[github/wallabag/wallabag.git] / src / Wallabag / ApiBundle / Controller / WallabagRestController.php

<?php

namespace Wallabag\ApiBundle\Controller;

use FOS\RestBundle\Controller\FOSRestController;
use JMS\Serializer\SerializationContext;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

class WallabagRestController extends FOSRestController
{
    /**
     * Retrieve version number.
     *
     * @ApiDoc()
     *
     * @deprecated Should use info endpoint instead
     *
     * @return JsonResponse
     */
    public function getVersionAction()
    {
        $version = $this->container->getParameter('wallabag_core.version');
        $json = $this->get('jms_serializer')->serialize($version, 'json');

        return (new JsonResponse())->setJson($json);
    }

    /**
     * Retrieve information about the wallabag instance.
     *
     * @ApiDoc()
     *
     * @return JsonResponse
     */
    public function getInfoAction()
    {
        $info = [
            'appname' => 'wallabag',
            'version' => $this->container->getParameter('wallabag_core.version'),
            'allowed_registration' => $this->container->getParameter('wallabag_user.registration_enabled'),
        ];

        return (new JsonResponse())->setJson($this->get('jms_serializer')->serialize($info, 'json'));
    }

    protected function validateAuthentication()
    {
        if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
            throw new AccessDeniedException();
        }
    }

    /**
     * Validate that the first id is equal to the second one.
     * If not, throw exception. It means a user try to access information from an other user.
     *
     * @param int $requestUserId User id from the requested source
     */
    protected function validateUserAccess($requestUserId)
    {
        $user = $this->get('security.token_storage')->getToken()->getUser();
        if ($requestUserId !== $user->getId()) {
            throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId());
        }
    }

    /**
     * Shortcut to send data serialized in json.
     *
     * @param mixed $data
     *
     * @return JsonResponse
     */
    protected function sendResponse($data)
    {
        // https://github.com/schmittjoh/JMSSerializerBundle/issues/293
        $context = new SerializationContext();
        $context->setSerializeNull(true);

        $json = $this->get('jms_serializer')->serialize($data, 'json', $context);

        return (new JsonResponse())->setJson($json);
    }
}
Commit	Line	Data
f8bf8952 NL	1	<?php
f8bf8952 NL	2
769e19dc	3	namespace Wallabag\ApiBundle\Controller;
f8bf8952	4
fcb1fba5	5	use FOS\RestBundle\Controller\FOSRestController;
019e1acc	6	use JMS\Serializer\SerializationContext;
864c1dd2 JB	7	use Nelmio\ApiDocBundle\Annotation\ApiDoc;
864c1dd2 JB	8	use Symfony\Component\HttpFoundation\JsonResponse;
001cc716	9	use Symfony\Component\Security\Core\Exception\AccessDeniedException;
f8bf8952	10
fcb1fba5	11	class WallabagRestController extends FOSRestController
f8bf8952	12	{
2b477030	13	/**
6f8310b4 TC	14	* Retrieve version number.
	15	*
	16	* @ApiDoc()
2b477030	17	*
3bd65991 JB	18	* @deprecated Should use info endpoint instead
3bd65991 JB	19	*
60faee00	20	* @return JsonResponse
2b477030 V	21	*/
	22	public function getVersionAction()
	23	{
	24	$version = $this->container->getParameter('wallabag_core.version');
f40c88eb	25	$json = $this->get('jms_serializer')->serialize($version, 'json');
864c1dd2	26
60faee00	27	return (new JsonResponse())->setJson($json);
2b477030	28	}
769e19dc	29
3bd65991 JB	30	/**
	31	* Retrieve information about the wallabag instance.
	32	*
	33	* @ApiDoc()
	34	*
	35	* @return JsonResponse
	36	*/
	37	public function getInfoAction()
	38	{
	39	$info = [
	40	'appname' => 'wallabag',
	41	'version' => $this->container->getParameter('wallabag_core.version'),
	42	'allowed_registration' => $this->container->getParameter('wallabag_user.registration_enabled'),
	43	];
	44
	45	return (new JsonResponse())->setJson($this->get('jms_serializer')->serialize($info, 'json'));
	46	}
	47
900c8448	48	protected function validateAuthentication()
ac8cf632	49	{
18f8f32f	50	if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
77273253	51	throw new AccessDeniedException();
ac8cf632	52	}
ac8cf632 JB	53	}
ac8cf632 JB	54
769e19dc J	55	/**
769e19dc J	56	* Validate that the first id is equal to the second one.
4346a860	57	* If not, throw exception. It means a user try to access information from an other user.
769e19dc	58	*
4346a860	59	* @param int $requestUserId User id from the requested source
769e19dc	60	*/
900c8448	61	protected function validateUserAccess($requestUserId)
769e19dc	62	{
18f8f32f	63	$user = $this->get('security.token_storage')->getToken()->getUser();
f808b016 JB	64	if ($requestUserId !== $user->getId()) {
f808b016 JB	65	throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId());
769e19dc J	66	}
769e19dc J	67	}
019e1acc JB	68
	69	/**
	70	* Shortcut to send data serialized in json.
	71	*
	72	* @param mixed $data
	73	*
	74	* @return JsonResponse
	75	*/
	76	protected function sendResponse($data)
	77	{
	78	// https://github.com/schmittjoh/JMSSerializerBundle/issues/293
	79	$context = new SerializationContext();
	80	$context->setSerializeNull(true);
	81
	82	$json = $this->get('jms_serializer')->serialize($data, 'json', $context);
	83
	84	return (new JsonResponse())->setJson($json);
	85	}
7df80cb3	86	}