1
0
mirror of https://framagit.org/tykayn/date-poll-api synced 2023-08-25 08:23:11 +02:00
date-poll-api/src/Controller/CommentController.php

164 lines
4.2 KiB
PHP

<?php
namespace App\Controller;
use App\Entity\Comment;
use App\Entity\Owner;
use App\Entity\Poll;
use DateTime;
use FOS\RestBundle\Controller\Annotations\Delete;
use FOS\RestBundle\Controller\Annotations\Get;
use FOS\RestBundle\Controller\Annotations\Post;
use FOS\RestBundle\Controller\Annotations\Route;
use JMS\Serializer\SerializerBuilder;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
/**
* Class DefaultController
* @package App\Controller
* @Route("/api/v1",name="api_")
*/
class CommentController extends FramadateController {
/**
* @Get(
* path = "/poll/{id}/comments",
* name = "get_poll_comment",
* requirements = {"poll_id"="\d+"}
* )
*/
public
function getPollCommentsAction(
Poll $poll
) {
return $this->json( [
'message' => 'here are your comments of the poll',
'data' => $poll->getComments(),
],
200 );
}
/**
* add a comment on a poll
* @Post(
* path = "/poll/{id}/comment",
* name = "new_comment",
* requirements = {"content"="\w+", "poll_id"="\d+"}
* )
*/
public
function newCommentAction(
Poll $poll,
Request $request
) {
if ( ! $poll ) {
return $this->json( [ 'message' => 'poll not found' ], 404 );
}
$data = $request->getContent();
$serializer = SerializerBuilder::create()->build();
$comment = $serializer->deserialize( $data, 'App\Entity\Comment', 'json' );
$em = $this->getDoctrine()->getRepository( Owner::class );
$data = json_decode( $data, true );
$foundOwner = $em->findOneByEmail( $data[ 'email' ] );
// manage existing or new Owner
if ( ! $foundOwner ) {
$foundOwner = new Owner();
$foundOwner->setPseudo( $data[ 'owner' ][ 'email' ] )
->setEmail( $data[ 'owner' ][ 'email' ] )
->setModifierToken( uniqid( '', true ) );
}
// anti flood
$seconds_limit_lastpost = 5;
$emComment = $this->getDoctrine()->getRepository( Comment::class );
$lastCommentOfOwner = $emComment->findBy( [ 'owner' => $foundOwner ], [ 'id' => 'desc' ] );
// TODO anti flood by session / IP
if ( $lastCommentOfOwner ) {
// check time of last comment
$now = new DateTime();
$now = $now->format( 'Y-m-d H:i:s' );
$date_first = strtotime( $lastCommentOfOwner[ 0 ]->getCreatedAt()->format( 'Y-m-d H:i:s' ) );
$date_second = strtotime( $now );
if ( ( $date_second - $date_first ) < $seconds_limit_lastpost ) {
return $this->json( [
'message' => 'anti flood déclenché',
'details' => 'votre deriner commentaire a été envoyé il y a moins de ' . $seconds_limit_lastpost . ' secondes',
],
403 );
}
// check similar text content
if ( $lastCommentOfOwner[ 0 ]->getText() == $comment->getText() ) {
return $this->json( [
'message' => 'anti flood déclenché',
'details' => 'votre deriner commentaire a exactement le même contenu que celui ci, il n\'a donc pas été créé',
],
403 );
}
}
$comment->setOwner( $foundOwner )
->setCreatedAt( new DateTime() )
->setPoll( $poll );
$foundOwner->addComment( $comment );
$em = $this->getDoctrine()->getManager();
$em->persist( $foundOwner );
$em->persist( $comment );
$em->flush();
$this->mail_service->sendCommentNotification($comment);
return $this->json( [
'message' => 'you created a comment',
'data' => [
'your_comment' => $comment->display(),
],
],
201 );
}
/**
* Erase all comments of a poll
* @Delete(
* path = "/poll/{id}/comments",
* name = "poll_comments_delete",
* requirements = {"accessToken"="\w+", "poll_id"="\d+"}
* )
*
* @param Poll $poll
* @param $accessToken
*
* @return JsonResponse
*/
public
function deletePollCommentsAction(
Poll $poll,
$accessToken
) {
if ( $accessToken == $poll->getAdminKey() ) {
$em = $this->getDoctrine()->getManager();
$length = count( $poll->getComments() );
$em->remove( $poll->getComments() );
$em->flush();
return $this->json( [
'message' => 'boom! les ' . $length . ' commentaires du sondage ont été supprimés',
] );
} else {
return $this->json( [
'message' => 'le token d\'autorisation est invalide, vous ne pouvez pas modifier ce sondage',
] );
}
}
}