From 5a5bf8c5c35c8dc4c16e54faf94836f8dda9f44e Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Fri, 10 Jul 2020 08:57:46 +0200
Subject: [PATCH] Can update comment content

---
 src/controllers/comments_controller.rs | 12 +++++++++++-
 src/controllers/routes.rs              |  4 +++-
 src/data/http_request_handler.rs       | 21 ++++++++++++++++++---
 src/helpers/comments_helper.rs         |  8 ++++++++
 src/utils/string_utils.rs              |  2 +-
 5 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/src/controllers/comments_controller.rs b/src/controllers/comments_controller.rs
index 1730209..6ba9f1f 100644
--- a/src/controllers/comments_controller.rs
+++ b/src/controllers/comments_controller.rs
@@ -28,7 +28,7 @@ pub fn create(r: &mut HttpRequestHandler) -> RequestResult {
         )
     } else {
         (
-            r.post_content("content", 3, true)?,
+            r.post_content("content", 2, true)?,
             None
         )
     };
@@ -56,4 +56,14 @@ pub fn get_single(r: &mut HttpRequestHandler) -> RequestResult {
     let comment = r.post_comment_with_access("commentID")?;
 
     r.set_response(CommentAPI::new(&comment, &r.user_id_opt())?)
+}
+
+/// Change a comment's content
+pub fn edit(r: &mut HttpRequestHandler) -> RequestResult {
+    let comment = r.post_comment_with_full_access("commentID")?;
+    let new_content = r.post_content("content", 2, true)?;
+
+    comments_helper::edit(comment.id, &new_content)?;
+
+    r.success("Content updated.")
 }
\ No newline at end of file
diff --git a/src/controllers/routes.rs b/src/controllers/routes.rs
index e2e4ab9..c772422 100644
--- a/src/controllers/routes.rs
+++ b/src/controllers/routes.rs
@@ -1,6 +1,6 @@
 use std::error::Error;
 
-use crate::controllers::{account_controller, conversations_controller, friends_controller, groups_controller, movies_controller, posts_controller, search_controller, server_controller, user_controller, virtual_directory_controller, comments_controller};
+use crate::controllers::{account_controller, comments_controller, conversations_controller, friends_controller, groups_controller, movies_controller, posts_controller, search_controller, server_controller, user_controller, virtual_directory_controller};
 use crate::controllers::routes::Method::{GET, POST};
 use crate::data::http_request_handler::HttpRequestHandler;
 
@@ -223,6 +223,8 @@ pub fn get_routes() -> Vec<Route> {
 
         Route::post("/comments/get_single", Box::new(comments_controller::get_single)),
 
+        Route::post("/comments/edit",Box::new(comments_controller::edit)),
+
 
 
         // Movies controller
diff --git a/src/data/http_request_handler.rs b/src/data/http_request_handler.rs
index ec15071..4e8dc08 100644
--- a/src/data/http_request_handler.rs
+++ b/src/data/http_request_handler.rs
@@ -594,9 +594,24 @@ impl HttpRequestHandler {
             "Specified comment not found!",
         )?;
 
-        let post = posts_helper::get_single(comment.post_id)?;
-        if posts_helper::get_access_level(&post, &self.user_id_opt())? == PostAccessLevel::NO_ACCESS {
-            self.forbidden("You are not allowed to access this post informations !".to_string())?;
+        if comment.user_id != self.user_id_or_invalid() {
+
+            let post = posts_helper::get_single(comment.post_id)?;
+            if posts_helper::get_access_level(&post, &self.user_id_opt())? == PostAccessLevel::NO_ACCESS {
+                self.forbidden("You are not allowed to access this post information !".to_string())?;
+            }
+
+        }
+
+        Ok(comment)
+    }
+
+    /// Get information about a comment specified in the request for which user has full access
+    pub fn post_comment_with_full_access(&mut self, name: &str) -> ResultBoxError<Comment> {
+        let comment = self.post_comment_with_access(name)?;
+
+        if comment.user_id != self.user_id()? {
+            self.forbidden("You are not the owner of this comment!".to_string())?;
         }
 
         Ok(comment)
diff --git a/src/helpers/comments_helper.rs b/src/helpers/comments_helper.rs
index 0c689a3..1b53502 100644
--- a/src/helpers/comments_helper.rs
+++ b/src/helpers/comments_helper.rs
@@ -53,6 +53,14 @@ fn db_to_comment(row: &database::RowResult) -> ResultBoxError<Comment> {
     })
 }
 
+/// Update comment content
+pub fn edit(comment_id: u64, new_content: &str) -> ResultBoxError {
+    database::UpdateInfo::new(COMMENTS_TABLE)
+        .cond_u64("ID", comment_id)
+        .set_str("commentaire", new_content)
+        .exec()
+}
+
 /// Delete a single comment
 pub fn delete(c: &Comment) -> ResultBoxError {
     // Delete associated image (if any)
diff --git a/src/utils/string_utils.rs b/src/utils/string_utils.rs
index 141a37b..5f216cd 100644
--- a/src/utils/string_utils.rs
+++ b/src/utils/string_utils.rs
@@ -49,7 +49,7 @@ pub fn check_url(url: &str) -> bool {
 /// assert_eq!(check_string_before_insert("Hello world"), true);
 /// ```
 pub fn check_string_before_insert(s: &str) -> bool {
-    s.trim().len() > 3
+    s.trim().len() > 2
 }
 
 /// Check the validity of a YouTube ID