1 files changed, 191 insertions, 0 deletions
diff --git a/app/Controller/CommentController.php b/app/Controller/CommentController.php
new file mode 100644
index 00000000..8d1132ae
--- /dev/null
+++ b/app/Controller/CommentController.php
@@ -0,0 +1,191 @@
+<?php
+
+namespace Kanboard\Controller;
+
+use Kanboard\Core\Controller\AccessForbiddenException;
+use Kanboard\Core\Controller\PageNotFoundException;
+
+/**
+ * Comment Controller
+ *
+ * @package  Kanboard\Controller
+ * @author   Frederic Guillot
+ */
+class CommentController extends BaseController
+{
+    /**
+     * Get the current comment
+     *
+     * @access private
+     * @return array
+     * @throws PageNotFoundException
+     * @throws AccessForbiddenException
+     */
+    private function getComment()
+    {
+        $comment = $this->comment->getById($this->request->getIntegerParam('comment_id'));
+
+        if (empty($comment)) {
+            throw new PageNotFoundException();
+        }
+
+        if (! $this->userSession->isAdmin() && $comment['user_id'] != $this->userSession->getId()) {
+            throw new AccessForbiddenException();
+        }
+
+        return $comment;
+    }
+
+    /**
+     * Add comment form
+     *
+     * @access public
+     * @param array $values
+     * @param array $errors
+     * @throws AccessForbiddenException
+     * @throws PageNotFoundException
+     */
+    public function create(array $values = array(), array $errors = array())
+    {
+        $task = $this->getTask();
+
+        if (empty($values)) {
+            $values = array(
+                'user_id' => $this->userSession->getId(),
+                'task_id' => $task['id'],
+            );
+        }
+
+        $this->response->html($this->template->render('comment/create', array(
+            'values' => $values,
+            'errors' => $errors,
+            'task' => $task,
+        )));
+    }
+
+    /**
+     * Add a comment
+     *
+     * @access public
+     */
+    public function save()
+    {
+        $task = $this->getTask();
+        $values = $this->request->getValues();
+
+        list($valid, $errors) = $this->commentValidator->validateCreation($values);
+
+        if ($valid) {
+            if ($this->comment->create($values)) {
+                $this->flash->success(t('Comment added successfully.'));
+            } else {
+                $this->flash->failure(t('Unable to create your comment.'));
+            }
+
+            return $this->response->redirect($this->helper->url->to('TaskViewController', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id']), 'comments'), true);
+        }
+
+        return $this->create($values, $errors);
+    }
+
+    /**
+     * Edit a comment
+     *
+     * @access public
+     * @param array $values
+     * @param array $errors
+     * @throws AccessForbiddenException
+     * @throws PageNotFoundException
+     */
+    public function edit(array $values = array(), array $errors = array())
+    {
+        $task = $this->getTask();
+        $comment = $this->getComment();
+
+        $this->response->html($this->template->render('comment/edit', array(
+            'values' => empty($values) ? $comment : $values,
+            'errors' => $errors,
+            'comment' => $comment,
+            'task' => $task,
+            'title' => t('Edit a comment')
+        )));
+    }
+
+    /**
+     * Update and validate a comment
+     *
+     * @access public
+     */
+    public function update()
+    {
+        $task = $this->getTask();
+        $this->getComment();
+
+        $values = $this->request->getValues();
+        list($valid, $errors) = $this->commentValidator->validateModification($values);
+
+        if ($valid) {
+            if ($this->comment->update($values)) {
+                $this->flash->success(t('Comment updated successfully.'));
+            } else {
+                $this->flash->failure(t('Unable to update your comment.'));
+            }
+
+            return $this->response->redirect($this->helper->url->to('TaskViewController', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id'])), false);
+        }
+
+        return $this->edit($values, $errors);
+    }
+
+    /**
+     * Confirmation dialog before removing a comment
+     *
+     * @access public
+     */
+    public function confirm()
+    {
+        $task = $this->getTask();
+        $comment = $this->getComment();
+
+        $this->response->html($this->template->render('comment/remove', array(
+            'comment' => $comment,
+            'task' => $task,
+            'title' => t('Remove a comment')
+        )));
+    }
+
+    /**
+     * Remove a comment
+     *
+     * @access public
+     */
+    public function remove()
+    {
+        $this->checkCSRFParam();
+        $task = $this->getTask();
+        $comment = $this->getComment();
+
+        if ($this->comment->remove($comment['id'])) {
+            $this->flash->success(t('Comment removed successfully.'));
+        } else {
+            $this->flash->failure(t('Unable to remove this comment.'));
+        }
+
+        $this->response->redirect($this->helper->url->to('TaskViewController', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id']), 'comments'));
+    }
+
+    /**
+     * Toggle comment sorting
+     *
+     * @access public
+     */
+    public function toggleSorting()
+    {
+        $task = $this->getTask();
+
+        $order = $this->userSession->getCommentSorting() === 'ASC' ? 'DESC' : 'ASC';
+        $this->userSession->setCommentSorting($order);
+
+        $this->response->redirect($this->helper->url->to('TaskViewController', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id']), 'comments'));
+    }
+}