2018-12-20 10:25:24 +00:00
|
|
|
<?php
|
|
|
|
|
namespace App\Controller\Api\Admin;
|
|
|
|
|
|
|
|
|
|
use App\Entity;
|
|
|
|
|
use App\Controller\Api\AbstractGenericCrudController;
|
2018-12-24 20:58:43 +00:00
|
|
|
use App\Http\Request;
|
|
|
|
|
use App\Http\Response;
|
|
|
|
|
use Psr\Http\Message\ResponseInterface;
|
2018-12-20 10:25:24 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @see \App\Provider\ApiProvider
|
|
|
|
|
*/
|
|
|
|
|
class UsersController extends AbstractGenericCrudController
|
|
|
|
|
{
|
|
|
|
|
protected $entityClass = Entity\User::class;
|
|
|
|
|
protected $resourceRouteName = 'api:admin:user';
|
2018-12-23 23:26:15 +00:00
|
|
|
|
|
|
|
|
/**
|
2018-12-24 08:47:45 +00:00
|
|
|
* @OA\Get(path="/admin/users",
|
|
|
|
|
* tags={"Administration: Users"},
|
|
|
|
|
* description="List all current users in the system.",
|
|
|
|
|
* @OA\Response(response=200, description="Success",
|
|
|
|
|
* @OA\JsonContent(type="array", @OA\Items(ref="#/components/schemas/User"))
|
|
|
|
|
* ),
|
2018-12-23 23:26:15 +00:00
|
|
|
* @OA\Response(response=403, description="Access denied"),
|
2019-01-03 11:35:38 +00:00
|
|
|
* security={{"api_key": {}}},
|
2018-12-24 08:47:45 +00:00
|
|
|
* )
|
|
|
|
|
*
|
|
|
|
|
* @OA\Post(path="/admin/users",
|
|
|
|
|
* tags={"Administration: Users"},
|
|
|
|
|
* description="Create a new user.",
|
2019-01-03 10:59:44 +00:00
|
|
|
* @OA\RequestBody(
|
|
|
|
|
* @OA\JsonContent(ref="#/components/schemas/User")
|
|
|
|
|
* ),
|
2018-12-24 08:47:45 +00:00
|
|
|
* @OA\Response(response=200, description="Success",
|
|
|
|
|
* @OA\JsonContent(ref="#/components/schemas/User")
|
|
|
|
|
* ),
|
|
|
|
|
* @OA\Response(response=403, description="Access denied"),
|
2019-01-03 11:35:38 +00:00
|
|
|
* security={{"api_key": {}}},
|
2018-12-24 08:47:45 +00:00
|
|
|
* )
|
|
|
|
|
*
|
|
|
|
|
* @OA\Get(path="/admin/user/{id}",
|
|
|
|
|
* tags={"Administration: Users"},
|
|
|
|
|
* description="Retrieve details for a single current user.",
|
|
|
|
|
* @OA\Parameter(
|
|
|
|
|
* name="id",
|
|
|
|
|
* in="path",
|
|
|
|
|
* description="User ID",
|
|
|
|
|
* required=true,
|
|
|
|
|
* @OA\Schema(type="integer", format="int64")
|
|
|
|
|
* ),
|
|
|
|
|
* @OA\Response(response=200, description="Success",
|
|
|
|
|
* @OA\JsonContent(ref="#/components/schemas/User")
|
|
|
|
|
* ),
|
|
|
|
|
* @OA\Response(response=403, description="Access denied"),
|
2019-01-03 11:35:38 +00:00
|
|
|
* security={{"api_key": {}}},
|
2018-12-24 08:47:45 +00:00
|
|
|
* )
|
|
|
|
|
*
|
|
|
|
|
* @OA\Put(path="/admin/user/{id}",
|
|
|
|
|
* tags={"Administration: Users"},
|
|
|
|
|
* description="Update details of a single user.",
|
2019-01-03 10:59:44 +00:00
|
|
|
* @OA\RequestBody(
|
|
|
|
|
* @OA\JsonContent(ref="#/components/schemas/User")
|
|
|
|
|
* ),
|
2018-12-24 08:47:45 +00:00
|
|
|
* @OA\Parameter(
|
|
|
|
|
* name="id",
|
|
|
|
|
* in="path",
|
|
|
|
|
* description="User ID",
|
|
|
|
|
* required=true,
|
|
|
|
|
* @OA\Schema(type="integer", format="int64")
|
|
|
|
|
* ),
|
|
|
|
|
* @OA\Response(response=200, description="Success",
|
2018-12-25 10:59:14 +00:00
|
|
|
* @OA\JsonContent(ref="#/components/schemas/Api_Status")
|
2018-12-24 08:47:45 +00:00
|
|
|
* ),
|
|
|
|
|
* @OA\Response(response=403, description="Access denied"),
|
2019-01-03 11:35:38 +00:00
|
|
|
* security={{"api_key": {}}},
|
2018-12-24 08:47:45 +00:00
|
|
|
* )
|
2018-12-24 20:58:43 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/**
|
2018-12-24 08:47:45 +00:00
|
|
|
* @OA\Delete(path="/admin/user/{id}",
|
|
|
|
|
* tags={"Administration: Users"},
|
|
|
|
|
* description="Delete a single user.",
|
|
|
|
|
* @OA\Parameter(
|
|
|
|
|
* name="id",
|
|
|
|
|
* in="path",
|
|
|
|
|
* description="User ID",
|
|
|
|
|
* required=true,
|
|
|
|
|
* @OA\Schema(type="integer", format="int64")
|
|
|
|
|
* ),
|
|
|
|
|
* @OA\Response(response=200, description="Success",
|
2018-12-25 10:59:14 +00:00
|
|
|
* @OA\JsonContent(ref="#/components/schemas/Api_Status")
|
2018-12-24 08:47:45 +00:00
|
|
|
* ),
|
|
|
|
|
* @OA\Response(response=403, description="Access denied"),
|
2019-01-03 11:35:38 +00:00
|
|
|
* security={{"api_key": {}}},
|
2018-12-23 23:26:15 +00:00
|
|
|
* )
|
2018-12-24 20:58:43 +00:00
|
|
|
*
|
|
|
|
|
* @inheritdoc
|
2018-12-23 23:26:15 +00:00
|
|
|
*/
|
2018-12-24 20:58:43 +00:00
|
|
|
public function deleteAction(Request $request, Response $response, $record_id): ResponseInterface
|
|
|
|
|
{
|
|
|
|
|
/** @var Entity\User $record */
|
|
|
|
|
$record = $this->_getRecord($record_id);
|
|
|
|
|
|
|
|
|
|
if (null === $record) {
|
|
|
|
|
return $response
|
|
|
|
|
->withStatus(404)
|
|
|
|
|
->withJson(new Entity\Api\Error(404, 'Record not found!'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$current_user = $request->getUser();
|
|
|
|
|
|
|
|
|
|
if ($record->getId() === $current_user->getId()) {
|
|
|
|
|
return $response
|
|
|
|
|
->withStatus(403)
|
|
|
|
|
->withJson(new Entity\Api\Error(403, 'You cannot remove yourself.'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$this->_deleteRecord($record);
|
|
|
|
|
|
|
|
|
|
return $response->withJson(new Entity\Api\Status(true, 'Record deleted successfully.'));
|
|
|
|
|
}
|
2018-12-20 10:25:24 +00:00
|
|
|
}
|
