diff options
Diffstat (limited to 'src/Wallabag/ApiBundle/Controller/UserRestController.php')
-rw-r--r-- | src/Wallabag/ApiBundle/Controller/UserRestController.php | 146 |
1 files changed, 146 insertions, 0 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/UserRestController.php b/src/Wallabag/ApiBundle/Controller/UserRestController.php new file mode 100644 index 00000000..8f675b8d --- /dev/null +++ b/src/Wallabag/ApiBundle/Controller/UserRestController.php | |||
@@ -0,0 +1,146 @@ | |||
1 | <?php | ||
2 | |||
3 | namespace Wallabag\ApiBundle\Controller; | ||
4 | |||
5 | use FOS\UserBundle\Event\UserEvent; | ||
6 | use FOS\UserBundle\FOSUserEvents; | ||
7 | use JMS\Serializer\SerializationContext; | ||
8 | use Nelmio\ApiDocBundle\Annotation\ApiDoc; | ||
9 | use Symfony\Component\HttpFoundation\Request; | ||
10 | use Symfony\Component\HttpFoundation\JsonResponse; | ||
11 | use Wallabag\UserBundle\Entity\User; | ||
12 | |||
13 | class UserRestController extends WallabagRestController | ||
14 | { | ||
15 | /** | ||
16 | * Retrieve current logged in user informations. | ||
17 | * | ||
18 | * @ApiDoc() | ||
19 | * | ||
20 | * @return JsonResponse | ||
21 | */ | ||
22 | public function getUserAction() | ||
23 | { | ||
24 | $this->validateAuthentication(); | ||
25 | |||
26 | return $this->sendUser($this->getUser()); | ||
27 | } | ||
28 | |||
29 | /** | ||
30 | * Register an user. | ||
31 | * | ||
32 | * @ApiDoc( | ||
33 | * requirements={ | ||
34 | * {"name"="username", "dataType"="string", "required"=true, "description"="The user's username"}, | ||
35 | * {"name"="password", "dataType"="string", "required"=true, "description"="The user's password"}, | ||
36 | * {"name"="email", "dataType"="string", "required"=true, "description"="The user's email"} | ||
37 | * } | ||
38 | * ) | ||
39 | * | ||
40 | * @todo Make this method (or the whole API) accessible only through https | ||
41 | * | ||
42 | * @return JsonResponse | ||
43 | */ | ||
44 | public function putUserAction(Request $request) | ||
45 | { | ||
46 | if (!$this->getParameter('fosuser_registration') || !$this->get('craue_config')->get('api_user_registration')) { | ||
47 | $json = $this->get('serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json'); | ||
48 | |||
49 | return (new JsonResponse()) | ||
50 | ->setJson($json) | ||
51 | ->setStatusCode(JsonResponse::HTTP_FORBIDDEN); | ||
52 | } | ||
53 | |||
54 | $userManager = $this->get('fos_user.user_manager'); | ||
55 | $user = $userManager->createUser(); | ||
56 | // user will be disabled BY DEFAULT to avoid spamming account to be enabled | ||
57 | $user->setEnabled(false); | ||
58 | |||
59 | $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [ | ||
60 | 'csrf_protection' => false, | ||
61 | ]); | ||
62 | |||
63 | // simulate form submission | ||
64 | $form->submit([ | ||
65 | 'username' => $request->request->get('username'), | ||
66 | 'plainPassword' => [ | ||
67 | 'first' => $request->request->get('password'), | ||
68 | 'second' => $request->request->get('password'), | ||
69 | ], | ||
70 | 'email' => $request->request->get('email'), | ||
71 | ]); | ||
72 | |||
73 | if ($form->isSubmitted() && false === $form->isValid()) { | ||
74 | $view = $this->view($form, 400); | ||
75 | $view->setFormat('json'); | ||
76 | |||
77 | // handle errors in a more beautiful way than the default view | ||
78 | $data = json_decode($this->handleView($view)->getContent(), true)['children']; | ||
79 | $errors = []; | ||
80 | |||
81 | if (isset($data['username']['errors'])) { | ||
82 | $errors['username'] = $this->translateErrors($data['username']['errors']); | ||
83 | } | ||
84 | |||
85 | if (isset($data['email']['errors'])) { | ||
86 | $errors['email'] = $this->translateErrors($data['email']['errors']); | ||
87 | } | ||
88 | |||
89 | if (isset($data['plainPassword']['children']['first']['errors'])) { | ||
90 | $errors['password'] = $this->translateErrors($data['plainPassword']['children']['first']['errors']); | ||
91 | } | ||
92 | |||
93 | $json = $this->get('serializer')->serialize(['error' => $errors], 'json'); | ||
94 | |||
95 | return (new JsonResponse()) | ||
96 | ->setJson($json) | ||
97 | ->setStatusCode(JsonResponse::HTTP_BAD_REQUEST); | ||
98 | } | ||
99 | |||
100 | $userManager->updateUser($user); | ||
101 | |||
102 | // dispatch a created event so the associated config will be created | ||
103 | $event = new UserEvent($user, $request); | ||
104 | $this->get('event_dispatcher')->dispatch(FOSUserEvents::USER_CREATED, $event); | ||
105 | |||
106 | return $this->sendUser($user, JsonResponse::HTTP_CREATED); | ||
107 | } | ||
108 | |||
109 | /** | ||
110 | * Send user response. | ||
111 | * | ||
112 | * @param User $user | ||
113 | * @param int $status HTTP Status code to send | ||
114 | * | ||
115 | * @return JsonResponse | ||
116 | */ | ||
117 | private function sendUser(User $user, $status = JsonResponse::HTTP_OK) | ||
118 | { | ||
119 | $json = $this->get('serializer')->serialize( | ||
120 | $user, | ||
121 | 'json', | ||
122 | SerializationContext::create()->setGroups(['user_api']) | ||
123 | ); | ||
124 | |||
125 | return (new JsonResponse()) | ||
126 | ->setJson($json) | ||
127 | ->setStatusCode($status); | ||
128 | } | ||
129 | |||
130 | /** | ||
131 | * Translate errors message. | ||
132 | * | ||
133 | * @param array $errors | ||
134 | * | ||
135 | * @return array | ||
136 | */ | ||
137 | private function translateErrors($errors) | ||
138 | { | ||
139 | $translatedErrors = []; | ||
140 | foreach ($errors as $error) { | ||
141 | $translatedErrors[] = $this->get('translator')->trans($error); | ||
142 | } | ||
143 | |||
144 | return $translatedErrors; | ||
145 | } | ||
146 | } | ||