X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/79cfd39fde89ee4889c44954ddad9afd84ee9f1d..refs/pull/3656/head:/app/Http/Controllers/CommentController.php

diff --git a/app/Http/Controllers/CommentController.php b/app/Http/Controllers/CommentController.php
index e8d5eab30..9804f6d39 100644
--- a/app/Http/Controllers/CommentController.php
+++ b/app/Http/Controllers/CommentController.php
@@ -1,99 +1,80 @@
-<?php namespace BookStack\Http\Controllers;
+<?php
 
-use BookStack\Repos\CommentRepo;
-use BookStack\Repos\EntityRepo;
-use BookStack\Comment;
+namespace BookStack\Http\Controllers;
+
+use BookStack\Actions\CommentRepo;
+use BookStack\Entities\Models\Page;
 use Illuminate\Http\Request;
+use Illuminate\Validation\ValidationException;
 
 class CommentController extends Controller
 {
-    protected $entityRepo;
+    protected $commentRepo;
 
-    public function __construct(EntityRepo $entityRepo, CommentRepo $commentRepo, Comment $comment)
+    public function __construct(CommentRepo $commentRepo)
     {
-        $this->entityRepo = $entityRepo;
         $this->commentRepo = $commentRepo;
-        $this->comment = $comment;
-        parent::__construct();
     }
 
-    public function save(Request $request, $pageId, $commentId = null)
+    /**
+     * Save a new comment for a Page.
+     *
+     * @throws ValidationException
+     */
+    public function savePageComment(Request $request, int $pageId)
     {
         $this->validate($request, [
-            'text' => 'required|string',
-            'html' => 'required|string',
+            'text'      => ['required', 'string'],
+            'parent_id' => ['nullable', 'integer'],
         ]);
 
-        try {
-            $page = $this->entityRepo->getById('page', $pageId, true);
-        } catch (ModelNotFoundException $e) {
+        $page = Page::visible()->find($pageId);
+        if ($page === null) {
             return response('Not found', 404);
         }
 
-        if($page->draft) {
-            // cannot add comments to drafts.
-            return response()->json([
-                'status' => 'error',
-                'message' => trans('errors.cannot_add_comment_to_draft'),
-            ], 400);
+        // Prevent adding comments to draft pages
+        if ($page->draft) {
+            return $this->jsonError(trans('errors.cannot_add_comment_to_draft'), 400);
         }
 
-        $this->checkOwnablePermission('page-view', $page);
-        if (empty($commentId)) {
-            // create a new comment.
-            $this->checkPermission('comment-create-all');
-            $comment = $this->commentRepo->create($page, $request->only(['text', 'html', 'parent_id']));
-            $respMsg = trans('entities.comment_created');
-        } else {
-            // update existing comment
-            // get comment by ID and check if this user has permission to update.
-            $comment = $this->comment->findOrFail($commentId);
-            $this->checkOwnablePermission('comment-update', $comment);
-            $this->commentRepo->update($comment, $request->all());
-            $respMsg = trans('entities.comment_updated');
-        }
+        // Create a new comment.
+        $this->checkPermission('comment-create-all');
+        $comment = $this->commentRepo->create($page, $request->get('text'), $request->get('parent_id'));
 
-        $comment = $this->commentRepo->getCommentById($comment->id);
+        return view('comments.comment', ['comment' => $comment]);
+    }
 
-        return response()->json([
-            'status'    => 'success',
-            'message'   => $respMsg,
-            'comment'   => $comment
+    /**
+     * Update an existing comment.
+     *
+     * @throws ValidationException
+     */
+    public function update(Request $request, int $commentId)
+    {
+        $this->validate($request, [
+            'text' => ['required', 'string'],
         ]);
 
-    }
+        $comment = $this->commentRepo->getById($commentId);
+        $this->checkOwnablePermission('page-view', $comment->entity);
+        $this->checkOwnablePermission('comment-update', $comment);
 
-    public function destroy($id) {
-        $comment = $this->comment->findOrFail($id);
-        $this->checkOwnablePermission('comment-delete', $comment);
-        $this->commentRepo->delete($comment);
-        $updatedComment = $this->commentRepo->getCommentById($comment->id);
+        $comment = $this->commentRepo->update($comment, $request->get('text'));
 
-        return response()->json([
-            'status' => 'success',
-            'message' => trans('entities.comment_deleted'),
-            'comment' => $updatedComment
-        ]);
+        return view('comments.comment', ['comment' => $comment]);
     }
 
+    /**
+     * Delete a comment from the system.
+     */
+    public function destroy(int $id)
+    {
+        $comment = $this->commentRepo->getById($id);
+        $this->checkOwnablePermission('comment-delete', $comment);
 
-    public function getPageComments($pageId) {
-        try {
-            $page = $this->entityRepo->getById('page', $pageId, true);
-        } catch (ModelNotFoundException $e) {
-            return response('Not found', 404);
-        }
+        $this->commentRepo->delete($comment);
 
-        $this->checkOwnablePermission('page-view', $page);
-
-        $comments = $this->commentRepo->getPageComments($pageId);
-        return response()->json(['status' => 'success', 'comments'=> $comments['comments'],
-            'total' => $comments['total'], 'permissions' => [
-                'comment_create' => $this->currentUser->can('comment-create-all'),
-                'comment_update_own' => $this->currentUser->can('comment-update-own'),
-                'comment_update_all' => $this->currentUser->can('comment-update-all'),
-                'comment_delete_all' => $this->currentUser->can('comment-delete-all'),
-                'comment_delete_own' => $this->currentUser->can('comment-delete-own'),
-            ], 'user_id' => $this->currentUser->id]);
+        return response()->json(['message' => trans('entities.comment_deleted')]);
     }
 }