mirror of
https://framagit.org/tykayn/date-poll-api
synced 2023-08-25 08:23:11 +02:00
⚡ handle modifier token
This commit is contained in:
parent
158a795446
commit
c2995e9799
@ -8,6 +8,7 @@ use App\Entity\Poll;
|
||||
use App\Entity\StackOfVotes;
|
||||
use App\Entity\Vote;
|
||||
use FOS\RestBundle\Controller\Annotations\Delete;
|
||||
use FOS\RestBundle\Controller\Annotations\Patch;
|
||||
use FOS\RestBundle\Controller\Annotations\Post;
|
||||
use FOS\RestBundle\Controller\Annotations\Route;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
@ -22,7 +23,7 @@ use Symfony\Component\HttpFoundation\Request;
|
||||
class VoteController extends AbstractController {
|
||||
|
||||
/**
|
||||
* add a vote on a poll
|
||||
* add a vote stack on a poll
|
||||
* @Post(
|
||||
* path = "/poll/{id}/vote",
|
||||
* name = "new_vote_stack",
|
||||
@ -128,13 +129,55 @@ class VoteController extends AbstractController {
|
||||
'choices' => $choices,
|
||||
'choices_count' => $poll->computeAnswers(),
|
||||
'vote_count' => count( $poll->getStacksOfVotes() ),
|
||||
'owner_modifier_token' => $foundOwner->getModifierToken(),
|
||||
'owner' => $stack->getOwner(),
|
||||
'owner_modifier_token' => $stack->getOwner()->getModifierToken(),
|
||||
'admin_key' => $poll->getAdminKey(),
|
||||
'json_you_sent' => $data,
|
||||
],
|
||||
201 );
|
||||
}
|
||||
|
||||
/**
|
||||
* update vote stack
|
||||
* @Patch(
|
||||
* path = "/vote-stack/{id}/token/{modifierToken}",
|
||||
* name = "update_vote_stack",
|
||||
* requirements = { "id"="\d+"}
|
||||
* )
|
||||
*/
|
||||
public
|
||||
function updateVoteStackAction(
|
||||
StackOfVotes $id,
|
||||
$modifierToken,
|
||||
Request $request
|
||||
) {
|
||||
$voteStack = $id;
|
||||
if ( ! $voteStack ) {
|
||||
return $this->json( [ 'message' => 'vote stack not found' ], 404 );
|
||||
}
|
||||
$poll = $voteStack->getPoll();
|
||||
|
||||
// if only self users are allowed to modify a vote, check it
|
||||
if ( ! $modifierToken || $voteStack->getOwner()->getModifierToken() !== $modifierToken ) {
|
||||
return $this->json( [ 'message' => 'your token does not allow you to modify this vote ' ],
|
||||
403 );
|
||||
}
|
||||
// everything is ok, we can update all the votes of the vote stack
|
||||
//TODO
|
||||
// match votes and choices
|
||||
// update answers
|
||||
// save evrything
|
||||
|
||||
return $this->json( [
|
||||
'message' => 'ok',
|
||||
'modifier_token' => $voteStack->getOwner()->getModifierToken(),
|
||||
'vote_stack' => $voteStack->display(),
|
||||
],
|
||||
200 );
|
||||
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @Delete(
|
||||
* path = "/poll/{id}/votes/{accessToken}",
|
||||
|
@ -46,6 +46,7 @@ class StackOfVotes {
|
||||
public function display() {
|
||||
$tab = [
|
||||
'id' => $this->getId(),
|
||||
'modifier_token' => $this->getOwner()->getModifierToken(),
|
||||
'pseudo' => '',
|
||||
'creation_date' => '',
|
||||
'votes' => [],
|
||||
@ -58,13 +59,8 @@ class StackOfVotes {
|
||||
}
|
||||
|
||||
foreach ( $this->getVotes() as $vote ) {
|
||||
$tab[ 'votes' ][ $vote->getChoice()->getId() ] = [
|
||||
'id' => $this->getId(),
|
||||
'vote_id' => $vote->getId(),
|
||||
'value' => $vote->getValue(),
|
||||
'choice_id' => $vote->getChoice()->getId(),
|
||||
'text' => $vote->getChoice()->getName(),
|
||||
];
|
||||
$tab[ 'votes' ][ $vote->getChoice()->getId() ] = $vote->display();
|
||||
$tab[ 'votes' ][ $vote->getChoice()->getId() ][ 'stack_id' ] = $this->getId();
|
||||
$tab[ 'pseudo' ] = $this->getOwner()->getPseudo();
|
||||
$tab[ 'creation_date' ] = $vote->getCreationDate();
|
||||
}
|
||||
|
@ -52,6 +52,15 @@ class Vote {
|
||||
*/
|
||||
private $stacksOfVotes;
|
||||
|
||||
public function display() {
|
||||
return [
|
||||
'id' => $this->getId(),
|
||||
'value' => $this->getValue(),
|
||||
'choice_id' => $this->getChoice()->getId(),
|
||||
'text' => $this->getChoice()->getName(),
|
||||
];
|
||||
}
|
||||
|
||||
public function __construct() {
|
||||
$this->setCreationDate( new \DateTime() );
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user