BookStack Code Mirror - bookstack/blob - app/Http/Controllers/CommentController.php

   1 <?php namespace BookStack\Http\Controllers;
   2
   3 use BookStack\Repos\CommentRepo;
   4 use BookStack\Repos\EntityRepo;
   5 use Illuminate\Http\Request;
   6 use Views;
   7
   8 // delete  -checkOwnablePermission \
   9 class CommentController extends Controller
  10 {
  11     protected $entityRepo;
  12
  13     public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo)
  14     {
  15         $this->entityRepo = $entityRepo;
  16         $this->commentRepo = $commentRepo;
  17         parent::__construct();
  18     }
  19
  20     public function save(Request $request, $pageId, $commentId)
  21     {
  22         $this->validate($request, [
  23             'text' => 'required|string',
  24             'html' => 'required|string',
  25         ]);
  26
  27         try {
  28             $page = $this->entityRepo->getById('page', $pageId, true);
  29         } catch (ModelNotFoundException $e) {
  30             return response('Not found', 404);
  31         }
  32
  33         if($page->draft) {
  34             // cannot add comments to drafts.
  35             return response()->json([
  36                 'status' => 'error',
  37                 'message' => trans('errors.cannot_add_comment_to_draft'),
  38             ], 400);
  39         }
  40
  41         $this->checkOwnablePermission('page-view', $page);
  42         if (empty($commentId)) {
  43             // create a new comment.
  44             $this->checkPermission('comment-create-all');
  45             $comment = $this->commentRepo->create($page, $request->only(['text', 'html', 'parent_id']));
  46             $respMsg = trans('entities.comment_created');
  47         } else {
  48             // update existing comment
  49             // get comment by ID and check if this user has permission to update.
  50             $comment = $this->comment->findOrFail($commentId);
  51             $this->checkOwnablePermission('comment-update', $comment);
  52             $this->commentRepo->update($comment, $request->all());
  53             $respMsg = trans('entities.comment_updated');
  54         }
  55
  56         return response()->json([
  57             'status'    => 'success',
  58             'message'   => $respMsg
  59         ]);
  60
  61     }
  62
  63     public function destroy($id) {
  64         $comment = $this->comment->findOrFail($id);
  65         $this->checkOwnablePermission('comment-delete', $comment);
  66
  67         //
  68     }
  69
  70     public function getComments($pageId, $commentId = null) {
  71         try {
  72             $page = $this->entityRepo->getById('page', $pageId, true);
  73         } catch (ModelNotFoundException $e) {
  74             return response('Not found', 404);
  75         }
  76
  77         if($page->draft) {
  78             // cannot add comments to drafts.
  79             return response()->json([
  80                 'status' => 'error',
  81                 'message' => trans('errors.no_comments_for_draft'),
  82             ], 400);
  83         }
  84
  85         $this->checkOwnablePermission('page-view', $page);
  86
  87         $comments = $this->commentRepo->getCommentsForPage($pageId, $commentId);
  88
  89         return response()->json(array('success' => true, 'comments'=> $comments));
  90     }
  91 }