X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/b3d4c199aefd6066c444898eada3c8bb43dc5cb5..refs/pull/261/head:/app/Http/Controllers/CommentController.php diff --git a/app/Http/Controllers/CommentController.php b/app/Http/Controllers/CommentController.php index 3df441766..e8d5eab30 100644 --- a/app/Http/Controllers/CommentController.php +++ b/app/Http/Controllers/CommentController.php @@ -2,22 +2,22 @@ use BookStack\Repos\CommentRepo; use BookStack\Repos\EntityRepo; +use BookStack\Comment; use Illuminate\Http\Request; -use Views; -// delete -checkOwnablePermission \ class CommentController extends Controller { protected $entityRepo; - public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo) + public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo, Comment $comment) { $this->entityRepo = $entityRepo; $this->commentRepo = $commentRepo; + $this->comment = $comment; parent::__construct(); } - public function save(Request $request, $pageId, $commentId) + public function save(Request $request, $pageId, $commentId = null) { $this->validate($request, [ 'text' => 'required|string', @@ -43,49 +43,57 @@ class CommentController extends Controller // create a new comment. $this->checkPermission('comment-create-all'); $comment = $this->commentRepo->create($page, $request->only(['text', 'html', 'parent_id'])); - $respMsg = trans('entities.comment_created'); + $respMsg = trans('entities.comment_created'); } else { // update existing comment - // get comment by ID and check if this user has permission to update. + // get comment by ID and check if this user has permission to update. $comment = $this->comment->findOrFail($commentId); $this->checkOwnablePermission('comment-update', $comment); $this->commentRepo->update($comment, $request->all()); $respMsg = trans('entities.comment_updated'); } + $comment = $this->commentRepo->getCommentById($comment->id); + return response()->json([ 'status' => 'success', - 'message' => $respMsg + 'message' => $respMsg, + 'comment' => $comment ]); } - + public function destroy($id) { $comment = $this->comment->findOrFail($id); $this->checkOwnablePermission('comment-delete', $comment); + $this->commentRepo->delete($comment); + $updatedComment = $this->commentRepo->getCommentById($comment->id); - // + return response()->json([ + 'status' => 'success', + 'message' => trans('entities.comment_deleted'), + 'comment' => $updatedComment + ]); } - public function getComments($pageId, $commentId = null) { + + public function getPageComments($pageId) { try { $page = $this->entityRepo->getById('page', $pageId, true); } catch (ModelNotFoundException $e) { return response('Not found', 404); } - - if($page->draft) { - // cannot add comments to drafts. - return response()->json([ - 'status' => 'error', - 'message' => trans('errors.no_comments_for_draft'), - ], 400); - } - + $this->checkOwnablePermission('page-view', $page); - - $comments = $this->commentRepo->getCommentsForPage($pageId, $commentId); - - return response()->json(array('success' => true, 'comments'=> $comments)); + + $comments = $this->commentRepo->getPageComments($pageId); + return response()->json(['status' => 'success', 'comments'=> $comments['comments'], + 'total' => $comments['total'], 'permissions' => [ + 'comment_create' => $this->currentUser->can('comment-create-all'), + 'comment_update_own' => $this->currentUser->can('comment-update-own'), + 'comment_update_all' => $this->currentUser->can('comment-update-all'), + 'comment_delete_all' => $this->currentUser->can('comment-delete-all'), + 'comment_delete_own' => $this->currentUser->can('comment-delete-own'), + ], 'user_id' => $this->currentUser->id]); } }