diff --git a/core/modules/comment/comment.routing.yml b/core/modules/comment/comment.routing.yml index 96b04ab..fc420d9 100644 --- a/core/modules/comment/comment.routing.yml +++ b/core/modules/comment/comment.routing.yml @@ -23,7 +23,7 @@ comment_permalink: comment_reply: pattern: 'comment/reply/{node}/{pid}' defaults: - _content: '\Drupal\comment\Controller\CommentController::getReply' + _content: '\Drupal\comment\Controller\CommentController::getReplyForm' pid: ~ requirements: _entity_access: 'node.view' diff --git a/core/modules/comment/lib/Drupal/comment/Controller/CommentController.php b/core/modules/comment/lib/Drupal/comment/Controller/CommentController.php index a386134..58ef360 100644 --- a/core/modules/comment/lib/Drupal/comment/Controller/CommentController.php +++ b/core/modules/comment/lib/Drupal/comment/Controller/CommentController.php @@ -148,23 +148,19 @@ public function commentPermalink(Request $request, CommentInterface $comment) { /** * Form constructor for the comment reply form. * - * There are several cases that have to be handled, including: - * - replies to comments - * - replies to nodes - * - attempts to reply to nodes that can no longer accept comments - * - respecting access permissions ('access comments', 'post comments', etc.) - * - * The node or comment that is being replied to must appear above the comment - * form to provide the user context while authoring the comment. + * Both replies on the node itself and replies on other comments are + * supported. To provide context, the node or comment that is being replied on + * will be displayed along the comment reply form. + * The constructor takes care of access permissions and checks whether the + * node still accepts comments. * + * @param \Symfony\Component\HttpFoundation\Request $request + * The current request object. * @param \Drupal\node\NodeInterface $node * Every comment belongs to a node. This is that node. * @param int $pid * (optional) Some comments are replies to other comments. In those cases, - * $pid is the parent comment's comment ID. Defaults to NULL. - * - * @param \Symfony\Component\HttpFoundation\Request $request - * The current request object containing the search string. + * $pid is the parent comment's ID. Defaults to NULL. * * @return array|\Symfony\Component\HttpFoundation\RedirectResponse * One of the following: @@ -179,78 +175,58 @@ public function commentPermalink(Request $request, CommentInterface $comment) { * - If user is not authorized to view comments. * - If current node comments are disable. */ - public function getReply(NodeInterface $node, $pid, Request $request) { + public function getReplyForm(Request $request, NodeInterface $node, $pid) { $uri = $node->uri(); - $op = $request->request->get('op'); $build = array(); drupal_set_title(t('Add new comment')); - // The user is previewing a comment prior to submitting it. - if ($op == t('Preview')) { - if (user_access('post comments')) { - $comment = $this->entityManager->getStorageController('comment')->create(array( - 'nid' => $node->id(), - 'pid' => $pid, - 'node_type' => 'comment_node_' . $node->bundle(), - )); - $build['comment_form'] = $this->entityManager->getForm($comment); - } - else { - drupal_set_message(t('You are not authorized to post comments.'), 'error'); - return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); - } + // Check if the user has the proper permissions. + if (!user_access('post comments')) { + drupal_set_message(t('You are not authorized to post comments.'), 'error'); + return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); } - else { + + // The user is not just previewing a comment. + if ($request->request->get('op') != t('Preview')) { + if ($node->comment != COMMENT_NODE_OPEN) { + drupal_set_message(t("This discussion is closed: you can't post new comments."), 'error'); + return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); + } + // $pid indicates that this is a reply to a comment. if ($pid) { - if (user_access('access comments')) { - // Load the parent comment. - $comment = $this->entityManager->getStorageController('comment')->load($pid); - if ($comment->status->value == COMMENT_PUBLISHED) { - // If that comment exists, make sure that the current comment and the - // parent comment both belong to the same parent node. - if ($comment->nid->target_id != $node->id()) { - // Attempting to reply to a comment not belonging to the current nid. - drupal_set_message(t('The comment you are replying to does not exist.'), 'error'); - return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); - } - // Display the parent comment - $build['comment_parent'] = $this->entityManager->getRenderController('comment')->view($comment); - } - else { - drupal_set_message(t('The comment you are replying to does not exist.'), 'error'); - return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); - } - } - else { + // Check if the user has the proper permissions. + if (!user_access('access comments')) { drupal_set_message(t('You are not authorized to view comments.'), 'error'); return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); } + // Load the parent comment. + $comment = $this->entityManager->getStorageController('comment')->load($pid); + // Check if the parent comment is published and belongs to the current nid. + if (($comment->status->value != COMMENT_PUBLISHED) || ($comment->nid->target_id != $node->id())) { + drupal_set_message(t('The comment you are replying to does not exist.'), 'error'); + return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); + } + // Display the parent comment. + $build['comment_parent'] = $this->entityManager->getRenderController('comment')->view($comment); } - // This is the case where the comment is in response to a node. Display the node. + + // The comment is in response to a node. elseif (user_access('access content')) { + // Display the node. $build['comment_node'] = $this->entityManager->getRenderController('node')->view($node); } - - // Should we show the reply box? - if ($node->comment != COMMENT_NODE_OPEN) { - drupal_set_message(t("This discussion is closed: you can't post new comments."), 'error'); - return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); - } - elseif (user_access('post comments')) { - $comment = $this->entityManager->getStorageController('comment')->create(array( - 'nid' => $node->id(), - 'pid' => $pid, - 'node_type' => 'comment_node_' . $node->bundle(), - )); - $build['comment_form'] = $this->entityManager->getForm($comment); - } - else { - drupal_set_message(t('You are not authorized to post comments.'), 'error'); - return new RedirectResponse($this->urlGenerator->generateFromPath($uri['path'], array('absolute' => TRUE))); - } } + + // Show the actual reply box. + $comment = $this->entityManager->getStorageController('comment')->create(array( + 'nid' => $node->id(), + 'pid' => $pid, + 'node_type' => 'comment_node_' . $node->bundle(), + )); + $build['comment_form'] = $this->entityManager->getForm($comment); + return $build; }