src/Wallabag/ApiBundle/Controller/WallabagRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use FOS\RestBundle\Controller\FOSRestController;
   6 use Hateoas\Configuration\Route;
   7 use Hateoas\Representation\Factory\PagerfantaFactory;
   8 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   9 use Symfony\Component\HttpFoundation\Request;
  10 use Symfony\Component\HttpFoundation\Response;
  11 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  12 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  13 use Wallabag\CoreBundle\Entity\Entry;
  14 use Wallabag\CoreBundle\Entity\Tag;
  15
  16 class WallabagRestController extends FOSRestController
  17 {
  18     private function validateAuthentication()
  19     {
  20         if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  21             throw new AccessDeniedException();
  22         }
  23     }
  24
  25     /**
  26      * Retrieve all entries. It could be filtered by many options.
  27      *
  28      * @ApiDoc(
  29      *       parameters={
  30      *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."},
  31      *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."},
  32      *          {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
  33      *          {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
  34      *          {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
  35      *          {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
  36      *          {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
  37      *       }
  38      * )
  39      *
  40      * @return Response
  41      */
  42     public function getEntriesAction(Request $request)
  43     {
  44         $this->validateAuthentication();
  45
  46         $isArchived = $request->query->get('archive');
  47         $isStarred = $request->query->get('star');
  48         $sort = $request->query->get('sort', 'created');
  49         $order = $request->query->get('order', 'desc');
  50         $page = (int) $request->query->get('page', 1);
  51         $perPage = (int) $request->query->get('perPage', 30);
  52
  53         $pager = $this->getDoctrine()
  54             ->getRepository('WallabagCoreBundle:Entry')
  55             ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);
  56
  57         $pager->setCurrentPage($page);
  58         $pager->setMaxPerPage($perPage);
  59
  60         $pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
  61         $paginatedCollection = $pagerfantaFactory->createRepresentation(
  62             $pager,
  63             new Route('api_get_entries', [], UrlGeneratorInterface::ABSOLUTE_URL)
  64         );
  65
  66         $json = $this->get('serializer')->serialize($paginatedCollection, 'json');
  67
  68         return $this->renderJsonResponse($json);
  69     }
  70
  71     /**
  72      * Retrieve a single entry.
  73      *
  74      * @ApiDoc(
  75      *      requirements={
  76      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
  77      *      }
  78      * )
  79      *
  80      * @return Response
  81      */
  82     public function getEntryAction(Entry $entry)
  83     {
  84         $this->validateAuthentication();
  85         $this->validateUserAccess($entry->getUser()->getId());
  86
  87         $json = $this->get('serializer')->serialize($entry, 'json');
  88
  89         return $this->renderJsonResponse($json);
  90     }
  91
  92     /**
  93      * Create an entry.
  94      *
  95      * @ApiDoc(
  96      *       parameters={
  97      *          {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
  98      *          {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
  99      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 100      *          {"name"="starred", "dataType"="boolean", "required"=false, "format"="true or false", "description"="entry already starred"},
 101      *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="entry already archived"},
 102      *       }
 103      * )
 104      *
 105      * @return Response
 106      */
 107     public function postEntriesAction(Request $request)
 108     {
 109         $this->validateAuthentication();
 110
 111         $url = $request->request->get('url');
 112         $isArchived = $request->request->get('archive');
 113         $isStarred = $request->request->get('starred');
 114
 115         $entry = $this->get('wallabag_core.entry_repository')->findByUrlAndUserId($url, $this->getUser()->getId());
 116
 117         if (false === $entry) {
 118             $entry = $this->get('wallabag_core.content_proxy')->updateEntry(
 119                 new Entry($this->getUser()),
 120                 $url
 121             );
 122         }
 123
 124         $tags = $request->request->get('tags', '');
 125         if (!empty($tags)) {
 126             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 127         }
 128
 129         if (true === (bool) $isStarred) {
 130             $entry->setStarred(true);
 131         }
 132
 133         if (true === (bool) $isArchived) {
 134             $entry->setArchived(true);
 135         }
 136
 137         $em = $this->getDoctrine()->getManager();
 138         $em->persist($entry);
 139
 140         $em->flush();
 141
 142         $json = $this->get('serializer')->serialize($entry, 'json');
 143
 144         return $this->renderJsonResponse($json);
 145     }
 146
 147     /**
 148      * Change several properties of an entry.
 149      *
 150      * @ApiDoc(
 151      *      requirements={
 152      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 153      *      },
 154      *      parameters={
 155      *          {"name"="title", "dataType"="string", "required"=false},
 156      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 157      *          {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."},
 158      *          {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
 159      *      }
 160      * )
 161      *
 162      * @return Response
 163      */
 164     public function patchEntriesAction(Entry $entry, Request $request)
 165     {
 166         $this->validateAuthentication();
 167         $this->validateUserAccess($entry->getUser()->getId());
 168
 169         $title = $request->request->get('title');
 170         $isArchived = $request->request->get('archive');
 171         $isStarred = $request->request->get('star');
 172
 173         if (!is_null($title)) {
 174             $entry->setTitle($title);
 175         }
 176
 177         if (!is_null($isArchived)) {
 178             $entry->setArchived($isArchived);
 179         }
 180
 181         if (!is_null($isStarred)) {
 182             $entry->setStarred($isStarred);
 183         }
 184
 185         $tags = $request->request->get('tags', '');
 186         if (!empty($tags)) {
 187             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 188         }
 189
 190         $em = $this->getDoctrine()->getManager();
 191         $em->flush();
 192
 193         $json = $this->get('serializer')->serialize($entry, 'json');
 194
 195         return $this->renderJsonResponse($json);
 196     }
 197
 198     /**
 199      * Delete **permanently** an entry.
 200      *
 201      * @ApiDoc(
 202      *      requirements={
 203      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 204      *      }
 205      * )
 206      *
 207      * @return Response
 208      */
 209     public function deleteEntriesAction(Entry $entry)
 210     {
 211         $this->validateAuthentication();
 212         $this->validateUserAccess($entry->getUser()->getId());
 213
 214         $em = $this->getDoctrine()->getManager();
 215         $em->remove($entry);
 216         $em->flush();
 217
 218         $json = $this->get('serializer')->serialize($entry, 'json');
 219
 220         return $this->renderJsonResponse($json);
 221     }
 222
 223     /**
 224      * Retrieve all tags for an entry.
 225      *
 226      * @ApiDoc(
 227      *      requirements={
 228      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 229      *      }
 230      * )
 231      *
 232      * @return Response
 233      */
 234     public function getEntriesTagsAction(Entry $entry)
 235     {
 236         $this->validateAuthentication();
 237         $this->validateUserAccess($entry->getUser()->getId());
 238
 239         $json = $this->get('serializer')->serialize($entry->getTags(), 'json');
 240
 241         return $this->renderJsonResponse($json);
 242     }
 243
 244     /**
 245      * Add one or more tags to an entry.
 246      *
 247      * @ApiDoc(
 248      *      requirements={
 249      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 250      *      },
 251      *      parameters={
 252      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 253      *       }
 254      * )
 255      *
 256      * @return Response
 257      */
 258     public function postEntriesTagsAction(Request $request, Entry $entry)
 259     {
 260         $this->validateAuthentication();
 261         $this->validateUserAccess($entry->getUser()->getId());
 262
 263         $tags = $request->request->get('tags', '');
 264         if (!empty($tags)) {
 265             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 266         }
 267
 268         $em = $this->getDoctrine()->getManager();
 269         $em->persist($entry);
 270         $em->flush();
 271
 272         $json = $this->get('serializer')->serialize($entry, 'json');
 273
 274         return $this->renderJsonResponse($json);
 275     }
 276
 277     /**
 278      * Permanently remove one tag for an entry.
 279      *
 280      * @ApiDoc(
 281      *      requirements={
 282      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
 283      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 284      *      }
 285      * )
 286      *
 287      * @return Response
 288      */
 289     public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
 290     {
 291         $this->validateAuthentication();
 292         $this->validateUserAccess($entry->getUser()->getId());
 293
 294         $entry->removeTag($tag);
 295         $em = $this->getDoctrine()->getManager();
 296         $em->persist($entry);
 297         $em->flush();
 298
 299         $json = $this->get('serializer')->serialize($entry, 'json');
 300
 301         return $this->renderJsonResponse($json);
 302     }
 303
 304     /**
 305      * Retrieve all tags.
 306      *
 307      * @ApiDoc()
 308      *
 309      * @return Response
 310      */
 311     public function getTagsAction()
 312     {
 313         $this->validateAuthentication();
 314
 315         $tags = $this->getDoctrine()
 316             ->getRepository('WallabagCoreBundle:Tag')
 317             ->findAllTags($this->getUser()->getId());
 318
 319         $json = $this->get('serializer')->serialize($tags, 'json');
 320
 321         return $this->renderJsonResponse($json);
 322     }
 323
 324     /**
 325      * Permanently remove one tag from **every** entry.
 326      *
 327      * @ApiDoc(
 328      *      requirements={
 329      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
 330      *      }
 331      * )
 332      *
 333      * @return Response
 334      */
 335     public function deleteTagAction(Tag $tag)
 336     {
 337         $this->validateAuthentication();
 338
 339         $this->getDoctrine()
 340             ->getRepository('WallabagCoreBundle:Entry')
 341             ->removeTag($this->getUser()->getId(), $tag);
 342
 343         $json = $this->get('serializer')->serialize($tag, 'json');
 344
 345         return $this->renderJsonResponse($json);
 346     }
 347     /**
 348      * Retrieve version number.
 349      *
 350      * @ApiDoc()
 351      *
 352      * @return Response
 353      */
 354     public function getVersionAction()
 355     {
 356         $version = $this->container->getParameter('wallabag_core.version');
 357
 358         $json = $this->get('serializer')->serialize($version, 'json');
 359
 360         return $this->renderJsonResponse($json);
 361     }
 362
 363     /**
 364      * Validate that the first id is equal to the second one.
 365      * If not, throw exception. It means a user try to access information from an other user.
 366      *
 367      * @param int $requestUserId User id from the requested source
 368      */
 369     private function validateUserAccess($requestUserId)
 370     {
 371         $user = $this->get('security.token_storage')->getToken()->getUser();
 372         if ($requestUserId != $user->getId()) {
 373             throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
 374         }
 375     }
 376
 377     /**
 378      * Send a JSON Response.
 379      * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
 380      *
 381      * @param string $json
 382      *
 383      * @return Response
 384      */
 385     private function renderJsonResponse($json)
 386     {
 387         return new Response($json, 200, array('application/json'));
 388     }
 389 }