BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/CommentController.php

<?php namespace BookStack\Http\Controllers;

+use Activity;

use BookStack\Repos\CommentRepo;

use BookStack\Repos\EntityRepo;

use BookStack\Repos\CommentRepo;

use BookStack\Repos\EntityRepo;

-use BookStack\Comment;

+use Illuminate\Database\Eloquent\ModelNotFoundException;

use Illuminate\Http\Request;

-// delete -checkOwnablePermission \

class CommentController extends Controller

{

protected $entityRepo;

class CommentController extends Controller

{

protected $entityRepo;

+ protected $commentRepo;

- public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo, Comment $comment)

+ /**

+ * CommentController constructor.

+ * @param EntityRepo $entityRepo

+ * @param CommentRepo $commentRepo

+ */

+ public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo)

{

$this->entityRepo = $entityRepo;

$this->commentRepo = $commentRepo;

{

$this->entityRepo = $entityRepo;

$this->commentRepo = $commentRepo;

- $this->comment = $comment;

parent::__construct();

}

parent::__construct();

}

- public function save(Request $request, $pageId, $commentId = null)

+ /**

+ * Save a new comment for a Page

+ * @param Request $request

+ * @param integer $pageId

+ * @param null|integer $commentId

+ * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response

+ */

+ public function savePageComment(Request $request, $pageId, $commentId = null)

{

$this->validate($request, [

'text' => 'required|string',

{

$this->validate($request, [

'text' => 'required|string',

return response('Not found', 404);

}

return response('Not found', 404);

}

- if($page->draft) {

- // cannot add comments to drafts.

- return response()->json([

- 'status' => 'error',

- 'message' => trans('errors.cannot_add_comment_to_draft'),

- ], 400);

- }

-

$this->checkOwnablePermission('page-view', $page);

- if (empty($commentId)) {

- // create a new comment.

- $this->checkPermission('comment-create-all');

- $comment = $this->commentRepo->create($page, $request->only(['text', 'html', 'parent_id']));

- $respMsg = trans('entities.comment_created');

- } else {

- // update existing comment

- // get comment by ID and check if this user has permission to update.

- $comment = $this->comment->findOrFail($commentId);

- $this->checkOwnablePermission('comment-update', $comment);

- $this->commentRepo->update($comment, $request->all());

- $respMsg = trans('entities.comment_updated');

- }

-

- return response()->json([

- 'status' => 'success',

- 'message' => $respMsg

- ]);

-

- }

- public function destroy($id) {

- $comment = $this->comment->findOrFail($id);

- $this->checkOwnablePermission('comment-delete', $comment);

+ // Prevent adding comments to draft pages

+ if ($page->draft) {

+ return $this->jsonError(trans('errors.cannot_add_comment_to_draft'), 400);

+ }

- //

+ // Create a new comment.

+ $this->checkPermission('comment-create-all');

+ $comment = $this->commentRepo->create($page, $request->only(['html', 'text', 'parent_id']));

+ Activity::add($page, 'commented_on', $page->book->id);

+ return view('comments/comment', ['comment' => $comment]);

}

- public function getCommentThread($pageId, $commentId = null) {

- try {

- $page = $this->entityRepo->getById('page', $pageId, true);

- } catch (ModelNotFoundException $e) {

- return response('Not found', 404);

- }

+ /**

+ * Update an existing comment.

+ * @param Request $request

+ * @param integer $commentId

+ * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View

+ */

+ public function update(Request $request, $commentId)

+ {

+ $this->validate($request, [

+ 'text' => 'required|string',

+ 'html' => 'required|string',

+ ]);

- if($page->draft) {

- // cannot add comments to drafts.

- return response()->json([

- 'status' => 'error',

- 'message' => trans('errors.no_comments_for_draft'),

- ], 400);

- }

+ $comment = $this->commentRepo->getById($commentId);

+ $this->checkOwnablePermission('page-view', $comment->entity);

+ $this->checkOwnablePermission('comment-update', $comment);

- $this->checkOwnablePermission('page-view', $page);

+ $comment = $this->commentRepo->update($comment, $request->only(['html', 'text']));

+ return view('comments/comment', ['comment' => $comment]);

+ }

- $comments = $this->commentRepo->getCommentsForPage($pageId, $commentId);

- if (empty($commentId)) {

- // requesting for parent level comments, send the total count as well.

- $totalComments = $this->commentRepo->getCommentCount($pageId);

- return response()->json(['success' => true, 'comments'=> $comments, 'total' => $totalComments]);

- }

- return response()->json(['success' => true, 'comments'=> $comments]);

+ /**

+ * Delete a comment from the system.

+ * @param integer $id

+ * @return \Illuminate\Http\JsonResponse

+ */

+ public function destroy($id)

+ {

+ $comment = $this->commentRepo->getById($id);

+ $this->checkOwnablePermission('comment-delete', $comment);

+ $this->commentRepo->delete($comment);

+ return response()->json(['message' => trans('entities.comment_deleted')]);

}