[github/wallabag/wallabag.git] / src / Wallabag / ApiBundle / Controller / UserRestController.php

<?php

namespace Wallabag\ApiBundle\Controller;

use FOS\UserBundle\Event\UserEvent;
use FOS\UserBundle\FOSUserEvents;
use JMS\Serializer\SerializationContext;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Wallabag\ApiBundle\Entity\Client;
use Wallabag\UserBundle\Entity\User;

class UserRestController extends WallabagRestController
{
    /**
     * Retrieve current logged in user informations.
     *
     * @ApiDoc()
     *
     * @return JsonResponse
     */
    public function getUserAction()
    {
        $this->validateAuthentication();

        return $this->sendUser($this->getUser());
    }

    /**
     * Register an user and create a client.
     *
     * @ApiDoc(
     *      requirements={
     *          {"name"="username", "dataType"="string", "required"=true, "description"="The user's username"},
     *          {"name"="password", "dataType"="string", "required"=true, "description"="The user's password"},
     *          {"name"="email", "dataType"="string", "required"=true, "description"="The user's email"},
     *          {"name"="client_name", "dataType"="string", "required"=true, "description"="The client name (to be used by your app)"}
     *      }
     * )
     *
     * @todo Make this method (or the whole API) accessible only through https
     *
     * @return JsonResponse
     */
    public function putUserAction(Request $request)
    {
        if (!$this->getParameter('fosuser_registration') || !$this->get('craue_config')->get('api_user_registration')) {
            $json = $this->get('jms_serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json');

            return (new JsonResponse())
                ->setJson($json)
                ->setStatusCode(JsonResponse::HTTP_FORBIDDEN);
        }

        $userManager = $this->get('fos_user.user_manager');
        $user = $userManager->createUser();
        // user will be disabled BY DEFAULT to avoid spamming account to be enabled
        $user->setEnabled(false);

        $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [
            'csrf_protection' => false,
        ]);

        // simulate form submission
        $form->submit([
            'username' => $request->request->get('username'),
            'plainPassword' => [
                'first' => $request->request->get('password'),
                'second' => $request->request->get('password'),
            ],
            'email' => $request->request->get('email'),
        ]);

        if ($form->isSubmitted() && false === $form->isValid()) {
            $view = $this->view($form, 400);
            $view->setFormat('json');

            // handle errors in a more beautiful way than the default view
            $data = json_decode($this->handleView($view)->getContent(), true)['children'];
            $errors = [];

            if (isset($data['username']['errors'])) {
                $errors['username'] = $this->translateErrors($data['username']['errors']);
            }

            if (isset($data['email']['errors'])) {
                $errors['email'] = $this->translateErrors($data['email']['errors']);
            }

            if (isset($data['plainPassword']['children']['first']['errors'])) {
                $errors['password'] = $this->translateErrors($data['plainPassword']['children']['first']['errors']);
            }

            $json = $this->get('jms_serializer')->serialize(['error' => $errors], 'json');

            return (new JsonResponse())
                ->setJson($json)
                ->setStatusCode(JsonResponse::HTTP_BAD_REQUEST);
        }

        // create a default client
        $client = new Client($user);
        $client->setName($request->request->get('client_name', 'Default client'));

        $this->getDoctrine()->getManager()->persist($client);

        $user->addClient($client);

        $userManager->updateUser($user);

        // dispatch a created event so the associated config will be created
        $event = new UserEvent($user, $request);
        $this->get('event_dispatcher')->dispatch(FOSUserEvents::USER_CREATED, $event);

        return $this->sendUser($user, 'user_api_with_client', JsonResponse::HTTP_CREATED);
    }

    /**
     * Send user response.
     *
     * @param User   $user
     * @param string $group  Used to define with serialized group might be used
     * @param int    $status HTTP Status code to send
     *
     * @return JsonResponse
     */
    private function sendUser(User $user, $group = 'user_api', $status = JsonResponse::HTTP_OK)
    {
        $json = $this->get('jms_serializer')->serialize(
            $user,
            'json',
            SerializationContext::create()->setGroups([$group])
        );

        return (new JsonResponse())
            ->setJson($json)
            ->setStatusCode($status);
    }

    /**
     * Translate errors message.
     *
     * @param array $errors
     *
     * @return array
     */
    private function translateErrors($errors)
    {
        $translatedErrors = [];
        foreach ($errors as $error) {
            $translatedErrors[] = $this->get('translator')->trans($error);
        }

        return $translatedErrors;
    }
}
Commit	Line	Data
22510459 TC	1	<?php
	2
	3	namespace Wallabag\ApiBundle\Controller;
	4
	5	use FOS\UserBundle\Event\UserEvent;
	6	use FOS\UserBundle\FOSUserEvents;
	7	use JMS\Serializer\SerializationContext;
	8	use Nelmio\ApiDocBundle\Annotation\ApiDoc;
	9	use Symfony\Component\HttpFoundation\JsonResponse;
f808b016	10	use Symfony\Component\HttpFoundation\Request;
0c00e525	11	use Wallabag\ApiBundle\Entity\Client;
f808b016	12	use Wallabag\UserBundle\Entity\User;
22510459 TC	13
	14	class UserRestController extends WallabagRestController
	15	{
	16	/**
5709ecb3	17	* Retrieve current logged in user informations.
22510459 TC	18	*
	19	* @ApiDoc()
	20	*
	21	* @return JsonResponse
	22	*/
	23	public function getUserAction()
	24	{
	25	$this->validateAuthentication();
	26
5709ecb3	27	return $this->sendUser($this->getUser());
22510459 TC	28	}
	29
	30	/**
a8d3fe50	31	* Register an user and create a client.
22510459 TC	32	*
	33	* @ApiDoc(
	34	* requirements={
	35	* {"name"="username", "dataType"="string", "required"=true, "description"="The user's username"},
5709ecb3	36	* {"name"="password", "dataType"="string", "required"=true, "description"="The user's password"},
a8d3fe50 JB	37	* {"name"="email", "dataType"="string", "required"=true, "description"="The user's email"},
a8d3fe50 JB	38	* {"name"="client_name", "dataType"="string", "required"=true, "description"="The client name (to be used by your app)"}
22510459 TC	39	* }
22510459 TC	40	* )
5709ecb3 JB	41	*
	42	* @todo Make this method (or the whole API) accessible only through https
	43	*
22510459 TC	44	* @return JsonResponse
22510459 TC	45	*/
5709ecb3	46	public function putUserAction(Request $request)
22510459	47	{
426bb453	48	if (!$this->getParameter('fosuser_registration') \|\| !$this->get('craue_config')->get('api_user_registration')) {
f40c88eb	49	$json = $this->get('jms_serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json');
5709ecb3	50
a1e61874 JB	51	return (new JsonResponse())
	52	->setJson($json)
	53	->setStatusCode(JsonResponse::HTTP_FORBIDDEN);
22510459 TC	54	}
22510459 TC	55
5709ecb3 JB	56	$userManager = $this->get('fos_user.user_manager');
5709ecb3 JB	57	$user = $userManager->createUser();
1b9cd917	58	// user will be disabled BY DEFAULT to avoid spamming account to be enabled
426bb453	59	$user->setEnabled(false);
22510459	60
5709ecb3 JB	61	$form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [
	62	'csrf_protection' => false,
	63	]);
22510459	64
5709ecb3 JB	65	// simulate form submission
	66	$form->submit([
	67	'username' => $request->request->get('username'),
	68	'plainPassword' => [
	69	'first' => $request->request->get('password'),
	70	'second' => $request->request->get('password'),
	71	],
	72	'email' => $request->request->get('email'),
	73	]);
22510459	74
5709ecb3 JB	75	if ($form->isSubmitted() && false === $form->isValid()) {
	76	$view = $this->view($form, 400);
	77	$view->setFormat('json');
22510459	78
5709ecb3 JB	79	// handle errors in a more beautiful way than the default view
	80	$data = json_decode($this->handleView($view)->getContent(), true)['children'];
	81	$errors = [];
22510459	82
5709ecb3 JB	83	if (isset($data['username']['errors'])) {
	84	$errors['username'] = $this->translateErrors($data['username']['errors']);
	85	}
22510459	86
5709ecb3 JB	87	if (isset($data['email']['errors'])) {
	88	$errors['email'] = $this->translateErrors($data['email']['errors']);
	89	}
22510459	90
5709ecb3 JB	91	if (isset($data['plainPassword']['children']['first']['errors'])) {
	92	$errors['password'] = $this->translateErrors($data['plainPassword']['children']['first']['errors']);
	93	}
22510459	94
f40c88eb	95	$json = $this->get('jms_serializer')->serialize(['error' => $errors], 'json');
22510459	96
a1e61874 JB	97	return (new JsonResponse())
	98	->setJson($json)
	99	->setStatusCode(JsonResponse::HTTP_BAD_REQUEST);
5709ecb3	100	}
22510459	101
0c00e525 JB	102	// create a default client
0c00e525 JB	103	$client = new Client($user);
a8d3fe50	104	$client->setName($request->request->get('client_name', 'Default client'));
0c00e525 JB	105
	106	$this->getDoctrine()->getManager()->persist($client);
	107
	108	$user->addClient($client);
	109
5709ecb3	110	$userManager->updateUser($user);
22510459 TC	111
22510459 TC	112	// dispatch a created event so the associated config will be created
5709ecb3	113	$event = new UserEvent($user, $request);
22510459 TC	114	$this->get('event_dispatcher')->dispatch(FOSUserEvents::USER_CREATED, $event);
22510459 TC	115
0c00e525	116	return $this->sendUser($user, 'user_api_with_client', JsonResponse::HTTP_CREATED);
5709ecb3	117	}
22510459	118
5709ecb3 JB	119	/**
	120	* Send user response.
	121	*
0c00e525 JB	122	* @param User $user
	123	* @param string $group Used to define with serialized group might be used
	124	* @param int $status HTTP Status code to send
5709ecb3 JB	125	*
	126	* @return JsonResponse
	127	*/
0c00e525	128	private function sendUser(User $user, $group = 'user_api', $status = JsonResponse::HTTP_OK)
5709ecb3	129	{
f40c88eb	130	$json = $this->get('jms_serializer')->serialize(
5709ecb3 JB	131	$user,
5709ecb3 JB	132	'json',
0c00e525	133	SerializationContext::create()->setGroups([$group])
5709ecb3	134	);
22510459	135
a1e61874 JB	136	return (new JsonResponse())
	137	->setJson($json)
	138	->setStatusCode($status);
22510459 TC	139	}
22510459 TC	140
5709ecb3 JB	141	/**
	142	* Translate errors message.
	143	*
	144	* @param array $errors
	145	*
	146	* @return array
	147	*/
	148	private function translateErrors($errors)
	149	{
	150	$translatedErrors = [];
	151	foreach ($errors as $error) {
	152	$translatedErrors[] = $this->get('translator')->trans($error);
	153	}
	154
	155	return $translatedErrors;
	156	}
22510459	157	}