Source of file FlagCommentControllerExtension.php
Size: 3,915 Bytes - Last Modified: 2021-12-23T10:09:08+00:00
/var/www/docs.ssmods.com/process/src/src/extensions/FlagCommentControllerExtension.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148 | <?php namespace NZTA\FlagComments\Extensions; use SilverStripe\Core\Extension; use SilverStripe\ORM\DataObject; use SilverStripe\Security\Security; use SilverStripe\Control\HTTPRequest; use SilverStripe\Comments\Model\Comment; use SilverStripe\Security\SecurityToken; class FlagCommentControllerExtension extends Extension { /** * @var array */ private static $allowed_actions = [ 'flagcomment', 'unflagcomment', 'removeflaggedcomment', ]; /** * @var array */ private static $url_handlers = [ 'flagcomment//$ID!' => 'flagComment', 'unflagcomment//$ID' => 'unflagComment', 'removeFlaggedComment//$ID' => 'removeFlaggedComment', ]; /** * @param HTTPRequest $request * * @return HTTPResponse */ public function flagComment(HTTPRequest $request) { // Check Security ID if (!SecurityToken::inst()->check($request->getVar('SecurityID'))) { return $this->owner->httpError(400); } $comment = $this->getComment($request); if (!$comment) { return $this->owner->httpError(404); } if (!$comment->canFlag()) { return Security::permissionFailure($this->owner); } $flagged = $comment->doFlag(); if ($request->isAjax()) { $response = $this->owner->getResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode(['flagged' => $flagged])); return $response; } return $this->owner->redirect($comment->Link()); } /** * @param HTTPRequest $request * * @return HTTPResponse */ public function unflagComment(HTTPRequest $request) { $comment = $this->getComment($request); if (!$comment) { return $this->owner->httpError(404); } if (!$comment->canEdit()) { return $this->owner->httpError(403); } if (empty($comment->FlaggedSecurityToken) || $comment->FlaggedSecurityToken != $request->getVar('token') ) { return $this->owner->httpError(400); } $unflagged = $comment->doUnflag(); if ($request->isAjax()) { $response = $this->owner->getResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode(['unflagged' => $unflagged])); return $response; } return $this->owner->redirect($comment->Link()); } /** * @param HTTPRequest $request * * @return HTTPResponse */ public function removeFlaggedComment(HTTPRequest $request) { $comment = $this->getComment($request); if (!$comment) { return $this->owner->httpError(404); } if (!$comment->canEdit()) { return $this->owner->httpError(403); } if (empty($comment->FlaggedSecurityToken) || $comment->FlaggedSecurityToken != $request->getVar('token') ) { return $this->owner->httpError(400); } $removed = $comment->doRemoveFlaggedComment(); if ($request->isAjax()) { $response = $this->owner->getResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode(['removed' => $removed])); return $response; } return $this->owner->redirect($comment->getParent()->Link()); } /** * @param HTTPRequest $request * * @return bool|DataObject|Comment */ protected function getComment(HTTPRequest $request) { $id = $request->param('ID'); if ($id != (int) $id && $id > 0) { return false; } return Comment::get()->byId($id); } } |