Comunic/comunicapiv2
1
0
Fork 0
mirror of https://gitlab.com/comunic/comunicapiv2 synced 2025-11-04 11:34:04 +00:00
Code Issues Projects Releases Wiki Activity

Can check the right to access a comment

Browse Source
This commit is contained in:
Pierre HUBERT
2020-03-21 11:49:52 +01:00
parent aa0c9f4f6a
commit 16ac9fae15
4 changed files with 78 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/controllers/CommentsController.ts
View File

@@ -50,6 +50,17 @@ export class CommentsController {
h.send({success: true, commentID: commentID}); h.send({success: true, commentID: commentID});
} }
/**
* Get information about a single comment
*
* @param h Request handler
*/
public static async GetSingle(h: RequestHandler) {
const commentID = h.postCommentIDWithAccess("commentID");
console.log("Comment ID: " + commentID);
}
/** /**
* Get the content of a comment included in a POST field * Get the content of a comment included in a POST field
* *

2
src/controllers/Routes.ts
View File

@@ -207,6 +207,8 @@ export const Routes : Route[] = [
// Comments controller // Comments controller
{path: "/comments/create", cb: (h) => CommentsController.Create(h)}, {path: "/comments/create", cb: (h) => CommentsController.Create(h)},
{path: "/comments/get_single", cb: (h) => CommentsController.GetSingle(h)},
// Notifications controller // Notifications controller
{path: "/notifications/count_unread", cb: (h) => NotificationsController.CountUnread(h)}, {path: "/notifications/count_unread", cb: (h) => NotificationsController.CountUnread(h)},

21
src/entities/RequestHandler.ts
View File

@@ -14,6 +14,7 @@ import { FriendsHelper } from "../helpers/FriendsHelper";
import { PostsHelper } from "../helpers/PostsHelper"; import { PostsHelper } from "../helpers/PostsHelper";
import { PostAccessLevel } from "./Post"; import { PostAccessLevel } from "./Post";
import { writeFileSync } from "fs"; import { writeFileSync } from "fs";
import { CommentsHelper } from "../helpers/CommentsHelper";
/** /**
* Response to a request * Response to a request
@@ -323,6 +324,26 @@ export class RequestHandler {
return postID; return postID;
} }
/**
* Get the ID of a comment that the user is allowed to access
*
* @param name The name of the comment field
*/
public async postCommentIDWithAccess(name: string) : Promise<number> {
const commentID = this.postInt(name);
if(!await CommentsHelper.Exists(commentID))
this.error(404, "Specified comment not found!");
const postID = await CommentsHelper.GetAssociatedPost(commentID);
const post = await PostsHelper.GetSingle(postID);
if(await PostsHelper.GetAccessLevel(this.getUserId(), post) == PostAccessLevel.NO_ACCESS)
this.error(401, "You are not allowed to acess this post information!");
return commentID;
}
/** /**
* Get a virtual directory included in a POST request * Get a virtual directory included in a POST request
* *

44
src/helpers/CommentsHelper.ts
View File

@@ -47,6 +47,50 @@ export class CommentsHelper {
return results.map(this.DbToComment); return results.map(this.DbToComment);
} }
/**
* Check out whether a comment exists or not
*
* @param commentID Target comment ID
*/
public static async Exists(commentID: number) : Promise<boolean> {
return await DatabaseHelper.Count({
table: COMMENTS_TABLE,
where: {
ID: commentID
}
}) > 0;
}
/**
* Get information about a single comment
*
* @param commentID Target comment ID
*/
public static async GetSingle(commentID: number) : Promise<Comment> {
const row = await DatabaseHelper.QueryRow({
table: COMMENTS_TABLE,
where: {
ID: commentID
}
});
if(row == null)
throw new Error("Comment " + commentID + " not found!");
return this.DbToComment(row);
}
/**
* Get the ID of the post associated to a comment
*
* @param commentID Target comment ID
*/
public static async GetAssociatedPost(commentID: number) : Promise<number> {
const comment = await this.GetSingle(commentID);
return comment.postID;
}
/** /**
* Permanently delete a comment * Permanently delete a comment
* *