rgutierrez/resq
1
0
Fork 0
Code Issues 126 Pull requests 49 Projects Releases 4 Packages Wiki Activity Actions

Modify PromoController. #591

Browse source
This commit is contained in:
Korina Cordero 2021-07-05 10:01:54 +00:00
parent cd48858b9d
commit 2ce5f05885
2 changed files with 12 additions and 92 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
config/api_acl.yaml
View file

@ -110,3 +110,8 @@ access_keys:
label: Update Mobile Customer Vehicle label: Update Mobile Customer Vehicle
- id: mobile_customer_vehicle.list - id: mobile_customer_vehicle.list
label: List Mobile Customer Vehicles label: List Mobile Customer Vehicles
- id: mobile_promo
label: Mobile Promo Access
acls:
- id: mobile_promo.list
label: List Mobile Promos

99
src/Controller/ResqAPI/PromoController.php
View file

@ -9,10 +9,7 @@ use Doctrine\ORM\Query;
use Doctrine\ORM\EntityManagerInterface; use Doctrine\ORM\EntityManagerInterface;
use Catalyst\APIBundle\Controller\APIController; use Catalyst\APIBundle\Controller\APIController;
// TODO: what do we use for response? APIResponse or APIResult?
// APIResult is what is used by APIController. APIResponse is what is used by CAPI
use Catalyst\APIBundle\Response\APIResponse; use Catalyst\APIBundle\Response\APIResponse;
use App\Ramcar\APIResult;
use App\Entity\Promo; use App\Entity\Promo;
@ -29,96 +26,14 @@ class PromoController extends APIController
public function listPromos(Request $req, EntityManagerInterface $em) public function listPromos(Request $req, EntityManagerInterface $em)
{ {
// check required parameters and api key $this->denyAccessUnlessGranted('mobile_promo.list', null, 'No access.');
// check required parameters
$required_params = []; $required_params = [];
$res = $this->checkParamsAndKey($req, $em, $required_params); $msg = $this->checkRequiredParameters($req, $required_params);
if ($res->isError()) if ($msg)
return $res->getReturnResponse(); return new APIResponse(false, $msg);
return $res->getReturnResponse(); return new APIResponse(true, 'Promos listed');
}
// TODO: since we broke the functions into separate files, we need
// to figure out how to make this accessible to all ResqAPI controllers
protected function checkParamsAndKey(Request $req, $em, $params)
{
// TODO: depends on what we decide to return
// returns APIResult object
$res = new APIResult();
// check for api_key in query string
$api_key = $req->query->get('api_key');
if (empty($api_key))
{
$res->setError(true)
->setErrorMessage('Missing API key');
return $res;
}
// check missing parameters
$missing = $this->checkMissingParameters($req, $params);
if (count($missing) > 0)
{
$miss_string = implode(', ', $missing);
$res->setError(true)
->setErrorMessage('Missing parameter(s): ' . $miss_string);
return $res;
}
// check api key
$mobile_user = $this->checkAPIKey($em, $req->query->get('api_key'));
if ($mobile_user == null)
{
$res->setError(true)
->setErrorMessage('Invalid API Key');
return $res;
}
// store session
$this->session = $sess;
return $res;
}
// TODO: this might not be needed if we use APIController's checkRequiredParameters
// or we put this into a service?
protected function checkMissingParameters(Request $req, $params = [])
{
$missing = [];
// check if parameters are there
foreach ($params as $param)
{
if ($req->getMethod() == 'GET')
{
$check = $req->query->get($param);
if (empty($check))
$missing[] = $param;
}
else if ($req->getMethod() == 'POST')
{
$check = $req->request->get($param);
if (empty($check))
$missing[] = $param;
}
else
return $params;
}
return $missing;
}
// TODO: type hint entity manager
// TODO: since we broke the functions into separate files, we need
// to figure out how to make this accessible to all ResqAPI controllers
protected function checkAPIKey($em, $api_key)
{
// find the api key (session id)
// TODO: user validation needs to be changed
$m_user = $em->getRepository(MobileUser::class)->find($api_key);
if ($m_user == null)
return null;
return $m_user;
} }
} }