From 6d42f1dcc55e2d1e8178334770b5c8e7a8b1b429 Mon Sep 17 00:00:00 2001 From: Korina Cordero Date: Thu, 1 Jul 2021 10:29:45 +0000 Subject: [PATCH] Fix CustomerController for CAPI. #591 --- config/api_acl.yaml | 14 + config/routes/resqapi.yaml | 2 +- src/Controller/ResqAPI/CustomerController.php | 263 ++++++++++-------- 3 files changed, 155 insertions(+), 124 deletions(-) diff --git a/config/api_acl.yaml b/config/api_acl.yaml index b104892c..5984f7d4 100644 --- a/config/api_acl.yaml +++ b/config/api_acl.yaml @@ -77,3 +77,17 @@ access_keys: label: Confirm Number - id: mobile_user.validate.code label: Validate Code + - id: mobile_user.get.info + label: Get Customer Info + - id: mobile_user.update.info + label: Update Customer Info + - id: mobile_user.get.status + label: Get Status + - id: mobile_user.resend.code + label: Resend Code + - id: mobile_user.version.check + label: Version Check + - id: mobile_user.update.deviceid + label: Update Device ID + - id: mobile_user.privacy.settings + label: Privacy Settings diff --git a/config/routes/resqapi.yaml b/config/routes/resqapi.yaml index bc92a595..b2edb7f8 100644 --- a/config/routes/resqapi.yaml +++ b/config/routes/resqapi.yaml @@ -39,7 +39,7 @@ resqapi_resend_code: resqapi_version_check: path: /resqapi/version_check controller: App\Controller\ResqAPI\CustomerController::versionCheck - methods: [GET] + methods: [POST] resqapi_device_id: path: /resqapi/device_id diff --git a/src/Controller/ResqAPI/CustomerController.php b/src/Controller/ResqAPI/CustomerController.php index ceb66e17..f6f8e5a9 100644 --- a/src/Controller/ResqAPI/CustomerController.php +++ b/src/Controller/ResqAPI/CustomerController.php @@ -14,9 +14,12 @@ use Catalyst\APIBundle\Response\APIResponse; use App\Entity\MobileUser; use App\Entity\Customer; +use App\Entity\PrivacyPolicy; use App\Service\RisingTideGateway; +use App\Ramcar\CustomerSource; + use Catalyst\APIBundle\Access\Generator as ACLGenerator; use DateTime; @@ -47,11 +50,8 @@ class CustomerController extends APIController if ($msg) return new APIResponse(false, $msg); - // get capi user to link to mobile user - $user_id = $this->getUser()->getID(); - // check if capi user already has a mobile user - $mobile_user = $this->findMobileUser($user_id, $em); + $mobile_user = $this->findMobileUser($em); if ($mobile_user != null) return new APIResponse(false, 'User already registered'); @@ -118,8 +118,7 @@ class CustomerController extends APIController return new APIResponse(false, $msg); // get mobile user - $user_id = $this->getUser()->getID(); - $mobile_user = $this->findMobileUser($user_id, $em); + $mobile_user = $this->findMobileUser($em); if ($mobile_user == null) return new APIResponse(false, 'No mobile user found.'); @@ -134,7 +133,7 @@ class CustomerController extends APIController $otp_mode = $_ENV['OTP_MODE']; // check for hardcoded phone number for app store testing - if ($phone_number == '9221111111') + if ($phone_number == '639221111111') { $code = '123456'; $mobile_user->setConfirmCode($code) @@ -190,8 +189,7 @@ class CustomerController extends APIController return new APIResponse(false, $msg); // get mobile user - $user_id = $this->getUser()->getID(); - $mobile_user = $this->findMobileUser($user_id, $em); + $mobile_user = $this->findMobileUser($em); if ($mobile_user == null) return new APIResponse(false, 'No mobile user found.'); @@ -229,17 +227,18 @@ class CustomerController extends APIController return new APIResponse(true, 'Code validated'); } - // TODO: needs to be modified for mobile user public function getInfo(Request $req, EntityManagerInterface $em) { - // check required parameters and api key - $required_params = []; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res->getReturnResponse(); + $this->denyAccessUnlessGranted('mobile_user.get.info', null, 'No access.'); + + // get mobile user + $mobile_user = $this->findMobileUser($em); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); // if no customer found - $cust = $this->session->getCustomer(); + $cust = $mobile_user->getCustomer(); if ($cust == null) { $data = [ @@ -248,9 +247,8 @@ class CustomerController extends APIController 'priv_third_party' => (bool) false, 'priv_promo' => (bool) false, ]; - $res->setData($data); - return $res->getReturnResponse(); + return new APIResponse(true, 'No customer info found', $data); } // send back customer details @@ -260,28 +258,36 @@ class CustomerController extends APIController 'priv_third_party' => (bool) $cust->getPrivacyThirdParty(), 'priv_promo' => (bool) $cust->getPrivacyPromo(), ]; - $res->setData($data); - return $res->getReturnResponse(); + return new APIResponse(true, 'Customer info found', $data); } - // TODO: needs to be modified for mobile user public function updateInfo(Request $req, EntityManagerInterface $em) { - // check required parameters and api key + $this->denyAccessUnlessGranted('mobile_user.update.info', null, 'No access.'); + + // check required parameters $required_params = [ 'first_name', 'last_name', ]; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res->getReturnResponse(); - $cust = $this->updateCustomerInfo($req, $em); + // check required parameters + $msg = $this->checkRequiredParameters($req, $required_params); + if ($msg) + return new APIResponse(false, $msg); + + // get mobile user + $mobile_user = $this->findMobileUser($em); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); + + $cust = $this->updateCustomerInfo($req, $em, $mobile_user); // get privacy policy for mobile $dotenv = new Dotenv(); - $dotenv->loadEnv(__DIR__.'/../../.env'); + $dotenv->loadEnv(__DIR__.'/../../../.env'); $policy_mobile_id = $_ENV['POLICY_MOBILE']; @@ -295,80 +301,73 @@ class CustomerController extends APIController $em->flush(); - return $res->getReturnResponse(); + return new APIResponse(true, 'Customer info updated'); } - // TODO: needs to be modified for mobile user public function getStatus(Request $req, EntityManagerInterface $em) { - // check required parameters and api key - $required_params = []; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res->getReturnResponse(); + $this->denyAccessUnlessGranted('mobile_user.get.status', null, 'No access.'); + + // get mobile user + $mobile_user = $this->findMobileUser($em); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); // set data $data = []; - if ($this->session->isConfirmed()) + if ($mobile_user->isConfirmed()) $data['status'] = 'confirmed'; else $data['status'] = 'unconfirmed'; - $res->setData($data); - return $res->getReturnResponse(); + return new APIResponse(true, 'Customer status', $data); } - // TODO: needs to be modified for mobile user public function resendCode(Request $req, RisingTideGateway $rt, EntityManagerInterface $em) { - $required_params = []; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res->getReturnResponse(); + $this->denyAccessUnlessGranted('mobile_user.resend.code', null, 'No access.'); + + // get mobile user + $mobile_user = $this->findMobileUser($em); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); // already confirmed - if ($this->session->isConfirmed()) - { - $res->setError(true) - ->setErrorMessage('User is already confirmed.'); - return $res->getReturnResponse(); - } + if ($mobile_user->isConfirmed()) + return new APIResponse(true, 'User is already confirmed'); // have sent code before - if ($this->session->getDateCodeSent() != null) - { - $res->setError(true) - ->setErrorMessage('Can only send confirm code every 5 mins.'); - return $res->getReturnResponse(); - } - + if ($mobile_session->getDateCodeSent() != null) + return new APIResponse(true, 'Can only send confirm code every 5 mins'); // TODO: send via sms - $phone_number = $this->session->getPhoneNumber(); - $code = $this->session->getConfirmCode(); + $phone_number = $mobile_user->getPhoneNumber(); + $code = $mobile_user->getConfirmCode(); $this->sendConfirmationCode($rt, $phone_number, $code); - - return $res->getReturnResponse(); + return new APIResponse(true, 'Code re-sent'); } - // TODO: modify the return or the result if we change what we return - public function versionCheck(Request $req) + public function versionCheck(Request $req, EntityManagerInterface $em) { - $res = new APIResult(); + $this->denyAccessUnlessGranted('mobile_user.version.check', null, 'No access.'); $required_params = [ 'version', ]; - $missing = $this->checkMissingParameters($req, $required_params); - if (count($missing) > 0) - { - $params = implode(', ', $missing); - $res->setError(true) - ->setErrorMessage('Missing parameter(s): ' . $params); - return $res->getReturnResponse(); - } + // check required parameters + $msg = $this->checkRequiredParameters($req, $required_params); + if ($msg) + return new APIResponse(false, $msg); + + // get mobile user + $mobile_user = $this->findMobileUser($em); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); $need_update = false; $msg = 'Version is up to date.'; @@ -381,11 +380,7 @@ class CustomerController extends APIController $app_v = explode('.', $app_version); if ($api_v[0] < $app_v[0]) - { - $res->setError(true) - ->setErrorMessage('Invalid application version: ' . $app_version); - return $res->getReturnResponse(); - } + return new APIResponse(false, 'Invalid application version: ' . $app_version); if ($api_v[0] > $app_v[0]) { @@ -399,49 +394,61 @@ class CustomerController extends APIController 'message' => $msg, ]; - $res->setData($data); - - return $res->getReturnResponse(); + return new APIResponse(true, 'Version checked', $data); } - // TODO: needs to be modified for mobile user public function updateDeviceID(Request $req, EntityManagerInterface $em) { + $this->denyAccessUnlessGranted('mobile_user.update.deviceid', null, 'No access.'); + $required_params = [ 'device_id', ]; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res->getReturnResponse(); + + // check required parameters + $msg = $this->checkRequiredParameters($req, $required_params); + if ($msg) + return new APIResponse(false, $msg); + + // get mobile user + $mobile_user = $this->findMobileUser($em); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); $device_id = $req->request->get('device_id'); - $this->session->setDevicePushID($device_id); + $mobile_user->setDevicePushID($device_id); $em->flush(); // response - return $res->getReturnResponse(); + return new APIResponse(true, 'Device ID updated'); } - // TODO: needs to be modified for mobile user public function privacySettings(Request $req, EntityManagerInterface $em) { + $this->denyAccessUnlessGranted('mobile_user.privacy.settings', null, 'No access.'); + $required_params = [ 'priv_third_party', // 'priv_promo', ]; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res->getReturnResponse(); + + // check required parameters + $msg = $this->checkRequiredParameters($req, $required_params); + if ($msg) + return new APIResponse(false, $msg); + + // get mobile user + $mobile_user = $this->findMobileUser($em); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); // get customer - $cust = $this->session->getCustomer(); + $cust = $mobile_user->getCustomer(); if ($cust == null) - { - $res->setError(true) - ->setErrorMessage('No customer information found'); - return $res->getReturnResponse(); - } + return new APIResponse(false, 'No customer information found'); // set privacy settings $priv_promo = $req->request->get('priv_promo', false); @@ -451,7 +458,7 @@ class CustomerController extends APIController // get the policy ids from .env $dotenv = new Dotenv(); - $dotenv->loadEnv(__DIR__.'/../../.env'); + $dotenv->loadEnv(__DIR__.'/../../../.env'); $policy_promo_id = $_ENV['POLICY_PROMO']; $policy_third_party_id = $_ENV['POLICY_THIRD_PARTY']; @@ -484,11 +491,13 @@ class CustomerController extends APIController $em->flush(); - return $res->getReturnResponse(); + return new APIResponse(true, 'Privacy policy settings set'); } - protected function findMobileUser($user_id, $em) + protected function findMobileUser($em) { + // get capi user to link to mobile user + $user_id = $this->getUser()->getID(); $mobile_user = $em->getRepository(MobileUser::class)->findOneBy(['capi_user_id' => $user_id]); return $mobile_user; @@ -534,6 +543,40 @@ class CustomerController extends APIController return $cust; } + protected function updateCustomerInfo($req, $em, $mobile_user) + { + // create new customer if it's not there + $cust = $mobile_user->getCustomer(); + if ($cust == null) + { + $cust = new Customer(); + + // set customer source + $cust->setCreateSource(CustomerSource::MOBILE); + $em->persist($cust); + + $mobile_user->setCustomer($cust); + } + + $cust->setFirstName($req->request->get('first_name')) + ->setLastName($req->request->get('last_name')) + ->setEmail($req->request->get('email', '')) + ->setConfirmed($mobile_user->isConfirmed()); + + // update mobile phone of customer + $cust->setPhoneMobile(substr($mobile_user->getPhoneNumber(), 2)); + + return $cust; + } + + protected function sendConfirmationCode(RisingTideGateway $rt, $phone_number, $code) + { + // send sms to number + $message = "Your Resq confirmation code is $code."; + $rt->sendSMS($phone_number, 'MOTOLITE', $message); + } + + // TODO: this might not be needed if we use APIController's checkRequiredParameters // or we put this into a service? protected function checkMissingParameters(Request $req, $params = []) @@ -617,30 +660,4 @@ class CustomerController extends APIController return $m_user; } - - // TODO: needs to be modified for mobile user - protected function updateCustomerInfo($req, $em) - { - // create new customer if it's not there - $cust = $this->session->getCustomer(); - if ($cust == null) - { - $cust = new Customer(); - $em->persist($cust); - - $this->session->setCustomer($cust); - } - - $cust->setFirstName($req->request->get('first_name')) - ->setLastName($req->request->get('last_name')) - ->setEmail($req->request->get('email', '')) - ->setConfirmed($this->session->isConfirmed()); - - // update mobile phone of customer - $cust->setPhoneMobile(substr($this->session->getPhoneNumber(), 2)); - - return $cust; - } - - }