]> Raphaƫl G. Git Repositories - airbundle/blobdiff - Controller/SnippetController.php
Replace dropped calls with checker, factory and security replacements
[airbundle] / Controller / SnippetController.php
index accbae039d9e8dff4b9a7bf741a66026291dd990..0c9bc3d525ccb53ee0ccabd3a215f72890b8806d 100644 (file)
@@ -2,11 +2,15 @@
 
 namespace Rapsys\AirBundle\Controller;
 
 
 namespace Rapsys\AirBundle\Controller;
 
+use Symfony\Component\Filesystem\Exception\IOExceptionInterface;
+use Symfony\Component\Filesystem\Filesystem;
+use Symfony\Component\HttpFoundation\File\Exception\FileException;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Routing\RequestContext;
 use Symfony\Component\Routing\Exception\MethodNotAllowedException;
 use Symfony\Component\Routing\Exception\ResourceNotFoundException;
 use Symfony\Component\Routing\Exception\MethodNotAllowedException;
 use Symfony\Component\Routing\Exception\ResourceNotFoundException;
+use Symfony\Component\Routing\RequestContext;
+
 use Rapsys\AirBundle\Entity\Location;
 use Rapsys\AirBundle\Entity\Snippet;
 use Rapsys\AirBundle\Entity\User;
 use Rapsys\AirBundle\Entity\Location;
 use Rapsys\AirBundle\Entity\Snippet;
 use Rapsys\AirBundle\Entity\User;
@@ -24,8 +28,11 @@ class SnippetController extends DefaultController {
         * @throws \RuntimeException When user has not at least guest role
         */
        public function add(Request $request) {
         * @throws \RuntimeException When user has not at least guest role
         */
        public function add(Request $request) {
-               //Prevent non-guest to access here
-               $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               //Without guest role
+               if (!$this->checker->isGranted('ROLE_GUEST')) {
+                       //Throw 403
+                       throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               }
 
                //Create SnippetType form
                $form = $this->container->get('form.factory')->createNamed(
 
                //Create SnippetType form
                $form = $this->container->get('form.factory')->createNamed(
@@ -49,8 +56,11 @@ class SnippetController extends DefaultController {
 
                //Prevent creating snippet for other user unless admin
                if ($form->get('user')->getData() !== $this->getUser()) {
 
                //Prevent creating snippet for other user unless admin
                if ($form->get('user')->getData() !== $this->getUser()) {
-                       //Prevent non-admin to access here
-                       $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       //Without admin role
+                       if (!$this->checker->isGranted('ROLE_ADMIN')) {
+                               //Throw 403
+                               throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       }
                }
 
                //Handle invalid form
                }
 
                //Handle invalid form
@@ -162,8 +172,11 @@ class SnippetController extends DefaultController {
         * @throws \RuntimeException When user has not at least guest role
         */
        public function edit(Request $request, $id) {
         * @throws \RuntimeException When user has not at least guest role
         */
        public function edit(Request $request, $id) {
-               //Prevent non-guest to access here
-               $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               //Without guest role
+               if (!$this->checker->isGranted('ROLE_GUEST')) {
+                       //Throw 403
+                       throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')]));
+               }
 
                //Get doctrine
                $doctrine = $this->getDoctrine();
 
                //Get doctrine
                $doctrine = $this->getDoctrine();
@@ -195,8 +208,11 @@ class SnippetController extends DefaultController {
 
                //Prevent creating snippet for other user unless admin
                if ($form->get('user')->getData() !== $this->getUser()) {
 
                //Prevent creating snippet for other user unless admin
                if ($form->get('user')->getData() !== $this->getUser()) {
-                       //Prevent non-admin to access here
-                       $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       //Without admin role
+                       if (!$this->checker->isGranted('ROLE_ADMIN')) {
+                               //Throw 403
+                               throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')]));
+                       }
                }
 
                //Handle invalid form
                }
 
                //Handle invalid form
@@ -211,6 +227,47 @@ class SnippetController extends DefaultController {
                        return $this->render('@RapsysAir/snippet/edit.html.twig', ['id' => $id, 'title' => $title, 'section' => $section, 'form' => $form->createView()]+$this->context);
                }
 
                        return $this->render('@RapsysAir/snippet/edit.html.twig', ['id' => $id, 'title' => $title, 'section' => $section, 'form' => $form->createView()]+$this->context);
                }
 
+               //With image
+               //TODO: add delete button ???
+               if ($image = $form->get('image')->getData()) {
+                       //Get public path
+                       #$public = $this->container->get('kernel')->getBundle('RapsysAirBundle')->getPath().'/Resources/public';
+                       #$public = $this->container->get('kernel')->locateResource('@RapsysAirBundle/Resources/public');
+                       $public = $this->getPublicPath();
+
+                       //Create imagick object
+                       $imagick = new \Imagick();
+
+                       //Read image
+                       $imagick->readImage($image->getRealPath());
+
+                       //Set destination
+                       //XXX: uploaded path location/<userId>/<locationId>.png and session image location/<userId>/<locationId>/<sessionId>.jpeg
+                       //XXX: default path location/default.png and session location/default/<sessionId>.jpeg
+                       $destination = $public.'/location/'.$snippet->getUser()->getId().'/'.$snippet->getLocation()->getId().'.png';
+
+                       //Check target directory
+                       if (!is_dir($dir = dirname($destination))) {
+                               //Create filesystem object
+                               $filesystem = new Filesystem();
+
+                               try {
+                                       //Create dir
+                                       //XXX: set as 0775, symfony umask (0022) will reduce rights (0755)
+                                       $filesystem->mkdir($dir, 0775);
+                               } catch (IOExceptionInterface $e) {
+                                       //Throw error
+                                       throw new \Exception(sprintf('Output directory "%s" do not exists and unable to create it', $dir), 0, $e);
+                               }
+                       }
+
+                       //Save image
+                       if (!$imagick->writeImage($destination)) {
+                               //Throw error
+                               throw new \Exception(sprintf('Unable to write image "%s"', $destination));
+                       }
+               }
+
                //Get manager
                $manager = $doctrine->getManager();
 
                //Get manager
                $manager = $doctrine->getManager();