diff --git a/src/controllers/comments_controller.rs b/src/controllers/comments_controller.rs index 814177b..1730209 100644 --- a/src/controllers/comments_controller.rs +++ b/src/controllers/comments_controller.rs @@ -2,6 +2,7 @@ //! //! @author Pierre Hubert +use crate::api_data::comment_api::CommentAPI; use crate::api_data::res_create_comment::ResCreateComment; use crate::constants::PATH_COMMENTS_IMAGES; use crate::controllers::routes::RequestResult; @@ -48,4 +49,11 @@ pub fn create(r: &mut HttpRequestHandler) -> RequestResult { // TODO : Remove notifications targeting current user about the post r.set_response(ResCreateComment::new(comment_id)) +} + +/// Get information about a single comment +pub fn get_single(r: &mut HttpRequestHandler) -> RequestResult { + let comment = r.post_comment_with_access("commentID")?; + + r.set_response(CommentAPI::new(&comment, &r.user_id_opt())?) } \ No newline at end of file diff --git a/src/controllers/routes.rs b/src/controllers/routes.rs index f8c9265..e2e4ab9 100644 --- a/src/controllers/routes.rs +++ b/src/controllers/routes.rs @@ -221,6 +221,8 @@ pub fn get_routes() -> Vec { // Comments controller Route::post("/comments/create", Box::new(comments_controller::create)), + Route::post("/comments/get_single", Box::new(comments_controller::get_single)), + // Movies controller diff --git a/src/data/http_request_handler.rs b/src/data/http_request_handler.rs index 2c9d90b..ec15071 100644 --- a/src/data/http_request_handler.rs +++ b/src/data/http_request_handler.rs @@ -12,13 +12,14 @@ use serde::Serialize; use crate::api_data::http_error::HttpError; use crate::controllers::routes::RequestResult; use crate::data::api_client::APIClient; +use crate::data::comment::Comment; use crate::data::config::conf; use crate::data::error::{ExecError, ResultBoxError}; use crate::data::group::GroupAccessLevel; use crate::data::group_id::GroupID; use crate::data::post::{Post, PostAccessLevel}; use crate::data::user::UserID; -use crate::helpers::{account_helper, api_helper, conversations_helper, friends_helper, groups_helper, movies_helper, posts_helper, user_helper, virtual_directory_helper}; +use crate::helpers::{account_helper, api_helper, comments_helper, conversations_helper, friends_helper, groups_helper, movies_helper, posts_helper, user_helper, virtual_directory_helper}; use crate::helpers::virtual_directory_helper::VirtualDirType; use crate::utils::pdf_utils::is_valid_pdf; use crate::utils::string_utils::{check_string_before_insert, check_url, remove_html_nodes}; @@ -585,6 +586,22 @@ impl HttpRequestHandler { Ok(post) } + /// Get information about a comment whose ID is specified in the request + pub fn post_comment_with_access(&mut self, name: &str) -> ResultBoxError { + let comment_id = self.post_u64(name)?; + let comment = self.ok_or_not_found( + comments_helper::get_single(comment_id), + "Specified comment not found!", + )?; + + let post = posts_helper::get_single(comment.post_id)?; + if posts_helper::get_access_level(&post, &self.user_id_opt())? == PostAccessLevel::NO_ACCESS { + self.forbidden("You are not allowed to access this post informations !".to_string())?; + } + + Ok(comment) + } + /// Get the ID of a movie included in the request pub fn post_movie_id(&mut self, name: &str) -> ResultBoxError { let movie_id = self.post_u64(name)?; diff --git a/src/helpers/comments_helper.rs b/src/helpers/comments_helper.rs index f9cf99a..0c689a3 100644 --- a/src/helpers/comments_helper.rs +++ b/src/helpers/comments_helper.rs @@ -33,6 +33,13 @@ pub fn get(post_id: u64) -> ResultBoxError> { .exec(db_to_comment) } +/// Get information about a single comment +pub fn get_single(comment_id: u64) -> ResultBoxError { + database::QueryInfo::new(COMMENTS_TABLE) + .cond_u64("ID", comment_id) + .query_row(db_to_comment) +} + /// Turn a database entry into a comment object fn db_to_comment(row: &database::RowResult) -> ResultBoxError {