178 lines
4.7 KiB
PHP
178 lines
4.7 KiB
PHP
<?php
|
|
|
|
namespace App\Controller;
|
|
|
|
use App\Entity\Comment;
|
|
use App\Entity\Owner;
|
|
use App\Entity\Poll;
|
|
use DateTime;
|
|
use FOS\RestBundle\Controller\Annotations\Delete;
|
|
use FOS\RestBundle\Controller\Annotations\Get;
|
|
use FOS\RestBundle\Controller\Annotations\Post;
|
|
use FOS\RestBundle\Controller\Annotations\Route;
|
|
use JMS\Serializer\SerializerBuilder;
|
|
use JMS\Serializer\SerializerInterface;
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
/**
|
|
* Class DefaultController
|
|
* @package App\Controller
|
|
* @Route("/api/v1",name="api_")
|
|
*/
|
|
class CommentController extends FramadateController {
|
|
|
|
/**
|
|
* @Get(
|
|
* path = "/poll/{id}/comments",
|
|
* name = "get_poll_comment",
|
|
* requirements = {"id"="\d+"}
|
|
* )
|
|
*/
|
|
public
|
|
function getPollCommentsAction(
|
|
SerializerInterface $serializer,
|
|
Poll $poll
|
|
) {
|
|
$jsonResponse = $serializer->serialize([
|
|
'message' => 'here are your comments of the poll',
|
|
'data' => $poll->getComments()], 'json');
|
|
|
|
$response = new Response($jsonResponse);
|
|
$response->headers->set('Content-Type', 'application/json');
|
|
$response->setStatusCode(200);
|
|
|
|
return $response;
|
|
|
|
}
|
|
|
|
/**
|
|
* add a comment on a poll
|
|
* @Post(
|
|
* path = "/poll/{id}/comment",
|
|
* name = "new_comment",
|
|
* requirements = {"content"="\w+", "id"="\d+"}
|
|
* )
|
|
*/
|
|
public
|
|
function newCommentAction(
|
|
Poll $poll,
|
|
Request $request
|
|
) {
|
|
if ( ! $poll ) {
|
|
return $this->json( [ 'message' => 'poll not found' ], 404 );
|
|
}
|
|
$data = $request->getContent();
|
|
|
|
$serializer = SerializerBuilder::create()->build();
|
|
$comment = $serializer->deserialize( $data, 'App\Entity\Comment', 'json' );
|
|
|
|
$em = $this->getDoctrine()->getRepository( Owner::class );
|
|
|
|
$data = json_decode( $data, true );
|
|
if(!isset($data['email'])) {
|
|
return $this->json(["message" => "Incorrect JSON in request"], 400);
|
|
}
|
|
|
|
$foundOwner = $em->findOneByEmail( $data[ 'email' ] );
|
|
// manage existing or new Owner
|
|
if ( ! $foundOwner ) {
|
|
$foundOwner = new Owner();
|
|
$foundOwner->setPseudo( $data[ 'email' ] )
|
|
->setEmail( $data[ 'email' ] )
|
|
->setModifierToken( uniqid( '', true ) );
|
|
}
|
|
// anti flood
|
|
$seconds_limit_lastpost = 5;
|
|
$emComment = $this->getDoctrine()->getRepository( Comment::class );
|
|
$lastCommentOfOwner = $emComment->findBy( [ 'owner' => $foundOwner ], [ 'id' => 'desc' ] );
|
|
|
|
// TODO anti flood by session / IP
|
|
|
|
if ( $lastCommentOfOwner ) {
|
|
|
|
|
|
// check time of last comment
|
|
$now = new DateTime();
|
|
$now = $now->format( 'Y-m-d H:i:s' );
|
|
$date_first = strtotime( $lastCommentOfOwner[ 0 ]->getCreatedAt()->format( 'Y-m-d H:i:s' ) );
|
|
$date_second = strtotime( $now );
|
|
|
|
if ( ( $date_second - $date_first ) < $seconds_limit_lastpost ) {
|
|
return $this->json( [
|
|
'message' => 'anti flood déclenché',
|
|
'details' => 'votre deriner commentaire a été envoyé il y a moins de ' . $seconds_limit_lastpost . ' secondes',
|
|
],
|
|
403 );
|
|
}
|
|
|
|
// check similar text content
|
|
if ( $lastCommentOfOwner[ 0 ]->getText() == $comment->getText() ) {
|
|
return $this->json( [
|
|
'message' => 'anti flood déclenché',
|
|
'details' => 'votre deriner commentaire a exactement le même contenu que celui ci, il n\'a donc pas été créé',
|
|
],
|
|
403 );
|
|
}
|
|
}
|
|
$comment->setOwner( $foundOwner )
|
|
->setCreatedAt( new DateTime() )
|
|
->setPoll( $poll );
|
|
$foundOwner->addComment( $comment );
|
|
|
|
$em = $this->getDoctrine()->getManager();
|
|
$em->persist( $foundOwner );
|
|
$em->persist( $comment );
|
|
$em->flush();
|
|
|
|
if($poll->getMailOnComment()){
|
|
$this->sendCommentNotificationAction($foundOwner, $comment);
|
|
}
|
|
|
|
|
|
return $this->json( [
|
|
'message' => 'you created a comment',
|
|
'data' => [
|
|
'your_comment' => $comment->display(),
|
|
],
|
|
],
|
|
201 );
|
|
}
|
|
|
|
/**
|
|
* Erase all comments of a poll
|
|
* @Delete(
|
|
* path = "/poll/{id}/comments",
|
|
* name = "poll_comments_delete",
|
|
* requirements = {"accessToken"="\w+", "id"="\d+"}
|
|
* )
|
|
*
|
|
* @param Poll $poll
|
|
* @param $accessToken
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public
|
|
function deletePollCommentsAction(
|
|
Poll $poll,
|
|
$accessToken
|
|
) {
|
|
if ( $accessToken == $poll->getAdminKey() ) {
|
|
$em = $this->getDoctrine()->getManager();
|
|
$length = count( $poll->getComments() );
|
|
$em->remove( $poll->getComments() );
|
|
$em->flush();
|
|
|
|
return $this->json( [
|
|
'message' => 'boom! les ' . $length . ' commentaires du sondage ont été supprimés',
|
|
] );
|
|
} else {
|
|
return $this->json( [
|
|
'message' => 'le token d\'autorisation est invalide, vous ne pouvez pas modifier ce sondage',
|
|
] );
|
|
}
|
|
}
|
|
|
|
}
|