src/Wallabag/ApiBundle/Controller/WallabagRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use FOS\RestBundle\Controller\FOSRestController;
   6 use Hateoas\Configuration\Route;
   7 use Hateoas\Representation\Factory\PagerfantaFactory;
   8 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   9 use Symfony\Component\HttpFoundation\Request;
  10 use Symfony\Component\HttpFoundation\Response;
  11 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  12 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  13 use Wallabag\CoreBundle\Entity\Entry;
  14 use Wallabag\CoreBundle\Entity\Tag;
  15
  16 class WallabagRestController extends FOSRestController
  17 {
  18     private function validateAuthentication()
  19     {
  20         if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  21             throw new AccessDeniedException();
  22         }
  23     }
  24
  25     /**
  26      * Retrieve all entries. It could be filtered by many options.
  27      *
  28      * @ApiDoc(
  29      *       parameters={
  30      *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."},
  31      *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."},
  32      *          {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
  33      *          {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
  34      *          {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
  35      *          {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
  36      *          {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
  37      *       }
  38      * )
  39      *
  40      * @return Response
  41      */
  42     public function getEntriesAction(Request $request)
  43     {
  44         $this->validateAuthentication();
  45
  46         $isArchived = $request->query->get('archive');
  47         $isStarred = $request->query->get('star');
  48         $sort = $request->query->get('sort', 'created');
  49         $order = $request->query->get('order', 'desc');
  50         $page = (int) $request->query->get('page', 1);
  51         $perPage = (int) $request->query->get('perPage', 30);
  52
  53         $pager = $this->getDoctrine()
  54             ->getRepository('WallabagCoreBundle:Entry')
  55             ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);
  56
  57         $pager->setCurrentPage($page);
  58         $pager->setMaxPerPage($perPage);
  59
  60         $pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
  61         $paginatedCollection = $pagerfantaFactory->createRepresentation(
  62             $pager,
  63             new Route('api_get_entries', [], UrlGeneratorInterface::ABSOLUTE_URL)
  64         );
  65
  66         $json = $this->get('serializer')->serialize($paginatedCollection, 'json');
  67
  68         return $this->renderJsonResponse($json);
  69     }
  70
  71     /**
  72      * Retrieve a single entry.
  73      *
  74      * @ApiDoc(
  75      *      requirements={
  76      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
  77      *      }
  78      * )
  79      *
  80      * @return Response
  81      */
  82     public function getEntryAction(Entry $entry)
  83     {
  84         $this->validateAuthentication();
  85         $this->validateUserAccess($entry->getUser()->getId());
  86
  87         $json = $this->get('serializer')->serialize($entry, 'json');
  88
  89         return $this->renderJsonResponse($json);
  90     }
  91
  92     /**
  93      * Create an entry.
  94      *
  95      * @ApiDoc(
  96      *       parameters={
  97      *          {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
  98      *          {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
  99      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 100      *       }
 101      * )
 102      *
 103      * @return Response
 104      */
 105     public function postEntriesAction(Request $request)
 106     {
 107         $this->validateAuthentication();
 108
 109         $url = $request->request->get('url');
 110
 111         $entry = $this->get('wallabag_core.content_proxy')->updateEntry(
 112             new Entry($this->getUser()),
 113             $url
 114         );
 115
 116         $tags = $request->request->get('tags', '');
 117         if (!empty($tags)) {
 118             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 119         }
 120
 121         $em = $this->getDoctrine()->getManager();
 122         $em->persist($entry);
 123         $em->flush();
 124
 125         $json = $this->get('serializer')->serialize($entry, 'json');
 126
 127         return $this->renderJsonResponse($json);
 128     }
 129
 130     /**
 131      * Change several properties of an entry.
 132      *
 133      * @ApiDoc(
 134      *      requirements={
 135      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 136      *      },
 137      *      parameters={
 138      *          {"name"="title", "dataType"="string", "required"=false},
 139      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 140      *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."},
 141      *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
 142      *      }
 143      * )
 144      *
 145      * @return Response
 146      */
 147     public function patchEntriesAction(Entry $entry, Request $request)
 148     {
 149         $this->validateAuthentication();
 150         $this->validateUserAccess($entry->getUser()->getId());
 151
 152         $title = $request->request->get('title');
 153         $isArchived = $request->request->get('archive');
 154         $isStarred = $request->request->get('star');
 155
 156         if (!is_null($title)) {
 157             $entry->setTitle($title);
 158         }
 159
 160         if (!is_null($isArchived)) {
 161             $entry->setArchived($isArchived);
 162         }
 163
 164         if (!is_null($isStarred)) {
 165             $entry->setStarred($isStarred);
 166         }
 167
 168         $tags = $request->request->get('tags', '');
 169         if (!empty($tags)) {
 170             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 171         }
 172
 173         $em = $this->getDoctrine()->getManager();
 174         $em->flush();
 175
 176         $json = $this->get('serializer')->serialize($entry, 'json');
 177
 178         return $this->renderJsonResponse($json);
 179     }
 180
 181     /**
 182      * Delete **permanently** an entry.
 183      *
 184      * @ApiDoc(
 185      *      requirements={
 186      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 187      *      }
 188      * )
 189      *
 190      * @return Response
 191      */
 192     public function deleteEntriesAction(Entry $entry)
 193     {
 194         $this->validateAuthentication();
 195         $this->validateUserAccess($entry->getUser()->getId());
 196
 197         $em = $this->getDoctrine()->getManager();
 198         $em->remove($entry);
 199         $em->flush();
 200
 201         $json = $this->get('serializer')->serialize($entry, 'json');
 202
 203         return $this->renderJsonResponse($json);
 204     }
 205
 206     /**
 207      * Retrieve all tags for an entry.
 208      *
 209      * @ApiDoc(
 210      *      requirements={
 211      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 212      *      }
 213      * )
 214      *
 215      * @return Response
 216      */
 217     public function getEntriesTagsAction(Entry $entry)
 218     {
 219         $this->validateAuthentication();
 220         $this->validateUserAccess($entry->getUser()->getId());
 221
 222         $json = $this->get('serializer')->serialize($entry->getTags(), 'json');
 223
 224         return $this->renderJsonResponse($json);
 225     }
 226
 227     /**
 228      * Add one or more tags to an entry.
 229      *
 230      * @ApiDoc(
 231      *      requirements={
 232      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 233      *      },
 234      *      parameters={
 235      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 236      *       }
 237      * )
 238      *
 239      * @return Response
 240      */
 241     public function postEntriesTagsAction(Request $request, Entry $entry)
 242     {
 243         $this->validateAuthentication();
 244         $this->validateUserAccess($entry->getUser()->getId());
 245
 246         $tags = $request->request->get('tags', '');
 247         if (!empty($tags)) {
 248             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 249         }
 250
 251         $em = $this->getDoctrine()->getManager();
 252         $em->persist($entry);
 253         $em->flush();
 254
 255         $json = $this->get('serializer')->serialize($entry, 'json');
 256
 257         return $this->renderJsonResponse($json);
 258     }
 259
 260     /**
 261      * Permanently remove one tag for an entry.
 262      *
 263      * @ApiDoc(
 264      *      requirements={
 265      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
 266      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 267      *      }
 268      * )
 269      *
 270      * @return Response
 271      */
 272     public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
 273     {
 274         $this->validateAuthentication();
 275         $this->validateUserAccess($entry->getUser()->getId());
 276
 277         $entry->removeTag($tag);
 278         $em = $this->getDoctrine()->getManager();
 279         $em->persist($entry);
 280         $em->flush();
 281
 282         $json = $this->get('serializer')->serialize($entry, 'json');
 283
 284         return $this->renderJsonResponse($json);
 285     }
 286
 287     /**
 288      * Retrieve all tags.
 289      *
 290      * @ApiDoc()
 291      *
 292      * @return Response
 293      */
 294     public function getTagsAction()
 295     {
 296         $this->validateAuthentication();
 297
 298         $tags = $this->getDoctrine()
 299             ->getRepository('WallabagCoreBundle:Tag')
 300             ->findAllTags($this->getUser()->getId());
 301
 302         $json = $this->get('serializer')->serialize($tags, 'json');
 303
 304         return $this->renderJsonResponse($json);
 305     }
 306
 307     /**
 308      * Permanently remove one tag from **every** entry.
 309      *
 310      * @ApiDoc(
 311      *      requirements={
 312      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
 313      *      }
 314      * )
 315      *
 316      * @return Response
 317      */
 318     public function deleteTagAction(Tag $tag)
 319     {
 320         $this->validateAuthentication();
 321
 322         $this->getDoctrine()
 323             ->getRepository('WallabagCoreBundle:Entry')
 324             ->removeTag($this->getUser()->getId(), $tag);
 325
 326         $json = $this->get('serializer')->serialize($tag, 'json');
 327
 328         return $this->renderJsonResponse($json);
 329     }
 330
 331     /**
 332      * Validate that the first id is equal to the second one.
 333      * If not, throw exception. It means a user try to access information from an other user.
 334      *
 335      * @param int $requestUserId User id from the requested source
 336      */
 337     private function validateUserAccess($requestUserId)
 338     {
 339         $user = $this->get('security.token_storage')->getToken()->getUser();
 340         if ($requestUserId != $user->getId()) {
 341             throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
 342         }
 343     }
 344
 345     /**
 346      * Send a JSON Response.
 347      * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
 348      *
 349      * @param string $json
 350      *
 351      * @return Response
 352      */
 353     private function renderJsonResponse($json)
 354     {
 355         return new Response($json, 200, array('application/json'));
 356     }
 357 }