BookStack Code Mirror - bookstack/blob - app/Http/Controllers/CommentController.php

   1 <?php namespace BookStack\Http\Controllers;
   2
   3 use Activity;
   4 use BookStack\Actions\CommentRepo;
   5 use BookStack\Entities\Repos\EntityRepo;
   6 use Illuminate\Database\Eloquent\ModelNotFoundException;
   7 use Illuminate\Http\Request;
   8
   9 class CommentController extends Controller
  10 {
  11     protected $entityRepo;
  12     protected $commentRepo;
  13
  14     /**
  15      * CommentController constructor.
  16      * @param \BookStack\Entities\Repos\EntityRepo $entityRepo
  17      * @param \BookStack\Actions\CommentRepo $commentRepo
  18      */
  19     public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo)
  20     {
  21         $this->entityRepo = $entityRepo;
  22         $this->commentRepo = $commentRepo;
  23         parent::__construct();
  24     }
  25
  26     /**
  27      * Save a new comment for a Page
  28      * @param Request $request
  29      * @param integer $pageId
  30      * @param null|integer $commentId
  31      * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response
  32      */
  33     public function savePageComment(Request $request, $pageId, $commentId = null)
  34     {
  35         $this->validate($request, [
  36             'text' => 'required|string',
  37             'html' => 'required|string',
  38         ]);
  39
  40         try {
  41             $page = $this->entityRepo->getById('page', $pageId, true);
  42         } catch (ModelNotFoundException $e) {
  43             return response('Not found', 404);
  44         }
  45
  46         $this->checkOwnablePermission('page-view', $page);
  47
  48         // Prevent adding comments to draft pages
  49         if ($page->draft) {
  50             return $this->jsonError(trans('errors.cannot_add_comment_to_draft'), 400);
  51         }
  52
  53         // Create a new comment.
  54         $this->checkPermission('comment-create-all');
  55         $comment = $this->commentRepo->create($page, $request->only(['html', 'text', 'parent_id']));
  56         Activity::add($page, 'commented_on', $page->book->id);
  57         return view('comments.comment', ['comment' => $comment]);
  58     }
  59
  60     /**
  61      * Update an existing comment.
  62      * @param Request $request
  63      * @param integer $commentId
  64      * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
  65      */
  66     public function update(Request $request, $commentId)
  67     {
  68         $this->validate($request, [
  69             'text' => 'required|string',
  70             'html' => 'required|string',
  71         ]);
  72
  73         $comment = $this->commentRepo->getById($commentId);
  74         $this->checkOwnablePermission('page-view', $comment->entity);
  75         $this->checkOwnablePermission('comment-update', $comment);
  76
  77         $comment = $this->commentRepo->update($comment, $request->only(['html', 'text']));
  78         return view('comments.comment', ['comment' => $comment]);
  79     }
  80
  81     /**
  82      * Delete a comment from the system.
  83      * @param integer $id
  84      * @return \Illuminate\Http\JsonResponse
  85      */
  86     public function destroy($id)
  87     {
  88         $comment = $this->commentRepo->getById($id);
  89         $this->checkOwnablePermission('comment-delete', $comment);
  90         $this->commentRepo->delete($comment);
  91         return response()->json(['message' => trans('entities.comment_deleted')]);
  92     }
  93 }