BookStack Code Mirror - bookstack/blob - app/Activity/Controllers/CommentController.php

   1 <?php
   2
   3 namespace BookStack\Activity\Controllers;
   4
   5 use BookStack\Activity\CommentRepo;
   6 use BookStack\Entities\Models\Page;
   7 use BookStack\Entities\Queries\PageQueries;
   8 use BookStack\Http\Controller;
   9 use Illuminate\Http\Request;
  10 use Illuminate\Validation\ValidationException;
  11
  12 class CommentController extends Controller
  13 {
  14     public function __construct(
  15         protected CommentRepo $commentRepo,
  16         protected PageQueries $pageQueries,
  17     ) {
  18     }
  19
  20     /**
  21      * Save a new comment for a Page.
  22      *
  23      * @throws ValidationException
  24      */
  25     public function savePageComment(Request $request, int $pageId)
  26     {
  27         $input = $this->validate($request, [
  28             'html'      => ['required', 'string'],
  29             'parent_id' => ['nullable', 'integer'],
  30         ]);
  31
  32         $page = $this->pageQueries->findVisibleById($pageId);
  33         if ($page === null) {
  34             return response('Not found', 404);
  35         }
  36
  37         // Prevent adding comments to draft pages
  38         if ($page->draft) {
  39             return $this->jsonError(trans('errors.cannot_add_comment_to_draft'), 400);
  40         }
  41
  42         // Create a new comment.
  43         $this->checkPermission('comment-create-all');
  44         $comment = $this->commentRepo->create($page, $input['html'], $input['parent_id'] ?? null);
  45
  46         return view('comments.comment-branch', [
  47             'readOnly' => false,
  48             'branch' => [
  49                 'comment' => $comment,
  50                 'children' => [],
  51             ]
  52         ]);
  53     }
  54
  55     /**
  56      * Update an existing comment.
  57      *
  58      * @throws ValidationException
  59      */
  60     public function update(Request $request, int $commentId)
  61     {
  62         $input = $this->validate($request, [
  63             'html' => ['required', 'string'],
  64         ]);
  65
  66         $comment = $this->commentRepo->getById($commentId);
  67         $this->checkOwnablePermission('page-view', $comment->entity);
  68         $this->checkOwnablePermission('comment-update', $comment);
  69
  70         $comment = $this->commentRepo->update($comment, $input['html']);
  71
  72         return view('comments.comment', [
  73             'comment' => $comment,
  74             'readOnly' => false,
  75         ]);
  76     }
  77
  78     /**
  79      * Delete a comment from the system.
  80      */
  81     public function destroy(int $id)
  82     {
  83         $comment = $this->commentRepo->getById($id);
  84         $this->checkOwnablePermission('comment-delete', $comment);
  85
  86         $this->commentRepo->delete($comment);
  87
  88         return response()->json(['message' => trans('entities.comment_deleted')]);
  89     }
  90 }