BookStack Code Mirror - bookstack/blob - app/Http/Controllers/CommentController.php

   1 <?php namespace BookStack\Http\Controllers;
   2
   3 use BookStack\Repos\CommentRepo;
   4 use BookStack\Repos\EntityRepo;
   5 use BookStack\Comment;
   6 use Illuminate\Http\Request;
   7
   8 // delete  -checkOwnablePermission \
   9 class CommentController extends Controller
  10 {
  11     protected $entityRepo;
  12
  13     public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo, Comment $comment)
  14     {
  15         $this->entityRepo = $entityRepo;
  16         $this->commentRepo = $commentRepo;
  17         $this->comment = $comment;
  18         parent::__construct();
  19     }
  20
  21     public function save(Request $request, $pageId, $commentId = null)
  22     {
  23         $this->validate($request, [
  24             'text' => 'required|string',
  25             'html' => 'required|string',
  26         ]);
  27
  28         try {
  29             $page = $this->entityRepo->getById('page', $pageId, true);
  30         } catch (ModelNotFoundException $e) {
  31             return response('Not found', 404);
  32         }
  33
  34         if($page->draft) {
  35             // cannot add comments to drafts.
  36             return response()->json([
  37                 'status' => 'error',
  38                 'message' => trans('errors.cannot_add_comment_to_draft'),
  39             ], 400);
  40         }
  41
  42         $this->checkOwnablePermission('page-view', $page);
  43         if (empty($commentId)) {
  44             // create a new comment.
  45             $this->checkPermission('comment-create-all');
  46             $comment = $this->commentRepo->create($page, $request->only(['text', 'html', 'parent_id']));
  47             $respMsg = trans('entities.comment_created');
  48         } else {
  49             // update existing comment
  50             // get comment by ID and check if this user has permission to update.
  51             $comment = $this->comment->findOrFail($commentId);
  52             $this->checkOwnablePermission('comment-update', $comment);
  53             $this->commentRepo->update($comment, $request->all());
  54             $respMsg = trans('entities.comment_updated');
  55         }
  56
  57         $comment = $this->commentRepo->getCommentById($comment->id);
  58
  59         return response()->json([
  60             'status'    => 'success',
  61             'message'   => $respMsg,
  62             'comment'   => $comment
  63         ]);
  64
  65     }
  66
  67     public function destroy($id) {
  68         $comment = $this->comment->findOrFail($id);
  69         $this->checkOwnablePermission('comment-delete', $comment);
  70     }
  71
  72
  73     public function getPageComments($pageId) {
  74         try {
  75             $page = $this->entityRepo->getById('page', $pageId, true);
  76         } catch (ModelNotFoundException $e) {
  77             return response('Not found', 404);
  78         }
  79
  80         if($page->draft) {
  81             // cannot add comments to drafts.
  82             return response()->json([
  83                 'status' => 'error',
  84                 'message' => trans('errors.no_comments_for_draft'),
  85             ], 400);
  86         }
  87
  88         $this->checkOwnablePermission('page-view', $page);
  89
  90         $comments = $this->commentRepo->getPageComments($pageId);
  91         return response()->json(['success' => true, 'comments'=> $comments['comments'], 'total' => $comments['total']]);
  92     }
  93 }