Modify PromoController. #591
This commit is contained in:
Korina Cordero
parent
cd48858b9d
commit
2ce5f05885
2 changed files with 12 additions and 92 deletions
|
|
@ -110,3 +110,8 @@ access_keys:
|
|||
label: Update Mobile Customer Vehicle
|
||||
- id: mobile_customer_vehicle.list
|
||||
label: List Mobile Customer Vehicles
|
||||
- id: mobile_promo
|
||||
label: Mobile Promo Access
|
||||
acls:
|
||||
- id: mobile_promo.list
|
||||
label: List Mobile Promos
|
||||
|
|
|
|||
|
|
@ -9,10 +9,7 @@ use Doctrine\ORM\Query;
|
|||
use Doctrine\ORM\EntityManagerInterface;
|
||||
|
||||
use Catalyst\APIBundle\Controller\APIController;
|
||||
// TODO: what do we use for response? APIResponse or APIResult?
|
||||
// APIResult is what is used by APIController. APIResponse is what is used by CAPI
|
||||
use Catalyst\APIBundle\Response\APIResponse;
|
||||
use App\Ramcar\APIResult;
|
||||
|
||||
use App\Entity\Promo;
|
||||
|
||||
|
|
@ -29,96 +26,14 @@ class PromoController extends APIController
|
|||
|
||||
public function listPromos(Request $req, EntityManagerInterface $em)
|
||||
{
|
||||
// check required parameters and api key
|
||||
$this->denyAccessUnlessGranted('mobile_promo.list', null, 'No access.');
|
||||
|
||||
// check required parameters
|
||||
$required_params = [];
|
||||
$res = $this->checkParamsAndKey($req, $em, $required_params);
|
||||
if ($res->isError())
|
||||
return $res->getReturnResponse();
|
||||
$msg = $this->checkRequiredParameters($req, $required_params);
|
||||
if ($msg)
|
||||
return new APIResponse(false, $msg);
|
||||
|
||||
return $res->getReturnResponse();
|
||||
}
|
||||
|
||||
// TODO: since we broke the functions into separate files, we need
|
||||
// to figure out how to make this accessible to all ResqAPI controllers
|
||||
protected function checkParamsAndKey(Request $req, $em, $params)
|
||||
{
|
||||
// TODO: depends on what we decide to return
|
||||
// returns APIResult object
|
||||
$res = new APIResult();
|
||||
|
||||
// check for api_key in query string
|
||||
$api_key = $req->query->get('api_key');
|
||||
if (empty($api_key))
|
||||
{
|
||||
$res->setError(true)
|
||||
->setErrorMessage('Missing API key');
|
||||
return $res;
|
||||
}
|
||||
|
||||
// check missing parameters
|
||||
$missing = $this->checkMissingParameters($req, $params);
|
||||
if (count($missing) > 0)
|
||||
{
|
||||
$miss_string = implode(', ', $missing);
|
||||
$res->setError(true)
|
||||
->setErrorMessage('Missing parameter(s): ' . $miss_string);
|
||||
return $res;
|
||||
}
|
||||
|
||||
// check api key
|
||||
$mobile_user = $this->checkAPIKey($em, $req->query->get('api_key'));
|
||||
if ($mobile_user == null)
|
||||
{
|
||||
$res->setError(true)
|
||||
->setErrorMessage('Invalid API Key');
|
||||
return $res;
|
||||
}
|
||||
|
||||
// store session
|
||||
$this->session = $sess;
|
||||
|
||||
return $res;
|
||||
}
|
||||
|
||||
// TODO: this might not be needed if we use APIController's checkRequiredParameters
|
||||
// or we put this into a service?
|
||||
protected function checkMissingParameters(Request $req, $params = [])
|
||||
{
|
||||
$missing = [];
|
||||
|
||||
// check if parameters are there
|
||||
foreach ($params as $param)
|
||||
{
|
||||
if ($req->getMethod() == 'GET')
|
||||
{
|
||||
$check = $req->query->get($param);
|
||||
if (empty($check))
|
||||
$missing[] = $param;
|
||||
}
|
||||
else if ($req->getMethod() == 'POST')
|
||||
{
|
||||
$check = $req->request->get($param);
|
||||
if (empty($check))
|
||||
$missing[] = $param;
|
||||
}
|
||||
else
|
||||
return $params;
|
||||
}
|
||||
|
||||
return $missing;
|
||||
}
|
||||
|
||||
// TODO: type hint entity manager
|
||||
// TODO: since we broke the functions into separate files, we need
|
||||
// to figure out how to make this accessible to all ResqAPI controllers
|
||||
protected function checkAPIKey($em, $api_key)
|
||||
{
|
||||
// find the api key (session id)
|
||||
// TODO: user validation needs to be changed
|
||||
$m_user = $em->getRepository(MobileUser::class)->find($api_key);
|
||||
if ($m_user == null)
|
||||
return null;
|
||||
|
||||
return $m_user;
|
||||
return new APIResponse(true, 'Promos listed');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue