date-poll-api/src/Controller/api/v1/CommentController.php

<?php

namespace App\Controller\api\v1;

use App\Controller\EmailsController;
use App\Entity\Comment;
use App\Entity\Owner;
use App\Entity\Poll;
use DateTime;
use FOS\RestBundle\Controller\Annotations\Delete;
use FOS\RestBundle\Controller\Annotations\Get;
use FOS\RestBundle\Controller\Annotations\Post;
use FOS\RestBundle\Controller\Annotations\Route;
use JMS\Serializer\SerializerBuilder;
use JMS\Serializer\SerializerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

/**
 * Class DefaultController
 * @package App\Controller
 * @Route("/api/v1/comment",name="api_")
 */
class CommentController extends EmailsController {

	/**
	 * @Get(
	 *     path = "/poll/{id}",
	 *     name = "get_poll_comment",
	 *     requirements = {"id"="\d+"}
	 * )
	 */
	public
	function getPollCommentsAction(
		SerializerInterface $serializer,
		Poll $poll
	) {
		$jsonResponse = $serializer->serialize( [
			'message' => 'here are your comments of the poll',
			'data'    => $poll->getComments(),
		],
			'json' );

		$response = new Response( $jsonResponse );
		$response->headers->set( 'Content-Type', 'application/json' );
		$response->setStatusCode( 200 );

		return $response;

	}

	/**
	 * add a comment on a poll
	 * @Post(
	 *     path = "/poll/{id}",
	 *     name = "new_comment",
	 *     requirements = {"content"="\w+",  "id"="\d+"}
	 * )
	 */
	public
	function newCommentAction(
		Poll $poll,
		Request $request
	) {
		if ( ! $poll ) {
			return $this->json( [ 'message' => 'poll not found' ], 404 );
		}
		$data = $request->getContent();

		$serializer = SerializerBuilder::create()->build();
		$comment    = $serializer->deserialize( $data, 'App\Entity\Comment', 'json' );

		$em = $this->getDoctrine()->getRepository( Owner::class );

		$data = json_decode( $data, true );
		if ( ! isset( $data[ 'email' ] ) ) {
			return $this->json( [ "message" => "Incorrect JSON in request" ], 400 );
		}

		$foundOwner = $em->findOneByEmail( $data[ 'email' ] );
		// manage existing or new Owner
		if ( ! $foundOwner ) {
			$foundOwner = new Owner();
			$foundOwner->setPseudo( $data[ 'email' ] )
			           ->setEmail( $data[ 'email' ] )
			           ->setModifierToken( uniqid( '', true ) );
		}
		// anti flood
		$seconds_limit_lastpost = 5;
		$emComment              = $this->getDoctrine()->getRepository( Comment::class );
		$lastCommentOfOwner     = $emComment->findBy( [ 'owner' => $foundOwner ], [ 'id' => 'desc' ] );

		// TODO anti flood by session / IP

		if ( $lastCommentOfOwner ) {


			// check time of last comment
			$now         = new DateTime();
			$now         = $now->format( 'Y-m-d H:i:s' );
			$date_first  = strtotime( $lastCommentOfOwner[ 0 ]->getCreatedAt()->format( 'Y-m-d H:i:s' ) );
			$date_second = strtotime( $now );

			if ( ( $date_second - $date_first ) < $seconds_limit_lastpost ) {
				return $this->json( [
					'message' => 'anti flood déclenché',
					'details' => 'votre deriner commentaire a été envoyé il y a moins de ' . $seconds_limit_lastpost . ' secondes',
				],
					403 );
			}

			// check similar text content
			if ( $lastCommentOfOwner[ 0 ]->getText() == $comment->getText() ) {
				return $this->json( [
					'message' => 'anti flood déclenché',
					'details' => 'votre deriner commentaire a exactement le même contenu que celui ci, il n\'a donc pas été créé',
				],
					403 );
			}
		}
		$comment->setOwner( $foundOwner )
		        ->setCreatedAt( new DateTime() )
		        ->setPoll( $poll );
		$foundOwner->addComment( $comment );

		$em = $this->getDoctrine()->getManager();
		$em->persist( $foundOwner );
		$em->persist( $comment );
		$em->flush();

		if ( $poll->getMailOnComment() ) {
			$this->sendCommentNotificationAction( $foundOwner, $comment );
		}


		return $this->json( [
			'message' => 'you created a comment',
			'data'    => [
				'your_comment' => $comment->display(),
			],
		],
			201 );
	}

	/**
	 * Erase all comments of a poll
	 * @Delete(
	 *     path = "/poll/{id}",
	 *     name = "poll_comments_delete",
	 *     requirements = {"accessToken"="\w+",  "id"="\d+"}
	 * )
	 *
	 * @param Poll $poll
	 * @param $accessToken
	 *
	 * @return JsonResponse
	 */
	public
	function deletePollCommentsAction(
		Poll $poll,
		$accessToken
	) {
		if ( $accessToken == $poll->getAdminKey() ) {
			$em     = $this->getDoctrine()->getManager();
			$length = count( $poll->getComments() );
			$em->remove( $poll->getComments() );
			$em->flush();

			return $this->json( [
				'message' => 'boom! les ' . $length . ' commentaires du sondage ont été supprimés',
			] );
		} else {
			return $this->json( [
				'message' => 'le token d\'autorisation est invalide, vous ne pouvez pas modifier ce sondage',
			] );
		}
	}

}
:zap: split controllers 2020-01-30 11:28:24 +01:00			`<?php`

update namespace of api to include v1 2021-05-03 12:38:30 +02:00			`namespace App\Controller\api\v1;`
:zap: split controllers 2020-01-30 11:28:24 +01:00
Revert "add graphql bundle" rearrange controllers for api and no api This reverts commit 8fbd5462 2021-04-21 11:02:24 +02:00			`use App\Controller\EmailsController;`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`use App\Entity\Comment;`
			`use App\Entity\Owner;`
			`use App\Entity\Poll;`
try to send example template html 2020-04-16 17:11:01 +02:00			`use DateTime;`
:bug: fix imports 2020-01-30 11:31:23 +01:00			`use FOS\RestBundle\Controller\Annotations\Delete;`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`use FOS\RestBundle\Controller\Annotations\Get;`
:bug: fix imports 2020-01-30 11:31:23 +01:00			`use FOS\RestBundle\Controller\Annotations\Post;`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`use FOS\RestBundle\Controller\Annotations\Route;`
			`use JMS\Serializer\SerializerBuilder;`
Fix serialization with JMS Serializer for remainitn controllers anc methods. 2020-04-26 13:04:29 +02:00			`use JMS\Serializer\SerializerInterface;`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`use Symfony\Component\HttpFoundation\JsonResponse;`
			`use Symfony\Component\HttpFoundation\Request;`
Fix serialization with JMS Serializer for remainitn controllers anc methods. 2020-04-26 13:04:29 +02:00			`use Symfony\Component\HttpFoundation\Response;`
:zap: split controllers 2020-01-30 11:28:24 +01:00
			`/**`
			`* Class DefaultController`
			`* @package App\Controller`
cleanup poll reports, compare expiration date and list soon to be deleted, disable vote on expired 2021-05-03 14:38:08 +02:00			`* @Route("/api/v1/comment",name="api_")`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`*/`
Revert "add graphql bundle" rearrange controllers for api and no api This reverts commit 8fbd5462 2021-04-21 11:02:24 +02:00			`class CommentController extends EmailsController {`
:zap: split controllers 2020-01-30 11:28:24 +01:00
			`/**`
			`* @Get(`
ease comment endpoint 2022-02-11 08:59:50 +01:00			`* path = "/poll/{id}",`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`* name = "get_poll_comment",`
Add test on Comment, test on DELETE does not work as how route works is unclear, fix requirement constraint name on CommentController. 2020-05-23 18:34:04 +02:00			`* requirements = {"id"="\d+"}`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`* )`
			`*/`
			`public`
			`function getPollCommentsAction(`
Revert "add graphql bundle" rearrange controllers for api and no api This reverts commit 8fbd5462 2021-04-21 11:02:24 +02:00			`SerializerInterface $serializer,`
			`Poll $poll`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`) {`
reformat src folder 2021-04-27 10:22:16 +02:00			`$jsonResponse = $serializer->serialize( [`
Revert "add graphql bundle" rearrange controllers for api and no api This reverts commit 8fbd5462 2021-04-21 11:02:24 +02:00			`'message' => 'here are your comments of the poll',`
reformat src folder 2021-04-27 10:22:16 +02:00			`'data' => $poll->getComments(),`
			`],`
			`'json' );`
Fix serialization with JMS Serializer for remainitn controllers anc methods. 2020-04-26 13:04:29 +02:00
reformat src folder 2021-04-27 10:22:16 +02:00			`$response = new Response( $jsonResponse );`
			`$response->headers->set( 'Content-Type', 'application/json' );`
			`$response->setStatusCode( 200 );`
Fix serialization with JMS Serializer for remainitn controllers anc methods. 2020-04-26 13:04:29 +02:00
Revert "add graphql bundle" rearrange controllers for api and no api This reverts commit 8fbd5462 2021-04-21 11:02:24 +02:00			`return $response;`
Fix serialization with JMS Serializer for remainitn controllers anc methods. 2020-04-26 13:04:29 +02:00
:zap: split controllers 2020-01-30 11:28:24 +01:00			`}`

			`/**`
			`* add a comment on a poll`
			`* @Post(`
ease comment endpoint 2022-02-11 08:59:50 +01:00			`* path = "/poll/{id}",`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`* name = "new_comment",`
Add test on Comment, test on DELETE does not work as how route works is unclear, fix requirement constraint name on CommentController. 2020-05-23 18:34:04 +02:00			`* requirements = {"content"="\w+", "id"="\d+"}`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`* )`
			`*/`
			`public`
			`function newCommentAction(`
			`Poll $poll,`
			`Request $request`
			`) {`
			`if ( ! $poll ) {`
			`return $this->json( [ 'message' => 'poll not found' ], 404 );`
			`}`
			`$data = $request->getContent();`

			`$serializer = SerializerBuilder::create()->build();`
			`$comment = $serializer->deserialize( $data, 'App\Entity\Comment', 'json' );`

			`$em = $this->getDoctrine()->getRepository( Owner::class );`

			`$data = json_decode( $data, true );`
reformat src folder 2021-04-27 10:22:16 +02:00			`if ( ! isset( $data[ 'email' ] ) ) {`
			`return $this->json( [ "message" => "Incorrect JSON in request" ], 400 );`
Add test on Comment, test on DELETE does not work as how route works is unclear, fix requirement constraint name on CommentController. 2020-05-23 18:34:04 +02:00			`}`
:zap: split controllers 2020-01-30 11:28:24 +01:00
			`$foundOwner = $em->findOneByEmail( $data[ 'email' ] );`
			`// manage existing or new Owner`
			`if ( ! $foundOwner ) {`
			`$foundOwner = new Owner();`
Add test on Comment, test on DELETE does not work as how route works is unclear, fix requirement constraint name on CommentController. 2020-05-23 18:34:04 +02:00			`$foundOwner->setPseudo( $data[ 'email' ] )`
reformat src folder 2021-04-27 10:22:16 +02:00			`->setEmail( $data[ 'email' ] )`
			`->setModifierToken( uniqid( '', true ) );`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`}`
			`// anti flood`
			`$seconds_limit_lastpost = 5;`
			`$emComment = $this->getDoctrine()->getRepository( Comment::class );`
			`$lastCommentOfOwner = $emComment->findBy( [ 'owner' => $foundOwner ], [ 'id' => 'desc' ] );`

			`// TODO anti flood by session / IP`

			`if ( $lastCommentOfOwner ) {`


			`// check time of last comment`
try to send example template html 2020-04-16 17:11:01 +02:00			`$now = new DateTime();`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`$now = $now->format( 'Y-m-d H:i:s' );`
			`$date_first = strtotime( $lastCommentOfOwner[ 0 ]->getCreatedAt()->format( 'Y-m-d H:i:s' ) );`
			`$date_second = strtotime( $now );`

			`if ( ( $date_second - $date_first ) < $seconds_limit_lastpost ) {`
			`return $this->json( [`
			`'message' => 'anti flood déclenché',`
			`'details' => 'votre deriner commentaire a été envoyé il y a moins de ' . $seconds_limit_lastpost . ' secondes',`
			`],`
			`403 );`
			`}`

			`// check similar text content`
			`if ( $lastCommentOfOwner[ 0 ]->getText() == $comment->getText() ) {`
			`return $this->json( [`
			`'message' => 'anti flood déclenché',`
			`'details' => 'votre deriner commentaire a exactement le même contenu que celui ci, il n\'a donc pas été créé',`
			`],`
			`403 );`
			`}`
			`}`
			`$comment->setOwner( $foundOwner )`
reformat src folder 2021-04-27 10:22:16 +02:00			`->setCreatedAt( new DateTime() )`
			`->setPoll( $poll );`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`$foundOwner->addComment( $comment );`

			`$em = $this->getDoctrine()->getManager();`
			`$em->persist( $foundOwner );`
			`$em->persist( $comment );`
			`$em->flush();`

reformat src folder 2021-04-27 10:22:16 +02:00			`if ( $poll->getMailOnComment() ) {`
			`$this->sendCommentNotificationAction( $foundOwner, $comment );`
add other mails 2020-04-16 18:14:59 +02:00			`}`

try to send example template html 2020-04-16 17:11:01 +02:00
:zap: split controllers 2020-01-30 11:28:24 +01:00			`return $this->json( [`
			`'message' => 'you created a comment',`
			`'data' => [`
			`'your_comment' => $comment->display(),`
			`],`
			`],`
			`201 );`
			`}`

			`/**`
			`* Erase all comments of a poll`
			`* @Delete(`
ease comment endpoint 2022-02-11 08:59:50 +01:00			`* path = "/poll/{id}",`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`* name = "poll_comments_delete",`
Add test on Comment, test on DELETE does not work as how route works is unclear, fix requirement constraint name on CommentController. 2020-05-23 18:34:04 +02:00			`* requirements = {"accessToken"="\w+", "id"="\d+"}`
:zap: split controllers 2020-01-30 11:28:24 +01:00			`* )`
			`*`
			`* @param Poll $poll`
			`* @param $accessToken`
			`*`
			`* @return JsonResponse`
			`*/`
			`public`
			`function deletePollCommentsAction(`
			`Poll $poll,`
			`$accessToken`
			`) {`
			`if ( $accessToken == $poll->getAdminKey() ) {`
			`$em = $this->getDoctrine()->getManager();`
			`$length = count( $poll->getComments() );`
			`$em->remove( $poll->getComments() );`
			`$em->flush();`

			`return $this->json( [`
			`'message' => 'boom! les ' . $length . ' commentaires du sondage ont été supprimés',`
			`] );`
			`} else {`
			`return $this->json( [`
			`'message' => 'le token d\'autorisation est invalide, vous ne pouvez pas modifier ce sondage',`
			`] );`
			`}`
			`}`

			`}`