mirror of
https://framagit.org/tykayn/date-poll-api
synced 2023-08-25 08:23:11 +02:00
⚡ add comment anonymous, move route params to custom_url instead of id
This commit is contained in:
parent
a005aa0f97
commit
5a463695c3
16
README.md
16
README.md
@ -174,14 +174,22 @@ DATABASE_URL=mysql://database_user:db_user_password@127.0.0.1:3306/database_name
|
||||
this file is not versionned and should stay like this.
|
||||
|
||||
## cronjob to delete expired polls
|
||||
add this line in your crontab to run the clearance of expired polls everyday at 0h00.
|
||||
```
|
||||
0 0 * * * wget http://MYWEBSITE/api/v1/poll/clean-polls
|
||||
```
|
||||
you can open your crontabl in command line with :
|
||||
```
|
||||
crontab -e
|
||||
```
|
||||
|
||||
add this line in your crontab to run the clearance of expired polls everyday at 0h00.
|
||||
```
|
||||
0 0 * * * wget http://MYWEBSITE/api/v1/poll/clean-polls
|
||||
```
|
||||
Cronjob to send mails from the swiftmailer spool.
|
||||
```
|
||||
* * * * * php /var/www/html/date-poll-api/bin/console swiftmailer:spool:send
|
||||
```
|
||||
you can disable the spooling, check the docs.
|
||||
|
||||
|
||||
# About
|
||||
|
||||
made by B. Lemoine, aka Tykayn, for the framadate funky front end project, a polling libre software.
|
||||
|
@ -35,7 +35,7 @@ class PollController extends AbstractController {
|
||||
}
|
||||
|
||||
/**
|
||||
* @Route("/new", name="poll_new", methods={"POST"})
|
||||
* @Route("/new", name="poll_new_old", methods={"POST"})
|
||||
*/
|
||||
public function new( Request $request ): Response {
|
||||
$poll = new Poll();
|
||||
|
@ -9,7 +9,6 @@ use App\Entity\Poll;
|
||||
use DateTime;
|
||||
use FOS\RestBundle\Controller\Annotations\Delete;
|
||||
use FOS\RestBundle\Controller\Annotations\Get;
|
||||
use FOS\RestBundle\Controller\Annotations\Post;
|
||||
use FOS\RestBundle\Controller\Annotations\Route;
|
||||
use JMS\Serializer\SerializerBuilder;
|
||||
use JMS\Serializer\SerializerInterface;
|
||||
@ -20,161 +19,217 @@ use Symfony\Component\HttpFoundation\Response;
|
||||
/**
|
||||
* Class DefaultController
|
||||
* @package App\Controller
|
||||
* @Route("/api/v1/comment",name="api_")
|
||||
* @Route("/api/v1/comment",
|
||||
* name="api_comment_")
|
||||
*/
|
||||
class CommentController extends EmailsController {
|
||||
class CommentController extends EmailsController
|
||||
{
|
||||
|
||||
/**
|
||||
* @Get(
|
||||
* path = "/poll/{id}",
|
||||
* name = "get_poll_comment",
|
||||
* requirements = {"id"="\d+"}
|
||||
* )
|
||||
*/
|
||||
public
|
||||
function getPollCommentsAction(
|
||||
SerializerInterface $serializer,
|
||||
Poll $poll
|
||||
) {
|
||||
$jsonResponse = $serializer->serialize( [
|
||||
'message' => 'here are your comments of the poll',
|
||||
'data' => $poll->getComments(),
|
||||
],
|
||||
'json' );
|
||||
/**
|
||||
* @Get(
|
||||
* path = "/poll/{customUrl}",
|
||||
* name = "get_poll_comment"
|
||||
* )
|
||||
*/
|
||||
public
|
||||
function getPollCommentsAction(
|
||||
SerializerInterface $serializer,
|
||||
Poll $poll
|
||||
)
|
||||
{
|
||||
$jsonResponse = $serializer->serialize([
|
||||
'message' => 'here are your comments of the poll',
|
||||
'data' => $poll->getComments(),
|
||||
],
|
||||
'json');
|
||||
|
||||
$response = new Response( $jsonResponse );
|
||||
$response->headers->set( 'Content-Type', 'application/json' );
|
||||
$response->setStatusCode( 200 );
|
||||
$response = new Response($jsonResponse);
|
||||
$response->headers->set('Content-Type', 'application/json');
|
||||
$response->setStatusCode(200);
|
||||
|
||||
return $response;
|
||||
return $response;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* add a comment on a poll
|
||||
* @Post(
|
||||
* path = "/poll/{id}",
|
||||
* name = "new_comment",
|
||||
* requirements = {"content"="\w+", "id"="\d+"}
|
||||
* )
|
||||
*/
|
||||
public
|
||||
function newCommentAction(
|
||||
Poll $poll,
|
||||
Request $request
|
||||
) {
|
||||
if ( ! $poll ) {
|
||||
return $this->json( [ 'message' => 'poll not found' ], 404 );
|
||||
}
|
||||
$data = $request->getContent();
|
||||
/**
|
||||
* add a comment on a poll
|
||||
* @Route(
|
||||
* "/poll/{customUrl}",
|
||||
* "_new_comment",
|
||||
* methods={"POST"}
|
||||
* )
|
||||
*/
|
||||
public
|
||||
function newCommentAction(
|
||||
Poll $poll,
|
||||
Request $request
|
||||
)
|
||||
{
|
||||
|
||||
$serializer = SerializerBuilder::create()->build();
|
||||
$comment = $serializer->deserialize( $data, 'App\Entity\Comment', 'json' );
|
||||
$data = json_decode($request->getContent(), true);
|
||||
// return $this->json(['pseudo' => $data["pseudo"]], 404);
|
||||
|
||||
$em = $this->getDoctrine()->getRepository( Owner::class );
|
||||
if (!$poll) {
|
||||
return $this->json(['message' => 'poll not found'], 404);
|
||||
}
|
||||
|
||||
$data = json_decode( $data, true );
|
||||
if ( ! isset( $data[ 'email' ] ) ) {
|
||||
return $this->json( [ "message" => "Incorrect JSON in request" ], 400 );
|
||||
}
|
||||
$comment = new Comment();
|
||||
$owner = new Owner();
|
||||
$owner
|
||||
->setPseudo($data["pseudo"])
|
||||
->setEmail('anonymous@example.com');
|
||||
|
||||
$foundOwner = $em->findOneByEmail( $data[ 'email' ] );
|
||||
// manage existing or new Owner
|
||||
if ( ! $foundOwner ) {
|
||||
$foundOwner = new Owner();
|
||||
$foundOwner->setPseudo( $data[ 'email' ] )
|
||||
->setEmail( $data[ 'email' ] )
|
||||
->setModifierToken( uniqid( '', true ) );
|
||||
}
|
||||
// anti flood
|
||||
$seconds_limit_lastpost = 5;
|
||||
$emComment = $this->getDoctrine()->getRepository( Comment::class );
|
||||
$lastCommentOfOwner = $emComment->findBy( [ 'owner' => $foundOwner ], [ 'id' => 'desc' ] );
|
||||
$comment->setOwner($owner)
|
||||
->setPseudo($data["pseudo"])
|
||||
->setText($data["text"])
|
||||
->setCreatedAt(new DateTime())
|
||||
->setPoll($poll);
|
||||
$owner
|
||||
->addComment($comment);
|
||||
|
||||
// TODO anti flood by session / IP
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$em->persist($owner);
|
||||
$em->persist($comment);
|
||||
$em->flush();
|
||||
|
||||
if ( $lastCommentOfOwner ) {
|
||||
if ($poll->getMailOnComment()) {
|
||||
$this->sendCommentNotificationAction($owner, $comment);
|
||||
}
|
||||
|
||||
|
||||
// check time of last comment
|
||||
$now = new DateTime();
|
||||
$now = $now->format( 'Y-m-d H:i:s' );
|
||||
$date_first = strtotime( $lastCommentOfOwner[ 0 ]->getCreatedAt()->format( 'Y-m-d H:i:s' ) );
|
||||
$date_second = strtotime( $now );
|
||||
|
||||
if ( ( $date_second - $date_first ) < $seconds_limit_lastpost ) {
|
||||
return $this->json( [
|
||||
'message' => 'anti flood déclenché',
|
||||
'details' => 'votre deriner commentaire a été envoyé il y a moins de ' . $seconds_limit_lastpost . ' secondes',
|
||||
],
|
||||
403 );
|
||||
}
|
||||
|
||||
// check similar text content
|
||||
if ( $lastCommentOfOwner[ 0 ]->getText() == $comment->getText() ) {
|
||||
return $this->json( [
|
||||
'message' => 'anti flood déclenché',
|
||||
'details' => 'votre deriner commentaire a exactement le même contenu que celui ci, il n\'a donc pas été créé',
|
||||
],
|
||||
403 );
|
||||
}
|
||||
}
|
||||
$comment->setOwner( $foundOwner )
|
||||
->setCreatedAt( new DateTime() )
|
||||
->setPoll( $poll );
|
||||
$foundOwner->addComment( $comment );
|
||||
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$em->persist( $foundOwner );
|
||||
$em->persist( $comment );
|
||||
$em->flush();
|
||||
|
||||
if ( $poll->getMailOnComment() ) {
|
||||
$this->sendCommentNotificationAction( $foundOwner, $comment );
|
||||
}
|
||||
return $this->json( $comment->display(),
|
||||
|
||||
|
||||
return $this->json( [
|
||||
'message' => 'you created a comment',
|
||||
'data' => [
|
||||
'your_comment' => $comment->display(),
|
||||
],
|
||||
],
|
||||
201 );
|
||||
}
|
||||
201);
|
||||
|
||||
/**
|
||||
* Erase all comments of a poll
|
||||
* @Delete(
|
||||
* path = "/poll/{id}",
|
||||
* name = "poll_comments_delete",
|
||||
* requirements = {"accessToken"="\w+", "id"="\d+"}
|
||||
* )
|
||||
*
|
||||
* @param Poll $poll
|
||||
* @param $accessToken
|
||||
*
|
||||
* @return JsonResponse
|
||||
*/
|
||||
public
|
||||
function deletePollCommentsAction(
|
||||
Poll $poll,
|
||||
$accessToken
|
||||
) {
|
||||
if ( $accessToken == $poll->getAdminKey() ) {
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$length = count( $poll->getComments() );
|
||||
$em->remove( $poll->getComments() );
|
||||
$em->flush();
|
||||
}
|
||||
|
||||
return $this->json( [
|
||||
'message' => 'boom! les ' . $length . ' commentaires du sondage ont été supprimés',
|
||||
] );
|
||||
} else {
|
||||
return $this->json( [
|
||||
'message' => 'le token d\'autorisation est invalide, vous ne pouvez pas modifier ce sondage',
|
||||
] );
|
||||
}
|
||||
}
|
||||
/**
|
||||
* add a comment on a poll
|
||||
* @Route(
|
||||
* "/poll/{customUrl}/by-owner",
|
||||
* "_new_comment_by_owner",
|
||||
* methods={"POST"}
|
||||
* )
|
||||
*/
|
||||
public
|
||||
function newCommentByOwnerAction(
|
||||
Poll $poll,
|
||||
Request $request
|
||||
)
|
||||
{
|
||||
if (!$poll) {
|
||||
return $this->json(['message' => 'poll not found'], 404);
|
||||
}
|
||||
$data = $request->getContent();
|
||||
|
||||
$serializer = SerializerBuilder::create()->build();
|
||||
$comment = $serializer->deserialize($data, 'App\Entity\Comment', 'json');
|
||||
|
||||
$em = $this->getDoctrine()->getRepository(Owner::class);
|
||||
|
||||
$data = json_decode($data, true);
|
||||
if (!isset($data['email'])) {
|
||||
return $this->json(["message" => "Incorrect JSON in request"], 400);
|
||||
}
|
||||
|
||||
$foundOwner = $em->findOneByEmail($data['email']);
|
||||
// manage existing or new Owner
|
||||
if (!$foundOwner) {
|
||||
$foundOwner = new Owner();
|
||||
$foundOwner->setPseudo($data['pseudo'])
|
||||
->setEmail($data['email'])
|
||||
->setModifierToken(uniqid('', true));
|
||||
}
|
||||
// anti flood
|
||||
$seconds_limit_lastpost = 5;
|
||||
$emComment = $this->getDoctrine()->getRepository(Comment::class);
|
||||
$lastCommentOfOwner = $emComment->findBy(['owner' => $foundOwner], ['id' => 'desc']);
|
||||
|
||||
// TODO anti flood by session / IP
|
||||
|
||||
if ($lastCommentOfOwner) {
|
||||
|
||||
|
||||
// check time of last comment
|
||||
$now = new DateTime();
|
||||
$now = $now->format('Y-m-d H:i:s');
|
||||
$date_first = strtotime($lastCommentOfOwner[0]->getCreatedAt()->format('Y-m-d H:i:s'));
|
||||
$date_second = strtotime($now);
|
||||
|
||||
if (($date_second - $date_first) < $seconds_limit_lastpost) {
|
||||
return $this->json([
|
||||
'message' => 'anti flood déclenché',
|
||||
'details' => 'votre deriner commentaire a été envoyé il y a moins de ' . $seconds_limit_lastpost . ' secondes',
|
||||
],
|
||||
403);
|
||||
}
|
||||
|
||||
// check similar text content
|
||||
if ($lastCommentOfOwner[0]->getText() == $comment->getText()) {
|
||||
return $this->json([
|
||||
'message' => 'anti flood déclenché',
|
||||
'details' => 'votre deriner commentaire a exactement le même contenu que celui ci, il n\'a donc pas été créé',
|
||||
],
|
||||
403);
|
||||
}
|
||||
}
|
||||
$comment->setOwner($foundOwner)
|
||||
->setCreatedAt(new DateTime())
|
||||
->setPoll($poll);
|
||||
$foundOwner->addComment($comment);
|
||||
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$em->persist($foundOwner);
|
||||
$em->persist($comment);
|
||||
$em->flush();
|
||||
|
||||
if ($poll->getMailOnComment()) {
|
||||
$this->sendCommentNotificationAction($foundOwner, $comment);
|
||||
}
|
||||
|
||||
|
||||
return $this->json([
|
||||
'message' => 'you created a comment',
|
||||
'data' => [
|
||||
'your_comment' => $comment->display(),
|
||||
],
|
||||
],
|
||||
201);
|
||||
}
|
||||
|
||||
/**
|
||||
* Erase all comments of a poll
|
||||
* @Delete(
|
||||
* path = "/poll/{customUrl}",
|
||||
* name = "poll_comments_delete"
|
||||
* )
|
||||
*
|
||||
* @param Poll $poll
|
||||
* @param $accessToken
|
||||
*
|
||||
* @return JsonResponse
|
||||
*/
|
||||
public
|
||||
function deletePollCommentsAction(
|
||||
Poll $poll,
|
||||
$accessToken
|
||||
)
|
||||
{
|
||||
if ($accessToken == $poll->getAdminKey()) {
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$length = count($poll->getComments());
|
||||
$em->remove($poll->getComments());
|
||||
$em->flush();
|
||||
|
||||
return $this->json([
|
||||
'message' => 'boom! les ' . $length . ' commentaires du sondage ont été supprimés',
|
||||
]);
|
||||
} else {
|
||||
return $this->json([
|
||||
'message' => 'le token d\'autorisation est invalide, vous ne pouvez pas modifier ce sondage',
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -295,7 +295,7 @@ class PollController extends EmailsController
|
||||
/**
|
||||
* @Route(
|
||||
* "/",
|
||||
* "_new_poll",
|
||||
* "_new_poll_v1",
|
||||
* methods={"POST"}
|
||||
* )
|
||||
* @param Request $request
|
||||
|
Loading…
Reference in New Issue
Block a user