diff options
author | dartcafe <github@dartcafe.de> | 2020-06-12 20:50:06 +0300 |
---|---|---|
committer | dartcafe <github@dartcafe.de> | 2020-06-12 20:50:06 +0300 |
commit | bfaccd761379d5543f79ce2eda3018e4da1f02f6 (patch) | |
tree | d423b69a5f75240f0cec10e0426da41253a89bfa | |
parent | 1dfa539eb09c6756bae47ea8f09f832b4e5723c3 (diff) |
REST POC - initializing with comments
-rw-r--r-- | appinfo/routes.php | 18 | ||||
-rw-r--r-- | docs/API_v1.0.md | 87 | ||||
-rw-r--r-- | lib/AppInfo/Application.php | 1 | ||||
-rw-r--r-- | lib/Controller/CommentApiController.php | 126 | ||||
-rw-r--r-- | lib/Controller/CommentController.php | 181 | ||||
-rw-r--r-- | lib/Controller/PollController.php | 20 | ||||
-rw-r--r-- | lib/Db/ShareMapper.php | 2 | ||||
-rw-r--r-- | lib/Exception/NotAuthorizedException.php | 34 | ||||
-rw-r--r-- | lib/Service/CommentService.php | 188 | ||||
-rw-r--r-- | src/js/store/modules/subModules/comments.js | 20 |
10 files changed, 478 insertions, 199 deletions
diff --git a/appinfo/routes.php b/appinfo/routes.php index 50a9860c..3288ecd2 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -33,12 +33,10 @@ return [ ['name' => 'subscription#get', 'url' => '/subscription/get/{pollId}', 'verb' => 'GET'], ['name' => 'subscription#set', 'url' => '/subscription/set/', 'verb' => 'POST'], - ['name' => 'comment#getByToken', 'url' => '/comments/get/s/{token}', 'verb' => 'GET'], - ['name' => 'comment#writeByToken', 'url' => '/comment/write/s/', 'verb' => 'POST'], - ['name' => 'comment#get', 'url' => '/comments/get/{pollId}', 'verb' => 'GET'], - ['name' => 'comment#write', 'url' => '/comment/write/', 'verb' => 'POST'], - ['name' => 'comment#delete', 'url' => '/comment/delete/', 'verb' => 'POST'], - ['name' => 'comment#deleteByToken', 'url' => '/comment/delete/s/', 'verb' => 'POST'], + ['name' => 'comment#getByToken', 'url' => '/comments/s/{token}', 'verb' => 'GET'], + ['name' => 'comment#get', 'url' => '/comments/{pollId}', 'verb' => 'GET'], + ['name' => 'comment#add', 'url' => '/comment/add', 'verb' => 'POST'], + ['name' => 'comment#delete', 'url' => '/comment/delete', 'verb' => 'POST'], ['name' => 'vote#getByToken', 'url' => '/votes/get/s/{token}', 'verb' => 'GET'], ['name' => 'vote#setByToken', 'url' => '/vote/set/s/', 'verb' => 'POST'], @@ -72,6 +70,12 @@ return [ ['name' => 'acl#get', 'url' => '/acl/get/{id}', 'verb' => 'GET'], ['name' => 'system#get_site_users_and_groups', 'url' => '/siteusers/get/', 'verb' => 'POST'], - ['name' => 'system#validate_public_username', 'url' => '/check/username', 'verb' => 'POST'] + ['name' => 'system#validate_public_username', 'url' => '/check/username', 'verb' => 'POST'], + + // REST-API calls + ['name' => 'comment_api#get', 'url' => '/api/1.0/comments/{pollId}', 'verb' => 'GET'], + ['name' => 'comment_api#delete', 'url' => '/api/1.0/comments/{commentId}', 'verb' => 'DELETE'], + ['name' => 'comment_api#add', 'url' => '/api/1.0/comments', 'verb' => 'POST'], + ['name' => 'comment_api#preflighted_cors', 'url' => '/api/1.0/comments', 'verb' => 'OPTIONS', 'requirements' => array('path' => '.+')], ] ]; diff --git a/docs/API_v1.0.md b/docs/API_v1.0.md new file mode 100644 index 00000000..193c810e --- /dev/null +++ b/docs/API_v1.0.md @@ -0,0 +1,87 @@ + +To act like a authenticated user, use username:password@ prefix in the URL +Parameters in the body override the URL-parameter + +Base URL for all calls: /index.php/apps/polls/api/1.0/ +Example calls: +* Gets all comments of poll no. 1 +`https://username:password@nextcloud.local/index.php/apps/polls/api/1.0/comments/1` +```bash +curl -u username:password \ + -X GET https://nextcloud.local/index.php/apps/polls/api/1.0/comments/1 +``` + +You can add a Body with the parameters, which overrides the URL-Parameter +`https://username:password@nextcloud.local/index.php/apps/polls/api/1.0/comments/1` + +```json +[ + { + "pollId": 2, + }, + +] +``` + +This will return all comments from poll no. 2 + +```json +[ + { + "token": "X3jXHb8WHLMb9MRg", + }, + +] +``` + +This returns all comments from tzhe poll wich can be called with the token "X3jXHb8WHLMb9MRg" + + +# Comments +## Get comments +### Get all Comments by poll as a nextcloud user +GET `/index.php/apps/polls/api/1.0/comments/{pollId}` + +### Post a comment +POST `/index.php/apps/polls/api/1.0/comments` + +Body +```json +[ + { + "message": "Comment text", + "pollId": 1, + "token": "users's personal token" + }, + +] +``` + +DELETE `/index.php/apps/polls/api/1.0/comments/{commentId}` + +Body +```json +[ + { + "commentId": 123, + "token": "users's personal token" + }, + +] +``` + +### Returns an array of Comment objects +```json +[ + { + "id": 1, + "pollId": 1, + "userId": "Commenter's name", + "dt": "2020-01-21 14:01:01", + "timestamp": 1587468691, + "comment": "message", + "displayName": "Commenters's display name" + }, ... + +] +``` diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php index 309c8f40..7a88db86 100644 --- a/lib/AppInfo/Application.php +++ b/lib/AppInfo/Application.php @@ -31,7 +31,6 @@ namespace OCA\Polls\AppInfo; // use OCA\Polls\Controller\OptionController; // use OCA\Polls\Controller\VoteController; // use OCA\Polls\Controller\ShareController; -// use OCA\Polls\Db\CommentMapper; // use OCA\Polls\Db\OptionMapper; // use OCA\Polls\Db\PollMapper; // use OCA\Polls\Db\NotificationMapper; diff --git a/lib/Controller/CommentApiController.php b/lib/Controller/CommentApiController.php new file mode 100644 index 00000000..31d4d8bc --- /dev/null +++ b/lib/Controller/CommentApiController.php @@ -0,0 +1,126 @@ +<?php +/** + * @copyright Copyright (c) 2017 Vinzenz Rosenkranz <vinzenz.rosenkranz@gmail.com> + * + * @author René Gieling <github@dartcafe.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\Polls\Controller; + +use Exception; + +use OCP\IRequest; +use OCP\ILogger; +use OCP\AppFramework\ApiController; +use OCP\AppFramework\OCS\OCSException; +use OCP\AppFramework\Http; +use OCP\AppFramework\Http\DataResponse; + +use OCA\Polls\Service\CommentService; + + + +class CommentApiController extends ApiController { + + /** + * CommentApiController constructor. + * @param string $appName + * @param IRequest $request + * @param CommentService $commentService + */ + + public function __construct( + string $appName, + IRequest $request, + CommentService $commentService + ) { + parent::__construct($appName, + $request, + 'POST, GET, DELETE', + 'Authorization, Content-Type, Accept', + 1728000); + $this->commentService = $commentService; + } + + /** + * get + * Read all comments of a poll based on the poll id and return list as array + * @NoAdminRequired + * @CORS + * @PublicPage + * @NoCSRFRequired + * @param integer $pollId + * @return DataResponse + */ + public function get($pollId, $token = '') { + return new DataResponse($this->commentService->get($pollId, $token), Http::STATUS_OK); + } + + /** + * Read all comments of a poll based on a share token and return list as array + * @NoAdminRequired + * @CORS + * @NoCSRFRequired + * @PublicPage + * @param string $token + * @return DataResponse + */ + public function getByToken($token) { + return new DataResponse($this->commentService->get(0, $token), Http::STATUS_OK); + } + + /** + * Write a new comment to the db and returns the new comment as array + * @NoAdminRequired + * @CORS + * @NoCSRFRequired + * @PublicPage + * @param int $pollId + * @param string $message + * @param string $token + * @return DataResponse + */ + public function add($message, $pollId, $token) { + try { + return new DataResponse($this->commentService->add($message, $pollId, $token), Http::STATUS_OK); + } catch (Exception $e) { + return new OCSForbiddenException($e); + } + } + + /** + * Delete Comment + * @NoAdminRequired + * @CORS + * @NoCSRFRequired + * @PublicPage + * @param int $commentId + * @param string $token + * @return DataResponse + */ + public function delete($commentId, $token) { + try { + return new DataResponse($this->commentService->delete($commentId, $token), Http::STATUS_OK); + } catch (Exception $e) { + return new DataResponse($e, Http::STATUS_UNAUTHORIZED); + } + + } + +} diff --git a/lib/Controller/CommentController.php b/lib/Controller/CommentController.php index 082bbbb3..17d0de94 100644 --- a/lib/Controller/CommentController.php +++ b/lib/Controller/CommentController.php @@ -24,8 +24,6 @@ namespace OCA\Polls\Controller; use Exception; -use OCP\AppFramework\Db\DoesNotExistException; - use OCP\IRequest; use OCP\ILogger; @@ -33,61 +31,28 @@ use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; -use OCP\IGroupManager; - -use OCA\Polls\Db\Poll; -use OCA\Polls\Db\PollMapper; -use OCA\Polls\Db\Comment; -use OCA\Polls\Db\CommentMapper; -use OCA\Polls\Service\AnonymizeService; -use OCA\Polls\Model\Acl; +use OCA\Polls\Service\CommentService; class CommentController extends Controller { - private $userId; - private $mapper; - private $logger; - - private $groupManager; - private $pollMapper; - private $anonymizer; - private $acl; - /** * CommentController constructor. * @param string $appName - * @param $UserId - * @param CommentMapper $mapper - * @param IGroupManager $groupManager - * @param PollMapper $pollMapper - * @param AnonymizeService $anonymizer - * @param Acl $acl + * @param IRequest $request + * @param CommentService $commentService */ public function __construct( string $appName, - $userId, IRequest $request, - ILogger $logger, - CommentMapper $mapper, - IGroupManager $groupManager, - PollMapper $pollMapper, - AnonymizeService $anonymizer, - Acl $acl + CommentService $commentService ) { parent::__construct($appName, $request); - $this->userId = $userId; - $this->mapper = $mapper; - $this->logger = $logger; - $this->groupManager = $groupManager; - $this->pollMapper = $pollMapper; - $this->anonymizer = $anonymizer; - $this->acl = $acl; + $this->commentService = $commentService; } - /** * get * Read all comments of a poll based on the poll id and return list as array @@ -97,27 +62,10 @@ class CommentController extends Controller { * @return DataResponse */ public function get($pollId) { - - try { - if (!$this->acl->getFoundByToken()) { - $this->acl->setPollId($pollId); - } - - if (!$this->acl->getAllowSeeUsernames()) { - $this->anonymizer->set($pollId, $this->acl->getUserId()); - return new DataResponse((array) $this->anonymizer->getComments(), Http::STATUS_OK); - } else { - return new DataResponse((array) $this->mapper->findByPoll($pollId), Http::STATUS_OK); - } - - } catch (DoesNotExistException $e) { - return new DataResponse($e, Http::STATUS_NOT_FOUND); - } - + return new DataResponse($this->commentService->get($pollId), Http::STATUS_OK); } /** - * getByToken * Read all comments of a poll based on a share token and return list as array * @NoAdminRequired * @NoCSRFRequired @@ -126,136 +74,41 @@ class CommentController extends Controller { * @return DataResponse */ public function getByToken($token) { - - try { - $this->acl->setToken($token); - } catch (DoesNotExistException $e) { - return new DataResponse($e, Http::STATUS_NOT_FOUND); - } - - return $this->get($this->acl->getPollId()); - + return new DataResponse($this->commentService->get(0, $token), Http::STATUS_OK); } /** * Write a new comment to the db and returns the new comment as array * @NoAdminRequired - * @NoCSRFRequired + * @PublicPage * @param int $pollId - * @param string $userId * @param string $message - * @return DataResponse - */ - public function write($pollId, $userId, $message) { - if (!\OC::$server->getUserSession()->isLoggedIn() && !$this->acl->getFoundByToken()) { - $this->logger->alert('not allowed ' . json_encode(\OC::$server->getUserSession()->isLoggedIn())); - return new DataResponse(null, Http::STATUS_UNAUTHORIZED); - } - - if (!$this->acl->getFoundByToken()) { - $this->acl->setPollId($pollId); - } - - if ($this->acl->getAllowComment()) { - $comment = new Comment(); - $comment->setPollId($pollId); - $comment->setUserId($userId); - $comment->setComment($message); - $comment->setDt(date('Y-m-d H:i:s')); - - - try { - $comment = $this->mapper->insert($comment); - } catch (\Exception $e) { - $this->logger->alert('conflict ' . json_encode($e)); - return new DataResponse($e, Http::STATUS_CONFLICT); - } - } else { - $this->logger->alert('unauthorized '); - return new DataResponse(null, Http::STATUS_UNAUTHORIZED); - } - - return new DataResponse($comment, Http::STATUS_OK); - - } - - /** - * writeByToken - * @NoAdminRequired - * @PublicPage - * @NoCSRFRequired - * @param Array $option - * @param string $setTo * @param string $token * @return DataResponse */ - public function writeByToken($token, $message) { - + public function add($message, $pollId, $token) { try { - $this->acl->setToken($token); - return $this->write($this->acl->getPollId(), $this->acl->getUserId(), $message); - - } catch (DoesNotExistException $e) { - return new DataResponse($e, Http::STATUS_NOT_FOUND); + return new DataResponse($this->commentService->add($message, $pollId, $token), Http::STATUS_OK); + } catch (Exception $e) { + return new DataResponse($e, Http::STATUS_UNAUTHORIZED); } - - } - /** - * delete * Delete Comment - * @NoCSRFRequired - * @NoAdminRequired - * @param int $pollId - * @param string $message - * @return DataResponse - */ - public function delete($comment) { - if (!\OC::$server->getUserSession()->isLoggedIn() && !$this->acl->getFoundByToken()) { - return new DataResponse(null, Http::STATUS_UNAUTHORIZED); - } - - if (!$this->acl->getFoundByToken()) { - $this->acl->setPollId($comment['pollId']); - } - - try { - if ($comment['userId'] === $this->acl->getUserId()) { - $comment = $this->mapper->find($comment['id']); - $comment = $this->mapper->delete($comment); - } - } catch (\Exception $e) { - return new DataResponse($e, Http::STATUS_CONFLICT); - } - - return new DataResponse(['comment' => $comment], Http::STATUS_OK); - - } - - /** - * writeByToken * @NoAdminRequired * @PublicPage - * @NoCSRFRequired - * @param Array $option - * @param string $setTo + * @param int $commentId * @param string $token * @return DataResponse */ - public function deleteByToken($token, $comment) { - + public function delete($commentId, $token) { try { - $this->acl->setToken($token); - return $this->delete($comment); - - } catch (DoesNotExistException $e) { - return new DataResponse($e, Http::STATUS_NOT_FOUND); + return new DataResponse($this->commentService->delete($commentId, $token), Http::STATUS_OK); + } catch (Exception $e) { + return new DataResponse($e, Http::STATUS_UNAUTHORIZED); } - - } } diff --git a/lib/Controller/PollController.php b/lib/Controller/PollController.php index b3494c4c..4542713a 100644 --- a/lib/Controller/PollController.php +++ b/lib/Controller/PollController.php @@ -38,8 +38,6 @@ use OCP\IUserManager; use OCP\Security\ISecureRandom; - use OCA\Polls\Db\Comment; - use OCA\Polls\Db\CommentMapper; use OCA\Polls\Db\Poll; use OCA\Polls\Db\PollMapper; use OCA\Polls\Db\Option; @@ -48,15 +46,15 @@ use OCA\Polls\Db\ShareMapper; use OCA\Polls\Db\Vote; use OCA\Polls\Db\VoteMapper; + use OCA\Polls\Service\AnonymizeService; + use OCA\Polls\Service\CommentService; use OCA\Polls\Service\LogService; use OCA\Polls\Service\MailService; - use OCA\Polls\Service\AnonymizeService; use OCA\Polls\Model\Acl; class PollController extends Controller { private $userId; - private $commentMapper; private $pollMapper; private $optionMapper; private $shareMapper; @@ -66,13 +64,14 @@ private $groupManager; private $userManager; private $poll; + private $anonymizer; private $logService; + private $commentService; private $mailService; - private $anonymizer; private $acl; /** - * CommentController constructor. + * PollController constructor. * @param string $appName * @param $userId * @param IRequest $request @@ -85,6 +84,7 @@ * @param LogService $logService * @param MailService $mailService * @param AnonymizeService $anonymizer + * @param CommentService $commentService * @param Acl $acl */ @@ -94,7 +94,6 @@ IRequest $request, ILogger $logger, IL10N $trans, - CommentMapper $commentMapper, OptionMapper $optionMapper, PollMapper $pollMapper, ShareMapper $shareMapper, @@ -104,13 +103,13 @@ IUserManager $userManager, LogService $logService, MailService $mailService, + CommentService $commentService, AnonymizeService $anonymizer, Acl $acl ) { parent::__construct($appName, $request); $this->userId = $userId; $this->trans = $trans; - $this->commentMapper = $commentMapper; $this->pollMapper = $pollMapper; $this->optionMapper = $optionMapper; $this->shareMapper = $shareMapper; @@ -121,6 +120,7 @@ $this->poll = $poll; $this->logService = $logService; $this->mailService = $mailService; + $this->commentService = $commentService; $this->anonymizer = $anonymizer; $this->acl = $acl; } @@ -189,7 +189,6 @@ } if ($this->acl->getAllowSeeUsernames()) { - $comments = $this->commentMapper->findByPoll($pollId); if ($this->acl->getAllowSeeResults()) { $votes = $this->voteMapper->findByPoll($pollId); @@ -198,14 +197,13 @@ } } else { $this->anonymizer->set($pollId, $this->acl->getUserId()); - $comments = $this->anonymizer->getComments(); $votes = $this->anonymizer->getVotes(); } return new DataResponse([ 'acl' => $this->acl, - 'comments' => $comments, + 'comments' => $this->commentService->get($pollId), 'options' => $options, 'poll' => $this->poll, 'shares' => $shares, diff --git a/lib/Db/ShareMapper.php b/lib/Db/ShareMapper.php index 7de17583..3a4408f3 100644 --- a/lib/Db/ShareMapper.php +++ b/lib/Db/ShareMapper.php @@ -31,7 +31,7 @@ use OCP\AppFramework\Db\QBMapper; class ShareMapper extends QBMapper { /** - * CommentMapper constructor. + * ShareMapper constructor. * @param IDBConnection $db */ public function __construct(IDBConnection $db) { diff --git a/lib/Exception/NotAuthorizedException.php b/lib/Exception/NotAuthorizedException.php new file mode 100644 index 00000000..fb4a89a4 --- /dev/null +++ b/lib/Exception/NotAuthorizedException.php @@ -0,0 +1,34 @@ +<?php +/** + * @copyright Copyright (c) 2020 René Gieling <github@dartcafe.de> + * + * @author René Gieling <github@dartcafe.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\Polls; + +class NotAuthorizedException extends \Exception { + /** + * NotAuthorizedException Constructor + * @param string $e exception message + */ + public function __construct($e = 'Unauthorized') { + parent::__construct($e); + } +} diff --git a/lib/Service/CommentService.php b/lib/Service/CommentService.php new file mode 100644 index 00000000..a417ea12 --- /dev/null +++ b/lib/Service/CommentService.php @@ -0,0 +1,188 @@ +<?php +/** + * @copyright Copyright (c) 2017 Vinzenz Rosenkranz <vinzenz.rosenkranz@gmail.com> + * + * @author René Gieling <github@dartcafe.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\Polls\Service; + +use Exception; +use OCP\AppFramework\Db\DoesNotExistException; +use OCA\Polls\Exceptions\NotAuthorizedException; + +use OCP\IRequest; +use OCP\ILogger; +use OCP\AppFramework\Controller; +use OCP\AppFramework\Http; +use OCP\AppFramework\Http\DataResponse; + +use OCP\IGroupManager; + +use OCA\Polls\Db\Poll; +use OCA\Polls\Db\PollMapper; +use OCA\Polls\Db\Comment; +use OCA\Polls\Db\CommentMapper; +use OCA\Polls\Service\AnonymizeService; +use OCA\Polls\Model\Acl; + + + +class CommentService { + + private $userId; + private $commentMapper; + private $logger; + + private $groupManager; + private $pollMapper; + private $anonymizer; + private $acl; + private $comment; + + /** + * CommentController constructor. + * @param string $appName + * @param $UserId + * @param CommentMapper $commentMapper + * @param IGroupManager $groupManager + * @param PollMapper $pollMapper + * @param AnonymizeService $anonymizer + * @param Acl $acl + */ + + public function __construct( + string $appName, + $userId, + IRequest $request, + ILogger $logger, + CommentMapper $commentMapper, + IGroupManager $groupManager, + PollMapper $pollMapper, + AnonymizeService $anonymizer, + Acl $acl + ) { + $this->userId = $userId; + $this->commentMapper = $commentMapper; + $this->logger = $logger; + $this->groupManager = $groupManager; + $this->pollMapper = $pollMapper; + $this->anonymizer = $anonymizer; + $this->acl = $acl; + } + + + /** + * get + * Read all comments of a poll based on the poll id and return list as array + * @NoAdminRequired + * @param integer $pollId + * @param string $token + * @return Array + */ + public function get($pollId = 0, $token = '') { + $this->logger->alert('call commentService->get(' . $pollId . ', '. $token . ')'); + + try { + if ($token && !\OC::$server->getUserSession()->isLoggedIn()) { + $this->acl->setToken($token); + } else { + $this->acl->setPollId($pollId); + } + + if (!$this->acl->getAllowSeeUsernames()) { + $this->anonymizer->set($this->acl->getPollId(), $this->acl->getUserId()); + return $this->anonymizer->getComments(); + } else { + return $this->commentMapper->findByPoll($this->acl->getPollId()); + } + + } catch (Exception $e) { + $this->logger->alert('Error reading comments for pollId ' . $pollId . ': '. $e); + throw new DoesNotExistException($e); + } + + } + + /** + * Write a new comment to the db and returns the new comment as array + * @NoAdminRequired + * @param string $message + * @param int $pollId + * @param string $token + * @return Comment + */ + public function add($message, $pollId = 0, $token = '') { + $this->logger->debug('call commentService->write("' . $message . '", ' .$pollId . ', "' .$token . '")'); + try { + if ($token && !\OC::$server->getUserSession()->isLoggedIn()) { + $this->acl->setToken($token); + } else { + $this->acl->setPollId($pollId); + } + + if ($this->acl->getAllowComment()) { + $this->comment = new Comment(); + $this->comment->setPollId($this->acl->getPollId()); + $this->comment->setUserId($this->acl->getUserId()); + $this->comment->setComment($message); + $this->comment->setDt(date('Y-m-d H:i:s')); + $this->comment = $this->commentMapper->insert($this->comment); + return $this->comment; + } else { + throw new NotAuthorizedException; + } + + } catch (Exception $e) { + $this->logger->alert('Error wrinting comment for pollId ' . $pollId . ': '. $e); + throw new Exception($e); + } + } + + /** + * delete + * Delete Comment + * @NoAdminRequired + * @param int $commentId + * @param string $token + * @return Comment + */ + public function delete($commentId, $token = '') { + $this->logger->debug('call commentService->delete(' . $commentId . ', "' .$token . '")'); + try { + $this->comment = $this->commentMapper->find($commentId); + + if ($token && !\OC::$server->getUserSession()->isLoggedIn()) { + $this->acl->setToken($token); + } else { + $this->acl->setPollId($this->comment->getPollId()); + } + + if ($this->comment->getUserId() === $this->acl->getUserId()) { + $this->commentMapper->delete($this->comment); + return $this->comment; + } else { + throw new NotAuthorizedException; + } + } catch (\Exception $e) { + throw new NotAuthorizedException; + } + } + +} diff --git a/src/js/store/modules/subModules/comments.js b/src/js/store/modules/subModules/comments.js index b49c42d8..f349a43b 100644 --- a/src/js/store/modules/subModules/comments.js +++ b/src/js/store/modules/subModules/comments.js @@ -63,17 +63,11 @@ const getters = { const actions = { add(context, payload) { - let endPoint = 'apps/polls/comment/write/' - - if (context.rootState.poll.acl.foundByToken) { - endPoint = endPoint.concat('s/') - } - + const endPoint = 'apps/polls/comment/add' return axios.post(generateUrl(endPoint), { + message: payload.message, pollId: context.rootState.poll.id, token: context.rootState.poll.acl.token, - message: payload.message, - userId: context.rootState.poll.acl.userId, }) .then((response) => { context.commit('add', response.data) @@ -85,15 +79,11 @@ const actions = { }, delete(context, payload) { - let endPoint = 'apps/polls/comment/delete/' - - if (context.rootState.poll.acl.foundByToken) { - endPoint = endPoint.concat('s/') - } - + const endPoint = 'apps/polls/comment/delete' + context.commit('delete', { comment: payload.comment }) return axios.post(generateUrl(endPoint), { token: context.rootState.poll.acl.token, - comment: payload.comment, + commentId: payload.comment.id, }) .then((response) => { context.commit('delete', { comment: response.data.comment }) |