Commit 0c0cdc9d8f8c78c073c1ecb427c2031ee5bc5cc9
1 parent
2f324895
test
Showing
6 changed files
with
73 additions
and
14 deletions
Show diff stats
common/config/main.php
common/modules/comment/Controller.php
| ... | ... | @@ -19,6 +19,10 @@ |
| 19 | 19 | { |
| 20 | 20 | \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON; |
| 21 | 21 | $post = \Yii::$app->request->post('Comment'); |
| 22 | + $get = \Yii::$app->request->get(); | |
| 23 | + if(empty($post['comment_id']) && !empty($get['comment_id'])) { | |
| 24 | + $post['comment_id'] = $get['comment_id']; | |
| 25 | + } | |
| 22 | 26 | if(!empty($post['comment_id'])) { |
| 23 | 27 | if($model = \common\modules\comment\models\Comment::findOne($post['comment_id'])) { |
| 24 | 28 | /** | ... | ... |
common/modules/comment/models/Comment.php
| ... | ... | @@ -3,6 +3,7 @@ |
| 3 | 3 | |
| 4 | 4 | use common\models\User; |
| 5 | 5 | use yii\db\ActiveQuery; |
| 6 | + use yii\helpers\Url; | |
| 6 | 7 | |
| 7 | 8 | /** |
| 8 | 9 | * Class Comment |
| ... | ... | @@ -40,6 +41,8 @@ |
| 40 | 41 | */ |
| 41 | 42 | public $guestComment = true; |
| 42 | 43 | |
| 44 | + public $buttons = [ ]; | |
| 45 | + | |
| 43 | 46 | public function rules() |
| 44 | 47 | { |
| 45 | 48 | return [ |
| ... | ... | @@ -176,7 +179,8 @@ |
| 176 | 179 | 'comment.model' => $model, |
| 177 | 180 | 'comment.model_id' => $model_id, |
| 178 | 181 | 'comment.status' => 1, |
| 179 | - ])->with('rating'); | |
| 182 | + ]) | |
| 183 | + ->with('rating'); | |
| 180 | 184 | } |
| 181 | 185 | |
| 182 | 186 | public function postComment() |
| ... | ... | @@ -221,15 +225,24 @@ |
| 221 | 225 | $this->addError('comment_id', 'Comment ID not found'); |
| 222 | 226 | return false; |
| 223 | 227 | } else { |
| 224 | - if($this->status == self::STATUS_DELETED) { | |
| 225 | - return false; | |
| 226 | - } | |
| 227 | - $this->status = self::STATUS_DELETED; | |
| 228 | - if($this->update()) { | |
| 229 | - $this->clearSafe(); | |
| 230 | - return true; | |
| 228 | + if($this->user_id == \Yii::$app->user->id) { | |
| 229 | + if($this->delete()) { | |
| 230 | + return true; | |
| 231 | + } else { | |
| 232 | + $this->addError('comment_id', 'Can\'t delete post.'); | |
| 233 | + return false; | |
| 234 | + } | |
| 231 | 235 | } else { |
| 232 | - return false; | |
| 236 | + if($this->status == self::STATUS_DELETED) { | |
| 237 | + return false; | |
| 238 | + } | |
| 239 | + $this->status = self::STATUS_DELETED; | |
| 240 | + if($this->update()) { | |
| 241 | + $this->clearSafe(); | |
| 242 | + return true; | |
| 243 | + } else { | |
| 244 | + return false; | |
| 245 | + } | |
| 233 | 246 | } |
| 234 | 247 | } |
| 235 | 248 | } else { |
| ... | ... | @@ -270,13 +283,15 @@ |
| 270 | 283 | if($this->scenario == self::SCENARIO_GUEST) { |
| 271 | 284 | return false; |
| 272 | 285 | } else { |
| 273 | - return \Yii::$app->user->can(\common\modules\comment\Permissions::DELETE, [ | |
| 286 | + return (\Yii::$app->user->can(\common\modules\comment\Permissions::DELETE, [ | |
| 274 | 287 | 'model' => $this->model, |
| 275 | 288 | 'model_id' => $this->model_id, |
| 289 | + 'comment' => $this, | |
| 276 | 290 | ]) || \Yii::$app->user->can(\common\modules\comment\Permissions::DELETE_OWN, [ |
| 277 | 291 | 'model' => $this->model, |
| 278 | 292 | 'model_id' => $this->model_id, |
| 279 | - ]); | |
| 293 | + 'comment' => $this, | |
| 294 | + ])); | |
| 280 | 295 | } |
| 281 | 296 | } |
| 282 | 297 | |
| ... | ... | @@ -313,7 +328,7 @@ |
| 313 | 328 | 'model' => $this->className(), |
| 314 | 329 | ]) |
| 315 | 330 | ->one(); |
| 316 | - if(!$rating instanceof \common\modules\comment\models\Rating && !empty($this->primaryKey)) { | |
| 331 | + if(!$rating instanceof \common\modules\comment\models\Rating && !empty( $this->primaryKey )) { | |
| 317 | 332 | $rating = new \common\modules\comment\models\Rating([ |
| 318 | 333 | 'model' => $this->className(), |
| 319 | 334 | 'model_id' => $this->comment_id, |
| ... | ... | @@ -355,4 +370,14 @@ |
| 355 | 370 | return $this->hasOne(User::className(), [ 'id' => 'user_id' ]); |
| 356 | 371 | } |
| 357 | 372 | |
| 373 | + public function buildButtons() | |
| 374 | + { | |
| 375 | + if($this->checkDelete()) { | |
| 376 | + $this->buttons[ 'delete' ] = Url::to([ | |
| 377 | + 'artbox-comment/delete', | |
| 378 | + 'comment_id' => $this->comment_id, | |
| 379 | + ]); | |
| 380 | + } | |
| 381 | + } | |
| 382 | + | |
| 358 | 383 | } | ... | ... |
common/modules/comment/rbac/ArtboxCommentDeleteOwnRule.php
| ... | ... | @@ -11,7 +11,12 @@ |
| 11 | 11 | |
| 12 | 12 | public function execute($user, $item, $params) |
| 13 | 13 | { |
| 14 | - return true; | |
| 14 | + if(!empty($params['comment'])) { | |
| 15 | + if($params['comment']->user_id == \Yii::$app->user->id) { | |
| 16 | + return true; | |
| 17 | + } | |
| 18 | + } | |
| 19 | + return false; | |
| 15 | 20 | } |
| 16 | 21 | |
| 17 | 22 | } |
| 18 | 23 | \ No newline at end of file | ... | ... |
common/modules/comment/rbac/ArtboxCommentDeleteRule.php
| ... | ... | @@ -2,6 +2,8 @@ |
| 2 | 2 | |
| 3 | 3 | namespace common\modules\comment\rbac; |
| 4 | 4 | |
| 5 | + use common\models\User; | |
| 6 | + use yii\db\ActiveRecord; | |
| 5 | 7 | use yii\rbac\Rule; |
| 6 | 8 | |
| 7 | 9 | class ArtboxCommentDeleteRule extends Rule |
| ... | ... | @@ -11,7 +13,21 @@ |
| 11 | 13 | |
| 12 | 14 | public function execute($user, $item, $params) |
| 13 | 15 | { |
| 14 | - return true; | |
| 16 | + /** | |
| 17 | + * @var ActiveRecord $model | |
| 18 | + */ | |
| 19 | + if(!empty($params['model']) && !empty($params['model_id'])) { | |
| 20 | + $model = new $params['model']; | |
| 21 | + if($model instanceof ActiveRecord) { | |
| 22 | + $model = $model::findOne($params['model_id']); | |
| 23 | + if($model->hasAttribute('user_id') && $model->user_id == \Yii::$app->user->id) { | |
| 24 | + return true; | |
| 25 | + } elseif($model instanceof User && $model->id == \Yii::$app->user->id) { | |
| 26 | + return true; | |
| 27 | + } | |
| 28 | + } | |
| 29 | + } | |
| 30 | + return false; | |
| 15 | 31 | } |
| 16 | 32 | |
| 17 | 33 | } |
| 18 | 34 | \ No newline at end of file | ... | ... |
common/modules/comment/widgets/views/_review_comment_view.php
| ... | ... | @@ -11,6 +11,7 @@ |
| 11 | 11 | * @var User $user |
| 12 | 12 | */ |
| 13 | 13 | $user = $model->user; |
| 14 | + $model->buildButtons(); | |
| 14 | 15 | ?> |
| 15 | 16 | <div class="comments-name"><?= $user->name ?></div> |
| 16 | 17 | <?php |
| ... | ... | @@ -34,6 +35,13 @@ |
| 34 | 35 | <div class="comments-content"> |
| 35 | 36 | <?= $model->text ?> |
| 36 | 37 | </div> |
| 38 | + <div> | |
| 39 | + <?php | |
| 40 | + if(!empty($model->buttons['delete'])) { | |
| 41 | + echo Html::a('Удалить', $model->buttons['delete'], ['data-method' => 'post', 'data-confirm' => 'Really?']); | |
| 42 | + } | |
| 43 | + ?> | |
| 44 | + </div> | |
| 37 | 45 | <?php |
| 38 | 46 | /* == PROJECT INFO == |
| 39 | 47 | ?> | ... | ... |