2015-01-29 15:56:58 +00:00
|
|
|
<?php
|
|
|
|
|
2015-03-29 08:53:10 +00:00
|
|
|
namespace Wallabag\ApiBundle\Controller;
|
2015-01-29 15:56:58 +00:00
|
|
|
|
2015-09-29 12:31:52 +00:00
|
|
|
use FOS\RestBundle\Controller\FOSRestController;
|
2016-01-20 15:24:48 +00:00
|
|
|
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
|
2015-02-06 06:45:32 +00:00
|
|
|
use Wallabag\CoreBundle\Entity\Entry;
|
2016-11-03 16:29:16 +00:00
|
|
|
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
|
|
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
2015-01-29 15:56:58 +00:00
|
|
|
|
2015-09-29 12:31:52 +00:00
|
|
|
class WallabagRestController extends FOSRestController
|
2015-01-29 15:56:58 +00:00
|
|
|
{
|
2016-03-07 14:00:03 +00:00
|
|
|
/**
|
2016-03-08 08:22:25 +00:00
|
|
|
* Retrieve version number.
|
|
|
|
*
|
|
|
|
* @ApiDoc()
|
2016-03-07 14:00:03 +00:00
|
|
|
*
|
2016-09-08 10:03:09 +00:00
|
|
|
* @return JsonResponse
|
2016-03-07 14:00:03 +00:00
|
|
|
*/
|
|
|
|
public function getVersionAction()
|
|
|
|
{
|
|
|
|
$version = $this->container->getParameter('wallabag_core.version');
|
|
|
|
$json = $this->get('serializer')->serialize($version, 'json');
|
2016-11-03 16:29:16 +00:00
|
|
|
|
2016-09-08 10:03:09 +00:00
|
|
|
return (new JsonResponse())->setJson($json);
|
2016-03-07 14:00:03 +00:00
|
|
|
}
|
2015-03-29 08:53:10 +00:00
|
|
|
|
2016-10-28 12:46:30 +00:00
|
|
|
protected function validateAuthentication()
|
2016-10-07 21:31:53 +00:00
|
|
|
{
|
2015-11-06 23:17:37 +00:00
|
|
|
if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
|
2015-09-29 12:57:46 +00:00
|
|
|
throw new AccessDeniedException();
|
2016-10-07 21:31:53 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-03-29 08:53:10 +00:00
|
|
|
/**
|
|
|
|
* Validate that the first id is equal to the second one.
|
2015-05-30 11:52:26 +00:00
|
|
|
* If not, throw exception. It means a user try to access information from an other user.
|
2015-03-29 08:53:10 +00:00
|
|
|
*
|
2015-05-30 11:52:26 +00:00
|
|
|
* @param int $requestUserId User id from the requested source
|
2015-03-29 08:53:10 +00:00
|
|
|
*/
|
2016-10-28 12:46:30 +00:00
|
|
|
protected function validateUserAccess($requestUserId)
|
2015-03-29 08:53:10 +00:00
|
|
|
{
|
2015-11-06 23:17:37 +00:00
|
|
|
$user = $this->get('security.token_storage')->getToken()->getUser();
|
2015-09-29 12:31:52 +00:00
|
|
|
if ($requestUserId != $user->getId()) {
|
|
|
|
throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
|
2015-03-29 08:53:10 +00:00
|
|
|
}
|
|
|
|
}
|
2015-01-31 18:09:34 +00:00
|
|
|
}
|