BookStack Code Mirror - bookstack/blob - app/Http/Controllers/CommentController.php

   1 <?php namespace BookStack\Http\Controllers;
   2
   3 use BookStack\Repos\CommentRepo;
   4 use BookStack\Repos\EntityRepo;
   5 use Illuminate\Database\Eloquent\ModelNotFoundException;
   6 use Illuminate\Http\Request;
   7
   8 class CommentController extends Controller
   9 {
  10     protected $entityRepo;
  11     protected $commentRepo;
  12
  13     /**
  14      * CommentController constructor.
  15      * @param EntityRepo $entityRepo
  16      * @param CommentRepo $commentRepo
  17      */
  18     public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo)
  19     {
  20         $this->entityRepo = $entityRepo;
  21         $this->commentRepo = $commentRepo;
  22         parent::__construct();
  23     }
  24
  25     /**
  26      * Save a new comment for a Page
  27      * @param Request $request
  28      * @param integer $pageId
  29      * @param null|integer $commentId
  30      * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response
  31      */
  32     public function savePageComment(Request $request, $pageId, $commentId = null)
  33     {
  34         $this->validate($request, [
  35             'text' => 'required|string',
  36             'html' => 'required|string',
  37         ]);
  38
  39         try {
  40             $page = $this->entityRepo->getById('page', $pageId, true);
  41         } catch (ModelNotFoundException $e) {
  42             return response('Not found', 404);
  43         }
  44
  45         $this->checkOwnablePermission('page-view', $page);
  46
  47         // Prevent adding comments to draft pages
  48         if ($page->draft) {
  49             return $this->jsonError(trans('errors.cannot_add_comment_to_draft'), 400);
  50         }
  51
  52         // Create a new comment.
  53         $this->checkPermission('comment-create-all');
  54         $comment = $this->commentRepo->create($page, $request->all());
  55         return view('comments/comment', ['comment' => $comment]);
  56     }
  57
  58     /**
  59      * Update an existing comment.
  60      * @param Request $request
  61      * @param integer $commentId
  62      * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
  63      */
  64     public function update(Request $request, $commentId)
  65     {
  66         $this->validate($request, [
  67             'text' => 'required|string',
  68             'html' => 'required|string',
  69         ]);
  70
  71         $comment = $this->commentRepo->getById($commentId);
  72         $this->checkOwnablePermission('page-view', $comment->entity);
  73         $this->checkOwnablePermission('comment-update', $comment);
  74
  75         $comment = $this->commentRepo->update($comment, $request->all());
  76         return view('comments/comment', ['comment' => $comment]);
  77     }
  78
  79     /**
  80      * Delete a comment from the system.
  81      * @param integer $id
  82      * @return \Illuminate\Http\JsonResponse
  83      */
  84     public function destroy($id)
  85     {
  86         $comment = $this->commentRepo->getById($id);
  87         $this->checkOwnablePermission('comment-delete', $comment);
  88         $this->commentRepo->delete($comment);
  89         return response()->json(['message' => trans('entities.comment_deleted')]);
  90     }
  91 }