src/Wallabag/ApiBundle/Controller/WallabagRestController.php

   1 <?php
   2
   3 namespace Wallabag\ApiBundle\Controller;
   4
   5 use FOS\RestBundle\Controller\FOSRestController;
   6 use Hateoas\Configuration\Route;
   7 use Hateoas\Representation\Factory\PagerfantaFactory;
   8 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
   9 use Symfony\Component\HttpFoundation\Request;
  10 use Symfony\Component\HttpFoundation\Response;
  11 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  12 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  13 use Wallabag\CoreBundle\Entity\Entry;
  14 use Wallabag\CoreBundle\Entity\Tag;
  15
  16 class WallabagRestController extends FOSRestController
  17 {
  18     private function validateAuthentication()
  19     {
  20         if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  21             throw new AccessDeniedException();
  22         }
  23     }
  24
  25     /**
  26      * Retrieve all entries. It could be filtered by many options.
  27      *
  28      * @ApiDoc(
  29      *       parameters={
  30      *          {"name"="archive", "dataType"="integer", "required"=false, "format"="1 or 0, all entries by default", "description"="filter by archived status."},
  31      *          {"name"="starred", "dataType"="integer", "required"=false, "format"="1 or 0, all entries by default", "description"="filter by starred status."},
  32      *          {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."},
  33      *          {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."},
  34      *          {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."},
  35      *          {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."},
  36      *          {"name"="tags", "dataType"="string", "required"=false, "format"="api,rest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
  37      *          {"name"="since", "dataType"="integer", "required"=false, "format"="default '0'", "description"="The timestamp since when you want entries updated."},
  38      *       }
  39      * )
  40      *
  41      * @return Response
  42      */
  43     public function getEntriesAction(Request $request)
  44     {
  45         $this->validateAuthentication();
  46
  47         $isArchived = (null === $request->query->get('archive')) ? null : (bool) $request->query->get('archive');
  48         $isStarred = (null === $request->query->get('starred')) ? null : (bool) $request->query->get('starred');
  49         $sort = $request->query->get('sort', 'created');
  50         $order = $request->query->get('order', 'desc');
  51         $page = (int) $request->query->get('page', 1);
  52         $perPage = (int) $request->query->get('perPage', 30);
  53         $since = $request->query->get('since', 0);
  54         $tags = $request->query->get('tags', '');
  55
  56         $pager = $this->getDoctrine()
  57             ->getRepository('WallabagCoreBundle:Entry')
  58             ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order, $since, $tags);
  59
  60         $pager->setCurrentPage($page);
  61         $pager->setMaxPerPage($perPage);
  62
  63         $pagerfantaFactory = new PagerfantaFactory('page', 'perPage');
  64         $paginatedCollection = $pagerfantaFactory->createRepresentation(
  65             $pager,
  66             new Route('api_get_entries', [], UrlGeneratorInterface::ABSOLUTE_URL)
  67         );
  68
  69         $json = $this->get('serializer')->serialize($paginatedCollection, 'json');
  70
  71         return $this->renderJsonResponse($json);
  72     }
  73
  74     /**
  75      * Retrieve a single entry.
  76      *
  77      * @ApiDoc(
  78      *      requirements={
  79      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
  80      *      }
  81      * )
  82      *
  83      * @return Response
  84      */
  85     public function getEntryAction(Entry $entry)
  86     {
  87         $this->validateAuthentication();
  88         $this->validateUserAccess($entry->getUser()->getId());
  89
  90         $json = $this->get('serializer')->serialize($entry, 'json');
  91
  92         return $this->renderJsonResponse($json);
  93     }
  94
  95     /**
  96      * Create an entry.
  97      *
  98      * @ApiDoc(
  99      *       parameters={
 100      *          {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."},
 101      *          {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."},
 102      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 103      *          {"name"="starred", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="entry already starred"},
 104      *          {"name"="archive", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="entry already archived"},
 105      *       }
 106      * )
 107      *
 108      * @return Response
 109      */
 110     public function postEntriesAction(Request $request)
 111     {
 112         $this->validateAuthentication();
 113
 114         $url = $request->request->get('url');
 115         $title = $request->request->get('title');
 116         $isArchived = $request->request->get('archive');
 117         $isStarred = $request->request->get('starred');
 118
 119         $entry = $this->get('wallabag_core.entry_repository')->findByUrlAndUserId($url, $this->getUser()->getId());
 120
 121         if (false === $entry) {
 122             $entry = $this->get('wallabag_core.content_proxy')->updateEntry(
 123                 new Entry($this->getUser()),
 124                 $url
 125             );
 126         }
 127
 128         if (!is_null($title)) {
 129             $entry->setTitle($title);
 130         }
 131
 132         $tags = $request->request->get('tags', '');
 133         if (!empty($tags)) {
 134             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 135         }
 136
 137         if (!is_null($isStarred)) {
 138             $entry->setStarred((bool) $isStarred);
 139         }
 140
 141         if (!is_null($isArchived)) {
 142             $entry->setArchived((bool) $isArchived);
 143         }
 144
 145         $em = $this->getDoctrine()->getManager();
 146         $em->persist($entry);
 147
 148         $em->flush();
 149
 150         $json = $this->get('serializer')->serialize($entry, 'json');
 151
 152         return $this->renderJsonResponse($json);
 153     }
 154
 155     /**
 156      * Change several properties of an entry.
 157      *
 158      * @ApiDoc(
 159      *      requirements={
 160      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 161      *      },
 162      *      parameters={
 163      *          {"name"="title", "dataType"="string", "required"=false},
 164      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 165      *          {"name"="archive", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="archived the entry."},
 166      *          {"name"="starred", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="starred the entry."},
 167      *      }
 168      * )
 169      *
 170      * @return Response
 171      */
 172     public function patchEntriesAction(Entry $entry, Request $request)
 173     {
 174         $this->validateAuthentication();
 175         $this->validateUserAccess($entry->getUser()->getId());
 176
 177         $title = $request->request->get('title');
 178         $isArchived = $request->request->get('archive');
 179         $isStarred = $request->request->get('starred');
 180
 181         if (!is_null($title)) {
 182             $entry->setTitle($title);
 183         }
 184
 185         if (!is_null($isArchived)) {
 186             $entry->setArchived((bool) $isArchived);
 187         }
 188
 189         if (!is_null($isStarred)) {
 190             $entry->setStarred((bool) $isStarred);
 191         }
 192
 193         $tags = $request->request->get('tags', '');
 194         if (!empty($tags)) {
 195             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 196         }
 197
 198         $em = $this->getDoctrine()->getManager();
 199         $em->flush();
 200
 201         $json = $this->get('serializer')->serialize($entry, 'json');
 202
 203         return $this->renderJsonResponse($json);
 204     }
 205
 206     /**
 207      * Delete **permanently** an entry.
 208      *
 209      * @ApiDoc(
 210      *      requirements={
 211      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 212      *      }
 213      * )
 214      *
 215      * @return Response
 216      */
 217     public function deleteEntriesAction(Entry $entry)
 218     {
 219         $this->validateAuthentication();
 220         $this->validateUserAccess($entry->getUser()->getId());
 221
 222         $em = $this->getDoctrine()->getManager();
 223         $em->remove($entry);
 224         $em->flush();
 225
 226         $json = $this->get('serializer')->serialize($entry, 'json');
 227
 228         return $this->renderJsonResponse($json);
 229     }
 230
 231     /**
 232      * Retrieve all tags for an entry.
 233      *
 234      * @ApiDoc(
 235      *      requirements={
 236      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 237      *      }
 238      * )
 239      *
 240      * @return Response
 241      */
 242     public function getEntriesTagsAction(Entry $entry)
 243     {
 244         $this->validateAuthentication();
 245         $this->validateUserAccess($entry->getUser()->getId());
 246
 247         $json = $this->get('serializer')->serialize($entry->getTags(), 'json');
 248
 249         return $this->renderJsonResponse($json);
 250     }
 251
 252     /**
 253      * Add one or more tags to an entry.
 254      *
 255      * @ApiDoc(
 256      *      requirements={
 257      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 258      *      },
 259      *      parameters={
 260      *          {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
 261      *       }
 262      * )
 263      *
 264      * @return Response
 265      */
 266     public function postEntriesTagsAction(Request $request, Entry $entry)
 267     {
 268         $this->validateAuthentication();
 269         $this->validateUserAccess($entry->getUser()->getId());
 270
 271         $tags = $request->request->get('tags', '');
 272         if (!empty($tags)) {
 273             $this->get('wallabag_core.content_proxy')->assignTagsToEntry($entry, $tags);
 274         }
 275
 276         $em = $this->getDoctrine()->getManager();
 277         $em->persist($entry);
 278         $em->flush();
 279
 280         $json = $this->get('serializer')->serialize($entry, 'json');
 281
 282         return $this->renderJsonResponse($json);
 283     }
 284
 285     /**
 286      * Permanently remove one tag for an entry.
 287      *
 288      * @ApiDoc(
 289      *      requirements={
 290      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"},
 291      *          {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
 292      *      }
 293      * )
 294      *
 295      * @return Response
 296      */
 297     public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
 298     {
 299         $this->validateAuthentication();
 300         $this->validateUserAccess($entry->getUser()->getId());
 301
 302         $entry->removeTag($tag);
 303         $em = $this->getDoctrine()->getManager();
 304         $em->persist($entry);
 305         $em->flush();
 306
 307         $json = $this->get('serializer')->serialize($entry, 'json');
 308
 309         return $this->renderJsonResponse($json);
 310     }
 311
 312     /**
 313      * Retrieve all tags.
 314      *
 315      * @ApiDoc()
 316      *
 317      * @return Response
 318      */
 319     public function getTagsAction()
 320     {
 321         $this->validateAuthentication();
 322
 323         $tags = $this->getDoctrine()
 324             ->getRepository('WallabagCoreBundle:Tag')
 325             ->findAllTags($this->getUser()->getId());
 326
 327         $json = $this->get('serializer')->serialize($tags, 'json');
 328
 329         return $this->renderJsonResponse($json);
 330     }
 331
 332     /**
 333      * Permanently remove one tag from **every** entry.
 334      *
 335      * @ApiDoc(
 336      *      requirements={
 337      *          {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"}
 338      *      }
 339      * )
 340      *
 341      * @return Response
 342      */
 343     public function deleteTagAction(Tag $tag)
 344     {
 345         $this->validateAuthentication();
 346
 347         $this->getDoctrine()
 348             ->getRepository('WallabagCoreBundle:Entry')
 349             ->removeTag($this->getUser()->getId(), $tag);
 350
 351         $json = $this->get('serializer')->serialize($tag, 'json');
 352
 353         return $this->renderJsonResponse($json);
 354     }
 355     /**
 356      * Retrieve version number.
 357      *
 358      * @ApiDoc()
 359      *
 360      * @return Response
 361      */
 362     public function getVersionAction()
 363     {
 364         $version = $this->container->getParameter('wallabag_core.version');
 365
 366         $json = $this->get('serializer')->serialize($version, 'json');
 367
 368         return $this->renderJsonResponse($json);
 369     }
 370
 371     /**
 372      * Validate that the first id is equal to the second one.
 373      * If not, throw exception. It means a user try to access information from an other user.
 374      *
 375      * @param int $requestUserId User id from the requested source
 376      */
 377     private function validateUserAccess($requestUserId)
 378     {
 379         $user = $this->get('security.token_storage')->getToken()->getUser();
 380         if ($requestUserId != $user->getId()) {
 381             throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
 382         }
 383     }
 384
 385     /**
 386      * Send a JSON Response.
 387      * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
 388      *
 389      * @param string $json
 390      *
 391      * @return Response
 392      */
 393     private function renderJsonResponse($json)
 394     {
 395         return new Response($json, 200, ['application/json']);
 396     }
 397 }