2015-07-19 16:45:55 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace Gist\Controller;
|
|
|
|
|
|
|
|
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
|
|
|
use Gist\Model\Gist;
|
|
|
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
|
|
|
|
use Gist\Form\ApiCreateGistForm;
|
2015-11-07 22:13:08 +01:00
|
|
|
use Gist\Model\GistQuery;
|
|
|
|
|
use Gist\Form\ApiUpdateGistForm;
|
2017-06-25 19:13:27 +02:00
|
|
|
use GitWrapper\GitException;
|
|
|
|
|
use Gist\Model\UserQuery;
|
2017-09-21 18:23:30 +02:00
|
|
|
use Propel\Runtime\ActiveQuery\Criteria;
|
2015-07-19 16:45:55 +02:00
|
|
|
|
|
|
|
|
/**
|
2016-11-13 00:44:23 +01:00
|
|
|
* Class ApiController.
|
|
|
|
|
*
|
2015-07-19 16:45:55 +02:00
|
|
|
* @author Simon Vieille <simon@deblan.fr>
|
|
|
|
|
*/
|
|
|
|
|
class ApiController extends Controller
|
|
|
|
|
{
|
2017-06-25 19:13:27 +02:00
|
|
|
/**
|
|
|
|
|
* Lists gists.
|
|
|
|
|
*
|
|
|
|
|
* @param Request $request
|
|
|
|
|
* @param string $apiKey
|
|
|
|
|
*
|
|
|
|
|
* @return JsonResponse
|
|
|
|
|
*/
|
|
|
|
|
public function listAction(Request $request, $apiKey)
|
|
|
|
|
{
|
|
|
|
|
$app = $this->getApp();
|
|
|
|
|
|
|
|
|
|
if (false === $app['settings']['api']['enabled']) {
|
|
|
|
|
return new Response('', 403);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 23:06:24 +02:00
|
|
|
if (false === $this->isValidApiKey($apiKey, true)) {
|
2017-06-25 19:13:27 +02:00
|
|
|
return $this->invalidApiKeyResponse();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (false === $request->isMethod('get')) {
|
|
|
|
|
return $this->invalidMethodResponse('GET method is required.');
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-23 19:32:56 +02:00
|
|
|
$user = $app['user.provider']->loadUserByApiKey($apiKey);
|
2017-09-21 18:23:30 +02:00
|
|
|
|
|
|
|
|
$criteria = GistQuery::create()
|
|
|
|
|
->limit(15)
|
|
|
|
|
->orderById(Criteria::DESC);
|
|
|
|
|
|
|
|
|
|
$gists = $user->getGists($criteria);
|
2017-06-25 19:13:27 +02:00
|
|
|
$data = array();
|
|
|
|
|
|
|
|
|
|
foreach ($gists as $gist) {
|
|
|
|
|
try {
|
|
|
|
|
$history = $app['gist']->getHistory($gist);
|
|
|
|
|
|
|
|
|
|
$value = $gist->toArray();
|
|
|
|
|
$value['url'] = $request->getSchemeAndHttpHost().$app['url_generator']->generate(
|
|
|
|
|
'view',
|
|
|
|
|
array(
|
|
|
|
|
'gist' => $gist->getFile(),
|
|
|
|
|
'commit' => array_pop($history)['commit'],
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$data[] = $value;
|
|
|
|
|
} catch (GitException $e) {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return new JsonResponse($data);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 18:52:27 +02:00
|
|
|
/**
|
|
|
|
|
* Creates a gist.
|
|
|
|
|
*
|
|
|
|
|
* @param Request $request
|
2017-06-25 19:13:27 +02:00
|
|
|
* @param string $apiKey
|
2017-06-25 18:52:27 +02:00
|
|
|
*
|
|
|
|
|
* @return JsonResponse
|
|
|
|
|
*/
|
2017-06-25 19:13:27 +02:00
|
|
|
public function createAction(Request $request, $apiKey)
|
2015-07-19 16:45:55 +02:00
|
|
|
{
|
2015-11-23 13:19:13 +01:00
|
|
|
$app = $this->getApp();
|
|
|
|
|
|
2017-06-25 19:13:27 +02:00
|
|
|
if (false === $app['settings']['api']['enabled']) {
|
|
|
|
|
return new Response('', 403);
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-23 17:20:23 +02:00
|
|
|
if (false === $this->isValidApiKey($apiKey, (bool) $app['settings']['api']['api_key_required'])) {
|
2017-06-25 19:13:27 +02:00
|
|
|
return $this->invalidApiKeyResponse();
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-19 16:45:55 +02:00
|
|
|
if (false === $request->isMethod('post')) {
|
|
|
|
|
return $this->invalidMethodResponse('POST method is required.');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$form = new ApiCreateGistForm(
|
|
|
|
|
$app['form.factory'],
|
|
|
|
|
$app['translator'],
|
|
|
|
|
[],
|
|
|
|
|
['csrf_protection' => false]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$form = $form->build()->getForm();
|
|
|
|
|
|
|
|
|
|
$form->submit($request);
|
|
|
|
|
|
|
|
|
|
if ($form->isValid()) {
|
2017-08-23 19:32:56 +02:00
|
|
|
$user = !empty($apiKey) ? $app['user.provider']->loadUserByApiKey($apiKey) : null;
|
2015-07-19 16:45:55 +02:00
|
|
|
$gist = $app['gist']->create(new Gist(), $form->getData());
|
2017-08-23 19:32:56 +02:00
|
|
|
$gist
|
|
|
|
|
->setCipher(false)
|
|
|
|
|
->setUser($user)
|
|
|
|
|
->save();
|
2015-07-19 16:45:55 +02:00
|
|
|
|
|
|
|
|
$history = $app['gist']->getHistory($gist);
|
|
|
|
|
|
2017-06-25 19:13:27 +02:00
|
|
|
$data = $gist->toArray();
|
|
|
|
|
$data['url'] = $request->getSchemeAndHttpHost().$app['url_generator']->generate(
|
|
|
|
|
'view',
|
|
|
|
|
array(
|
|
|
|
|
'gist' => $gist->getFile(),
|
|
|
|
|
'commit' => array_pop($history)['commit'],
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return new JsonResponse($data);
|
2015-07-19 16:45:55 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->invalidRequestResponse('Invalid field(s)');
|
|
|
|
|
}
|
2015-11-23 13:19:13 +01:00
|
|
|
|
2017-06-25 18:52:27 +02:00
|
|
|
/**
|
|
|
|
|
* Updates a gist.
|
|
|
|
|
*
|
|
|
|
|
* @param Request $request
|
2017-06-25 19:13:27 +02:00
|
|
|
* @param string $gist
|
|
|
|
|
* @param string $apiKey
|
2017-06-25 18:52:27 +02:00
|
|
|
*
|
|
|
|
|
* @return JsonResponse
|
|
|
|
|
*/
|
2017-06-25 19:13:27 +02:00
|
|
|
public function updateAction(Request $request, $gist, $apiKey)
|
2015-11-07 22:13:08 +01:00
|
|
|
{
|
2015-11-23 13:19:13 +01:00
|
|
|
$app = $this->getApp();
|
|
|
|
|
|
2017-06-25 19:13:27 +02:00
|
|
|
if (false === $app['settings']['api']['enabled']) {
|
|
|
|
|
return new Response('', 403);
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-23 17:20:23 +02:00
|
|
|
if (false === $this->isValidApiKey($apiKey, (bool) $app['settings']['api']['api_key_required'])) {
|
2017-06-25 19:13:27 +02:00
|
|
|
return $this->invalidApiKeyResponse();
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-07 22:13:08 +01:00
|
|
|
if (false === $request->isMethod('post')) {
|
|
|
|
|
return $this->invalidMethodResponse('POST method is required.');
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-08 09:38:51 +02:00
|
|
|
$query = GistQuery::create()
|
|
|
|
|
->filterByCipher(false);
|
|
|
|
|
|
|
|
|
|
if (ctype_digit($gist)) {
|
|
|
|
|
$query->filterById((int) $gist);
|
|
|
|
|
} else {
|
|
|
|
|
$query->filterByFile($gist);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$gist = $query->findOne();
|
2015-11-07 22:13:08 +01:00
|
|
|
|
|
|
|
|
if (!$gist) {
|
|
|
|
|
return $this->invalidRequestResponse('Invalid Gist');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$form = new ApiUpdateGistForm(
|
|
|
|
|
$app['form.factory'],
|
|
|
|
|
$app['translator'],
|
|
|
|
|
[],
|
|
|
|
|
['csrf_protection' => false]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$form = $form->build()->getForm();
|
|
|
|
|
|
|
|
|
|
$form->submit($request);
|
|
|
|
|
|
|
|
|
|
if ($form->isValid()) {
|
|
|
|
|
$gist = $app['gist']->commit($gist, $form->getData());
|
|
|
|
|
|
|
|
|
|
$history = $app['gist']->getHistory($gist);
|
|
|
|
|
|
2017-06-25 19:13:27 +02:00
|
|
|
$data = $gist->toArray();
|
|
|
|
|
$data['url'] = $request->getSchemeAndHttpHost().$app['url_generator']->generate(
|
|
|
|
|
'view',
|
|
|
|
|
array(
|
|
|
|
|
'gist' => $gist->getFile(),
|
|
|
|
|
'commit' => array_pop($history)['commit'],
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return new JsonResponse($data);
|
2015-11-07 22:13:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->invalidRequestResponse('Invalid field(s)');
|
|
|
|
|
}
|
2015-07-19 16:45:55 +02:00
|
|
|
|
2017-08-23 19:32:56 +02:00
|
|
|
/**
|
|
|
|
|
* Deletes a gist.
|
|
|
|
|
*
|
|
|
|
|
* @param Request $request
|
|
|
|
|
* @param string $gist
|
|
|
|
|
* @param string $apiKey
|
|
|
|
|
*
|
|
|
|
|
* @return JsonResponse
|
|
|
|
|
*/
|
|
|
|
|
public function deleteAction(Request $request, $gist, $apiKey)
|
|
|
|
|
{
|
|
|
|
|
$app = $this->getApp();
|
|
|
|
|
|
|
|
|
|
if (false === $app['settings']['api']['enabled']) {
|
|
|
|
|
return new Response('', 403);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (false === $this->isValidApiKey($apiKey, true)) {
|
|
|
|
|
return $this->invalidApiKeyResponse();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (false === $request->isMethod('post')) {
|
2017-08-23 19:54:58 +02:00
|
|
|
return $this->invalidMethodResponse('POST method is required.');
|
2017-08-23 19:32:56 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user = $app['user.provider']->loadUserByApiKey($apiKey);
|
|
|
|
|
|
|
|
|
|
$gist = GistQuery::create()
|
|
|
|
|
->filterById((int) $gist)
|
|
|
|
|
->_or()
|
|
|
|
|
->filterByFile($gist)
|
|
|
|
|
->filterByUser($user)
|
|
|
|
|
->findOne();
|
|
|
|
|
|
|
|
|
|
if (!$gist) {
|
|
|
|
|
return $this->invalidRequestResponse('Invalid Gist');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$gist->delete();
|
|
|
|
|
|
|
|
|
|
return new JsonResponse(['error' => false]);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 19:13:27 +02:00
|
|
|
/**
|
|
|
|
|
* Builds an invalid api key response.
|
|
|
|
|
*
|
|
|
|
|
* @param mixed $message
|
|
|
|
|
*
|
|
|
|
|
* @return JsonResponse
|
|
|
|
|
*/
|
|
|
|
|
protected function invalidApiKeyResponse()
|
|
|
|
|
{
|
|
|
|
|
$data = [
|
|
|
|
|
'error' => ' Unauthorized',
|
|
|
|
|
'message' => 'Invalid API KEY',
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
return new JsonResponse($data, 401);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 18:52:27 +02:00
|
|
|
/**
|
|
|
|
|
* Builds an invalid method response.
|
|
|
|
|
*
|
|
|
|
|
* @param mixed $message
|
|
|
|
|
*
|
|
|
|
|
* @return JsonResponse
|
|
|
|
|
*/
|
2015-07-19 16:45:55 +02:00
|
|
|
protected function invalidMethodResponse($message = null)
|
|
|
|
|
{
|
|
|
|
|
$data = [
|
|
|
|
|
'error' => 'Method Not Allowed',
|
|
|
|
|
'message' => $message,
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
return new JsonResponse($data, 405);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 18:52:27 +02:00
|
|
|
/**
|
|
|
|
|
* Builds an invalid request response.
|
|
|
|
|
*
|
|
|
|
|
* @param mixed $message
|
|
|
|
|
*
|
|
|
|
|
* @return JsonResponse
|
|
|
|
|
*/
|
2015-07-19 16:45:55 +02:00
|
|
|
protected function invalidRequestResponse($message = null)
|
|
|
|
|
{
|
|
|
|
|
$data = [
|
2015-07-19 18:39:46 +02:00
|
|
|
'error' => 'Bad Request',
|
2015-07-19 16:45:55 +02:00
|
|
|
'message' => $message,
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
return new JsonResponse($data, 400);
|
|
|
|
|
}
|
2017-06-25 19:13:27 +02:00
|
|
|
|
2017-08-23 19:32:56 +02:00
|
|
|
/**
|
|
|
|
|
* Checks if the given api key is valid
|
|
|
|
|
* depending of the requirement.
|
|
|
|
|
*
|
|
|
|
|
* @param mixed $apiKey
|
|
|
|
|
* @param mixed $required
|
|
|
|
|
*
|
|
|
|
|
* @return bool
|
|
|
|
|
*/
|
2017-06-25 23:06:24 +02:00
|
|
|
protected function isValidApiKey($apiKey, $required = false)
|
2017-06-25 19:13:27 +02:00
|
|
|
{
|
2017-06-25 23:06:24 +02:00
|
|
|
if (empty($apiKey)) {
|
|
|
|
|
return !$required;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return UserQuery::create()
|
2017-06-25 19:13:27 +02:00
|
|
|
->filterByApiKey($apiKey)
|
|
|
|
|
->count() === 1;
|
|
|
|
|
}
|
2015-07-19 16:45:55 +02:00
|
|
|
}
|
