diff options
Diffstat (limited to 'src/Wallabag/ApiBundle/Controller/WallabagRestController.php')
-rw-r--r-- | src/Wallabag/ApiBundle/Controller/WallabagRestController.php | 376 |
1 files changed, 376 insertions, 0 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/WallabagRestController.php b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php new file mode 100644 index 00000000..2f5923c8 --- /dev/null +++ b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php | |||
@@ -0,0 +1,376 @@ | |||
1 | <?php | ||
2 | |||
3 | namespace Wallabag\ApiBundle\Controller; | ||
4 | |||
5 | use Nelmio\ApiDocBundle\Annotation\ApiDoc; | ||
6 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | ||
7 | use Symfony\Component\HttpFoundation\Request; | ||
8 | use Symfony\Component\HttpFoundation\Response; | ||
9 | use Wallabag\CoreBundle\Entity\Entry; | ||
10 | use Wallabag\CoreBundle\Entity\Tag; | ||
11 | use Wallabag\CoreBundle\Service\Extractor; | ||
12 | use Hateoas\Configuration\Route; | ||
13 | use Hateoas\Representation\Factory\PagerfantaFactory; | ||
14 | |||
15 | class WallabagRestController extends Controller | ||
16 | { | ||
17 | /** | ||
18 | * @param Entry $entry | ||
19 | * @param string $tags | ||
20 | */ | ||
21 | private function assignTagsToEntry(Entry $entry, $tags) | ||
22 | { | ||
23 | foreach (explode(',', $tags) as $label) { | ||
24 | $label = trim($label); | ||
25 | $tagEntity = $this | ||
26 | ->getDoctrine() | ||
27 | ->getRepository('WallabagCoreBundle:Tag') | ||
28 | ->findOneByLabel($label); | ||
29 | |||
30 | if (is_null($tagEntity)) { | ||
31 | $tagEntity = new Tag($this->getUser()); | ||
32 | $tagEntity->setLabel($label); | ||
33 | } | ||
34 | |||
35 | // only add the tag on the entry if the relation doesn't exist | ||
36 | if (!$entry->getTags()->contains($tagEntity)) { | ||
37 | $entry->addTag($tagEntity); | ||
38 | } | ||
39 | } | ||
40 | } | ||
41 | |||
42 | /** | ||
43 | * Retrieve salt for a giver user. | ||
44 | * | ||
45 | * @ApiDoc( | ||
46 | * parameters={ | ||
47 | * {"name"="username", "dataType"="string", "required"=true, "description"="username"} | ||
48 | * } | ||
49 | * ) | ||
50 | * | ||
51 | * @return array | ||
52 | */ | ||
53 | public function getSaltAction($username) | ||
54 | { | ||
55 | $user = $this | ||
56 | ->getDoctrine() | ||
57 | ->getRepository('WallabagCoreBundle:User') | ||
58 | ->findOneByUsername($username); | ||
59 | |||
60 | if (is_null($user)) { | ||
61 | throw $this->createNotFoundException(); | ||
62 | } | ||
63 | |||
64 | return array($user->getSalt() ?: null); | ||
65 | } | ||
66 | |||
67 | /** | ||
68 | * Retrieve all entries. It could be filtered by many options. | ||
69 | * | ||
70 | * @ApiDoc( | ||
71 | * parameters={ | ||
72 | * {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by archived status."}, | ||
73 | * {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false, all entries by default", "description"="filter by starred status."}, | ||
74 | * {"name"="sort", "dataType"="string", "required"=false, "format"="'created' or 'updated', default 'created'", "description"="sort entries by date."}, | ||
75 | * {"name"="order", "dataType"="string", "required"=false, "format"="'asc' or 'desc', default 'desc'", "description"="order of sort."}, | ||
76 | * {"name"="page", "dataType"="integer", "required"=false, "format"="default '1'", "description"="what page you want."}, | ||
77 | * {"name"="perPage", "dataType"="integer", "required"=false, "format"="default'30'", "description"="results per page."}, | ||
78 | * {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."}, | ||
79 | * } | ||
80 | * ) | ||
81 | * | ||
82 | * @return Entry | ||
83 | */ | ||
84 | public function getEntriesAction(Request $request) | ||
85 | { | ||
86 | $isArchived = $request->query->get('archive'); | ||
87 | $isStarred = $request->query->get('star'); | ||
88 | $sort = $request->query->get('sort', 'created'); | ||
89 | $order = $request->query->get('order', 'desc'); | ||
90 | $page = (int) $request->query->get('page', 1); | ||
91 | $perPage = (int) $request->query->get('perPage', 30); | ||
92 | $tags = $request->query->get('tags', []); | ||
93 | |||
94 | $pager = $this | ||
95 | ->getDoctrine() | ||
96 | ->getRepository('WallabagCoreBundle:Entry') | ||
97 | ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order); | ||
98 | |||
99 | $pager->setCurrentPage($page); | ||
100 | $pager->setMaxPerPage($perPage); | ||
101 | |||
102 | $pagerfantaFactory = new PagerfantaFactory('page', 'perPage'); | ||
103 | $paginatedCollection = $pagerfantaFactory->createRepresentation( | ||
104 | $pager, | ||
105 | new Route('api_get_entries', [], $absolute = true) | ||
106 | ); | ||
107 | |||
108 | $json = $this->get('serializer')->serialize($paginatedCollection, 'json'); | ||
109 | |||
110 | return $this->renderJsonResponse($json); | ||
111 | } | ||
112 | |||
113 | /** | ||
114 | * Retrieve a single entry. | ||
115 | * | ||
116 | * @ApiDoc( | ||
117 | * requirements={ | ||
118 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | ||
119 | * } | ||
120 | * ) | ||
121 | * | ||
122 | * @return Entry | ||
123 | */ | ||
124 | public function getEntryAction(Entry $entry) | ||
125 | { | ||
126 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | ||
127 | |||
128 | $json = $this->get('serializer')->serialize($entry, 'json'); | ||
129 | |||
130 | return $this->renderJsonResponse($json); | ||
131 | } | ||
132 | |||
133 | /** | ||
134 | * Create an entry. | ||
135 | * | ||
136 | * @ApiDoc( | ||
137 | * parameters={ | ||
138 | * {"name"="url", "dataType"="string", "required"=true, "format"="http://www.test.com/article.html", "description"="Url for the entry."}, | ||
139 | * {"name"="title", "dataType"="string", "required"=false, "description"="Optional, we'll get the title from the page."}, | ||
140 | * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, | ||
141 | * } | ||
142 | * ) | ||
143 | * | ||
144 | * @return Entry | ||
145 | */ | ||
146 | public function postEntriesAction(Request $request) | ||
147 | { | ||
148 | $url = $request->request->get('url'); | ||
149 | |||
150 | $content = Extractor::extract($url); | ||
151 | $entry = new Entry($this->getUser()); | ||
152 | $entry->setUrl($url); | ||
153 | $entry->setTitle($request->request->get('title') ?: $content->getTitle()); | ||
154 | $entry->setContent($content->getBody()); | ||
155 | |||
156 | $tags = $request->request->get('tags', ''); | ||
157 | if (!empty($tags)) { | ||
158 | $this->assignTagsToEntry($entry, $tags); | ||
159 | } | ||
160 | |||
161 | $em = $this->getDoctrine()->getManager(); | ||
162 | $em->persist($entry); | ||
163 | $em->flush(); | ||
164 | |||
165 | $json = $this->get('serializer')->serialize($entry, 'json'); | ||
166 | |||
167 | return $this->renderJsonResponse($json); | ||
168 | } | ||
169 | |||
170 | /** | ||
171 | * Change several properties of an entry. | ||
172 | * | ||
173 | * @ApiDoc( | ||
174 | * requirements={ | ||
175 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | ||
176 | * }, | ||
177 | * parameters={ | ||
178 | * {"name"="title", "dataType"="string", "required"=false}, | ||
179 | * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, | ||
180 | * {"name"="archive", "dataType"="boolean", "required"=false, "format"="true or false", "description"="archived the entry."}, | ||
181 | * {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."}, | ||
182 | * } | ||
183 | * ) | ||
184 | * | ||
185 | * @return Entry | ||
186 | */ | ||
187 | public function patchEntriesAction(Entry $entry, Request $request) | ||
188 | { | ||
189 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | ||
190 | |||
191 | $title = $request->request->get('title'); | ||
192 | $isArchived = $request->request->get('archive'); | ||
193 | $isStarred = $request->request->get('star'); | ||
194 | |||
195 | if (!is_null($title)) { | ||
196 | $entry->setTitle($title); | ||
197 | } | ||
198 | |||
199 | if (!is_null($isArchived)) { | ||
200 | $entry->setArchived($isArchived); | ||
201 | } | ||
202 | |||
203 | if (!is_null($isStarred)) { | ||
204 | $entry->setStarred($isStarred); | ||
205 | } | ||
206 | |||
207 | $tags = $request->request->get('tags', ''); | ||
208 | if (!empty($tags)) { | ||
209 | $this->assignTagsToEntry($entry, $tags); | ||
210 | } | ||
211 | |||
212 | $em = $this->getDoctrine()->getManager(); | ||
213 | $em->flush(); | ||
214 | |||
215 | $json = $this->get('serializer')->serialize($entry, 'json'); | ||
216 | |||
217 | return $this->renderJsonResponse($json); | ||
218 | } | ||
219 | |||
220 | /** | ||
221 | * Delete **permanently** an entry. | ||
222 | * | ||
223 | * @ApiDoc( | ||
224 | * requirements={ | ||
225 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | ||
226 | * } | ||
227 | * ) | ||
228 | * | ||
229 | * @return Entry | ||
230 | */ | ||
231 | public function deleteEntriesAction(Entry $entry) | ||
232 | { | ||
233 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | ||
234 | |||
235 | $em = $this->getDoctrine()->getManager(); | ||
236 | $em->remove($entry); | ||
237 | $em->flush(); | ||
238 | |||
239 | $json = $this->get('serializer')->serialize($entry, 'json'); | ||
240 | |||
241 | return $this->renderJsonResponse($json); | ||
242 | } | ||
243 | |||
244 | /** | ||
245 | * Retrieve all tags for an entry. | ||
246 | * | ||
247 | * @ApiDoc( | ||
248 | * requirements={ | ||
249 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | ||
250 | * } | ||
251 | * ) | ||
252 | */ | ||
253 | public function getEntriesTagsAction(Entry $entry) | ||
254 | { | ||
255 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | ||
256 | |||
257 | $json = $this->get('serializer')->serialize($entry->getTags(), 'json'); | ||
258 | |||
259 | return $this->renderJsonResponse($json); | ||
260 | } | ||
261 | |||
262 | /** | ||
263 | * Add one or more tags to an entry. | ||
264 | * | ||
265 | * @ApiDoc( | ||
266 | * requirements={ | ||
267 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | ||
268 | * }, | ||
269 | * parameters={ | ||
270 | * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, | ||
271 | * } | ||
272 | * ) | ||
273 | */ | ||
274 | public function postEntriesTagsAction(Request $request, Entry $entry) | ||
275 | { | ||
276 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | ||
277 | |||
278 | $tags = $request->request->get('tags', ''); | ||
279 | if (!empty($tags)) { | ||
280 | $this->assignTagsToEntry($entry, $tags); | ||
281 | } | ||
282 | |||
283 | $em = $this->getDoctrine()->getManager(); | ||
284 | $em->persist($entry); | ||
285 | $em->flush(); | ||
286 | |||
287 | $json = $this->get('serializer')->serialize($entry, 'json'); | ||
288 | |||
289 | return $this->renderJsonResponse($json); | ||
290 | } | ||
291 | |||
292 | /** | ||
293 | * Permanently remove one tag for an entry. | ||
294 | * | ||
295 | * @ApiDoc( | ||
296 | * requirements={ | ||
297 | * {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag ID"}, | ||
298 | * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} | ||
299 | * } | ||
300 | * ) | ||
301 | */ | ||
302 | public function deleteEntriesTagsAction(Entry $entry, Tag $tag) | ||
303 | { | ||
304 | $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); | ||
305 | |||
306 | $entry->removeTag($tag); | ||
307 | $em = $this->getDoctrine()->getManager(); | ||
308 | $em->persist($entry); | ||
309 | $em->flush(); | ||
310 | |||
311 | $json = $this->get('serializer')->serialize($entry, 'json'); | ||
312 | |||
313 | return $this->renderJsonResponse($json); | ||
314 | } | ||
315 | |||
316 | /** | ||
317 | * Retrieve all tags. | ||
318 | * | ||
319 | * @ApiDoc() | ||
320 | */ | ||
321 | public function getTagsAction() | ||
322 | { | ||
323 | $json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json'); | ||
324 | |||
325 | return $this->renderJsonResponse($json); | ||
326 | } | ||
327 | |||
328 | /** | ||
329 | * Permanently remove one tag from **every** entry. | ||
330 | * | ||
331 | * @ApiDoc( | ||
332 | * requirements={ | ||
333 | * {"name"="tag", "dataType"="integer", "requirement"="\w+", "description"="The tag"} | ||
334 | * } | ||
335 | * ) | ||
336 | */ | ||
337 | public function deleteTagAction(Tag $tag) | ||
338 | { | ||
339 | $this->validateUserAccess($tag->getUser()->getId(), $this->getUser()->getId()); | ||
340 | |||
341 | $em = $this->getDoctrine()->getManager(); | ||
342 | $em->remove($tag); | ||
343 | $em->flush(); | ||
344 | |||
345 | $json = $this->get('serializer')->serialize($tag, 'json'); | ||
346 | |||
347 | return $this->renderJsonResponse($json); | ||
348 | } | ||
349 | |||
350 | /** | ||
351 | * Validate that the first id is equal to the second one. | ||
352 | * If not, throw exception. It means a user try to access information from an other user. | ||
353 | * | ||
354 | * @param int $requestUserId User id from the requested source | ||
355 | * @param int $currentUserId User id from the retrieved source | ||
356 | */ | ||
357 | private function validateUserAccess($requestUserId, $currentUserId) | ||
358 | { | ||
359 | if ($requestUserId != $currentUserId) { | ||
360 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$currentUserId); | ||
361 | } | ||
362 | } | ||
363 | |||
364 | /** | ||
365 | * Send a JSON Response. | ||
366 | * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string. | ||
367 | * | ||
368 | * @param string $json | ||
369 | * | ||
370 | * @return Response | ||
371 | */ | ||
372 | private function renderJsonResponse($json) | ||
373 | { | ||
374 | return new Response($json, 200, array('application/json')); | ||
375 | } | ||
376 | } | ||