diff --git a/src/Controller/FramadateController.php b/src/Controller/FramadateController.php index e7fa2eb..0e66487 100644 --- a/src/Controller/FramadateController.php +++ b/src/Controller/FramadateController.php @@ -8,6 +8,12 @@ use JMS\Serializer\Type\Exception\Exception; use Swift_Message; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; +/** + * sending emails controller + * + * Class FramadateController + * @package App\Controller + */ class FramadateController extends AbstractController { private $mail_service; diff --git a/src/Controller/PollController.php b/src/Controller/PollController.php index 12fb81d..ab099e8 100644 --- a/src/Controller/PollController.php +++ b/src/Controller/PollController.php @@ -9,6 +9,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Annotation\Route; +use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; /** * @Route("/poll") @@ -21,7 +22,7 @@ class PollController extends AbstractController public function index(PollRepository $pollRepository): Response { return $this->render('poll/index.html.twig', [ - 'polls' => $pollRepository->findAll(), + 'polls' => count($pollRepository->findAll()), ]); } @@ -49,12 +50,21 @@ class PollController extends AbstractController } /** + * on cherche un sondage par son url personnalisée * @Route("/{id}", name="poll_show", methods={"GET"}) */ - public function show(Poll $poll): Response + public function show($id): Response { + $repository = $this->getDoctrine()->getRepository(Poll::class); + $foundPoll = $repository->findOneByCustomUrl($id); + if(!$foundPoll){ + return $this->json([ + 'message' => $id.' : not found' + ], 404); + } + return $this->render('poll/show.html.twig', [ - 'poll' => $poll, + 'poll' => $foundPoll, ]); } diff --git a/src/Controller/api/PollController.php b/src/Controller/api/PollController.php index af0c9ab..fd21d20 100644 --- a/src/Controller/api/PollController.php +++ b/src/Controller/api/PollController.php @@ -35,71 +35,109 @@ class PollController extends FramadateController { */ public function getAllPollsAction() { $repository = $this->getDoctrine()->getRepository( Poll::class ); - $data = $repository->findall(); + $data = $repository->findAll(); return $this->json( [ 'message' => 'here are your polls', - 'poll' => $data, - ], - 200 ); + 'poll' => count( $data ), + ] ); } /** + * get a poll config by its custom URL, we do not want polls to be reachable by their numeric id * @Get( * path = "/{id}", * name = "get_poll", - * requirements = {"poll_id"="\d+"} + * requirements = {"id"="\w+"} * ) + * * @param SerializerInterface $serializer - * @param Poll $poll * @param Request $request * * @return JsonResponse|Response */ public function getPollConfig( SerializerInterface $serializer, - Poll $poll, + $id, Request $request ) { - $pass = $poll->getPassword(); - $data = $request->getContent(); - $data = json_decode( $data, true ); + $repository = $this->getDoctrine()->getRepository( Poll::class ); + $poll = $repository->findOneByCustomUrl( $id ); + + if ( ! $poll ) { + return $this->json( [ + 'message' => $id . ' : poll not found', + ], + 404 ); + } $comments = $poll->getComments(); + $pass = $poll->getPassword(); $returnedPoll = [ - 'message' => 'your poll config', - 'poll' => $poll, - 'stacks_count' => count( $poll->getStacksOfVotes() ), - 'stacks' => $poll->getStacksOfVotes(), - 'choices_count' => $poll->computeAnswers(), - 'choices' => $poll->getChoices(), - 'comments' => $comments, - 'comments_count' => count( $comments ), + 'message' => 'your poll config for ' . $poll->getTitle(), + 'password_protected' => $pass ? 'yes' : 'no', + // TODO do not render sub objects of owner, it returns too many things + 'poll' => $poll, + 'stacks_count' => count( $poll->getStacksOfVotes() ), + 'stacks' => $poll->getStacksOfVotes(), + 'choices_count' => $poll->computeAnswers(), + 'choices' => $poll->getChoices(), +// 'comments' => $comments, + 'comments_count' => count( $comments ), ]; + + $data = $request->getContent(); + $passwordProvided = false; + if(is_array($data) && $data[ 'password_input' ] !== null){ + $passwordProvided = $data[ 'password_input' ]; + } /** * password protected content */ - if ( $pass && $pass !== md5( $data[ 'password_input' ] ) ) { - return $this->json( [ - 'message' => 'your password ' . $data[ 'password_input' ] . ' is wrong, and you should feel bad', - 'data' => null, - ], - 403 ); + if ( $pass ) { + + if(!$passwordProvided){ + var_dump($data); + // no password given + return $this->json( [ + 'message' => 'this is protected by a password,but you did not provide the password_input parameter, and you should feel bad ' , + 'data' => $data + ], + 403 ); + } + elseif ( $pass === md5( $passwordProvided ) ) { + // good matching pass + return $this->returnPollData( $poll, $serializer ); + } else { + // wrong pass + $data = json_decode( $data, true ); + + return $this->json( [ + 'message' => 'this is protected by a password, your password "' . $serializer->serialize($data[ 'password_input' ], 'json') . '" is wrong, and you should feel bad', + 'data' => null, + ], + 403 ); + } } else { - $jsonResponse = $serializer->serialize( $returnedPoll, 'json' ); - - $response = new Response( $jsonResponse ); - $response->headers->set( 'Content-Type', 'application/json' ); - $response->setStatusCode( 200 ); - - return $response; + // free access to poll + return $this->returnPollData( $poll, $serializer ); } } + function returnPollData( $poll, $serializer ) { + $jsonResponse = $serializer->serialize( $poll, 'json' ); + + $response = new Response( $jsonResponse ); + $response->headers->set( 'Content-Type', 'application/json' ); + $response->setStatusCode( 200 ); + + return $response; + } + /** * @Put( * path = "/{id}/{token}", diff --git a/src/DataFixtures/AppPollFixtures.php b/src/DataFixtures/AppPollFixtures.php index 73ffeeb..d62e78d 100755 --- a/src/DataFixtures/AppPollFixtures.php +++ b/src/DataFixtures/AppPollFixtures.php @@ -37,9 +37,11 @@ class AppPollFixtures extends Fixture { $poll = new Poll(); $poll->setTitle( 'citron ou orange' ) + ->setCustomUrl('citron') ->setDescription( 'votre sorbert préféré' ) ->setAdminKey( uniqid() ) - ->setModificationPolicy( 'nobody' ); + ->setModificationPolicy( 'nobody' ) + ->setPassword('le pass woute woute'); $poll->setMailOnVote( true ); $poll->setOwner( $owner ); $owner->addPoll( $poll ); @@ -107,8 +109,9 @@ class AppPollFixtures extends Fixture { $poll->addComment( $someoneComment ); - $poll->setTitle( 'démo sondage de texte avec deux commentaires' ); - $poll->setDescription( 'description du sondage 2' ); + $poll->setTitle( 'démo sondage de texte avec deux commentaires' ) + ->setCustomUrl('demo') + ->setDescription( 'description du sondage 2' ); $poll->setAdminKey( uniqid() ); $poll->setModificationPolicy( 'self' ); @@ -137,6 +140,7 @@ class AppPollFixtures extends Fixture { $choice3->setName( $poll->addDaysToDate( $firstDate, 2 )->format( 'Y-m-d H:i:s' ) ); $poll->setTitle( "c'est pour aujourdhui ou pour demain" ) + ->setCustomUrl('aujourdhui-ou-demain') ->setDescription( 'Vous avez le choix dans la date' ) ->setKind( 'date' ) ->setOwner( $owner ) @@ -149,6 +153,7 @@ class AppPollFixtures extends Fixture { // poll with cartoon choices $poll = new Poll(); $poll->setTitle( 'dessin animé préféré' ) + ->setCustomUrl('dessin-anime') ->setDescription( 'choisissez votre animé préféré' ) ->setOwner( $owner ) ->setModificationPolicy( 'self' )