blob: f18b0910d9d05120b5eeee9ec108ed41190ac5a3 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
<?php
namespace Wallabag\ApiBundle\Controller;
use FOS\RestBundle\Controller\FOSRestController;
use JMS\Serializer\SerializationContext;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
class WallabagRestController extends FOSRestController
{
/**
* Retrieve version number.
*
* @ApiDoc()
*
* @deprecated Should use info endpoint instead
*
* @return JsonResponse
*/
public function getVersionAction()
{
$version = $this->container->getParameter('wallabag_core.version');
$json = $this->get('jms_serializer')->serialize($version, 'json');
return (new JsonResponse())->setJson($json);
}
/**
* Retrieve information about the wallabag instance.
*
* @ApiDoc()
*
* @return JsonResponse
*/
public function getInfoAction()
{
$info = [
'appname' => 'wallabag',
'version' => $this->container->getParameter('wallabag_core.version'),
'allowed_registration' => $this->container->getParameter('wallabag_user.registration_enabled'),
];
return (new JsonResponse())->setJson($this->get('jms_serializer')->serialize($info, 'json'));
}
protected function validateAuthentication()
{
if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
throw new AccessDeniedException();
}
}
/**
* Validate that the first id is equal to the second one.
* If not, throw exception. It means a user try to access information from an other user.
*
* @param int $requestUserId User id from the requested source
*/
protected function validateUserAccess($requestUserId)
{
$user = $this->get('security.token_storage')->getToken()->getUser();
if ($requestUserId !== $user->getId()) {
throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId());
}
}
/**
* Shortcut to send data serialized in json.
*
* @param mixed $data
*
* @return JsonResponse
*/
protected function sendResponse($data)
{
// https://github.com/schmittjoh/JMSSerializerBundle/issues/293
$context = new SerializationContext();
$context->setSerializeNull(true);
$json = $this->get('jms_serializer')->serialize($data, 'json', $context);
return (new JsonResponse())->setJson($json);
}
}
|