openvk/Web/Presenters/NotesPresenter.php

145 lines
5.4 KiB
PHP
Raw Normal View History

2020-06-07 19:04:43 +03:00
<?php declare(strict_types=1);
namespace openvk\Web\Presenters;
use openvk\Web\Models\Repositories\{Users, Notes};
2020-06-07 19:04:43 +03:00
use openvk\Web\Models\Entities\Note;
final class NotesPresenter extends OpenVKPresenter
{
private $notes;
2020-06-07 19:04:43 +03:00
function __construct(Notes $notes)
{
$this->notes = $notes;
parent::__construct();
}
function renderList(int $owner): void
{
$user = (new Users)->get($owner);
if(!$user) $this->notFound();
if(!$user->getPrivacyPermission('notes.read', $this->user->identity ?? NULL))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
2020-06-07 19:04:43 +03:00
2021-05-14 19:06:35 +03:00
$this->template->notes = $this->notes->getUserNotes($user, (int)($this->queryParam("p") ?? 1));
2020-06-07 19:04:43 +03:00
$this->template->count = $this->notes->getUserNotesCount($user);
$this->template->owner = $user;
$this->template->paginatorConf = (object) [
"count" => $this->template->count,
"page" => $this->queryParam("p") ?? 1,
"amount" => NULL,
"perPage" => OPENVK_DEFAULT_PER_PAGE,
];
}
2021-11-15 14:00:49 +03:00
function renderView(int $owner, int $note_id): void
2020-06-07 19:04:43 +03:00
{
2021-11-15 14:00:49 +03:00
$note = $this->notes->getNoteById($owner, $note_id);
if(!$note || $note->getOwner()->getId() !== $owner || $note->isDeleted())
2020-06-07 19:04:43 +03:00
$this->notFound();
if(!$note->getOwner()->getPrivacyPermission('notes.read', $this->user->identity ?? NULL))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
2020-06-07 19:04:43 +03:00
$this->template->cCount = $note->getCommentsCount();
$this->template->cPage = (int) ($this->queryParam("p") ?? 1);
$this->template->comments = iterator_to_array($note->getComments($this->template->cPage));
$this->template->note = $note;
}
function renderPreView(): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
if($_SERVER["REQUEST_METHOD"] !== "POST") {
header("HTTP/1.1 400 Bad Request");
exit;
}
if(empty($this->postParam("html")) || empty($this->postParam("title"))) {
header("HTTP/1.1 400 Bad Request");
exit(tr("note_preview_empty_err"));
}
$note = new Note;
$note->setSource($this->postParam("html"));
$this->flash("info", tr("note_preview_warn"), tr("note_preview_warn_details"));
$this->template->title = $this->postParam("title");
$this->template->html = $note->getText();
}
2020-06-07 19:04:43 +03:00
function renderCreate(): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
2020-06-07 19:04:43 +03:00
$id = $this->user->id; #TODO: when ACL'll be done, allow admins to edit users via ?GUID=(chandler guid)
if(!$id)
$this->notFound();
if($_SERVER["REQUEST_METHOD"] === "POST") {
if(empty($this->postParam("name"))) {
$this->flashFail("err", tr("error"), tr("error_segmentation"));
}
2021-01-17 02:19:54 +03:00
2020-06-07 19:04:43 +03:00
$note = new Note;
$note->setOwner($this->user->id);
$note->setCreated(time());
$note->setName($this->postParam("name"));
$note->setSource($this->postParam("html"));
2022-01-26 18:20:10 +03:00
$note->setEdited(time());
$note->save();
$this->redirect("/note" . $this->user->id . "_" . $note->getVirtualId());
}
}
function renderEdit(int $owner, int $note_id): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$note = $this->notes->getNoteById($owner, $note_id);
if(!$note || $note->getOwner()->getId() !== $owner || $note->isDeleted())
$this->notFound();
if(is_null($this->user) || !$note->canBeModifiedBy($this->user->identity))
$this->flashFail("err", "Ошибка доступа", "Недостаточно прав для модификации данного ресурса.");
$this->template->note = $note;
if($_SERVER["REQUEST_METHOD"] === "POST") {
if(empty($this->postParam("name"))) {
$this->flashFail("err", tr("error"), tr("error_segmentation"));
}
$note->setName($this->postParam("name"));
$note->setSource($this->postParam("html"));
$note->setCached_Content(NULL);
$note->setEdited(time());
2020-06-07 19:04:43 +03:00
$note->save();
2021-11-15 14:00:49 +03:00
$this->redirect("/note" . $this->user->id . "_" . $note->getVirtualId());
2020-06-07 19:04:43 +03:00
}
}
2021-01-17 02:19:54 +03:00
function renderDelete(int $owner, int $id): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$this->assertNoCSRF();
$note = $this->notes->get($id);
if(!$note) $this->notFound();
if($note->getOwner()->getId() . "_" . $note->getId() !== $owner . "_" . $id || $note->isDeleted()) $this->notFound();
if(is_null($this->user) || !$note->canBeModifiedBy($this->user->identity))
$this->flashFail("err", "Ошибка доступа", "Недостаточно прав для модификации данного ресурса.");
$name = $note->getName();
$note->delete();
$this->flash("succ", "Заметка удалена", "Заметка \"$name\" была успешно удалена.");
$this->redirect("/notes" . $this->user->id);
}
2020-06-07 19:04:43 +03:00
}