Class: CommentsController

Inherits:
ApplicationController show all
Defined in:
app/controllers/comments_controller.rb

Overview

Provides mainly web actions for using and making comments.

Instance Method Summary collapse

Methods inherited from ApplicationController

#dashboard, #keyboard_tools, #upload

Instance Method Details

#createObject 



68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'app/controllers/comments_controller.rb', line 68

def create
  @comment_thread = CommentThread.find(params[:id])
  @post = @comment_thread.post
  if @post.comments_disabled && !current_user.is_moderator && !current_user.is_admin
    render json: { status: 'failed', message: 'Comments have been disabled on this post.' }, status: :forbidden
    return
  elsif !@post.can_access?(current_user)
    return not_found
  end

  body = params[:content]
  pings = check_for_pings @comment_thread, body

  @comment = Comment.new(post: @post, content: body, user: current_user,
                         comment_thread: @comment_thread, has_reference: false)

  rate_limited, limit_message = helpers.comment_rate_limited?(current_user, @post)
  if rate_limited
    flash[:danger] = limit_message
    redirect_to helpers.generic_share_link(@post)
    return
  end

  if @comment.save
    apply_pings pings
    @comment_thread.thread_follower.each do |follower|
      next if follower.user_id == current_user.id
      next if pings.include? follower.user_id

      thread_url = comment_thread_url(@comment_thread, host: @comment_thread.community.host)
      existing_notification = follower.user.notifications.where(is_read: false)
                                      .where('link LIKE ?', "#{thread_url}%")
      next if existing_notification.exists?

      title = @post.parent.nil? ? @post.title : @post.parent.title
      follower.user.create_notification("There are new comments in a followed thread '#{@comment_thread.title}' " \
                                        "on the post '#{title}'",
                                        helpers.comment_link(@comment))
    end
  else
    flash[:danger] = @comment.errors.full_messages.join(', ')
  end
  redirect_to comment_thread_path(@comment_thread.id)
end

#create_threadObject 



10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
# File 'app/controllers/comments_controller.rb', line 10

def create_thread
  @post = Post.find(params[:post_id])
  if @post.comments_disabled && !current_user.is_moderator && !current_user.is_admin
    render json: { status: 'failed', message: 'Comments have been disabled on this post.' }, status: :forbidden
    return
  elsif !@post.can_access?(current_user)
    return not_found
  end

  title = params[:title]
  unless title.present?
    title = if params[:body].length > 100
              "#{params[:body][0..100]}..."
            else
              params[:body]
            end
  end

  body = params[:body]

  @comment_thread = CommentThread.new(title: title, post: @post)
  @comment = Comment.new(post: @post, content: body, user: current_user, comment_thread: @comment_thread)

  pings = check_for_pings @comment_thread, body

  rate_limited, limit_message = helpers.comment_rate_limited?(current_user, @post)
  if rate_limited
    flash[:danger] = limit_message
    redirect_to helpers.generic_share_link(@post)
    return
  end

  success = ActiveRecord::Base.transaction do
    @comment_thread.save!
    @comment.save!
  end

  if success
    notification = "New comment thread on #{@comment.root.title}: #{@comment_thread.title}"
    unless @comment.post.user == current_user
      @comment.post.user.create_notification(notification, helpers.comment_link(@comment))
    end

    ThreadFollower.where(post: @post).each do |tf|
      unless tf.user == current_user || tf.user == @comment.post.user
        tf.user.create_notification(notification, helpers.comment_link(@comment))
      end
      ThreadFollower.create(user: tf.user, comment_thread: @comment_thread)
    end

    apply_pings pings
  else
    flash[:danger] = "Could not create comment thread: #{(@comment_thread.errors.full_messages \
                                                         + @comment.errors.full_messages).join(', ')}"
  end
  redirect_to helpers.generic_share_link(@post)
end

#destroyObject 



136
137
138
139
140
141
142
143
144
145
146
147
 
# File 'app/controllers/comments_controller.rb', line 136

def destroy
  if @comment.update(deleted: true)
    @comment_thread = @comment.comment_thread
    unless current_user.id == @comment.user_id
      AuditLog.moderator_audit(event_type: 'comment_delete', related: @comment, user: current_user,
                               comment: "content <<#{@comment.content}>>")
    end
    render json: { status: 'success' }
  else
    render json: { status: 'failed' }, status: :internal_server_error
  end
end

#pingableObject 



282
283
284
285
286
287
 
# File 'app/controllers/comments_controller.rb', line 282

def pingable
  thread = params[:id] == '-1' ? CommentThread.new(post_id: params[:post]) : CommentThread.find(params[:id])
  ids = helpers.get_pingable(thread)
  users = User.where(id: ids)
  render json: users.to_h { |u| [u.username, u.id] }
end

#postObject 



259
260
261
262
263
264
265
266
267
268
269
270
 
# File 'app/controllers/comments_controller.rb', line 259

def post
  @post = Post.find(params[:post_id])
  @comment_threads = if helpers.moderator? || current_user&.has_post_privilege?('flag_curate', @post)
                       CommentThread
                     else
                       CommentThread.undeleted
                     end.where(post: @post).order(deleted: :asc, archived: :asc, reply_count: :desc)
  respond_to do |format|
    format.html { render layout: false }
    format.json { render json: @comment_threads }
  end
end

#post_followObject 



272
273
274
275
276
277
278
279
280
 
# File 'app/controllers/comments_controller.rb', line 272

def post_follow
  @post = Post.find(params[:post_id])
  if CommentThread.post_followed?(@post, current_user)
    ThreadFollower.where(post: @post, user: current_user).destroy_all
  else
    ThreadFollower.create(post: @post, user: current_user)
  end
  redirect_to post_path(@post)
end

#showObject 



162
163
164
165
166
167
 
# File 'app/controllers/comments_controller.rb', line 162

def show
  respond_to do |format|
    format.html { render partial: 'comments/comment', locals: { comment: @comment } }
    format.json { render json: @comment }
  end
end

#threadObject 



169
170
171
 
# File 'app/controllers/comments_controller.rb', line 169

def thread
  not_found unless @comment_thread.can_access?(current_user)
end

#thread_followersObject 



173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
 
# File 'app/controllers/comments_controller.rb', line 173

def thread_followers
  return not_found unless @comment_thread.can_access?(current_user)
  return not_found unless current_user.is_moderator || current_user.is_admin

  @followers = ThreadFollower.where(comment_thread: @comment_thread).joins(:user, user: :community_user)
                             .includes(:user, user: [:community_user, :avatar_attachment])
  respond_to do |format|
    format.json do
      render json: @followers
    end
    format.html do
      render layout: false
    end
  end
end

#thread_renameObject 



189
190
191
192
193
194
195
196
197
198
 
# File 'app/controllers/comments_controller.rb', line 189

def thread_rename
  if @comment_thread.read_only? && !current_user.is_moderator
    flash[:danger] = 'This thread has been locked.'
    redirect_to comment_thread_path(@comment_thread.id)
    return
  end

  @comment_thread.update title: params[:title]
  redirect_to comment_thread_path(@comment_thread.id)
end

#thread_restrictObject 



200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
 
# File 'app/controllers/comments_controller.rb', line 200

def thread_restrict
  case params[:type]
  when 'lock'
    return not_found unless current_user.privilege?('flag_curate') && !@comment_thread.locked?

    lu = nil
    unless params[:duration].blank?
      lu = params[:duration].to_i.days.from_now
    end
    @comment_thread.update(locked: true, locked_by: current_user, locked_until: lu)

    redirect_to comment_thread_path(@comment_thread.id)
    return
  when 'archive'
    return not_found unless current_user.privilege?('flag_curate') && !@comment_thread.archived?

    @comment_thread.update(archived: true, archived_by: current_user)
  when 'delete'
    return not_found unless current_user.privilege?('flag_curate') && !@comment_thread.deleted?

    @comment_thread.update(deleted: true, deleted_by: current_user)
  when 'follow'
    ThreadFollower.create comment_thread: @comment_thread, user: current_user
  else
    return not_found
  end

  render json: { status: 'success' }
end

#thread_unrestrictObject 



230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
 
# File 'app/controllers/comments_controller.rb', line 230

def thread_unrestrict
  case params[:type]
  when 'lock'
    return not_found unless current_user.privilege?('flag_curate') && @comment_thread.locked?

    @comment_thread.update(locked: false, locked_by: nil, locked_until: nil)
  when 'archive'
    return not_found unless current_user.privilege?('flag_curate') && @comment_thread.archived?

    @comment_thread.update(archived: false, archived_by: nil, ever_archived_before: true)
  when 'delete'
    return not_found unless current_user.privilege?('flag_curate') && @comment_thread.deleted?

    if @comment_thread.deleted_by.is_moderator && !current_user.is_moderator
      render json: { status: 'error',
                     message: 'Threads deleted by a moderator can only be undeleted by a moderator.' }
      return
    end
    @comment_thread.update(deleted: false, deleted_by: nil)
  when 'follow'
    tf = ThreadFollower.find_by(comment_thread: @comment_thread, user: current_user)
    tf&.destroy
  else
    return not_found
  end

  render json: { status: 'success' }
end

#undeleteObject 



149
150
151
152
153
154
155
156
157
158
159
160
 
# File 'app/controllers/comments_controller.rb', line 149

def undelete
  if @comment.update(deleted: false)
    @comment_thread = @comment.comment_thread
    unless current_user.id == @comment.user_id
      AuditLog.moderator_audit(event_type: 'comment_undelete', related: @comment, user: current_user,
                               comment: "content <<#{@comment.content}>>")
    end
    render json: { status: 'success' }
  else
    render json: { status: 'failed' }, status: :internal_server_error
  end
end

#updateObject 



113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
 
# File 'app/controllers/comments_controller.rb', line 113

def update
  @post = @comment.post
  @comment_thread = @comment.comment_thread
  before = @comment.content
  before_pings = check_for_pings @comment_thread, before
  if @comment.update comment_params
    unless current_user.id == @comment.user_id
      AuditLog.moderator_audit(event_type: 'comment_update', related: @comment, user: current_user,
                               comment: "from <<#{before}>>\nto <<#{@comment.content}>>")
    end

    after_pings = check_for_pings @comment_thread, @comment.content
    apply_pings(after_pings - before_pings - @comment_thread.thread_follower.to_a)

    render json: { status: 'success',
                   comment: render_to_string(partial: 'comments/comment', locals: { comment: @comment }) }
  else
    render json: { status: 'failed',
                   message: "Comment failed to save (#{@comment.errors.full_messages.join(', ')})" },
           status: :internal_server_error
  end
end