]> BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/CommentController.php
#47 - Fixes the issues with the test case.
[bookstack] / app / Http / Controllers / CommentController.php
index de97169a8791946a6bbfb9e43a68b1f270e93105..e8d5eab309a577fe1c4dbcd81a04a2fd96b4954f 100644 (file)
@@ -1,33 +1,99 @@
-<?php
-
-namespace BookStack\Http\Controllers;
+<?php namespace BookStack\Http\Controllers;
 
+use BookStack\Repos\CommentRepo;
+use BookStack\Repos\EntityRepo;
+use BookStack\Comment;
 use Illuminate\Http\Request;
 
-use BookStack\Http\Requests;
-
 class CommentController extends Controller
 {
-    
-    public function add(Request $request, $pageId) {
-        // $this->checkOwnablePermission('page-view', $page);
+    protected $entityRepo;
+
+    public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo, Comment $comment)
+    {
+        $this->entityRepo = $entityRepo;
+        $this->commentRepo = $commentRepo;
+        $this->comment = $comment;
+        parent::__construct();
     }
-    
-    public function update(Request $request, $id) {
-        // Check whether its an admin or the comment owner.
-        // $this->checkOwnablePermission('page-view', $page);
+
+    public function save(Request $request, $pageId, $commentId = null)
+    {
+        $this->validate($request, [
+            'text' => 'required|string',
+            'html' => 'required|string',
+        ]);
+
+        try {
+            $page = $this->entityRepo->getById('page', $pageId, true);
+        } catch (ModelNotFoundException $e) {
+            return response('Not found', 404);
+        }
+
+        if($page->draft) {
+            // cannot add comments to drafts.
+            return response()->json([
+                'status' => 'error',
+                'message' => trans('errors.cannot_add_comment_to_draft'),
+            ], 400);
+        }
+
+        $this->checkOwnablePermission('page-view', $page);
+        if (empty($commentId)) {
+            // create a new comment.
+            $this->checkPermission('comment-create-all');
+            $comment = $this->commentRepo->create($page, $request->only(['text', 'html', 'parent_id']));
+            $respMsg = trans('entities.comment_created');
+        } else {
+            // update existing comment
+            // get comment by ID and check if this user has permission to update.
+            $comment = $this->comment->findOrFail($commentId);
+            $this->checkOwnablePermission('comment-update', $comment);
+            $this->commentRepo->update($comment, $request->all());
+            $respMsg = trans('entities.comment_updated');
+        }
+
+        $comment = $this->commentRepo->getCommentById($comment->id);
+
+        return response()->json([
+            'status'    => 'success',
+            'message'   => $respMsg,
+            'comment'   => $comment
+        ]);
+
     }
-    
+
     public function destroy($id) {
-        // Check whether its an admin or the comment owner.
-        // $this->checkOwnablePermission('page-view', $page);
-    }
-    
-    public function getLastXComments($pageId) {
-        // $this->checkOwnablePermission('page-view', $page);
+        $comment = $this->comment->findOrFail($id);
+        $this->checkOwnablePermission('comment-delete', $comment);
+        $this->commentRepo->delete($comment);
+        $updatedComment = $this->commentRepo->getCommentById($comment->id);
+
+        return response()->json([
+            'status' => 'success',
+            'message' => trans('entities.comment_deleted'),
+            'comment' => $updatedComment
+        ]);
     }
-    
-    public function getChildComments($pageId, $id) {
-        // $this->checkOwnablePermission('page-view', $page);
+
+
+    public function getPageComments($pageId) {
+        try {
+            $page = $this->entityRepo->getById('page', $pageId, true);
+        } catch (ModelNotFoundException $e) {
+            return response('Not found', 404);
+        }
+
+        $this->checkOwnablePermission('page-view', $page);
+
+        $comments = $this->commentRepo->getPageComments($pageId);
+        return response()->json(['status' => 'success', 'comments'=> $comments['comments'],
+            'total' => $comments['total'], 'permissions' => [
+                'comment_create' => $this->currentUser->can('comment-create-all'),
+                'comment_update_own' => $this->currentUser->can('comment-update-own'),
+                'comment_update_all' => $this->currentUser->can('comment-update-all'),
+                'comment_delete_all' => $this->currentUser->can('comment-delete-all'),
+                'comment_delete_own' => $this->currentUser->can('comment-delete-own'),
+            ], 'user_id' => $this->currentUser->id]);
     }
 }