From c2995e979916ecb306a12340dedc0a6299f98c31 Mon Sep 17 00:00:00 2001
From: Baptiste Lemoine <contact@cipherbliss.com>
Date: Tue, 4 Feb 2020 12:38:07 +0100
Subject: [PATCH] :zap: handle modifier token

---
 src/Controller/VoteController.php |  47 ++++++-
 src/Entity/StackOfVotes.php       |  22 ++-
 src/Entity/Vote.php               | 219 ++++++++++++++++--------------
 3 files changed, 168 insertions(+), 120 deletions(-)

diff --git a/src/Controller/VoteController.php b/src/Controller/VoteController.php
index 0605c0e..4edf10f 100644
--- a/src/Controller/VoteController.php
+++ b/src/Controller/VoteController.php
@@ -8,6 +8,7 @@ use App\Entity\Poll;
 use App\Entity\StackOfVotes;
 use App\Entity\Vote;
 use FOS\RestBundle\Controller\Annotations\Delete;
+use FOS\RestBundle\Controller\Annotations\Patch;
 use FOS\RestBundle\Controller\Annotations\Post;
 use FOS\RestBundle\Controller\Annotations\Route;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
@@ -22,7 +23,7 @@ use Symfony\Component\HttpFoundation\Request;
 class VoteController extends AbstractController {
 
 	/**
-	 * add a vote on a poll
+	 * add a vote stack on a poll
 	 * @Post(
 	 *     path = "/poll/{id}/vote",
 	 *     name = "new_vote_stack",
@@ -128,13 +129,55 @@ class VoteController extends AbstractController {
 			'choices'              => $choices,
 			'choices_count'        => $poll->computeAnswers(),
 			'vote_count'           => count( $poll->getStacksOfVotes() ),
-			'owner_modifier_token' => $foundOwner->getModifierToken(),
+			'owner'                => $stack->getOwner(),
+			'owner_modifier_token' => $stack->getOwner()->getModifierToken(),
 			'admin_key'            => $poll->getAdminKey(),
 			'json_you_sent'        => $data,
 		],
 			201 );
 	}
 
+	/**
+	 * update vote stack
+	 * @Patch(
+	 *     path = "/vote-stack/{id}/token/{modifierToken}",
+	 *     name = "update_vote_stack",
+	 *     requirements = { "id"="\d+"}
+	 * )
+	 */
+	public
+	function updateVoteStackAction(
+		StackOfVotes $id,
+		$modifierToken,
+		Request $request
+	) {
+		$voteStack = $id;
+		if ( ! $voteStack ) {
+			return $this->json( [ 'message' => 'vote stack not found' ], 404 );
+		}
+		$poll = $voteStack->getPoll();
+
+		// if only self users are allowed to modify a vote, check it
+		if ( ! $modifierToken || $voteStack->getOwner()->getModifierToken() !== $modifierToken ) {
+			return $this->json( [ 'message' => 'your token does not allow you to modify this vote ' ],
+				403 );
+		}
+		// everything is ok, we can update all the votes of the vote stack
+		//TODO
+		// match votes and choices
+		// update answers
+		// save evrything
+
+		return $this->json( [
+			'message'        => 'ok',
+			'modifier_token' => $voteStack->getOwner()->getModifierToken(),
+			'vote_stack'     => $voteStack->display(),
+		],
+			200 );
+
+
+	}
+
 	/**
 	 * @Delete(
 	 *     path = "/poll/{id}/votes/{accessToken}",
diff --git a/src/Entity/StackOfVotes.php b/src/Entity/StackOfVotes.php
index 56fe536..397464c 100644
--- a/src/Entity/StackOfVotes.php
+++ b/src/Entity/StackOfVotes.php
@@ -45,10 +45,11 @@ class StackOfVotes {
 
 	public function display() {
 		$tab = [
-			'id'            => $this->getId(),
-			'pseudo'        => '',
-			'creation_date' => '',
-			'votes'         => [],
+			'id'             => $this->getId(),
+			'modifier_token' => $this->getOwner()->getModifierToken(),
+			'pseudo'         => '',
+			'creation_date'  => '',
+			'votes'          => [],
 		];
 		// prefill votes with all choices ids
 		foreach ( $this->getPoll()->getChoices() as $choice ) {
@@ -58,15 +59,10 @@ class StackOfVotes {
 		}
 
 		foreach ( $this->getVotes() as $vote ) {
-			$tab[ 'votes' ][ $vote->getChoice()->getId() ] = [
-				'id'        => $this->getId(),
-				'vote_id'   => $vote->getId(),
-				'value'     => $vote->getValue(),
-				'choice_id' => $vote->getChoice()->getId(),
-				'text'      => $vote->getChoice()->getName(),
-			];
-			$tab[ 'pseudo' ]                               = $this->getOwner()->getPseudo();
-			$tab[ 'creation_date' ]                        = $vote->getCreationDate();
+			$tab[ 'votes' ][ $vote->getChoice()->getId() ]               = $vote->display();
+			$tab[ 'votes' ][ $vote->getChoice()->getId() ][ 'stack_id' ] = $this->getId();
+			$tab[ 'pseudo' ]                                             = $this->getOwner()->getPseudo();
+			$tab[ 'creation_date' ]                                      = $vote->getCreationDate();
 		}
 
 		return $tab;
diff --git a/src/Entity/Vote.php b/src/Entity/Vote.php
index 707c403..00a5857 100644
--- a/src/Entity/Vote.php
+++ b/src/Entity/Vote.php
@@ -1,115 +1,124 @@
 <?php
 
-namespace App\Entity;
+	namespace App\Entity;
 
-use DateTimeInterface;
-use Doctrine\ORM\Mapping as ORM;
-use JMS\Serializer\Annotation as Serializer;
+	use DateTimeInterface;
+	use Doctrine\ORM\Mapping as ORM;
+	use JMS\Serializer\Annotation as Serializer;
 
-/**
- * @ORM\Entity(repositoryClass="App\Repository\VoteRepository")
- */
-class Vote {
 	/**
-	 * for a text kind of choice: could be "yes" "no" "maybe" and emptu.
-	 * for a date kind, the choice linked is equivalent to the value selected
-	 * @ORM\Column(type="string", length=255, nullable=true)
-	 * @Serializer\Type("string")
-	 * @Serializer\Expose()
+	 * @ORM\Entity(repositoryClass="App\Repository\VoteRepository")
 	 */
-	public $value;
-	/**
-	 * @ORM\Column(type="datetime" , options={"default"="CURRENT_TIMESTAMP"})
-	 * @Serializer\Type("datetime")
-	 * @Serializer\Expose()
-	 */
-	public $creationDate;
-	/**
-	 * @ORM\ManyToOne(targetEntity="App\Entity\Choice", inversedBy="votes", cascade={"persist"})
-	 * @ORM\JoinColumn(nullable=false)
-	 * @Serializer\Type("App\Entity\choice")
-	 * @Serializer\Expose()
-	 */
-	public $choice;
-	/**
-	 * @ORM\Id()
-	 * @ORM\GeneratedValue()
-	 * @ORM\Column(type="integer")
-	 * @Serializer\Type("integer")
-	 * @Serializer\Expose()
-	 */
-	private $id;
-	/**
-	 * @ORM\ManyToOne(targetEntity="App\Entity\Poll", inversedBy="votes", cascade={"persist"})
-	 * @ORM\JoinColumn(nullable=false)
-	 * @Serializer\Type("App\Entity\Poll")
-	 */
-	private $poll;
-	/**
-	 * @ORM\ManyToOne(targetEntity="App\Entity\StackOfVotes", inversedBy="votes", cascade={"persist"})
-	 * @ORM\JoinColumn(nullable=false)
-	 * @Serializer\Type("App\Entity\StackOfVotes")
-	 */
-	private $stacksOfVotes;
+	class Vote {
+		/**
+		 * for a text kind of choice: could be "yes" "no" "maybe" and emptu.
+		 * for a date kind, the choice linked is equivalent to the value selected
+		 * @ORM\Column(type="string", length=255, nullable=true)
+		 * @Serializer\Type("string")
+		 * @Serializer\Expose()
+		 */
+		public $value;
+		/**
+		 * @ORM\Column(type="datetime" , options={"default"="CURRENT_TIMESTAMP"})
+		 * @Serializer\Type("datetime")
+		 * @Serializer\Expose()
+		 */
+		public $creationDate;
+		/**
+		 * @ORM\ManyToOne(targetEntity="App\Entity\Choice", inversedBy="votes", cascade={"persist"})
+		 * @ORM\JoinColumn(nullable=false)
+		 * @Serializer\Type("App\Entity\choice")
+		 * @Serializer\Expose()
+		 */
+		public $choice;
+		/**
+		 * @ORM\Id()
+		 * @ORM\GeneratedValue()
+		 * @ORM\Column(type="integer")
+		 * @Serializer\Type("integer")
+		 * @Serializer\Expose()
+		 */
+		private $id;
+		/**
+		 * @ORM\ManyToOne(targetEntity="App\Entity\Poll", inversedBy="votes", cascade={"persist"})
+		 * @ORM\JoinColumn(nullable=false)
+		 * @Serializer\Type("App\Entity\Poll")
+		 */
+		private $poll;
+		/**
+		 * @ORM\ManyToOne(targetEntity="App\Entity\StackOfVotes", inversedBy="votes", cascade={"persist"})
+		 * @ORM\JoinColumn(nullable=false)
+		 * @Serializer\Type("App\Entity\StackOfVotes")
+		 */
+		private $stacksOfVotes;
 
-	public function __construct() {
-		$this->setCreationDate( new \DateTime() );
-	}
-
-	public function getId(): ?int {
-		return $this->id;
-	}
-
-	public function getPoll(): ?Poll {
-		return $this->poll;
-	}
-
-	public function setPoll( ?Poll $poll ): self {
-		$this->poll = $poll;
-		if ( $poll ) {
-			$poll->addVote( $this );
+		public function display() {
+			return [
+					'id'        => $this->getId(),
+					'value'     => $this->getValue(),
+					'choice_id' => $this->getChoice()->getId(),
+					'text'      => $this->getChoice()->getName(),
+			];
 		}
 
-		return $this;
+		public function __construct() {
+			$this->setCreationDate( new \DateTime() );
+		}
+
+		public function getId(): ?int {
+			return $this->id;
+		}
+
+		public function getPoll(): ?Poll {
+			return $this->poll;
+		}
+
+		public function setPoll( ?Poll $poll ): self {
+			$this->poll = $poll;
+			if ( $poll ) {
+				$poll->addVote( $this );
+			}
+
+			return $this;
+		}
+
+		public function getChoice(): ?Choice {
+			return $this->choice;
+		}
+
+		public function setChoice( ?Choice $choice ): self {
+			$this->choice = $choice;
+
+			return $this;
+		}
+
+		public function getValue(): ?string {
+			return $this->value;
+		}
+
+		public function setValue( ?string $value ): self {
+			$this->value = $value;
+
+			return $this;
+		}
+
+		public function getCreationDate(): ?DateTimeInterface {
+			return $this->creationDate;
+		}
+
+		public function setCreationDate( DateTimeInterface $creationDate ): self {
+			$this->creationDate = $creationDate;
+
+			return $this;
+		}
+
+		public function getStacksOfVotes(): ?StackOfVotes {
+			return $this->stacksOfVotes;
+		}
+
+		public function setStacksOfVotes( ?StackOfVotes $stacksOfVotes ): self {
+			$this->stacksOfVotes = $stacksOfVotes;
+
+			return $this;
+		}
 	}
-
-	public function getChoice(): ?Choice {
-		return $this->choice;
-	}
-
-	public function setChoice( ?Choice $choice ): self {
-		$this->choice = $choice;
-
-		return $this;
-	}
-
-	public function getValue(): ?string {
-		return $this->value;
-	}
-
-	public function setValue( ?string $value ): self {
-		$this->value = $value;
-
-		return $this;
-	}
-
-	public function getCreationDate(): ?DateTimeInterface {
-		return $this->creationDate;
-	}
-
-	public function setCreationDate( DateTimeInterface $creationDate ): self {
-		$this->creationDate = $creationDate;
-
-		return $this;
-	}
-
-	public function getStacksOfVotes(): ?StackOfVotes {
-		return $this->stacksOfVotes;
-	}
-
-	public function setStacksOfVotes( ?StackOfVotes $stacksOfVotes ): self {
-		$this->stacksOfVotes = $stacksOfVotes;
-
-		return $this;
-	}
-}