Implement the new interface `ICommentPermissionManager` in the comment managers

diff --git a/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php
index 5f6b6d1d840fd4d391db3bbcca88722a0c6e9460..4ee1c76c56530952e11bfec6419a16170a64a8ed 100644 (file)
--- a/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php
@@ -21,7 +21,7 @@ use wcf\system\WCF;
  * @copyright   2001-2019 WoltLab GmbH
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  */
-class ArticleCommentManager extends AbstractCommentManager implements IViewableLikeProvider
+class ArticleCommentManager extends AbstractCommentManager implements IViewableLikeProvider, ICommentPermissionManager
 {
     /**
      * @inheritDoc
@@ -73,13 +73,16 @@ class ArticleCommentManager extends AbstractCommentManager implements IViewableL
     }
 
     #[\Override]
-    public function canViewObject(int $objectID, UserProfile $user): bool
+    public function canModerateObject(int $objectTypeID, int $objectID, UserProfile $user): bool
     {
         $articleContent = new ArticleContent($objectID);
         if (!$articleContent->articleContentID) {
             return false;
         }
-        return $articleContent->getArticle()->canRead($user);
+        if (!$articleContent->getArticle()->canRead($user)) {
+            return false;
+        }
+        return (bool)$user->getPermission($this->permissionCanModerate);
     }
 
     /**

diff --git a/wcfsetup/install/files/lib/system/comment/manager/ICommentPermissionManager.php b/wcfsetup/install/files/lib/system/comment/manager/ICommentPermissionManager.php
index b797c41de2c962366d32f4e40468aa874f5ad008..4871dc86a3f120a936d802bc07e27330025deefe 100644 (file)
--- a/wcfsetup/install/files/lib/system/comment/manager/ICommentPermissionManager.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/ICommentPermissionManager.php
@@ -18,9 +18,4 @@ interface ICommentPermissionManager extends ICommentManager
      * object type id and object id.
      */
     public function canModerateObject(int $objectTypeID, int $objectID, UserProfile $user): bool;
-
-    /**
-     * Returns true if the user may read content identified by object type id and object id.
-     */
-    public function canViewObject(int $objectID, UserProfile $user): bool;
 }

diff --git a/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php
index e13b625dd469ea1c3ced0044c8d7d88270c37cd2..ea81183be4837c0f65b0d55b747b43b85c439f9a 100644 (file)
--- a/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php
@@ -14,7 +14,7 @@ use wcf\data\user\UserProfile;
  * @copyright   2001-2019 WoltLab GmbH
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  */
-class ModerationQueueCommentManager extends AbstractCommentManager
+class ModerationQueueCommentManager extends AbstractCommentManager implements ICommentPermissionManager
 {
     /**
      * @inheritDoc
@@ -27,11 +27,10 @@ class ModerationQueueCommentManager extends AbstractCommentManager
     }
 
     #[\Override]
-    public function canViewObject(int $objectID, UserProfile $user): bool
+    public function canModerateObject(int $objectTypeID, int $objectID, UserProfile $user): bool
     {
         $entry = new ModerationQueue($objectID);
-
-        return $entry->canEdit($user->getDecoratedObject());
+        return ($entry->canEdit($user->getDecoratedObject()));
     }
 
     /**

diff --git a/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php
index 1537fcc87d0dad469dc00849790848fb3e405ad1..d74209da1e6092fed3076efeec88222205c9a6ea 100644 (file)
--- a/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php
@@ -20,7 +20,7 @@ use wcf\system\WCF;
  * @copyright   2001-2019 WoltLab GmbH
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  */
-class PageCommentManager extends AbstractCommentManager implements IViewableLikeProvider
+class PageCommentManager extends AbstractCommentManager implements IViewableLikeProvider, ICommentPermissionManager
 {
     /**
      * @inheritDoc
@@ -72,22 +72,18 @@ class PageCommentManager extends AbstractCommentManager implements IViewableLike
     }
 
     #[\Override]
-    public function canViewObject(int $objectID, UserProfile $user): bool
+    public function canModerateObject(int $objectTypeID, int $objectID, UserProfile $user): bool
     {
         $page = new Page($objectID);
         if (!$page->pageID) {
             return false;
         }
-        return $page->isAccessible($user->getDecoratedObject());
-    }
-
-    #[\Override]
-    public function canWriteComments(int $objectID, UserProfile $user): bool
-    {
-        return $this->canViewObject($objectID, $user);
+        if (!$page->isAccessible($user->getDecoratedObject())) {
+            return false;
+        }
+        return (bool)$user->getPermission($this->permissionCanModerate);
     }
 
-
     /**
      * @inheritDoc
      */

diff --git a/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php
index 5fa4a34a40e7ae5beb387b60c0a7b6c3de8c1450..0727551ccce69880987cb55f13cc6dd96b793885 100644 (file)
--- a/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php
@@ -21,7 +21,9 @@ use wcf\system\WCF;
  * @copyright   2001-2019 WoltLab GmbH
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  */
-class UserProfileCommentManager extends AbstractCommentManager implements IViewableLikeProvider
+class UserProfileCommentManager extends AbstractCommentManager implements
+    IViewableLikeProvider,
+    ICommentPermissionManager
 {
     /**
      * @inheritDoc
@@ -92,7 +94,7 @@ class UserProfileCommentManager extends AbstractCommentManager implements IViewa
     }
 
     #[\Override]
-    public function canViewObject(int $objectID, UserProfile $user): bool
+    public function canModerateObject(int $objectTypeID, int $objectID, UserProfile $user): bool
     {
         $userProfile = UserProfileRuntimeCache::getInstance()->getObject($objectID);
         if ($userProfile === null) {
@@ -100,9 +102,15 @@ class UserProfileCommentManager extends AbstractCommentManager implements IViewa
         }
 
         /** @see UserProfile::isProtected() */
-        return $user->getPermission('admin.general.canViewPrivateUserOptions')
+        if (
+            !(
+            $user->getPermission('admin.general.canViewPrivateUserOptions')
             || $userProfile->isAccessible('canViewProfile', $user->userID)
-            || $userProfile->userID === $user->userID;
+            || $userProfile->userID === $user->userID)
+        ) {
+            return false;
+        }
+        return (bool)$user->getPermission($this->permissionCanModerate);
     }
 
     /**