BookStack Code Mirror - bookstack/blobdiff - app/Activity/Controllers/CommentController.php

index 7a290ebabc526969ae38232be72982c8af953f30..f61a2c8df6ec81d1a58dd01412d0f54a5031cb0c 100644 (file)

--- a/app/Activity/Controllers/CommentController.php

+++ b/app/Activity/Controllers/CommentController.php

@@ -3,8 +3,11 @@

namespace BookStack\Activity\Controllers;

use BookStack\Activity\CommentRepo;

+use BookStack\Activity\Tools\CommentTree;

+use BookStack\Activity\Tools\CommentTreeNode;

use BookStack\Entities\Queries\PageQueries;

use BookStack\Http\Controller;

+use BookStack\Permissions\Permission;

use Illuminate\Http\Request;

use Illuminate\Validation\ValidationException;

@@ -19,7 +22,7 @@ class CommentController extends Controller

/**

* Save a new comment for a Page.

- * @throws ValidationException

+ * @throws ValidationException|\Exception

public function savePageComment(Request $request, int $pageId)

{

@@ -34,21 +37,14 @@ class CommentController extends Controller

return response('Not found', 404);

}

- // Prevent adding comments to draft pages

- if ($page->draft) {

- return $this->jsonError(trans('errors.cannot_add_comment_to_draft'), 400);

- }

// Create a new comment.

- $this->checkPermission('comment-create-all');

- $comment = $this->commentRepo->create($page, $input['html'], $input['parent_id'] ?? null, $input['content_ref']);

+ $this->checkPermission(Permission::CommentCreateAll);

+ $contentRef = $input['content_ref'] ?? '';

+ $comment = $this->commentRepo->create($page, $input['html'], $input['parent_id'] ?? null, $contentRef);

return view('comments.comment-branch', [

'readOnly' => false,

- 'branch' => [

- 'comment' => $comment,

- 'children' => [],

- ]

+ 'branch' => new CommentTreeNode($comment, 0, []),

]);

}

@@ -64,8 +60,8 @@ class CommentController extends Controller

]);

$comment = $this->commentRepo->getById($commentId);

- $this->checkOwnablePermission('page-view', $comment->entity);

- $this->checkOwnablePermission('comment-update', $comment);

+ $this->checkOwnablePermission(Permission::PageView, $comment->entity);

+ $this->checkOwnablePermission(Permission::CommentUpdate, $comment);

$comment = $this->commentRepo->update($comment, $input['html']);

@@ -81,15 +77,17 @@ class CommentController extends Controller

public function archive(int $id)

{

$comment = $this->commentRepo->getById($id);

- if (!userCan('comment-update', $comment) && !userCan('comment-delete', $comment)) {

+ $this->checkOwnablePermission(Permission::PageView, $comment->entity);

+ if (!userCan(Permission::CommentUpdate, $comment) && !userCan(Permission::CommentDelete, $comment)) {

$this->showPermissionError();

}

$this->commentRepo->archive($comment);

- return view('comments.comment', [

- 'comment' => $comment,

+ $tree = new CommentTree($comment->entity);

+ return view('comments.comment-branch', [

'readOnly' => false,

+ 'branch' => $tree->getCommentNodeForId($id),

]);

}

@@ -99,15 +97,17 @@ class CommentController extends Controller

public function unarchive(int $id)

{

$comment = $this->commentRepo->getById($id);

- if (!userCan('comment-update', $comment) && !userCan('comment-delete', $comment)) {

+ $this->checkOwnablePermission(Permission::PageView, $comment->entity);

+ if (!userCan(Permission::CommentUpdate, $comment) && !userCan(Permission::CommentDelete, $comment)) {

$this->showPermissionError();

}

$this->commentRepo->unarchive($comment);

- return view('comments.comment', [

- 'comment' => $comment,

+ $tree = new CommentTree($comment->entity);

+ return view('comments.comment-branch', [

'readOnly' => false,

+ 'branch' => $tree->getCommentNodeForId($id),

]);

}

@@ -117,7 +117,7 @@ class CommentController extends Controller

public function destroy(int $id)

{

$comment = $this->commentRepo->getById($id);

- $this->checkOwnablePermission('comment-delete', $comment);

+ $this->checkOwnablePermission(Permission::CommentDelete, $comment);

$this->commentRepo->delete($comment);