1
0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2024-11-22 21:39:21 +00:00

Can update comment content

This commit is contained in:
Pierre HUBERT 2020-07-10 08:57:46 +02:00
parent 24e094fc4a
commit 5a5bf8c5c3
5 changed files with 41 additions and 6 deletions

View File

@ -28,7 +28,7 @@ pub fn create(r: &mut HttpRequestHandler) -> RequestResult {
)
} else {
(
r.post_content("content", 3, true)?,
r.post_content("content", 2, true)?,
None
)
};
@ -57,3 +57,13 @@ pub fn get_single(r: &mut HttpRequestHandler) -> RequestResult {
r.set_response(CommentAPI::new(&comment, &r.user_id_opt())?)
}
/// Change a comment's content
pub fn edit(r: &mut HttpRequestHandler) -> RequestResult {
let comment = r.post_comment_with_full_access("commentID")?;
let new_content = r.post_content("content", 2, true)?;
comments_helper::edit(comment.id, &new_content)?;
r.success("Content updated.")
}

View File

@ -1,6 +1,6 @@
use std::error::Error;
use crate::controllers::{account_controller, conversations_controller, friends_controller, groups_controller, movies_controller, posts_controller, search_controller, server_controller, user_controller, virtual_directory_controller, comments_controller};
use crate::controllers::{account_controller, comments_controller, conversations_controller, friends_controller, groups_controller, movies_controller, posts_controller, search_controller, server_controller, user_controller, virtual_directory_controller};
use crate::controllers::routes::Method::{GET, POST};
use crate::data::http_request_handler::HttpRequestHandler;
@ -223,6 +223,8 @@ pub fn get_routes() -> Vec<Route> {
Route::post("/comments/get_single", Box::new(comments_controller::get_single)),
Route::post("/comments/edit",Box::new(comments_controller::edit)),
// Movies controller

View File

@ -594,9 +594,24 @@ impl HttpRequestHandler {
"Specified comment not found!",
)?;
if comment.user_id != self.user_id_or_invalid() {
let post = posts_helper::get_single(comment.post_id)?;
if posts_helper::get_access_level(&post, &self.user_id_opt())? == PostAccessLevel::NO_ACCESS {
self.forbidden("You are not allowed to access this post informations !".to_string())?;
self.forbidden("You are not allowed to access this post information !".to_string())?;
}
}
Ok(comment)
}
/// Get information about a comment specified in the request for which user has full access
pub fn post_comment_with_full_access(&mut self, name: &str) -> ResultBoxError<Comment> {
let comment = self.post_comment_with_access(name)?;
if comment.user_id != self.user_id()? {
self.forbidden("You are not the owner of this comment!".to_string())?;
}
Ok(comment)

View File

@ -53,6 +53,14 @@ fn db_to_comment(row: &database::RowResult) -> ResultBoxError<Comment> {
})
}
/// Update comment content
pub fn edit(comment_id: u64, new_content: &str) -> ResultBoxError {
database::UpdateInfo::new(COMMENTS_TABLE)
.cond_u64("ID", comment_id)
.set_str("commentaire", new_content)
.exec()
}
/// Delete a single comment
pub fn delete(c: &Comment) -> ResultBoxError {
// Delete associated image (if any)

View File

@ -49,7 +49,7 @@ pub fn check_url(url: &str) -> bool {
/// assert_eq!(check_string_before_insert("Hello world"), true);
/// ```
pub fn check_string_before_insert(s: &str) -> bool {
s.trim().len() > 3
s.trim().len() > 2
}
/// Check the validity of a YouTube ID