src/Wallabag/ApiBundle/Controller/UserRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use FOS\UserBundle\Event\UserEvent;
   6 use FOS\UserBundle\FOSUserEvents;
   7 use JMS\Serializer\SerializationContext;
   8 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   9 use Symfony\Component\HttpFoundation\Request;
  10 use Symfony\Component\HttpFoundation\JsonResponse;
  11 use Wallabag\UserBundle\Entity\User;
  12
  13 class UserRestController extends WallabagRestController
  14 {
  15     /**
  16      * Retrieve current logged in user informations.
  17      *
  18      * @ApiDoc()
  19      *
  20      * @return JsonResponse
  21      */
  22     public function getUserAction()
  23     {
  24         $this->validateAuthentication();
  25
  26         return $this->sendUser($this->getUser());
  27     }
  28
  29     /**
  30      * Register an user.
  31      *
  32      * @ApiDoc(
  33      *      requirements={
  34      *          {"name"="username", "dataType"="string", "required"=true, "description"="The user's username"},
  35      *          {"name"="password", "dataType"="string", "required"=true, "description"="The user's password"},
  36      *          {"name"="email", "dataType"="string", "required"=true, "description"="The user's email"}
  37      *      }
  38      * )
  39      *
  40      * @todo Make this method (or the whole API) accessible only through https
  41      *
  42      * @return JsonResponse
  43      */
  44     public function putUserAction(Request $request)
  45     {
  46         if (!$this->getParameter('fosuser_registration') || !$this->get('craue_config')->get('api_user_registration')) {
  47             $json = $this->get('serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json');
  48
  49             return (new JsonResponse())
  50                 ->setJson($json)
  51                 ->setStatusCode(JsonResponse::HTTP_FORBIDDEN);
  52         }
  53
  54         $userManager = $this->get('fos_user.user_manager');
  55         $user = $userManager->createUser();
  56         // user will be disabled BY DEFAULT to avoid spamming account to be enabled
  57         $user->setEnabled(false);
  58
  59         $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [
  60             'csrf_protection' => false,
  61         ]);
  62
  63         // simulate form submission
  64         $form->submit([
  65             'username' => $request->request->get('username'),
  66             'plainPassword' => [
  67                 'first' => $request->request->get('password'),
  68                 'second' => $request->request->get('password'),
  69             ],
  70             'email' => $request->request->get('email'),
  71         ]);
  72
  73         if ($form->isSubmitted() && false === $form->isValid()) {
  74             $view = $this->view($form, 400);
  75             $view->setFormat('json');
  76
  77             // handle errors in a more beautiful way than the default view
  78             $data = json_decode($this->handleView($view)->getContent(), true)['children'];
  79             $errors = [];
  80
  81             if (isset($data['username']['errors'])) {
  82                 $errors['username'] = $this->translateErrors($data['username']['errors']);
  83             }
  84
  85             if (isset($data['email']['errors'])) {
  86                 $errors['email'] = $this->translateErrors($data['email']['errors']);
  87             }
  88
  89             if (isset($data['plainPassword']['children']['first']['errors'])) {
  90                 $errors['password'] = $this->translateErrors($data['plainPassword']['children']['first']['errors']);
  91             }
  92
  93             $json = $this->get('serializer')->serialize(['error' => $errors], 'json');
  94
  95             return (new JsonResponse())
  96                 ->setJson($json)
  97                 ->setStatusCode(JsonResponse::HTTP_BAD_REQUEST);
  98         }
  99
 100         $userManager->updateUser($user);
 101
 102         // dispatch a created event so the associated config will be created
 103         $event = new UserEvent($user, $request);
 104         $this->get('event_dispatcher')->dispatch(FOSUserEvents::USER_CREATED, $event);
 105
 106         return $this->sendUser($user, JsonResponse::HTTP_CREATED);
 107     }
 108
 109     /**
 110      * Send user response.
 111      *
 112      * @param User $user
 113      * @param int  $status HTTP Status code to send
 114      *
 115      * @return JsonResponse
 116      */
 117     private function sendUser(User $user, $status = JsonResponse::HTTP_OK)
 118     {
 119         $json = $this->get('serializer')->serialize(
 120             $user,
 121             'json',
 122             SerializationContext::create()->setGroups(['user_api'])
 123         );
 124
 125         return (new JsonResponse())
 126             ->setJson($json)
 127             ->setStatusCode($status);
 128     }
 129
 130     /**
 131      * Translate errors message.
 132      *
 133      * @param array $errors
 134      *
 135      * @return array
 136      */
 137     private function translateErrors($errors)
 138     {
 139         $translatedErrors = [];
 140         foreach ($errors as $error) {
 141             $translatedErrors[] = $this->get('translator')->trans($error);
 142         }
 143
 144         return $translatedErrors;
 145     }
 146 }