X-Git-Url: https://git.rapsys.eu/airbundle/blobdiff_plain/58c6e18ae869acfd9e24c73e1296d8499856fcdc..58883dd276b37950932fff7bc166b95404f7b4ca:/Controller/SnippetController.php?ds=sidebyside diff --git a/Controller/SnippetController.php b/Controller/SnippetController.php index accbae0..acb0b96 100644 --- a/Controller/SnippetController.php +++ b/Controller/SnippetController.php @@ -2,11 +2,15 @@ namespace Rapsys\AirBundle\Controller; +use Symfony\Component\Filesystem\Exception\IOExceptionInterface; +use Symfony\Component\Filesystem\Filesystem; +use Symfony\Component\HttpFoundation\File\Exception\FileException; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Routing\RequestContext; use Symfony\Component\Routing\Exception\MethodNotAllowedException; use Symfony\Component\Routing\Exception\ResourceNotFoundException; +use Symfony\Component\Routing\RequestContext; + use Rapsys\AirBundle\Entity\Location; use Rapsys\AirBundle\Entity\Snippet; use Rapsys\AirBundle\Entity\User; @@ -15,7 +19,7 @@ class SnippetController extends DefaultController { /** * Add snippet * - * @desc Persist snippet in database + * Persist snippet in database * * @param Request $request The request instance * @@ -24,8 +28,11 @@ class SnippetController extends DefaultController { * @throws \RuntimeException When user has not at least guest role */ public function add(Request $request) { - //Prevent non-guest to access here - $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + //Without guest role + if (!$this->checker->isGranted('ROLE_GUEST')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + } //Create SnippetType form $form = $this->container->get('form.factory')->createNamed( @@ -38,7 +45,7 @@ class SnippetController extends DefaultController { //Set options [ //Set the action - 'action' => $this->generateUrl('rapsys_air_snippet_add', ['location' => $request->get('location')]), + 'action' => $this->generateUrl('rapsysair_snippet_add', ['location' => $request->get('location')]), //Set the form attribute 'attr' => [] ] @@ -49,8 +56,11 @@ class SnippetController extends DefaultController { //Prevent creating snippet for other user unless admin if ($form->get('user')->getData() !== $this->getUser()) { - //Prevent non-admin to access here - $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + //Without admin role + if (!$this->checker->isGranted('ROLE_ADMIN')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + } } //Handle invalid form @@ -128,7 +138,7 @@ class SnippetController extends DefaultController { unset($route['_route'], $route['_controller']); //Check if snippet view route - if ($name == 'rapsys_air_user_view' && !empty($route['id'])) { + if ($name == 'rapsysair_user_view' && !empty($route['id'])) { //Replace id $route['id'] = $snippet->getUser()->getId(); //Other routes @@ -147,13 +157,13 @@ class SnippetController extends DefaultController { } //Redirect to cleanup the form - return $this->redirectToRoute('rapsys_air', ['snippet' => $snippet->getId()]); + return $this->redirectToRoute('rapsysair', ['snippet' => $snippet->getId()]); } /** * Edit snippet * - * @desc Persist snippet in database + * Persist snippet in database * * @param Request $request The request instance * @@ -162,8 +172,11 @@ class SnippetController extends DefaultController { * @throws \RuntimeException When user has not at least guest role */ public function edit(Request $request, $id) { - //Prevent non-guest to access here - $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + //Without guest role + if (!$this->checker->isGranted('ROLE_GUEST')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + } //Get doctrine $doctrine = $this->getDoctrine(); @@ -184,7 +197,7 @@ class SnippetController extends DefaultController { //Set options [ //Set the action - 'action' => $this->generateUrl('rapsys_air_snippet_edit', ['id' => $id]), + 'action' => $this->generateUrl('rapsysair_snippet_edit', ['id' => $id]), //Set the form attribute 'attr' => [] ] @@ -195,8 +208,11 @@ class SnippetController extends DefaultController { //Prevent creating snippet for other user unless admin if ($form->get('user')->getData() !== $this->getUser()) { - //Prevent non-admin to access here - $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + //Without admin role + if (!$this->checker->isGranted('ROLE_ADMIN')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + } } //Handle invalid form @@ -211,6 +227,47 @@ class SnippetController extends DefaultController { return $this->render('@RapsysAir/snippet/edit.html.twig', ['id' => $id, 'title' => $title, 'section' => $section, 'form' => $form->createView()]+$this->context); } + //With image + //TODO: add delete button ??? + if ($image = $form->get('image')->getData()) { + //Get public path + #$public = $this->container->get('kernel')->getBundle('RapsysAirBundle')->getPath().'/Resources/public'; + #$public = $this->container->get('kernel')->locateResource('@RapsysAirBundle/Resources/public'); + $public = $this->getPublicPath(); + + //Create imagick object + $imagick = new \Imagick(); + + //Read image + $imagick->readImage($image->getRealPath()); + + //Set destination + //XXX: uploaded path location//.png and session image location///.jpeg + //XXX: default path location/default.png and session location/default/.jpeg + $destination = $public.'/location/'.$snippet->getUser()->getId().'/'.$snippet->getLocation()->getId().'.png'; + + //Check target directory + if (!is_dir($dir = dirname($destination))) { + //Create filesystem object + $filesystem = new Filesystem(); + + try { + //Create dir + //XXX: set as 0775, symfony umask (0022) will reduce rights (0755) + $filesystem->mkdir($dir, 0775); + } catch (IOExceptionInterface $e) { + //Throw error + throw new \Exception(sprintf('Output directory "%s" do not exists and unable to create it', $dir), 0, $e); + } + } + + //Save image + if (!$imagick->writeImage($destination)) { + //Throw error + throw new \Exception(sprintf('Unable to write image "%s"', $destination)); + } + } + //Get manager $manager = $doctrine->getManager(); @@ -265,7 +322,7 @@ class SnippetController extends DefaultController { unset($route['_route'], $route['_controller']); //Check if snippet view route - if ($name == 'rapsys_air_user_view' && !empty($route['id'])) { + if ($name == 'rapsysair_user_view' && !empty($route['id'])) { //Replace id $route['id'] = $snippet->getUser()->getId(); //Other routes @@ -284,6 +341,6 @@ class SnippetController extends DefaultController { } //Redirect to cleanup the form - return $this->redirectToRoute('rapsys_air', ['snippet' => $snippet->getId()]); + return $this->redirectToRoute('rapsysair', ['snippet' => $snippet->getId()]); } }