feat: edit comment

2020-05-31 18:15:15 -04:00
parent e74605501f
commit 7a946ec0f5
6 changed files with 273 additions and 35 deletions
--- a/server/graph/resolvers/comment.js
+++ b/server/graph/resolvers/comment.js
@@ -40,13 +40,10 @@ module.exports = {
     * Fetch list of comments for a page
     */
    async list (obj, args, context) {
-      const page = await WIKI.models.pages.getPage(args)
+      const page = await WIKI.models.pages.query().select('id').findOne({ localeCode: args.locale, path: args.path })
      if (page) {
-        if (WIKI.auth.checkAccess(context.req.user, ['read:comments'], {
-          path: page.path,
-          locale: page.localeCode
-        })) {
-          const comments = await WIKI.models.comments.query().where('pageId', page.id)
+        if (WIKI.auth.checkAccess(context.req.user, ['read:comments'], args)) {
+          const comments = await WIKI.models.comments.query().where('pageId', page.id).orderBy('createdAt')
          return comments.map(c => ({
            ...c,
            authorName: c.name,
@@ -54,11 +51,39 @@ module.exports = {
            authorIP: c.ip
          }))
        } else {
-          throw new WIKI.Error.PageViewForbidden()
+          throw new WIKI.Error.CommentViewForbidden()
        }
      } else {
        return []
      }
+    },
+    /**
+     * Fetch a single comment
+     */
+    async single (obj, args, context) {
+      const cm = await WIKI.data.commentProvider.getCommentById(args.id)
+      if (!cm || !cm.pageId) {
+        throw new WIKI.Error.CommentNotFound()
+      }
+      const page = await WIKI.models.pages.query().select('localeCode', 'path').findById(cm.pageId)
+      if (page) {
+        if (WIKI.auth.checkAccess(context.req.user, ['read:comments'], {
+          path: page.path,
+          locale: page.localeCode
+        })) {
+          return {
+            ...cm,
+            authorName: cm.name,
+            authorEmail: cm.email,
+            authorIP: cm.ip
+          }
+        } else {
+          throw new WIKI.Error.CommentViewForbidden()
+        }
+      } else {
+        WIKI.logger.warn(`Comment #${cm.id} is linked to a page #${cm.pageId} that doesn't exist! [ERROR]`)
+        throw new WIKI.Error.CommentGenericError()
+      }
    }
  },
  CommentMutation: {
@@ -80,6 +105,24 @@ module.exports = {
        return graphHelper.generateError(err)
      }
    },
+    /**
+     * Update an Existing Comment
+     */
+    async update (obj, args, context) {
+      try {
+        const cmRender = await WIKI.models.comments.updateComment({
+          ...args,
+          user: context.req.user,
+          ip: context.req.ip
+        })
+        return {
+          responseResult: graphHelper.generateSuccess('Comment updated successfully'),
+          render: cmRender
+        }
+      } catch (err) {
+        return graphHelper.generateError(err)
+      }
+    },
    /**
     * Delete an Existing Comment
     */
--- a/server/graph/schemas/comment.graphql
+++ b/server/graph/schemas/comment.graphql
@@ -47,7 +47,7 @@ type CommentMutation {
  update(
    id: Int!
    content: String!
-  ): DefaultResponse @auth(requires: ["write:comments", "manage:comments", "manage:system"])
+  ): CommentUpdateResponse @auth(requires: ["write:comments", "manage:comments", "manage:system"])

  delete(
    id: Int!
@@ -77,7 +77,7 @@ input CommentProviderInput {

 type CommentPost {
  id: Int!
-  content: String!
+  content: String! @auth(requires: ["write:comments", "manage:comments", "manage:system"])
  render: String!
  authorId: Int!
  authorName: String!
@@ -91,3 +91,8 @@ type CommentCreateResponse {
  responseResult: ResponseStatus
  id: Int
 }
+
+type CommentUpdateResponse {
+  responseResult: ResponseStatus
+  render: String
+}
--- a/server/helpers/error.js
+++ b/server/helpers/error.js
@@ -97,18 +97,14 @@ module.exports = {
    message: 'Too many attempts! Try again later.',
    code: 1008
  }),
-  CommentGenericError: CustomError('CommentGenericError', {
-    message: 'An unexpected error occured.',
-    code: 8001
-  }),
-  CommentPostForbidden: CustomError('CommentPostForbidden', {
-    message: 'You are not authorized to post a comment on this page.',
-    code: 8002
-  }),
  CommentContentMissing: CustomError('CommentContentMissing', {
    message: 'Comment content is missing or too short.',
    code: 8003
  }),
+  CommentGenericError: CustomError('CommentGenericError', {
+    message: 'An unexpected error occured.',
+    code: 8001
+  }),
  CommentManageForbidden: CustomError('CommentManageForbidden', {
    message: 'You are not authorized to manage comments on this page.',
    code: 8004
@@ -117,6 +113,14 @@ module.exports = {
    message: 'This comment does not exist.',
    code: 8005
  }),
+  CommentPostForbidden: CustomError('CommentPostForbidden', {
+    message: 'You are not authorized to post a comment on this page.',
+    code: 8002
+  }),
+  CommentViewForbidden: CustomError('CommentViewForbidden', {
+    message: 'You are not authorized to view comments for this page.',
+    code: 8006
+  }),
  InputInvalid: CustomError('InputInvalid', {
    message: 'Input data is invalid.',
    code: 1012
--- a/server/models/comments.js
+++ b/server/models/comments.js
@@ -123,6 +123,39 @@ module.exports = class Comment extends Model {
    })
  }

+  /**
+   * Update an Existing Comment
+   */
+  static async updateComment ({ id, content, user, ip }) {
+    // -> Load Page
+    const pageId = await WIKI.data.commentProvider.getPageIdFromCommentId(id)
+    if (!pageId) {
+      throw new WIKI.Error.CommentNotFound()
+    }
+    const page = await WIKI.models.pages.getPageFromDb(pageId)
+    if (page) {
+      if (!WIKI.auth.checkAccess(user, ['manage:comments'], {
+        path: page.path,
+        locale: page.localeCode
+      })) {
+        throw new WIKI.Error.CommentManageForbidden()
+      }
+    } else {
+      throw new WIKI.Error.PageNotFound()
+    }
+
+    // -> Process by comment provider
+    return WIKI.data.commentProvider.update({
+      id,
+      content,
+      page,
+      user: {
+        ...user,
+        ip
+      }
+    })
+  }
+
  /**
   * Delete an Existing Comment
   */
--- a/server/modules/comments/default/comment.js
+++ b/server/modules/comments/default/comment.js
@@ -13,6 +13,17 @@ const DOMPurify = createDOMPurify(window)

 let akismetClient = null

+const mkdown = md({
+  html: false,
+  breaks: true,
+  linkify: true,
+  highlight(str, lang) {
+    return `<pre><code class="language-${lang}">${_.escape(str)}</code></pre>`
+  }
+})
+
+mkdown.use(mdEmoji)
+
 // ------------------------------------
 // Default Comment Provider
 // ------------------------------------
@@ -51,18 +62,6 @@ module.exports = {
   * Create New Comment
   */
  async create ({ page, replyTo, content, user }) {
-    // -> Render Markdown
-    const mkdown = md({
-      html: false,
-      breaks: true,
-      linkify: true,
-      highlight(str, lang) {
-        return `<pre><code class="language-${lang}">${_.escape(str)}</code></pre>`
-      }
-    })
-
-    mkdown.use(mdEmoji)
-
    // -> Build New Comment
    const newComment = {
      content,
@@ -121,13 +120,20 @@ module.exports = {
    // -> Return Comment ID
    return cm.id
  },
-  async update ({ id, content, user, ip }) {
-
+  /**
+   * Update an existing comment
+   */
+  async update ({ id, content, user }) {
+    const renderedContent = DOMPurify.sanitize(mkdown.render(content))
+    await WIKI.models.comments.query().findById(id).patch({
+      render: renderedContent
+    })
+    return renderedContent
  },
  /**
   * Delete an existing comment by ID
   */
-  async remove ({ id, user, ip }) {
+  async remove ({ id, user }) {
    return WIKI.models.comments.query().findById(id).delete()
  },
  /**
@@ -137,6 +143,12 @@ module.exports = {
    const result = await WIKI.models.comments.query().select('pageId').findById(id)
    return (result) ? result.pageId : false
  },
+  /**
+   * Get a comment by ID
+   */
+  async getCommentById (id) {
+    return WIKI.models.comments.query().findById(id)
+  },
  /**
   * Get the total comments count for a page ID
   */