Skip to content

Commit

Permalink
feat: bloque les requêtes à l'API interne si utilisateur non connecté…
Browse files Browse the repository at this point in the history 
… ou session expirée
  • Loading branch information
@ocruze
ocruze committed Oct 25, 2023
1 parent fc018bc commit 1898fe1
Show file tree
Hide file tree
Showing 11 changed files with 136 additions and 75 deletions.
7 changes: 7 additions & 0 deletions src/Controller/Api/ApiControllerInterface.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
<?php

namespace App\Controller\Api;

interface ApiControllerInterface
{
}
16 changes: 8 additions & 8 deletions src/Controller/Api/CatalogsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,23 +2,22 @@

namespace App\Controller\Api;

use App\Services\EntrepotApiService;
use App\Exception\CartesApiException;
use App\Exception\EntrepotApiException;
use App\Services\EntrepotApiService;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;


#[Route(
'/api/catalogs',
name: 'cartesgouvfr_api_catalogs_',
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
)]
class CatalogsController extends AbstractController
class CatalogsController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private EntrepotApiService $entrepotApiService,
Expand All @@ -31,14 +30,15 @@ public function communities(Request $request): JsonResponse
$params = ['page' => 1, 'limit' => 10];
try {
$queryParams = [];
foreach($params as $name => $defValue) {
foreach ($params as $name => $defValue) {
$filtered = filter_var($request->get($name, $defValue), FILTER_VALIDATE_INT);
if ($filtered === false) {
if (false === $filtered) {
throw new \Exception("Le paramêtre $name n\'est pas valide", Response::HTTP_BAD_REQUEST);
}
$queryParams[$name] = $filtered;
}
$response = $this->entrepotApiService->catalogs->getPublicCommunities($queryParams) ;
$response = $this->entrepotApiService->catalogs->getPublicCommunities($queryParams);

return $this->json($response);
} catch (EntrepotApiException $ex) {
throw new CartesApiException($ex->getMessage(), $ex->getStatusCode(), $ex->getDetails(), $ex);
Expand Down
2 changes: 1 addition & 1 deletion src/Controller/Api/DatasheetController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
)]
class DatasheetController extends AbstractController
class DatasheetController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private EntrepotApiService $entrepotApiService
Expand Down
2 changes: 1 addition & 1 deletion src/Controller/Api/DatastoreController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
)]
class DatastoreController extends AbstractController
class DatastoreController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private EntrepotApiService $entrepotApiService
Expand Down
95 changes: 48 additions & 47 deletions src/Controller/Api/PyramidController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,38 +2,36 @@

namespace App\Controller\Api;

use App\Constants\EntrepotApi\StoredDataTags;
use App\Constants\EntrepotApi\UploadTags;
use App\Dto\Pyramid\AddPyramidDTO;
use App\Dto\Pyramid\CompositionDTO;
use App\Services\EntrepotApiService;
use App\Exception\CartesApiException;
use App\Dto\Pyramid\PublishPyramidDTO;
use App\Constants\EntrepotApi\UploadTags;
use App\Constants\EntrepotApi\StoredDataTags;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpKernel\Attribute\MapRequestPayload;
use App\Exception\CartesApiException;
use App\Services\EntrepotApiService;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Attribute\MapRequestPayload;
use Symfony\Component\Routing\Annotation\Route;

#[Route(
'/api/datastore/{datastoreId}/pyramid',
name: 'cartesgouvfr_api_pyramid_'
)]
class PyramidController extends AbstractController
class PyramidController extends AbstractController implements ApiControllerInterface
{
const TOP_LEVEL_DEFAULT = 5;
const BOTTOM_LEVEL_DEFAULT = 18;
public const TOP_LEVEL_DEFAULT = 5;
public const BOTTOM_LEVEL_DEFAULT = 18;

public function __construct(
private EntrepotApiService $entrepotApiService,
private ParameterBagInterface $parameterBag
) {
}

#[
Route('/add', name: 'add', methods: ['POST'],
#[Route('/add', name: 'add', methods: ['POST'],
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()')
]
Expand All @@ -44,17 +42,17 @@ public function add(string $datastoreId, #[MapRequestPayload] AddPyramidDTO $dto
// $samplePyramidId = $request->query->get('samplePyramidId', null);

$vectordb = $this->entrepotApiService->storedData->get($datastoreId, $dto->vectorDbId);

// TODO Suppression de l'upload ?
// On met les valeurs de bottom_level et top_level sous forme de chaine
$composition = [];
foreach($dto->composition as $compo) {
foreach ($dto->composition as $compo) {
$composition[] = [
'table' => $compo->table,
'attributes' => $compo->attributes,
'bottom_level' => strval($compo->bottom_level),
'top_level' => strval($compo->top_level)
'top_level' => strval($compo->top_level),
];
}

Expand All @@ -64,11 +62,11 @@ public function add(string $datastoreId, #[MapRequestPayload] AddPyramidDTO $dto
'composition' => $composition,
'bottom_level' => strval(end($levels)),
'top_level' => strval($levels[0]),
'tippecanoe_options' => $dto->tippecanoe
'tippecanoe_options' => $dto->tippecanoe,
];

if (! is_null($dto->area)) {
$parameters['area'] = $dto->area;
if (!is_null($dto->area)) {
$parameters['area'] = $dto->area;
}

$apiEntrepotProcessings = $this->parameterBag->get('api_entrepot')['processings'];
Expand All @@ -78,7 +76,7 @@ public function add(string $datastoreId, #[MapRequestPayload] AddPyramidDTO $dto
'inputs' => ['stored_data' => [$dto->vectorDbId]],
'output' => ['stored_data' => [
'name' => $dto->technicalName,
'storage_tags' => ['PYRAMIDE']
'storage_tags' => ['PYRAMIDE'],
]],
'parameters' => $parameters,
];
Expand All @@ -97,9 +95,9 @@ public function add(string $datastoreId, #[MapRequestPayload] AddPyramidDTO $dto
'proc_int_id' => $vectordb['tags']['proc_int_id'],
'vectordb_id' => $dto->vectorDbId,
'proc_pyr_creat_id' => $processingExecution['_id'],
'is_sample' => is_null($dto->area) ? "false" : "true"
'is_sample' => is_null($dto->area) ? 'false' : 'true',
];

$this->entrepotApiService->storedData->addTags($datastoreId, $pyramidId, $pyramidTags);
$this->entrepotApiService->processing->launchExecution($datastoreId, $processingExecution['_id']);

Expand All @@ -112,13 +110,13 @@ public function add(string $datastoreId, #[MapRequestPayload] AddPyramidDTO $dto
}

#[
Route('/publish/{pyramidId}', name: 'publish', methods: ['POST'],
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()')
Route('/publish/{pyramidId}', name: 'publish', methods: ['POST'],
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()')
]
public function publish(
string $datastoreId,
string $pyramidId,
string $datastoreId,
string $pyramidId,
#[MapRequestPayload] PublishPyramidDTO $dto): JsonResponse
{
try {
Expand All @@ -129,9 +127,10 @@ public function publish(

// TODO Suppression de l'Upload ?
// TODO Suppression de la base de donnees

// Restriction d'acces
$endpoints = []; $isOfferingOpen = true;
$endpoints = [];
$isOfferingOpen = true;

if ('all_public' === $dto->share_with) {
$endpoints = $this->entrepotApiService->datastore->getEndpoints($datastoreId, [
Expand All @@ -155,19 +154,19 @@ public function publish(

// Ajout d'une execution de traitement
$requestBody = [
"type" => "WMTS-TMS",
"name" => $dto->public_name,
"layer_name" => $dto->technical_name,
"type_infos" => [
"title" => $dto->public_name,
"abstract" => $dto->description,
"keywords" => $dto->category,
"used_data" => [[
"bottom_level" => $levels['bottom_level'],
"top_level" => $levels['top_level'],
"stored_data" => $pyramidId
]]
]
'type' => 'WMTS-TMS',
'name' => $dto->public_name,
'layer_name' => $dto->technical_name,
'type_infos' => [
'title' => $dto->public_name,
'abstract' => $dto->description,
'keywords' => $dto->category,
'used_data' => [[
'bottom_level' => $levels['bottom_level'],
'top_level' => $levels['top_level'],
'stored_data' => $pyramidId,
]],
],
];

// Ajout de la configuration
Expand All @@ -192,21 +191,23 @@ public function publish(

/**
* @param array<CompositionDTO> $composition
* @return array
*/
private function getLevels($composition) : array {
private function getLevels($composition): array
{
$levels = [];
foreach($composition as $tableComposition) {
foreach ($composition as $tableComposition) {
$levels[] = $tableComposition->bottom_level;
$levels[] = $tableComposition->top_level;
}
$levels = array_unique($levels, SORT_NUMERIC);
sort($levels, SORT_NUMERIC);

return $levels;
}

/**
* @param array<mixed> $pyramid
*
* @return array
*/
private function getBottomAndToLevel(array $pyramid)
Expand All @@ -216,7 +217,7 @@ private function getBottomAndToLevel(array $pyramid)
}

$levels = $pyramid['type_infos']['levels'];
usort($levels, function(string $a, string $b) {
usort($levels, function (string $a, string $b) {
return intval($a) - intval($b);
});

Expand Down
2 changes: 1 addition & 1 deletion src/Controller/Api/ServiceController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
)]
class ServiceController extends AbstractController
class ServiceController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private EntrepotApiService $entrepotApiService
Expand Down
2 changes: 1 addition & 1 deletion src/Controller/Api/StoredDataController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
)]
class StoredDataController extends AbstractController
class StoredDataController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private EntrepotApiService $entrepotApiService
Expand Down
2 changes: 1 addition & 1 deletion src/Controller/Api/UploadController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
)]
class UploadController extends AbstractController
class UploadController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private EntrepotApiService $entrepotApiService,
Expand Down
4 changes: 2 additions & 2 deletions src/Controller/Api/UserController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@
'/api/user',
name: 'cartesgouvfr_api_user_',
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
// condition: 'request.isXmlHttpRequest()'
)]
class UserController extends AbstractController
class UserController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private readonly EntrepotApiService $entrepotApiService
Expand Down
25 changes: 12 additions & 13 deletions src/Controller/Api/WfsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,25 +2,24 @@

namespace App\Controller\Api;

use App\Constants\EntrepotApi\StoredDataTags;
use App\Dto\WfsAddDTO;
use App\Services\EntrepotApiService;
use App\Exception\CartesApiException;
use App\Exception\EntrepotApiException;
use App\Constants\EntrepotApi\StoredDataTags;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use App\Services\EntrepotApiService;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Attribute\MapRequestPayload;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Routing\Annotation\Route;

#[Route(
'/api/datastores/{datastoreId}/{storedDataId}/wfs',
name: 'cartesgouvfr_api_wfs_',
options: ['expose' => true],
condition: 'request.isXmlHttpRequest()'
)]
class WfsController extends AbstractController
class WfsController extends AbstractController implements ApiControllerInterface
{
public function __construct(
private EntrepotApiService $entrepotApiService,
Expand All @@ -29,24 +28,24 @@ public function __construct(

#[Route('/', name: 'add')]
public function add(
string $datastoreId,
string $storedDataId,
string $datastoreId,
string $storedDataId,
#[MapRequestPayload] WfsAddDTO $dto): JsonResponse
{
{
try {
$relations = [];
foreach ($dto->table_infos as $table) {
$relation = [
'native_name' => $table->native_name,
'title' => $table->title,
'abstract' => $table->description
'abstract' => $table->description,
];
if ($table->public_name) {
$relation['public_name'] = $table->public_name;
}

if ($table->keywords && count($table->keywords) !== 0) {
$relation['keywords'] = $table->keywords;
if ($table->keywords && 0 !== count($table->keywords)) {
$relation['keywords'] = $table->keywords;
}
$relations[] = $relation;
}
Expand Down
Loading

0 comments on commit 1898fe1

Please sign in to comment.