From adef21d3a93e19413bf1ae8703248523512ad7c3 Mon Sep 17 00:00:00 2001 From: lalka2016 <99399973+lalka2016@users.noreply.github.com> Date: Sat, 12 Aug 2023 12:26:39 +0300 Subject: [PATCH] Remove ability to delete your accepted psto --- VKAPI/Handlers/Wall.php | 3 +++ Web/Models/Entities/Post.php | 3 +++ Web/Presenters/WallPresenter.php | 3 +++ Web/static/js/al_wall.js | 4 ++-- locales/en.strings | 1 + locales/ru.strings | 1 + 6 files changed, 13 insertions(+), 2 deletions(-) diff --git a/VKAPI/Handlers/Wall.php b/VKAPI/Handlers/Wall.php index 058b40e6..9d1f0ad5 100644 --- a/VKAPI/Handlers/Wall.php +++ b/VKAPI/Handlers/Wall.php @@ -887,6 +887,9 @@ final class Wall extends VKAPIRequestHandler $wallOwner = $post->getWallOwner(); + if($post->getTargetWall() < 0 && !$post->getWallOwner()->canBeModifiedBy($this->getUser()) && $post->getWallOwner()->getWallType() != 1) + $this->fail(12, "Access denied: you can't delete your accepted post."); + if($post->getOwnerPost() == $this->getUser()->getId() || $post->getTargetWall() == $this->getUser()->getId() || $owner_id < 0 && $wallOwner->canBeModifiedBy($this->getUser())) { $post->unwire(); $post->delete(); diff --git a/Web/Models/Entities/Post.php b/Web/Models/Entities/Post.php index 5f2d3d4d..3374301b 100644 --- a/Web/Models/Entities/Post.php +++ b/Web/Models/Entities/Post.php @@ -207,6 +207,9 @@ class Post extends Postable function canBeDeletedBy(User $user): bool { + if($this->getTargetWall() < 0 && !$this->getWallOwner()->canBeModifiedBy($user) && $this->getWallOwner()->getWallType() != 1) + return false; + return $this->getOwnerPost() === $user->getId() || $this->canBePinnedBy($user); } diff --git a/Web/Presenters/WallPresenter.php b/Web/Presenters/WallPresenter.php index 39b7e32b..1dd19349 100644 --- a/Web/Presenters/WallPresenter.php +++ b/Web/Presenters/WallPresenter.php @@ -492,6 +492,9 @@ final class WallPresenter extends OpenVKPresenter else $canBeDeletedByOtherUser = false; if(!is_null($user)) { + if($post->getTargetWall() < 0 && !$post->getWallOwner()->canBeModifiedBy($this->user->identity) && $post->getWallOwner()->getWallType() != 1) + $this->flashFail("err", tr("failed_to_delete_post"), tr("error_deleting_suggested")); + if($post->getOwnerPost() == $user || $post->getTargetWall() == $user || $canBeDeletedByOtherUser) { $post->unwire(); $post->delete(); diff --git a/Web/static/js/al_wall.js b/Web/static/js/al_wall.js index 1812ac41..b1ca6117 100644 --- a/Web/static/js/al_wall.js +++ b/Web/static/js/al_wall.js @@ -323,7 +323,7 @@ $(document).on("click", "#publish_post", async (e) => { e.currentTarget.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.outerHTML = "" } - if(document.querySelectorAll(".post").length < 1 && post.new_count > 0) { + if(document.querySelectorAll(".post").length < 1 && post.new_count > 0 && document.querySelector(".paginator") != null) { loadMoreSuggestedPosts() } }), Function.noop]); @@ -384,7 +384,7 @@ $(document).on("click", "#decline_post", async (e) => { } } - if(document.querySelectorAll(".post").length < 1 && post > 0) { + if(document.querySelectorAll(".post").length < 1 && post > 0 && document.querySelector(".paginator") != null) { loadMoreSuggestedPosts() } }) diff --git a/locales/en.strings b/locales/en.strings index ff146016..f4a2fb56 100644 --- a/locales/en.strings +++ b/locales/en.strings @@ -1180,6 +1180,7 @@ "media_file_corrupted_or_too_large" = "The media content file is corrupted or too large."; "post_is_empty_or_too_big" = "The post is empty or too big."; "post_is_too_big" = "The post is too big."; +"error_deleting_suggested" = "You can't delete your accepted post"; /* Admin actions */ diff --git a/locales/ru.strings b/locales/ru.strings index 0f37bfe8..87c966e4 100644 --- a/locales/ru.strings +++ b/locales/ru.strings @@ -1080,6 +1080,7 @@ "media_file_corrupted_or_too_large" = "Файл медиаконтента повреждён или слишком велик."; "post_is_empty_or_too_big" = "Пост пустой или слишком большой."; "post_is_too_big" = "Пост слишком большой."; +"error_deleting_suggested" = "Вы не можете удалить ваш принятый пост"; /* Admin actions */