wcfsetup/install/files/lib/system/comment/manager/AbstractCommentManager.class.php

   1 <?php
   2
   3 namespace wcf\system\comment\manager;
   4
   5 use wcf\data\comment\Comment;
   6 use wcf\data\comment\response\CommentResponse;
   7 use wcf\data\DatabaseObjectDecorator;
   8 use wcf\system\bbcode\BBCodeHandler;
   9 use wcf\system\SingletonFactory;
  10 use wcf\system\WCF;
  11
  12 /**
  13  * Default implementation for comment managers.
  14  *
  15  * @author  Alexander Ebert
  16  * @copyright   2001-2019 WoltLab GmbH
  17  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  18  * @package WoltLabSuite\Core\System\Comment\Manager
  19  */
  20 abstract class AbstractCommentManager extends SingletonFactory implements ICommentManager
  21 {
  22     /**
  23      * display comments per page
  24      * @var int
  25      */
  26     public $commentsPerPage = 30;
  27
  28     /**
  29      * permission name for comment/response creation
  30      * @var string
  31      */
  32     protected $permissionAdd = '';
  33
  34     /**
  35      * permission name for comment/response creation without approval
  36      * @var string
  37      */
  38     protected $permissionAddWithoutModeration = '';
  39
  40     /**
  41      * permission name for comment/response moderation
  42      * @var string
  43      */
  44     protected $permissionCanModerate = '';
  45
  46     /**
  47      * permission name for deletion of own comments/responses
  48      * @var string
  49      */
  50     protected $permissionDelete = '';
  51
  52     /**
  53      * permission name for editing of own comments/responses
  54      * @var string
  55      */
  56     protected $permissionEdit = '';
  57
  58     /**
  59      * permission name for deletion of comments/responses (moderator)
  60      * @var string
  61      */
  62     protected $permissionModDelete = '';
  63
  64     /**
  65      * permission name for editing of comments/responses (moderator)
  66      * @var string
  67      */
  68     protected $permissionModEdit = '';
  69
  70     /**
  71      * permission name for the list of disallowed bbcodes
  72      * @var string
  73      */
  74     protected $permissionDisallowedBBCodes = 'user.comment.disallowedBBCodes';
  75
  76     /**
  77      * @inheritDoc
  78      */
  79     public function canAdd($objectID)
  80     {
  81         if (VISITOR_USE_TINY_BUILD && !WCF::getUser()->userID) {
  82             return false;
  83         }
  84
  85         if (!$this->isAccessible($objectID, true)) {
  86             return false;
  87         }
  88
  89         return WCF::getSession()->getPermission($this->permissionAdd) ? true : false;
  90     }
  91
  92     /**
  93      * @inheritDoc
  94      */
  95     public function canAddWithoutApproval($objectID)
  96     {
  97         if (VISITOR_USE_TINY_BUILD && !WCF::getUser()->userID) {
  98             return false;
  99         }
 100
 101         if (empty($this->permissionAddWithoutModeration)) {
 102             if (ENABLE_DEBUG_MODE) {
 103                 throw new \RuntimeException("Missing permission name to create comments without approval.");
 104             }
 105
 106             // backwards-compatibility in production mode
 107             return true;
 108         }
 109
 110         return WCF::getSession()->getPermission($this->permissionAddWithoutModeration) ? true : false;
 111     }
 112
 113     /**
 114      * @inheritDoc
 115      */
 116     public function setDisallowedBBCodes()
 117     {
 118         BBCodeHandler::getInstance()->setDisallowedBBCodes(\explode(
 119             ',',
 120             WCF::getSession()->getPermission($this->permissionDisallowedBBCodes)
 121         ));
 122     }
 123
 124     /**
 125      * @inheritDoc
 126      */
 127     public function canEditComment(Comment $comment)
 128     {
 129         return $this->canEdit($comment->userID == WCF::getUser()->userID);
 130     }
 131
 132     /**
 133      * @inheritDoc
 134      */
 135     public function canEditResponse(CommentResponse $response)
 136     {
 137         return $this->canEdit($response->userID == WCF::getUser()->userID);
 138     }
 139
 140     /**
 141      * @inheritDoc
 142      */
 143     public function canDeleteComment(Comment $comment)
 144     {
 145         return $this->canDelete($comment->userID == WCF::getUser()->userID);
 146     }
 147
 148     /**
 149      * @inheritDoc
 150      */
 151     public function canDeleteResponse(CommentResponse $response)
 152     {
 153         return $this->canDelete($response->userID == WCF::getUser()->userID);
 154     }
 155
 156     /**
 157      * @inheritDoc
 158      */
 159     public function canModerate($objectTypeID, $objectID)
 160     {
 161         return WCF::getSession()->getPermission($this->permissionCanModerate) ? true : false;
 162     }
 163
 164     /**
 165      * Returns true if the current user may edit a comment/response.
 166      *
 167      * @param bool $isOwner
 168      * @return  bool
 169      */
 170     protected function canEdit($isOwner)
 171     {
 172         // disallow guests
 173         if (!WCF::getUser()->userID) {
 174             return false;
 175         }
 176
 177         // check moderator permission
 178         if (WCF::getSession()->getPermission($this->permissionModEdit)) {
 179             return true;
 180         }
 181
 182         // check user permission and ownership
 183         if ($isOwner && WCF::getSession()->getPermission($this->permissionEdit)) {
 184             return true;
 185         }
 186
 187         return false;
 188     }
 189
 190     /**
 191      * Returns true if the current user may delete a comment/response.
 192      *
 193      * @param bool $isOwner
 194      * @return  bool
 195      */
 196     protected function canDelete($isOwner)
 197     {
 198         // disallow guests
 199         if (!WCF::getUser()->userID) {
 200             return false;
 201         }
 202
 203         // check moderator permission
 204         if (WCF::getSession()->getPermission($this->permissionModDelete)) {
 205             return true;
 206         }
 207
 208         // check user permission and ownership
 209         if ($isOwner && WCF::getSession()->getPermission($this->permissionDelete)) {
 210             return true;
 211         }
 212
 213         return false;
 214     }
 215
 216     /**
 217      * @inheritDoc
 218      */
 219     public function getCommentsPerPage()
 220     {
 221         return $this->commentsPerPage;
 222     }
 223
 224     /**
 225      * @inheritDoc
 226      */
 227     public function supportsLike()
 228     {
 229         return true;
 230     }
 231
 232     /**
 233      * @inheritDoc
 234      */
 235     public function supportsReport()
 236     {
 237         return true;
 238     }
 239
 240     /**
 241      * @inheritDoc
 242      */
 243     public function getCommentLink(Comment $comment)
 244     {
 245         return $this->getLink($comment->objectTypeID, $comment->objectID) . '#comment' . $comment->commentID;
 246     }
 247
 248     /**
 249      * @inheritDoc
 250      */
 251     public function getResponseLink(CommentResponse $response)
 252     {
 253         return $this->getLink($response->getComment()->objectTypeID, $response->getComment()->objectID)
 254             . '#comment' . $response->commentID . '/response' . $response->responseID;
 255     }
 256
 257     /**
 258      * @inheritDoc
 259      */
 260     public function isContentAuthor($commentOrResponse)
 261     {
 262         return false;
 263     }
 264
 265     /**
 266      * Returns the object ID for the given Comment or CommentResponse.
 267      *
 268      * @return int
 269      */
 270     final protected function getObjectID($commentOrResponse)
 271     {
 272         if (
 273             $commentOrResponse instanceof CommentResponse
 274             || (
 275                 $commentOrResponse instanceof DatabaseObjectDecorator
 276                 && $commentOrResponse->getDecoratedObject() instanceof CommentResponse
 277             )
 278         ) {
 279             return $commentOrResponse->getComment()->objectID;
 280         } else {
 281             return $commentOrResponse->objectID;
 282         }
 283     }
 284 }