tykayn/date-poll-api
1
0
Fork 0
mirror of https://framagit.org/tykayn/date-poll-api synced 2023-08-25 08:23:11 +02:00
Code Issues Releases Wiki Activity

return poll found by curstomUrl only, restrict access with pass protection, add default pass to fixture

Browse Source
This commit is contained in:
Tykayn 2021-02-24 10:30:00 +01:00 committed by tykayn
parent 9b9d852d49
commit f540c6a640
4 changed files with 96 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Controller/FramadateController.php
View File

@ -8,6 +8,12 @@ use JMS\Serializer\Type\Exception\Exception;
use Swift_Message; use Swift_Message;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
/**
* sending emails controller
*
* Class FramadateController
* @package App\Controller
*/
class FramadateController extends AbstractController { class FramadateController extends AbstractController {
private $mail_service; private $mail_service;

16
src/Controller/PollController.php
View File

@ -9,6 +9,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Routing\Annotation\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
/** /**
* @Route("/poll") * @Route("/poll")
@ -21,7 +22,7 @@ class PollController extends AbstractController
public function index(PollRepository $pollRepository): Response public function index(PollRepository $pollRepository): Response
{ {
return $this->render('poll/index.html.twig', [ return $this->render('poll/index.html.twig', [
'polls' => $pollRepository->findAll(), 'polls' => count($pollRepository->findAll()),
]); ]);
} }
@ -49,12 +50,21 @@ class PollController extends AbstractController
} }
/** /**
* on cherche un sondage par son url personnalisée
* @Route("/{id}", name="poll_show", methods={"GET"}) * @Route("/{id}", name="poll_show", methods={"GET"})
*/ */
public function show(Poll $poll): Response public function show($id): Response
{ {
$repository = $this->getDoctrine()->getRepository(Poll::class);
$foundPoll = $repository->findOneByCustomUrl($id);
if(!$foundPoll){
return $this->json([
'message' => $id.' : not found'
], 404);
}
return $this->render('poll/show.html.twig', [ return $this->render('poll/show.html.twig', [
'poll' => $poll, 'poll' => $foundPoll,
]); ]);
} }

72
src/Controller/api/PollController.php
View File

@ -35,61 +35,101 @@ class PollController extends FramadateController {
*/ */
public function getAllPollsAction() { public function getAllPollsAction() {
$repository = $this->getDoctrine()->getRepository( Poll::class ); $repository = $this->getDoctrine()->getRepository( Poll::class );
$data = $repository->findall(); $data = $repository->findAll();
return $this->json( [ return $this->json( [
'message' => 'here are your polls', 'message' => 'here are your polls',
'poll' => $data, 'poll' => count( $data ),
], ] );
200 );
} }
/** /**
* get a poll config by its custom URL, we do not want polls to be reachable by their numeric id
* @Get( * @Get(
* path = "/{id}", * path = "/{id}",
* name = "get_poll", * name = "get_poll",
* requirements = {"poll_id"="\d+"} * requirements = {"id"="\w+"}
* ) * )
*
* @param SerializerInterface $serializer * @param SerializerInterface $serializer
* @param Poll $poll
* @param Request $request * @param Request $request
* *
* @return JsonResponse|Response * @return JsonResponse|Response
*/ */
public function getPollConfig( public function getPollConfig(
SerializerInterface $serializer, SerializerInterface $serializer,
Poll $poll, $id,
Request $request Request $request
) { ) {
$pass = $poll->getPassword(); $repository = $this->getDoctrine()->getRepository( Poll::class );
$data = $request->getContent(); $poll = $repository->findOneByCustomUrl( $id );
$data = json_decode( $data, true );
if ( ! $poll ) {
return $this->json( [
'message' => $id . ' : poll not found',
],
404 );
}
$comments = $poll->getComments(); $comments = $poll->getComments();
$pass = $poll->getPassword();
$returnedPoll = [ $returnedPoll = [
'message' => 'your poll config', 'message' => 'your poll config for ' . $poll->getTitle(),
'password_protected' => $pass ? 'yes' : 'no',
// TODO do not render sub objects of owner, it returns too many things
'poll' => $poll, 'poll' => $poll,
'stacks_count' => count( $poll->getStacksOfVotes() ), 'stacks_count' => count( $poll->getStacksOfVotes() ),
'stacks' => $poll->getStacksOfVotes(), 'stacks' => $poll->getStacksOfVotes(),
'choices_count' => $poll->computeAnswers(), 'choices_count' => $poll->computeAnswers(),
'choices' => $poll->getChoices(), 'choices' => $poll->getChoices(),
'comments' => $comments, // 'comments' => $comments,
'comments_count' => count( $comments ), 'comments_count' => count( $comments ),
]; ];
$data = $request->getContent();
$passwordProvided = false;
if(is_array($data) && $data[ 'password_input' ] !== null){
$passwordProvided = $data[ 'password_input' ];
}
/** /**
* password protected content * password protected content
*/ */
if ( $pass && $pass !== md5( $data[ 'password_input' ] ) ) { if ( $pass ) {
if(!$passwordProvided){
var_dump($data);
// no password given
return $this->json( [ return $this->json( [
'message' => 'your password ' . $data[ 'password_input' ] . ' is wrong, and you should feel bad', 'message' => 'this is protected by a password,but you did not provide the password_input parameter, and you should feel bad ' ,
'data' => $data
],
403 );
}
elseif ( $pass === md5( $passwordProvided ) ) {
// good matching pass
return $this->returnPollData( $poll, $serializer );
} else {
// wrong pass
$data = json_decode( $data, true );
return $this->json( [
'message' => 'this is protected by a password, your password "' . $serializer->serialize($data[ 'password_input' ], 'json') . '" is wrong, and you should feel bad',
'data' => null, 'data' => null,
], ],
403 ); 403 );
}
} else { } else {
$jsonResponse = $serializer->serialize( $returnedPoll, 'json' ); // free access to poll
return $this->returnPollData( $poll, $serializer );
}
}
function returnPollData( $poll, $serializer ) {
$jsonResponse = $serializer->serialize( $poll, 'json' );
$response = new Response( $jsonResponse ); $response = new Response( $jsonResponse );
$response->headers->set( 'Content-Type', 'application/json' ); $response->headers->set( 'Content-Type', 'application/json' );
@ -98,8 +138,6 @@ class PollController extends FramadateController {
return $response; return $response;
} }
}
/** /**
* @Put( * @Put(
* path = "/{id}/{token}", * path = "/{id}/{token}",

11
src/DataFixtures/AppPollFixtures.php
View File

@ -37,9 +37,11 @@ class AppPollFixtures extends Fixture {
$poll = new Poll(); $poll = new Poll();
$poll->setTitle( 'citron ou orange' ) $poll->setTitle( 'citron ou orange' )
->setCustomUrl('citron')
->setDescription( 'votre sorbert préféré' ) ->setDescription( 'votre sorbert préféré' )
->setAdminKey( uniqid() ) ->setAdminKey( uniqid() )
->setModificationPolicy( 'nobody' ); ->setModificationPolicy( 'nobody' )
->setPassword('le pass woute woute');
$poll->setMailOnVote( true ); $poll->setMailOnVote( true );
$poll->setOwner( $owner ); $poll->setOwner( $owner );
$owner->addPoll( $poll ); $owner->addPoll( $poll );
@ -107,8 +109,9 @@ class AppPollFixtures extends Fixture {
$poll->addComment( $someoneComment ); $poll->addComment( $someoneComment );
$poll->setTitle( 'démo sondage de texte avec deux commentaires' ); $poll->setTitle( 'démo sondage de texte avec deux commentaires' )
$poll->setDescription( 'description du sondage 2' ); ->setCustomUrl('demo')
->setDescription( 'description du sondage 2' );
$poll->setAdminKey( uniqid() ); $poll->setAdminKey( uniqid() );
$poll->setModificationPolicy( 'self' ); $poll->setModificationPolicy( 'self' );
@ -137,6 +140,7 @@ class AppPollFixtures extends Fixture {
$choice3->setName( $poll->addDaysToDate( $firstDate, 2 )->format( 'Y-m-d H:i:s' ) ); $choice3->setName( $poll->addDaysToDate( $firstDate, 2 )->format( 'Y-m-d H:i:s' ) );
$poll->setTitle( "c'est pour aujourdhui ou pour demain" ) $poll->setTitle( "c'est pour aujourdhui ou pour demain" )
->setCustomUrl('aujourdhui-ou-demain')
->setDescription( 'Vous avez le choix dans la date' ) ->setDescription( 'Vous avez le choix dans la date' )
->setKind( 'date' ) ->setKind( 'date' )
->setOwner( $owner ) ->setOwner( $owner )
@ -149,6 +153,7 @@ class AppPollFixtures extends Fixture {
// poll with cartoon choices // poll with cartoon choices
$poll = new Poll(); $poll = new Poll();
$poll->setTitle( 'dessin animé préféré' ) $poll->setTitle( 'dessin animé préféré' )
->setCustomUrl('dessin-anime')
->setDescription( 'choisissez votre animé préféré' ) ->setDescription( 'choisissez votre animé préféré' )
->setOwner( $owner ) ->setOwner( $owner )
->setModificationPolicy( 'self' ) ->setModificationPolicy( 'self' )