]> Raphaƫl G. Git Repositories - airbundle/blobdiff - Controller/SnippetController.php
Replace dropped calls with checker, factory and security replacements
[airbundle] / Controller / SnippetController.php
index 6335b1fde0bebd85d9e657b48ab7952255d3aac7..0c9bc3d525ccb53ee0ccabd3a215f72890b8806d 100644 (file)
@@ -2,10 +2,15 @@
 
 namespace Rapsys\AirBundle\Controller;
 
+use Symfony\Component\Filesystem\Exception\IOExceptionInterface;
+use Symfony\Component\Filesystem\Filesystem;
+use Symfony\Component\HttpFoundation\File\Exception\FileException;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\Routing\RequestContext;
+use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Exception\MethodNotAllowedException;
 use Symfony\Component\Routing\Exception\ResourceNotFoundException;
+use Symfony\Component\Routing\RequestContext;
+
 use Rapsys\AirBundle\Entity\Location;
 use Rapsys\AirBundle\Entity\Snippet;
 use Rapsys\AirBundle\Entity\User;
@@ -23,24 +28,39 @@ class SnippetController extends DefaultController {
         * @throws \RuntimeException When user has not at least guest role
         */
        public function add(Request $request) {
-               //Prevent non-guest to access here
-               $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               //Without guest role
+               if (!$this->checker->isGranted('ROLE_GUEST')) {
+                       //Throw 403
+                       throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               }
 
-               //Create ApplicationType form
-               $form = $this->createForm('Rapsys\AirBundle\Form\SnippetType', null, [
-                       //Set the action
-                       'action' => $this->generateUrl('rapsys_air_snippet_add'),
-                       //Set the form attribute
-                       'attr' => []
-               ]);
+               //Create SnippetType form
+               $form = $this->container->get('form.factory')->createNamed(
+                       //Set name
+                       'snipped_'.$request->getLocale().'_'.$request->get('location'),
+                       //Set type
+                       'Rapsys\AirBundle\Form\SnippetType',
+                       //Set data
+                       null,
+                       //Set options
+                       [
+                               //Set the action
+                               'action' => $this->generateUrl('rapsys_air_snippet_add', ['location' => $request->get('location')]),
+                               //Set the form attribute
+                               'attr' => []
+                       ]
+               );
 
                //Refill the fields in case of invalid form
                $form->handleRequest($request);
 
                //Prevent creating snippet for other user unless admin
                if ($form->get('user')->getData() !== $this->getUser()) {
-                       //Prevent non-admin to access here
-                       $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       //Without admin role
+                       if (!$this->checker->isGranted('ROLE_ADMIN')) {
+                               //Throw 403
+                               throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       }
                }
 
                //Handle invalid form
@@ -118,7 +138,7 @@ class SnippetController extends DefaultController {
                                unset($route['_route'], $route['_controller']);
 
                                //Check if snippet view route
-                               if ($name == 'rapsys_air_organizer_view' && !empty($route['id'])) {
+                               if ($name == 'rapsys_air_user_view' && !empty($route['id'])) {
                                        //Replace id
                                        $route['id'] = $snippet->getUser()->getId();
                                //Other routes
@@ -152,8 +172,11 @@ class SnippetController extends DefaultController {
         * @throws \RuntimeException When user has not at least guest role
         */
        public function edit(Request $request, $id) {
-               //Prevent non-guest to access here
-               $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               //Without guest role
+               if (!$this->checker->isGranted('ROLE_GUEST')) {
+                       //Throw 403
+                       throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               }
 
                //Get doctrine
                $doctrine = $this->getDoctrine();
@@ -163,21 +186,33 @@ class SnippetController extends DefaultController {
                        throw $this->createNotFoundException($this->translator->trans('Unable to find snippet: %id%', ['%id%' => $id]));
                }
 
-               //Create ApplicationType form
-               $form = $this->createForm('Rapsys\AirBundle\Form\SnippetType', $snippet, [
-                       //Set the action
-                       'action' => $this->generateUrl('rapsys_air_snippet_edit', ['id' => $id]),
-                       //Set the form attribute
-                       'attr' => []
-               ]);
+               //Create SnippetType form
+               $form = $this->container->get('form.factory')->createNamed(
+                       //Set name
+                       'snipped_'.$request->getLocale().'_'.$snippet->getLocation()->getId(),
+                       //Set type
+                       'Rapsys\AirBundle\Form\SnippetType',
+                       //Set data
+                       $snippet,
+                       //Set options
+                       [
+                               //Set the action
+                               'action' => $this->generateUrl('rapsys_air_snippet_edit', ['id' => $id]),
+                               //Set the form attribute
+                               'attr' => []
+                       ]
+               );
 
                //Refill the fields in case of invalid form
                $form->handleRequest($request);
 
                //Prevent creating snippet for other user unless admin
                if ($form->get('user')->getData() !== $this->getUser()) {
-                       //Prevent non-admin to access here
-                       $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       //Without admin role
+                       if (!$this->checker->isGranted('ROLE_ADMIN')) {
+                               //Throw 403
+                               throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       }
                }
 
                //Handle invalid form
@@ -192,6 +227,47 @@ class SnippetController extends DefaultController {
                        return $this->render('@RapsysAir/snippet/edit.html.twig', ['id' => $id, 'title' => $title, 'section' => $section, 'form' => $form->createView()]+$this->context);
                }
 
+               //With image
+               //TODO: add delete button ???
+               if ($image = $form->get('image')->getData()) {
+                       //Get public path
+                       #$public = $this->container->get('kernel')->getBundle('RapsysAirBundle')->getPath().'/Resources/public';
+                       #$public = $this->container->get('kernel')->locateResource('@RapsysAirBundle/Resources/public');
+                       $public = $this->getPublicPath();
+
+                       //Create imagick object
+                       $imagick = new \Imagick();
+
+                       //Read image
+                       $imagick->readImage($image->getRealPath());
+
+                       //Set destination
+                       //XXX: uploaded path location/<userId>/<locationId>.png and session image location/<userId>/<locationId>/<sessionId>.jpeg
+                       //XXX: default path location/default.png and session location/default/<sessionId>.jpeg
+                       $destination = $public.'/location/'.$snippet->getUser()->getId().'/'.$snippet->getLocation()->getId().'.png';
+
+                       //Check target directory
+                       if (!is_dir($dir = dirname($destination))) {
+                               //Create filesystem object
+                               $filesystem = new Filesystem();
+
+                               try {
+                                       //Create dir
+                                       //XXX: set as 0775, symfony umask (0022) will reduce rights (0755)
+                                       $filesystem->mkdir($dir, 0775);
+                               } catch (IOExceptionInterface $e) {
+                                       //Throw error
+                                       throw new \Exception(sprintf('Output directory "%s" do not exists and unable to create it', $dir), 0, $e);
+                               }
+                       }
+
+                       //Save image
+                       if (!$imagick->writeImage($destination)) {
+                               //Throw error
+                               throw new \Exception(sprintf('Unable to write image "%s"', $destination));
+                       }
+               }
+
                //Get manager
                $manager = $doctrine->getManager();
 
@@ -246,7 +322,7 @@ class SnippetController extends DefaultController {
                                unset($route['_route'], $route['_controller']);
 
                                //Check if snippet view route
-                               if ($name == 'rapsys_air_organizer_view' && !empty($route['id'])) {
+                               if ($name == 'rapsys_air_user_view' && !empty($route['id'])) {
                                        //Replace id
                                        $route['id'] = $snippet->getUser()->getId();
                                //Other routes