src/Wallabag/ApiBundle/Controller/WallabagRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   6 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
   7 use Symfony\Component\HttpFoundation\Request;
   8 use Symfony\Component\HttpFoundation\Response;
   9 use Wallabag\CoreBundle\Entity\Entry;
  10 use Wallabag\CoreBundle\Entity\Tag;
  11 use Wallabag\CoreBundle\Service\Extractor;
  12 use Hateoas\Configuration\Route;
  13 use Hateoas\Representation\Factory\PagerfantaFactory;
  14
  15 class WallabagRestController extends Controller
  16 {
  17     /**
  18      * @param Entry  $entry
  19      * @param string $tags
  20      */
  21     private function assignTagsToEntry(Entry $entry, $tags)
  22     {
  23         foreach (explode(',', $tags) as $label) {
  24             $label = trim($label);
  25             $tagEntity = $this
  26                 ->getDoctrine()
  27                 ->getRepository('WallabagCoreBundle:Tag')
  28                 ->findOneByLabel($label);
  29
  30             if (is_null($tagEntity)) {
  31                 $tagEntity = new Tag($this->getUser());
  32                 $tagEntity->setLabel($label);
  33             }
  34
  35             // only add the tag on the entry if the relation doesn't exist
  36             if (!$entry->getTags()->contains($tagEntity)) {
  37                 $entry->addTag($tagEntity);
  38             }
  39         }
  40     }
  41
  42     /**
  43      * Retrieve salt for a giver user.
  44      *
  45      * @ApiDoc(
  46      *       parameters={
  47      *          {"name"="username", "dataType"="string", "required"=true, "description"="username"}
  48      *       }
  49      * )
  50      *
  51      * @return array
  52      */
  53     public function getSaltAction($username)
  54     {
  55         $user = $this
  56             ->getDoctrine()
  57             ->getRepository('WallabagCoreBundle:User')
  58             ->findOneByUsername($username);
  59
  60         if (is_null($user)) {
  61             throw $this->createNotFoundException();
  62         }
  63
  64         return array($user->getSalt() ?: null);
  65     }
  66
  67     /**
  68      * Retrieve all entries. It could be filtered by many options.
  69      *
  70      * @ApiDoc(
  71      *       parameters={
  72      *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."},
  73      *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."},
  74      *          {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
  75      *          {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
  76      *          {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
  77      *          {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
  78      *          {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
  79      *       }
  80      * )
  81      *
  82      * @return Entry
  83      */
  84     public function getEntriesAction(Request $request)
  85     {
  86         $isArchived = $request->query->get('archive');
  87         $isStarred = $request->query->get('star');
  88         $sort = $request->query->get('sort', 'created');
  89         $order = $request->query->get('order', 'desc');
  90         $page = (int) $request->query->get('page', 1);
  91         $perPage = (int) $request->query->get('perPage', 30);
  92         $tags = $request->query->get('tags', []);
  93
  94         $pager = $this
  95             ->getDoctrine()
  96             ->getRepository('WallabagCoreBundle:Entry')
  97             ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);
  98
  99         $pager->setCurrentPage($page);
 100         $pager->setMaxPerPage($perPage);
 101
 102         $pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
 103         $paginatedCollection = $pagerfantaFactory->createRepresentation(
 104             $pager,
 105             new Route('api_get_entries', [], $absolute = true)
 106         );
 107
 108         $json = $this->get('serializer')->serialize($paginatedCollection, 'json');
 109
 110         return $this->renderJsonResponse($json);
 111     }
 112
 113     /**
 114      * Retrieve a single entry.
 115      *
 116      * @ApiDoc(
 117      *      requirements={
 118      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 119      *      }
 120      * )
 121      *
 122      * @return Entry
 123      */
 124     public function getEntryAction(Entry $entry)
 125     {
 126         $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
 127
 128         $json = $this->get('serializer')->serialize($entry, 'json');
 129
 130         return $this->renderJsonResponse($json);
 131     }
 132
 133     /**
 134      * Create an entry.
 135      *
 136      * @ApiDoc(
 137      *       parameters={
 138      *          {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
 139      *          {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
 140      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 141      *       }
 142      * )
 143      *
 144      * @return Entry
 145      */
 146     public function postEntriesAction(Request $request)
 147     {
 148         $url = $request->request->get('url');
 149
 150         $content = $this->get('wallabag_core.graby')->fetchContent($url);
 151
 152         $entry = new Entry($this->getUser());
 153         $entry->setUrl($url);
 154         $entry->setTitle($request->request->get('title') ?: $content['title']);
 155         $entry->setContent($content['html']);
 156         $entry->setMimetype($content['content_type']);
 157         if (isset($content['open_graph']['og_image'])) {
 158             $entry->setPreviewPicture($content['open_graph']['og_image']);
 159         }
 160
 161         $tags = $request->request->get('tags', '');
 162         if (!empty($tags)) {
 163             $this->assignTagsToEntry($entry, $tags);
 164         }
 165
 166         $em = $this->getDoctrine()->getManager();
 167         $em->persist($entry);
 168         $em->flush();
 169
 170         $json = $this->get('serializer')->serialize($entry, 'json');
 171
 172         return $this->renderJsonResponse($json);
 173     }
 174
 175     /**
 176      * Change several properties of an entry.
 177      *
 178      * @ApiDoc(
 179      *      requirements={
 180      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 181      *      },
 182      *      parameters={
 183      *          {"name"="title", "dataType"="string", "required"=false},
 184      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 185      *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."},
 186      *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
 187      *      }
 188      * )
 189      *
 190      * @return Entry
 191      */
 192     public function patchEntriesAction(Entry $entry, Request $request)
 193     {
 194         $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
 195
 196         $title = $request->request->get('title');
 197         $isArchived = $request->request->get('is_archived');
 198         $isStarred = $request->request->get('is_starred');
 199
 200         if (!is_null($title)) {
 201             $entry->setTitle($title);
 202         }
 203
 204         if (!is_null($isArchived)) {
 205             $entry->setArchived($isArchived);
 206         }
 207
 208         if (!is_null($isStarred)) {
 209             $entry->setStarred($isStarred);
 210         }
 211
 212         $tags = $request->request->get('tags', '');
 213         if (!empty($tags)) {
 214             $this->assignTagsToEntry($entry, $tags);
 215         }
 216
 217         $em = $this->getDoctrine()->getManager();
 218         $em->flush();
 219
 220         $json = $this->get('serializer')->serialize($entry, 'json');
 221
 222         return $this->renderJsonResponse($json);
 223     }
 224
 225     /**
 226      * Delete **permanently** an entry.
 227      *
 228      * @ApiDoc(
 229      *      requirements={
 230      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 231      *      }
 232      * )
 233      *
 234      * @return Entry
 235      */
 236     public function deleteEntriesAction(Entry $entry)
 237     {
 238         $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
 239
 240         $em = $this->getDoctrine()->getManager();
 241         $em->remove($entry);
 242         $em->flush();
 243
 244         $json = $this->get('serializer')->serialize($entry, 'json');
 245
 246         return $this->renderJsonResponse($json);
 247     }
 248
 249     /**
 250      * Retrieve all tags for an entry.
 251      *
 252      * @ApiDoc(
 253      *      requirements={
 254      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 255      *      }
 256      * )
 257      */
 258     public function getEntriesTagsAction(Entry $entry)
 259     {
 260         $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
 261
 262         $json = $this->get('serializer')->serialize($entry->getTags(), 'json');
 263
 264         return $this->renderJsonResponse($json);
 265     }
 266
 267     /**
 268      * Add one or more tags to an entry.
 269      *
 270      * @ApiDoc(
 271      *      requirements={
 272      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 273      *      },
 274      *      parameters={
 275      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 276      *       }
 277      * )
 278      */
 279     public function postEntriesTagsAction(Request $request, Entry $entry)
 280     {
 281         $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
 282
 283         $tags = $request->request->get('tags', '');
 284         if (!empty($tags)) {
 285             $this->assignTagsToEntry($entry, $tags);
 286         }
 287
 288         $em = $this->getDoctrine()->getManager();
 289         $em->persist($entry);
 290         $em->flush();
 291
 292         $json = $this->get('serializer')->serialize($entry, 'json');
 293
 294         return $this->renderJsonResponse($json);
 295     }
 296
 297     /**
 298      * Permanently remove one tag for an entry.
 299      *
 300      * @ApiDoc(
 301      *      requirements={
 302      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
 303      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 304      *      }
 305      * )
 306      */
 307     public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
 308     {
 309         $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
 310
 311         $entry->removeTag($tag);
 312         $em = $this->getDoctrine()->getManager();
 313         $em->persist($entry);
 314         $em->flush();
 315
 316         $json = $this->get('serializer')->serialize($entry, 'json');
 317
 318         return $this->renderJsonResponse($json);
 319     }
 320
 321     /**
 322      * Retrieve all tags.
 323      *
 324      * @ApiDoc()
 325      */
 326     public function getTagsAction()
 327     {
 328         $json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json');
 329
 330         return $this->renderJsonResponse($json);
 331     }
 332
 333     /**
 334      * Permanently remove one tag from **every** entry.
 335      *
 336      * @ApiDoc(
 337      *      requirements={
 338      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
 339      *      }
 340      * )
 341      */
 342     public function deleteTagAction(Tag $tag)
 343     {
 344         $this->validateUserAccess($tag->getUser()->getId(), $this->getUser()->getId());
 345
 346         $em = $this->getDoctrine()->getManager();
 347         $em->remove($tag);
 348         $em->flush();
 349
 350         $json = $this->get('serializer')->serialize($tag, 'json');
 351
 352         return $this->renderJsonResponse($json);
 353     }
 354
 355     /**
 356      * Validate that the first id is equal to the second one.
 357      * If not, throw exception. It means a user try to access information from an other user.
 358      *
 359      * @param int $requestUserId User id from the requested source
 360      * @param int $currentUserId User id from the retrieved source
 361      */
 362     private function validateUserAccess($requestUserId, $currentUserId)
 363     {
 364         if ($requestUserId != $currentUserId) {
 365             throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$currentUserId);
 366         }
 367     }
 368
 369     /**
 370      * Send a JSON Response.
 371      * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
 372      *
 373      * @param string $json
 374      *
 375      * @return Response
 376      */
 377     private function renderJsonResponse($json)
 378     {
 379         return new Response($json, 200, array('application/json'));
 380     }
 381 }