BookStack Code Mirror - bookstack/blob - app/Http/Controllers/CommentController.php

   1 <?php namespace BookStack\Http\Controllers;
   2
   3 use Activity;
   4 use BookStack\Actions\ActivityType;
   5 use BookStack\Actions\CommentRepo;
   6 use BookStack\Entities\Page;
   7 use Illuminate\Http\Request;
   8 use Illuminate\Validation\ValidationException;
   9
  10 class CommentController extends Controller
  11 {
  12     protected $commentRepo;
  13
  14     public function __construct(CommentRepo $commentRepo)
  15     {
  16         $this->commentRepo = $commentRepo;
  17         parent::__construct();
  18     }
  19
  20     /**
  21      * Save a new comment for a Page
  22      * @throws ValidationException
  23      */
  24     public function savePageComment(Request $request, int $pageId)
  25     {
  26         $this->validate($request, [
  27             'text' => 'required|string',
  28             'parent_id' => 'nullable|integer',
  29         ]);
  30
  31         $page = Page::visible()->find($pageId);
  32         if ($page === null) {
  33             return response('Not found', 404);
  34         }
  35
  36         // Prevent adding comments to draft pages
  37         if ($page->draft) {
  38             return $this->jsonError(trans('errors.cannot_add_comment_to_draft'), 400);
  39         }
  40
  41         // Create a new comment.
  42         $this->checkPermission('comment-create-all');
  43         $comment = $this->commentRepo->create($page, $request->get('text'), $request->get('parent_id'));
  44         return view('comments.comment', ['comment' => $comment]);
  45     }
  46
  47     /**
  48      * Update an existing comment.
  49      * @throws ValidationException
  50      */
  51     public function update(Request $request, int $commentId)
  52     {
  53         $this->validate($request, [
  54             'text' => 'required|string',
  55         ]);
  56
  57         $comment = $this->commentRepo->getById($commentId);
  58         $this->checkOwnablePermission('page-view', $comment->entity);
  59         $this->checkOwnablePermission('comment-update', $comment);
  60
  61         $comment = $this->commentRepo->update($comment, $request->get('text'));
  62         return view('comments.comment', ['comment' => $comment]);
  63     }
  64
  65     /**
  66      * Delete a comment from the system.
  67      */
  68     public function destroy(int $id)
  69     {
  70         $comment = $this->commentRepo->getById($id);
  71         $this->checkOwnablePermission('comment-delete', $comment);
  72
  73         $this->commentRepo->delete($comment);
  74         return response()->json(['message' => trans('entities.comment_deleted')]);
  75     }
  76 }