X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/0bda5554dd4323c7fecd5004111260978dfa4f1d..refs/pull/261/head:/app/Http/Controllers/CommentController.php

diff --git a/app/Http/Controllers/CommentController.php b/app/Http/Controllers/CommentController.php
index 29ccdf5a7..e8d5eab30 100644
--- a/app/Http/Controllers/CommentController.php
+++ b/app/Http/Controllers/CommentController.php
@@ -5,7 +5,6 @@ use BookStack\Repos\EntityRepo;
 use BookStack\Comment;
 use Illuminate\Http\Request;
 
-// delete  -checkOwnablePermission \
 class CommentController extends Controller
 {
     protected $entityRepo;
@@ -67,6 +66,14 @@ class CommentController extends Controller
     public function destroy($id) {
         $comment = $this->comment->findOrFail($id);
         $this->checkOwnablePermission('comment-delete', $comment);
+        $this->commentRepo->delete($comment);
+        $updatedComment = $this->commentRepo->getCommentById($comment->id);
+
+        return response()->json([
+            'status' => 'success',
+            'message' => trans('entities.comment_deleted'),
+            'comment' => $updatedComment
+        ]);
     }
 
 
@@ -77,17 +84,16 @@ class CommentController extends Controller
             return response('Not found', 404);
         }
 
-        if($page->draft) {
-            // cannot add comments to drafts.
-            return response()->json([
-                'status' => 'error',
-                'message' => trans('errors.no_comments_for_draft'),
-            ], 400);
-        }
-
         $this->checkOwnablePermission('page-view', $page);
 
         $comments = $this->commentRepo->getPageComments($pageId);
-        return response()->json(['success' => true, 'comments'=> $comments['comments'], 'total' => $comments['total']]);
+        return response()->json(['status' => 'success', 'comments'=> $comments['comments'],
+            'total' => $comments['total'], 'permissions' => [
+                'comment_create' => $this->currentUser->can('comment-create-all'),
+                'comment_update_own' => $this->currentUser->can('comment-update-own'),
+                'comment_update_all' => $this->currentUser->can('comment-update-all'),
+                'comment_delete_all' => $this->currentUser->can('comment-delete-all'),
+                'comment_delete_own' => $this->currentUser->can('comment-delete-own'),
+            ], 'user_id' => $this->currentUser->id]);
     }
 }