phpList · TatevikGr · Jun 13, 2025 · Jun 13, 2025 · Jun 15, 2025 · Jun 15, 2025
diff --git a/composer.json b/composer.json
@@ -16,12 +16,17 @@
         {
             "name": "Xheni Myrtaj",
             "email": "[email protected]",
-            "role": "Maintainer"
+            "role": "Former developer"
         },
         {
             "name": "Oliver Klee",
             "email": "[email protected]",
             "role": "Former developer"
+        },
+        {
+            "name": "Tatevik Grigoryan",
+            "email": "[email protected]",
+            "role": "Maintainer"
         }
     ],
     "support": {
@@ -31,7 +36,7 @@
     },
     "require": {
         "php": "^8.1",
-        "phplist/core": "v5.0.0-alpha7",
+        "phplist/core": "dev-ISSUE-345",
         "friendsofsymfony/rest-bundle": "*",
         "symfony/test-pack": "^1.0",
         "symfony/process": "^6.4",
@@ -93,7 +98,6 @@
         "symfony-tests-dir": "tests",
         "phplist/core": {
             "bundles": [
-                "FOS\\RestBundle\\FOSRestBundle",
                 "PhpList\\RestBundle\\PhpListRestBundle"
             ],
             "routes": {
@@ -111,6 +115,11 @@
                     "resource": "@PhpListRestBundle/Messaging/Controller/",
                     "type": "attribute",
                     "prefix": "/api/v2"
+                },
+                "rest-api-analitics": {
+                    "resource": "@PhpListRestBundle/Statistics/Controller/",
+                    "type": "attribute",
+                    "prefix": "/api/v2"
                 }
             }
         }

diff --git a/config/services/controllers.yml b/config/services/controllers.yml
@@ -24,3 +24,10 @@ services:
     autowire: true
     autoconfigure: true
     public: true
+
+  PhpList\RestBundle\Statistics\Controller\:
+    resource: '../src/Statistics/Controller'
+    tags: [ 'controller.service_arguments' ]
+    autowire: true
+    autoconfigure: true
+    public: true
diff --git a/config/services/managers.yml b/config/services/managers.yml
@@ -39,3 +39,16 @@ services:
   PhpList\Core\Domain\Subscription\Service\SubscriberCsvExporter:
     autowire: true
     autoconfigure: true
+
+  PhpList\Core\Domain\Analytics\Service\Manager\LinkTrackManager:
+    autowire: true
+    autoconfigure: true
+
+  PhpList\Core\Domain\Analytics\Service\Manager\UserMessageViewManager:
+    autowire: true
+    autoconfigure: true
+
+  PhpList\Core\Domain\Analytics\Service\AnalyticsService:
+    autowire: true
+    autoconfigure: true
+
diff --git a/config/services/normalizers.yml b/config/services/normalizers.yml
@@ -69,3 +69,19 @@ services:
   PhpList\RestBundle\Subscription\Serializer\SubscribersExportRequestNormalizer:
     tags: [ 'serializer.normalizer' ]
     autowire: true
+
+  PhpList\RestBundle\Statistics\Serializer\CampaignStatisticsNormalizer:
+    tags: [ 'serializer.normalizer' ]
+    autowire: true
+
+  PhpList\RestBundle\Statistics\Serializer\ViewOpensStatisticsNormalizer:
+    tags: [ 'serializer.normalizer' ]
+    autowire: true
+
+  PhpList\RestBundle\Statistics\Serializer\TopDomainsNormalizer:
+    tags: [ 'serializer.normalizer' ]
+    autowire: true
+
+  PhpList\RestBundle\Statistics\Serializer\TopLocalPartsNormalizer:
+    tags: [ 'serializer.normalizer' ]
+    autowire: true
diff --git a/config/services/providers.yml b/config/services/providers.yml
@@ -7,3 +7,7 @@ services:
   PhpList\RestBundle\Common\Service\Provider\PaginatedDataProvider:
     autowire: true
     autoconfigure: true
+
+  PhpList\RestBundle\Messaging\Service\CampaignService:
+    autowire: true
+    autoconfigure: true
diff --git a/src/Common/Controller/BaseController.php b/src/Common/Controller/BaseController.php
@@ -11,6 +11,7 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 
+/**  @SuppressWarnings(PHPMD.NumberOfChildren) */
 abstract class BaseController extends AbstractController
 {
     protected Authentication $authentication;

diff --git a/src/Common/EventListener/ExceptionListener.php b/src/Common/EventListener/ExceptionListener.php
@@ -5,11 +5,14 @@
 namespace PhpList\RestBundle\Common\EventListener;
 
 use Exception;
+use PhpList\Core\Domain\Identity\Exception\AdminAttributeCreationException;
 use PhpList\Core\Domain\Subscription\Exception\SubscriptionCreationException;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpKernel\Event\ExceptionEvent;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
+use Symfony\Component\Security\Core\Exception\AccessDeniedException;
+use Symfony\Component\Validator\Exception\ValidatorException;
 
 class ExceptionListener
 {
@@ -34,6 +37,21 @@ public function onKernelException(ExceptionEvent $event): void
                 'message' => $exception->getMessage(),
             ], $exception->getStatusCode());
             $event->setResponse($response);
+        } elseif ($exception instanceof AdminAttributeCreationException) {
+            $response = new JsonResponse([
+                'message' => $exception->getMessage(),
+            ], $exception->getStatusCode());
+            $event->setResponse($response);
+        } elseif ($exception instanceof ValidatorException) {
+            $response = new JsonResponse([
+                'message' => $exception->getMessage(),
+            ], 400);
+            $event->setResponse($response);
+        } elseif ($exception instanceof AccessDeniedException) {
+            $response = new JsonResponse([
+                'message' => $exception->getMessage(),
+            ], 403);
+            $event->setResponse($response);
         } elseif ($exception instanceof Exception) {
             $response = new JsonResponse([
                 'message' => $exception->getMessage(),

diff --git a/src/Identity/OpenApi/SwaggerSchemasRequest.php b/src/Identity/OpenApi/SwaggerSchemasRequest.php
@@ -36,6 +36,18 @@
             type: 'boolean',
             example: false
         ),
+        new OA\Property(
+            property: 'privileges',
+            description: 'Array of privileges where keys are privilege names and values are booleans',
+            properties: [
+                new OA\Property(property: 'subscribers', type: 'boolean', example: true),
+                new OA\Property(property: 'campaigns', type: 'boolean', example: false),
+                new OA\Property(property: 'statistics', type: 'boolean', example: true),
+                new OA\Property(property: 'settings', type: 'boolean', example: false),
+            ],
+            type: 'object',
+            example: ['subscribers' => true, 'campaigns' => false, 'statistics' => true, 'settings' => false]
+        ),
     ],
     type: 'object'
 )]
@@ -68,6 +80,18 @@
             type: 'boolean',
             example: false
         ),
+        new OA\Property(
+            property: 'privileges',
+            description: 'Array of privileges where keys are privilege names and values are booleans',
+            properties: [
+                new OA\Property(property: 'subscribers', type: 'boolean', example: true),
+                new OA\Property(property: 'campaigns', type: 'boolean', example: false),
+                new OA\Property(property: 'statistics', type: 'boolean', example: true),
+                new OA\Property(property: 'settings', type: 'boolean', example: false),
+            ],
+            type: 'object',
+            example: ['subscribers' => true, 'campaigns' => false, 'statistics' => true, 'settings' => false]
+        ),
     ],
     type: 'object'
 )]

diff --git a/src/Identity/Request/CreateAdministratorRequest.php b/src/Identity/Request/CreateAdministratorRequest.php
@@ -6,6 +6,7 @@
 
 use PhpList\Core\Domain\Identity\Model\Administrator;
 use PhpList\Core\Domain\Identity\Model\Dto\CreateAdministratorDto;
+use PhpList\Core\Domain\Identity\Model\PrivilegeFlag;
 use PhpList\RestBundle\Common\Request\RequestInterface;
 use PhpList\RestBundle\Identity\Validator\Constraint\UniqueEmail;
 use PhpList\RestBundle\Identity\Validator\Constraint\UniqueLoginName;
@@ -31,13 +32,26 @@ class CreateAdministratorRequest implements RequestInterface
     #[Assert\Type('bool')]
     public bool $superUser = false;
 
+    /**
+     * Array of privileges where keys are privilege names (from PrivilegeFlag enum) and values are booleans.
+     * Example: ['subscribers' => true, 'campaigns' => false, 'statistics' => true, 'settings' => false]
+     */
+    #[Assert\Type('array')]
+    #[Assert\All([
+        'constraints' => [
+            new Assert\Type(['type' => 'bool']),
+        ],
+    ])]
+    public array $privileges = [];
+
     public function getDto(): CreateAdministratorDto
     {
         return new CreateAdministratorDto(
-            $this->loginName,
-            $this->password,
-            $this->email,
-            $this->superUser
+            loginName: $this->loginName,
+            password: $this->password,
+            email: $this->email,
+            isSuperUser: $this->superUser,
+            privileges: $this->privileges
         );
     }
 }
diff --git a/src/Identity/Request/UpdateAdministratorRequest.php b/src/Identity/Request/UpdateAdministratorRequest.php
@@ -6,6 +6,7 @@
 
 use PhpList\Core\Domain\Identity\Model\Administrator;
 use PhpList\Core\Domain\Identity\Model\Dto\UpdateAdministratorDto;
+use PhpList\Core\Domain\Identity\Model\PrivilegeFlag;
 use PhpList\RestBundle\Common\Request\RequestInterface;
 use PhpList\RestBundle\Identity\Validator\Constraint\UniqueEmail;
 use PhpList\RestBundle\Identity\Validator\Constraint\UniqueLoginName;
@@ -29,6 +30,18 @@ class UpdateAdministratorRequest implements RequestInterface
     #[Assert\Type('bool')]
     public ?bool $superAdmin = null;
 
+    /**
+     * Array of privileges where keys are privilege names (from PrivilegeFlag enum) and values are booleans.
+     * Example: ['subscribers' => true, 'campaigns' => false, 'statistics' => true, 'settings' => false]
+     */
+    #[Assert\Type('array')]
+    #[Assert\All([
+        'constraints' => [
+            new Assert\Type(['type' => 'bool']),
+        ],
+    ])]
+    public array $privileges = [];
+
     public function getDto(): UpdateAdministratorDto
     {
         return new UpdateAdministratorDto(
@@ -37,6 +50,7 @@ public function getDto(): UpdateAdministratorDto
             password: $this->password,
             email: $this->email,
             superAdmin: $this->superAdmin,
+            privileges: $this->privileges
         );
     }
 }
diff --git a/src/Identity/Serializer/AdministratorNormalizer.php b/src/Identity/Serializer/AdministratorNormalizer.php
@@ -26,6 +26,7 @@ public function normalize($object, string $format = null, array $context = []):
             'login_name' => $object->getLoginName(),
             'email' => $object->getEmail(),
             'super_admin' => $object->isSuperUser(),
+            'privileges' => $object->getPrivileges()->all(),
             'created_at' => $object->getCreatedAt()?->format(DateTimeInterface::ATOM),
         ];
     }

diff --git a/src/Messaging/Controller/CampaignController.php b/src/Messaging/Controller/CampaignController.php
@@ -5,16 +5,13 @@
 namespace PhpList\RestBundle\Messaging\Controller;
 
 use OpenApi\Attributes as OA;
-use PhpList\Core\Domain\Messaging\Model\Filter\MessageFilter;
 use PhpList\Core\Domain\Messaging\Model\Message;
-use PhpList\Core\Domain\Messaging\Service\MessageManager;
 use PhpList\Core\Security\Authentication;
 use PhpList\RestBundle\Common\Controller\BaseController;
-use PhpList\RestBundle\Common\Service\Provider\PaginatedDataProvider;
 use PhpList\RestBundle\Common\Validator\RequestValidator;
 use PhpList\RestBundle\Messaging\Request\CreateMessageRequest;
 use PhpList\RestBundle\Messaging\Request\UpdateMessageRequest;
-use PhpList\RestBundle\Messaging\Serializer\MessageNormalizer;
+use PhpList\RestBundle\Messaging\Service\CampaignService;
 use Symfony\Bridge\Doctrine\Attribute\MapEntity;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -29,21 +26,15 @@
 #[Route('/campaigns', name: 'campaign_')]
 class CampaignController extends BaseController
 {
-    private MessageNormalizer $normalizer;
-    private MessageManager $messageManager;
-    private PaginatedDataProvider $paginatedProvider;
+    private CampaignService $campaignService;
 
     public function __construct(
         Authentication $authentication,
         RequestValidator $validator,
-        MessageNormalizer $normalizer,
-        MessageManager $messageManager,
-        PaginatedDataProvider $paginatedProvider,
+        CampaignService $campaignService,
     ) {
         parent::__construct($authentication, $validator);
-        $this->normalizer = $normalizer;
-        $this->messageManager = $messageManager;
-        $this->paginatedProvider = $paginatedProvider;
+        $this->campaignService = $campaignService;
     }
 
     #[Route('', name: 'get_list', methods: ['GET'])]
@@ -103,12 +94,10 @@ public function __construct(
     )]
     public function getMessages(Request $request): JsonResponse
     {
-        $authUer = $this->requireAuthentication($request);
-
-        $filter = (new MessageFilter())->setOwner($authUer);
+        $authUser = $this->requireAuthentication($request);
 
         return $this->json(
-            $this->paginatedProvider->getPaginatedList($request, $this->normalizer, Message::class, $filter),
+            $this->campaignService->getMessages($request, $authUser),
             Response::HTTP_OK
         );
     }
@@ -157,11 +146,7 @@ public function getMessage(
     ): JsonResponse {
         $this->requireAuthentication($request);
 
-        if (!$message) {
-            throw $this->createNotFoundException('Campaign not found.');
-        }
-
-        return $this->json($this->normalizer->normalize($message), Response::HTTP_OK);
+        return $this->json($this->campaignService->getMessage($message), Response::HTTP_OK);
     }
 
     #[Route('', name: 'create', methods: ['POST'])]
@@ -216,15 +201,17 @@ public function getMessage(
             ),
         ]
     )]
-    public function createMessage(Request $request, MessageNormalizer $normalizer): JsonResponse
+    public function createMessage(Request $request): JsonResponse
     {
         $authUser = $this->requireAuthentication($request);
 
         /** @var CreateMessageRequest $createMessageRequest */
         $createMessageRequest = $this->validator->validate($request, CreateMessageRequest::class);
-        $data = $this->messageManager->createMessage($createMessageRequest->getDto(), $authUser);
 
-        return $this->json($normalizer->normalize($data), Response::HTTP_CREATED);
+        return $this->json(
+            $this->campaignService->createMessage($createMessageRequest, $authUser),
+            Response::HTTP_CREATED
+        );
     }
 
     #[Route('/{messageId}', name: 'update', requirements: ['messageId' => '\d+'], methods: ['PUT'])]
@@ -291,14 +278,13 @@ public function updateMessage(
     ): JsonResponse {
         $authUser = $this->requireAuthentication($request);
 
-        if (!$message) {
-            throw $this->createNotFoundException('Campaign not found.');
-        }
         /** @var UpdateMessageRequest $updateMessageRequest */
         $updateMessageRequest = $this->validator->validate($request, UpdateMessageRequest::class);
-        $data = $this->messageManager->updateMessage($updateMessageRequest->getDto(), $message, $authUser);
 
-        return $this->json($this->normalizer->normalize($data), Response::HTTP_OK);
+        return $this->json(
+            $this->campaignService->updateMessage($updateMessageRequest, $authUser, $message),
+            Response::HTTP_OK
+        );
     }
 
     #[Route('/{messageId}', name: 'delete', requirements: ['messageId' => '\d+'], methods: ['DELETE'])]
@@ -348,13 +334,9 @@ public function deleteMessage(
         Request $request,
         #[MapEntity(mapping: ['messageId' => 'id'])] ?Message $message = null
     ): JsonResponse {
-        $this->requireAuthentication($request);
-
-        if (!$message) {
-            throw $this->createNotFoundException('Campaign not found.');
-        }
+        $authUser = $this->requireAuthentication($request);
 
-        $this->messageManager->delete($message);
+        $this->campaignService->deleteMessage($authUser, $message);
 
         return $this->json(null, Response::HTTP_NO_CONTENT);
     }