src/Wallabag/ApiBundle/Controller/UserRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use FOS\UserBundle\Event\UserEvent;
   6 use FOS\UserBundle\FOSUserEvents;
   7 use JMS\Serializer\SerializationContext;
   8 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   9 use Symfony\Component\HttpFoundation\Request;
  10 use Symfony\Component\HttpFoundation\JsonResponse;
  11 use Wallabag\UserBundle\Entity\User;
  12
  13 class UserRestController extends WallabagRestController
  14 {
  15     /**
  16      * Retrieve current logged in user informations.
  17      *
  18      * @ApiDoc()
  19      *
  20      * @return JsonResponse
  21      */
  22     public function getUserAction()
  23     {
  24         $this->validateAuthentication();
  25
  26         return $this->sendUser($this->getUser());
  27     }
  28
  29     /**
  30      * Register an user.
  31      *
  32      * @ApiDoc(
  33      *      requirements={
  34      *          {"name"="username", "dataType"="string", "required"=true, "description"="The user's username"},
  35      *          {"name"="password", "dataType"="string", "required"=true, "description"="The user's password"},
  36      *          {"name"="email", "dataType"="string", "required"=true, "description"="The user's email"}
  37      *      }
  38      * )
  39      *
  40      * @todo Make this method (or the whole API) accessible only through https
  41      *
  42      * @return JsonResponse
  43      */
  44     public function putUserAction(Request $request)
  45     {
  46         if (!$this->getParameter('fosuser_registration') || !$this->get('craue_config')->get('api_user_registration')) {
  47             $json = $this->get('serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json');
  48
  49             return (new JsonResponse())->setJson($json)->setStatusCode(403);
  50         }
  51
  52         $userManager = $this->get('fos_user.user_manager');
  53         $user = $userManager->createUser();
  54         // user will be disabled BY DEFAULT to avoid spamming account to be created
  55         $user->setEnabled(false);
  56
  57         $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [
  58             'csrf_protection' => false,
  59         ]);
  60
  61         // simulate form submission
  62         $form->submit([
  63             'username' => $request->request->get('username'),
  64             'plainPassword' => [
  65                 'first' => $request->request->get('password'),
  66                 'second' => $request->request->get('password'),
  67             ],
  68             'email' => $request->request->get('email'),
  69         ]);
  70
  71         if ($form->isSubmitted() && false === $form->isValid()) {
  72             $view = $this->view($form, 400);
  73             $view->setFormat('json');
  74
  75             // handle errors in a more beautiful way than the default view
  76             $data = json_decode($this->handleView($view)->getContent(), true)['children'];
  77             $errors = [];
  78
  79             if (isset($data['username']['errors'])) {
  80                 $errors['username'] = $this->translateErrors($data['username']['errors']);
  81             }
  82
  83             if (isset($data['email']['errors'])) {
  84                 $errors['email'] = $this->translateErrors($data['email']['errors']);
  85             }
  86
  87             if (isset($data['plainPassword']['children']['first']['errors'])) {
  88                 $errors['password'] = $this->translateErrors($data['plainPassword']['children']['first']['errors']);
  89             }
  90
  91             $json = $this->get('serializer')->serialize(['error' => $errors], 'json');
  92
  93             return (new JsonResponse())->setJson($json)->setStatusCode(400);
  94         }
  95
  96         $userManager->updateUser($user);
  97
  98         // dispatch a created event so the associated config will be created
  99         $event = new UserEvent($user, $request);
 100         $this->get('event_dispatcher')->dispatch(FOSUserEvents::USER_CREATED, $event);
 101
 102         return $this->sendUser($user);
 103     }
 104
 105     /**
 106      * Send user response.
 107      *
 108      * @param User $user
 109      *
 110      * @return JsonResponse
 111      */
 112     private function sendUser(User $user)
 113     {
 114         $json = $this->get('serializer')->serialize(
 115             $user,
 116             'json',
 117             SerializationContext::create()->setGroups(['user_api'])
 118         );
 119
 120         return (new JsonResponse())->setJson($json);
 121     }
 122
 123     /**
 124      * Translate errors message.
 125      *
 126      * @param array $errors
 127      *
 128      * @return array
 129      */
 130     private function translateErrors($errors)
 131     {
 132         $translatedErrors = [];
 133         foreach ($errors as $error) {
 134             $translatedErrors[] = $this->get('translator')->trans($error);
 135         }
 136
 137         return $translatedErrors;
 138     }
 139 }