response($json, 200, ['application/json']);
 395     }
 396 }