From 08472291394e2f3a6de5dbf6be2af3740edb261c Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Mon, 7 Oct 2019 21:53:53 +0100
Subject: [PATCH] FEAT #11954 TIME 1:45 convertedFile controller

---
 rest/index.php                                |  3 ++
 .../controllers/ConvertPdfController.php      | 40 +++++++++++++++++++
 .../resource/controllers/StoreController.php  |  4 +-
 src/app/user/controllers/UserController.php   | 12 +-----
 4 files changed, 45 insertions(+), 14 deletions(-)

diff --git a/rest/index.php b/rest/index.php
index b2aeaba9405..2723b1d7e7e 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -128,6 +128,9 @@ $app->get('/contactsTypes', \Contact\controllers\ContactTypeController::class .
 $app->get('/contactsFilling', \Contact\controllers\ContactController::class . ':getFilling');
 $app->put('/contactsFilling', \Contact\controllers\ContactController::class . ':updateFilling');
 
+//Convert
+$app->post('/convertedFile', \Convert\controllers\ConvertPdfController::class . ':convertedFile');
+
 //CustomFields
 $app->get('/customFields', \CustomField\controllers\CustomFieldController::class . ':get');
 $app->post('/customFields', \CustomField\controllers\CustomFieldController::class . ':create');
diff --git a/src/app/convert/controllers/ConvertPdfController.php b/src/app/convert/controllers/ConvertPdfController.php
index b5693cdd56d..e0370b0411e 100755
--- a/src/app/convert/controllers/ConvertPdfController.php
+++ b/src/app/convert/controllers/ConvertPdfController.php
@@ -18,7 +18,11 @@ use Attachment\models\AttachmentModel;
 use Convert\models\AdrModel;
 use Docserver\controllers\DocserverController;
 use Docserver\models\DocserverModel;
+use Resource\controllers\StoreController;
 use Resource\models\ResModel;
+use Respect\Validation\Validator;
+use Slim\Http\Request;
+use Slim\Http\Response;
 use SrcCore\models\CoreConfigModel;
 use SrcCore\models\ValidatorModel;
 
@@ -214,4 +218,40 @@ class ConvertPdfController
             file_put_contents($filePath, $bom.$content);
         }
     }
+
+    public function convertedFile(Request $request, Response $response)
+    {
+        $body = $request->getParsedBody();
+
+        if (!Validator::notEmpty()->validate($body['name'])) {
+            return $response->withStatus(400)->withJson(['errors' => 'Body name is not an integer']);
+        }
+        if (!Validator::notEmpty()->validate($body['base64'])) {
+            return $response->withStatus(400)->withJson(['errors' => 'Body base64 is not an integer']);
+        }
+        
+        $file     = base64_decode($body['base64']);
+        $finfo    = new \finfo(FILEINFO_MIME_TYPE);
+        $mimeType = $finfo->buffer($file);
+        $ext      = substr($body['name'], strrpos($body['name'], '.') + 1);
+        $size     = strlen($file);
+
+        $fileAccepted  = StoreController::isFileAllowed(['extension' => $ext, 'type' => $mimeType]);
+        $maxFilesizeMo = ini_get('upload_max_filesize');
+
+        if (!$fileAccepted) {
+            return $response->withStatus(400)->withJson(['errors' => 'File type not allowed. Extension : ' . $ext . '. Mime Type : ' . $mimeType . '.']);
+        } elseif ($size/1024 > $maxFilesizeMo*1024) {
+            return $response->withStatus(400)->withJson(['errors' => 'File maximum size is exceeded ('.$maxFilesizeMo.' Mo)']);
+        }
+
+        $convertion = ConvertPdfController::convertFromEncodedResource(['encodedResource' => $body['base64']]);
+        if (empty($convertion['errors'])) {
+            return $response->withJson([
+                'encodedResource' => $convertion
+            ]);
+        } else {
+            return $response->withStatus(403)->withJson($convertion);
+        }
+    }
 }
diff --git a/src/app/resource/controllers/StoreController.php b/src/app/resource/controllers/StoreController.php
index 14a67c5f6ba..539d45712d2 100755
--- a/src/app/resource/controllers/StoreController.php
+++ b/src/app/resource/controllers/StoreController.php
@@ -24,10 +24,8 @@ use Resource\models\ChronoModel;
 use SrcCore\models\DatabaseModel;
 use SrcCore\models\ValidatorModel;
 use Respect\Validation\Validator;
-use Entity\models\EntityModel;
 use Resource\models\ResModel;
 use SrcCore\models\CoreConfigModel;
-use User\models\UserModel;
 
 class StoreController
 {
@@ -285,7 +283,7 @@ class StoreController
         return $response->withJson(['success']);
     }
 
-    private static function isFileAllowed(array $args)
+    public static function isFileAllowed(array $args)
     {
         ValidatorModel::notEmpty($args, ['extension', 'type']);
         ValidatorModel::stringType($args, ['extension', 'type']);
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index cec7cff44d4..7ccfca72284 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -776,17 +776,7 @@ class UserController
         $type     = explode('/', $mimeType);
         $ext      = strtoupper(substr($data['name'], strrpos($data['name'], '.') + 1));
 
-        $fileAccepted = false;
-
-        $loadedXml = CoreConfigModel::getXmlLoaded(['path' => 'apps/maarch_entreprise/xml/extensions.xml']);
-        if ($loadedXml && count($loadedXml->FORMAT) > 0) {
-            foreach ($loadedXml->FORMAT as $value) {
-                if (strtoupper($value->name) == $ext && strtoupper($value->mime) == strtoupper($mimeType)) {
-                    $fileAccepted = true;
-                    break;
-                }
-            }
-        }
+        $fileAccepted  = StoreController::isFileAllowed(['extension' => $ext, 'type' => $mimeType]);
 
         if (!$fileAccepted || $type[0] != 'image') {
             return $response->withStatus(400)->withJson(['errors' => _WRONG_FILE_TYPE]);
-- 
GitLab