leepeuker · JVT038 · Feb 22, 2024 · Feb 23, 2024 · Feb 23, 2024 · Feb 24, 2024
@@ -1066,6 +1066,115 @@
         }
       }
     },
+    "/users/{username}/movies/{id}/rating": {
+      "post": {
+        "tags": [
+          "Rating"
+        ],
+        "summary": "Update the rating of an user for a movie",
+        "description": "Update the rating of an user for a movie",
+        "parameters": [
+          {
+            "name": "username",
+            "in": "path",
+            "description": "Name of user",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "id",
+            "in": "path",
+            "description": "Movary ID of the movie",
+            "required": true,
+            "schema": {
+              "type": "integer"
+            }
+          }
+        ],
+        "requestBody": {
+          "content": {
+            "application\/json": {
+              "schema": {
+                "type": "array",
+                "items": {
+                  "type": "object",
+                  "properties": {
+                    "rating": {
+                      "type": "integer",
+                      "description": "Rating of the movie. It has to be an integer in the range of 0 - 10. If the rating is 0, then the rating will be deleted.",
+                      "example": 10,
+                      "minimum": 0,
+                      "maximum": 10
+                    }
+                  }
+                }
+              }
+            }
+          }
+        },
+        "responses": {
+          "204": {
+            "$ref": "#/components/responses/204"
+          },
+          "403": {
+            "$ref": "#/components/responses/403"
+          },
+          "404": {
+            "$ref": "#/components/responses/404"
+          }
+        },
+        "security": [
+          {
+            "authToken": [],
+            "cookieauth": []
+          }
+        ]
+      }
+    },
+    "\/fetchMovieRatingByTmdbdId": {
+      "get": {
+        "tags": [
+          "Rating"
+        ],
+        "summary": "Get movie rating",
+        "description": "Get the movie rating from the current user. The movie is found by using the TMDB ID",
+        "parameters": [
+          {
+            "name": "tmdbId",
+            "description": "The ID of the movie from TMDB",
+            "in": "query",
+            "schema": {
+              "type": "integer"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "The TMDB ID was valid and the ratings have been returned.",
+            "content": {
+              "application\/json": {
+                "schema": {
+                  "type": "object",
+                  "properties": {
+                    "personalRating": {
+                      "type": "integer",
+                      "description": "The rating of the movie by the user. It will be null if there is no rating.",
+                      "minimum": 1,
+                      "maximum": 10
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "403": {
+            "$ref": "#/components/responses/403"
+          }
+        }
+      }
+    },
     "/authentication/token": {
       "get": {
         "tags": [

@@ -435,7 +435,7 @@ function getCurrentDate() {
  * Rating star logic starting here
  */
 async function fetchRating(tmdbId) {
-    const response = await fetch('/fetchMovieRatingByTmdbdId?tmdbId=' + tmdbId)
+    const response = await fetch('/api/fetchMovieRatingByTmdbdId?tmdbId=' + tmdbId)
 
     if (!response.ok) {
         throw new Error(`HTTP error! status: ${response.status}`)

@@ -58,14 +58,16 @@ function getRouteUsername() {
 }
 
 function saveRating() {
-    let newRating = getRatingFromStars('editRatingModal')
+    let newRating = getRatingFromStars('editRatingModal');
 
-    fetch('/users/' + getRouteUsername() + '/movies/' + getMovieId() + '/rating', {
+    fetch('/api/users/' + getRouteUsername() + '/movies/' + getMovieId() + '/rating', {
         method: 'post',
         headers: {
-            'Content-type': 'application/x-www-form-urlencoded; charset=UTF-8'
+            'Content-type': 'application/json'
         },
-        body: 'rating=' + newRating
+        body: JSON.stringify({
+            'rating': newRating
+        })
     }).then(function (response) {
         if (response.ok === false) {
             addAlert('editRatingModalDiv', 'Could not update rating.', 'danger')

@@ -191,13 +191,8 @@ function addWebRoutes(RouterService $routerService, FastRoute\RouteCollector $ro
         Web\HistoryController::class,
         'createHistoryEntry'
     ], [Web\Middleware\UserIsAuthenticated::class]);
-    $routes->add('POST', '/users/{username:[a-zA-Z0-9]+}/movies/{id:\d+}/rating', [
-        Web\Movie\MovieRatingController::class,
-        'updateRating'
-    ], [Web\Middleware\UserIsAuthenticated::class]);
     $routes->add('POST', '/log-movie', [Web\HistoryController::class, 'logMovie'], [Web\Middleware\UserIsAuthenticated::class]);
     $routes->add('POST', '/add-movie-to-watchlist', [Web\WatchlistController::class, 'addMovieToWatchlist'], [Web\Middleware\UserIsAuthenticated::class]);
-    $routes->add('GET', '/fetchMovieRatingByTmdbdId', [Web\Movie\MovieRatingController::class, 'fetchMovieRatingByTmdbdId'], [Web\Middleware\UserIsAuthenticated::class]);
 
     $routerService->addRoutesToRouteCollector($routeCollector, $routes, true);
 }
@@ -230,6 +225,9 @@ function addApiRoutes(RouterService $routerService, FastRoute\RouteCollector $ro
 
     $routes->add('GET', '/movies/search', [Api\MovieSearchController::class, 'search'], [Api\Middleware\IsAuthenticated::class]);
 
+    $routes->add('POST', '/users/{username:[a-zA-Z0-9]+}/movies/{id:\d+}/rating', [Api\MovieRatingController::class, 'updateRating'], [Api\Middleware\IsAuthorizedToWriteUserData::class]);
+    $routes->add('GET', '/fetchMovieRatingByTmdbdId', [Api\MovieRatingController::class, 'fetchMovieRatingByTmdbdId'], [Api\Middleware\IsAuthenticated::class]);
+
     $routes->add('POST', '/webhook/plex/{id:.+}', [Api\PlexController::class, 'handlePlexWebhook']);
     $routes->add('POST', '/webhook/jellyfin/{id:.+}', [Api\JellyfinController::class, 'handleJellyfinWebhook']);
     $routes->add('POST', '/webhook/emby/{id:.+}', [Api\EmbyController::class, 'handleEmbyWebhook']);

@@ -1,6 +1,6 @@
 <?php declare(strict_types=1);
 
-namespace Movary\HttpController\Web\Movie;
+namespace Movary\HttpController\Api;
 
 use Movary\Domain\Movie\MovieApi;
 use Movary\Domain\User\Service\Authentication;
@@ -22,12 +22,15 @@ public function __construct(
 
     public function fetchMovieRatingByTmdbdId(Request $request) : Response
     {
-        $userId = $this->authenticationService->getCurrentUserId();
+        $userId = $this->authenticationService->getUserIdByApiToken($request);
         $tmdbId = $request->getGetParameters()['tmdbId'] ?? null;
 
         $userRating = null;
         $movie = $this->movieApi->findByTmdbId((int)$tmdbId);
 
+        if($userId === null) {
+            return Response::createForbidden();
+        }
         if ($movie !== null) {
             $userRating = $this->movieApi->findUserRating($movie->getId(), $userId);
         }
@@ -39,22 +42,25 @@ public function fetchMovieRatingByTmdbdId(Request $request) : Response
 
     public function updateRating(Request $request) : Response
     {
-        $userId = $this->authenticationService->getCurrentUserId();
+        $userId = $this->authenticationService->getUserIdByApiToken($request);
+        if($userId === null) {
+            return Response::createForbidden();
+        }
 
         if ($this->userApi->fetchUser($userId)->getName() !== $request->getRouteParameters()['username']) {
             return Response::createForbidden();
         }
 
         $movieId = (int)$request->getRouteParameters()['id'];
 
-        $postParameters = $request->getPostParameters();
+        $postParameters = Json::decode($request->getBody());
 
         $personalRating = null;
         if (empty($postParameters['rating']) === false && $postParameters['rating'] !== 0) {
             $personalRating = PersonalRating::create((int)$postParameters['rating']);
         }
 
-        $this->movieApi->updateUserRating($movieId, $this->authenticationService->getCurrentUserId(), $personalRating);
+        $this->movieApi->updateUserRating($movieId, $userId, $personalRating);
 
         return Response::create(StatusCode::createNoContent());
     }

@@ -0,0 +1,18 @@
+@tmdbId = 329
+GET http://127.0.0.1/api/fetchMovieRatingByTmdbdId?tmdbId={{tmdbId}}
+Accept: */*
+Cache-Control: no-cache
+Content-Type: application/json
+X-Auth-Token: {{xAuthToken}}
+
+###
+
+POST http://127.0.0.1/api/users/{{username}}/movies/1/rating
+Accept: */*
+Cache-Control: no-cache
+Content-Type: application/json
+X-Auth-Token: {{xAuthToken}}
+
+{
+  "rating": 10
+}