ヤミRoot VoidGate
User / IP
:
216.73.216.137
Host / Server
:
146.88.233.70 / dev.loger.cm
System
:
Linux hybrid1120.fr.ns.planethoster.net 3.10.0-957.21.2.el7.x86_64 #1 SMP Wed Jun 5 14:26:44 UTC 2019 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
itrave
/
api
/
src
/
AppBundle
/
Controller
/
Api
/
Viewing: BusCheckController.php
<?php namespace AppBundle\Controller\Api; use FOS\RestBundle\Controller\FOSRestController; use FOS\RestBundle\Controller\Annotations as Rest; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\Request; use Nelmio\ApiDocBundle\Annotation as Doc; use AppBundle\Entity\BusCheck; use AppBundle\Entity\Staff; use AppBundle\Entity\Bus; use AppBundle\Form\BusCheckType; class BusCheckController extends FOSRestController { /** * @Rest\Get("/buses/{busId}/checks") * @Rest\View( * statusCode = Response::HTTP_OK, * SerializerGroups = {"LIST"} * ) */ public function listAction(Bus $bus) { $busChecks = $this ->getDoctrine() ->getRepository("AppBundle:BusCheck") ->findByBus($bus); return $busChecks; } /** * @Rest\Get("/buses/{busId}/checks/{busCheckId}") * @Rest\View( * statusCode = Response::HTTP_OK, * SerializerGroups = {"LIST", "BUS_CHECH_DETAILS"} * ) */ public function showAction(Bus $bus, BusCheck $busCheck) { if( $busCheck->getBus() != $bus){ return new JsonResponse(['error' => 'This check is not related to this bus'], Response::HTTP_FORBIDDEN); } return $busCheck; } /** * Create a new bus check * * @Rest\Post("/buses/{busId}/checks") * @Rest\View( * statusCode = Response::HTTP_CREATED, * SerializerGroups = {"LIST", "BUS_CHECH_DETAILS"} * ) * @Doc\ApiDoc( * section="Bus checks on a bus", * resource=true, * description="Checks made on a bus.", * input = { * "class"="AppBundle\Form\BusCheckType", * }, * ) */ public function createAction(Request $request, Bus $bus) { /** * The body of the request must be * { * "mechanicId": id, * "wheelsStatus": "value1", * "motorStatus": "value2", * "globalStatus": "value3" * } */ $busCheck = new BusCheck(); $form = $this->createForm(BusCheckType::class, $busCheck); $form->submit($request->request->all(), false); $listErrors = $this->get('validator')->validate($busCheck); if (count($listErrors)) { return $this->view($listErrors, Response::HTTP_BAD_REQUEST); } $em = $this->getDoctrine()->getManager(); $mechanic = $em ->getRepository('AppBundle:Staff') ->find($request->request->get("mechanicId")); if($mechanic->getCompany()!= $bus->getCompany()){ return new JsonResponse(['error' => 'This bus and this mechanic are not from the same company'], Response::HTTP_FORBIDDEN); } //TODO sign the check $busCheck->setMechanic($mechanic); $busCheck->setBus($bus); $em->persist($busCheck); $em->flush(); return $busCheck; } /** * @Rest\Put("/buses/{busId}/checks/{busCheckId}") * @Rest\View( * statusCode = Response::HTTP_ACCEPTED, * SerializerGroups = {"LIST", "BUS_CHECH_DETAILS"} * ) */ public function updateAction(Request $request, BusCheck $busCheck) { $form = $this->createForm(BusCheckType::class, $busCheck); $form->submit($request->request->all(), false); $listErrors = $this->get('validator')->validate($busCheck); if (count($listErrors)) { return $this->view($listErrors, Response::HTTP_BAD_REQUEST); } $em = $this ->getDoctrine() ->getManager(); $em ->flush(); return $busCheck; } /** * @Rest\Delete("/buses/{busId}/checks/{busCheckId}") * @Rest\View( * statusCode = Response::HTTP_OK * ) */ public function deleteAction() { //TODO return new JsonResponse(['error' => 'deletion forbidden '], Response::HTTP_FORBIDDEN); } }
Coded With 💗 by
0x6ick