/** * * @Route("/api/save-rights") * * @param Request $request */ public function saveRightsAction(Request $request) { $return = []; try { $token = $this->getOwnerTokenFromCode($request->get('code')); $manager = $this->getDoctrine()->getManager(); $rights = $request->get('rights'); if (!is_array($rights) || empty($rights)) { $rights = []; } $menu = new MenuList($this->getTranslator(), $this->getCharacters($this->getAccount($token))); $allowedRights = array_keys($menu->getRights()); $allowedRights[] = 'other.limit_characters'; $allowedRights[] = 'other.disable_statistics'; $sanitizedRights = []; foreach ($rights as $right) { if (in_array($right, $allowedRights)) { $sanitizedRights[] = $right; } } $token->setRights($sanitizedRights); $manager->persist($token); $manager->flush(); if ($token->hasRight('other.disable_statistics') && $token->isValid()) { $stats = new Statistics($this, $this->getAccount($token)); $stats->removeStatistics(); } $return['ok'] = true; $return['message'] = $this->trans('global.saved_preferences'); } catch (\Exception $ex) { $return['error'] = $ex->getMessage(); } return new JsonResponse($return); }
/** * * @param string $_code */ protected function getContext($_code, $page, $ownerMandatory = false) { $statistics = null; if (empty($this->token)) { $this->token = $this->getTokenRepository()->findOneByCode($_code); if (empty($this->token)) { throw $this->createNotFoundException('Unknown code.'); } $this->isOwner = $this->isTokenOwner($this->token); if (!$this->isOwner && $ownerMandatory && !$this->token->hasRight($page)) { throw new AccessNotAllowedException(); } if (!$this->checkToken($this->token)) { throw $this->createNotFoundException('The account is invalid or the official GW2 API is down. Try again later.'); } $this->account = $this->getAccount($this->token); $this->characters = $this->getCharacters($this->account); $this->menu = new MenuList($this->getTranslator(), $this->characters); if (!$this->menu->pageExists($page)) { throw $this->createNotFoundException('Unknown page.'); } $statistics = new Statistics($this, $this->account); if (!$this->token->hasRight('other.disable_statistics') && $this->token->isValid()) { $statistics->calculateStatistics(); } } return ['page' => $page, 'page_name' => $this->getMenu()->pageName($page), 'owner' => $this->isOwner, 'user' => $this->token, 'token' => $this->token, 'code' => $this->token->getCode(), 'account' => $this->account, 'characters' => $this->characters, 'statistics' => $statistics]; }