wallabag/src/Wallabag/ApiBundle/Controller/WallabagRestController.php

<?php

namespace Wallabag\ApiBundle\Controller;

use FOS\RestBundle\Controller\FOSRestController;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

class WallabagRestController extends FOSRestController
{
    /**
     * Retrieve version number.
     *
     * @ApiDoc()
     *
     * @return JsonResponse
     */
    public function getVersionAction()
    {
        $version = $this->container->getParameter('wallabag_core.version');
        $json = $this->get('serializer')->serialize($version, 'json');

        return (new JsonResponse())->setJson($json);
    }

    protected function validateAuthentication()
    {
        if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
            throw new AccessDeniedException();
        }
    }

    /**
     * Validate that the first id is equal to the second one.
     * If not, throw exception. It means a user try to access information from an other user.
     *
     * @param int $requestUserId User id from the requested source
     */
    protected function validateUserAccess($requestUserId)
    {
        $user = $this->get('security.token_storage')->getToken()->getUser();
        if ($requestUserId !== $user->getId()) {
            throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId());
        }
    }
}
routing for API, trying to respect #414 2015-01-29 16:56:58 +01:00			`<?php`

Move API stuff in ApiBundle 2015-03-29 10:53:10 +02:00			`namespace Wallabag\ApiBundle\Controller;`
routing for API, trying to respect #414 2015-01-29 16:56:58 +01:00
* public registration * remove WSSE implementation * add oAuth2 implementation 2015-09-29 14:31:52 +02:00			`use FOS\RestBundle\Controller\FOSRestController;`
Fix rest controller merge 2016-11-03 17:29:16 +01:00			`use Nelmio\ApiDocBundle\Annotation\ApiDoc;`
			`use Symfony\Component\HttpFoundation\JsonResponse;`
Cleanup 2016-11-03 18:01:25 +01:00			`use Symfony\Component\Security\Core\Exception\AccessDeniedException;`
routing for API, trying to respect #414 2015-01-29 16:56:58 +01:00
* public registration * remove WSSE implementation * add oAuth2 implementation 2015-09-29 14:31:52 +02:00			`class WallabagRestController extends FOSRestController`
routing for API, trying to respect #414 2015-01-29 16:56:58 +01:00			`{`
Add version in API 2016-03-07 15:00:03 +01:00			`/**`
typos & cs 2016-03-08 09:22:25 +01:00			`* Retrieve version number.`
			`*`
			`* @ApiDoc()`
Add version in API 2016-03-07 15:00:03 +01:00			`*`
Re-user JsonResponse Since Symfony 3.1 we can define the json of a JsonResonse using `->setJson()` 2016-09-08 12:03:09 +02:00			`* @return JsonResponse`
Add version in API 2016-03-07 15:00:03 +01:00			`*/`
			`public function getVersionAction()`
			`{`
			`$version = $this->container->getParameter('wallabag_core.version');`
			`$json = $this->get('serializer')->serialize($version, 'json');`
Fix rest controller merge 2016-11-03 17:29:16 +01:00
Re-user JsonResponse Since Symfony 3.1 we can define the json of a JsonResonse using `->setJson()` 2016-09-08 12:03:09 +02:00			`return (new JsonResponse())->setJson($json);`
Add version in API 2016-03-07 15:00:03 +01:00			`}`
Move API stuff in ApiBundle 2015-03-29 10:53:10 +02:00
Exploded WallabagRestController into many controllers Fix #2503 2016-10-28 14:46:30 +02:00			`protected function validateAuthentication()`
Ensure orphan tag are remove in API When the association between a tag and an entry is removed, if the tag doesn’t have other entries, we can remove it. Also add more tests for that part and ensure TagControllerTest is isolated from the rest of the test suite (finally!) 2016-10-07 23:31:53 +02:00			`{`
Fix security.context deprecation 2015-11-07 00:17:37 +01:00			`if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {`
check authentication on each API route 2015-09-29 14:57:46 +02:00			`throw new AccessDeniedException();`
Ensure orphan tag are remove in API When the association between a tag and an entry is removed, if the tag doesn’t have other entries, we can remove it. Also add more tests for that part and ensure TagControllerTest is isolated from the rest of the test suite (finally!) 2016-10-07 23:31:53 +02:00			`}`
			`}`

Move API stuff in ApiBundle 2015-03-29 10:53:10 +02:00			`/**`
			`* Validate that the first id is equal to the second one.`
CS 2015-05-30 13:52:26 +02:00			`* If not, throw exception. It means a user try to access information from an other user.`
Move API stuff in ApiBundle 2015-03-29 10:53:10 +02:00			`*`
CS 2015-05-30 13:52:26 +02:00			`* @param int $requestUserId User id from the requested source`
Move API stuff in ApiBundle 2015-03-29 10:53:10 +02:00			`*/`
Exploded WallabagRestController into many controllers Fix #2503 2016-10-28 14:46:30 +02:00			`protected function validateUserAccess($requestUserId)`
Move API stuff in ApiBundle 2015-03-29 10:53:10 +02:00			`{`
Fix security.context deprecation 2015-11-07 00:17:37 +01:00			`$user = $this->get('security.token_storage')->getToken()->getUser();`
Add a real configuration for CS-Fixer 2017-07-01 09:52:38 +02:00			`if ($requestUserId !== $user->getId()) {`
			`throw $this->createAccessDeniedException('Access forbidden. Entry user id: ' . $requestUserId . ', logged user id: ' . $user->getId());`
Move API stuff in ApiBundle 2015-03-29 10:53:10 +02:00			`}`
			`}`
CS 2015-01-31 19:09:34 +01:00			`}`