Post deletion

adaur · adaur · commit d9340736cc25 · 2016-04-12T12:27:38.000+08:00
diff --git a/featherbb/Controller/Api/Post.php b/featherbb/Controller/Api/Post.php
@@ -9,6 +9,9 @@
 
 namespace FeatherBB\Controller\Api;
 
+use FeatherBB\Core\Error;
+use FeatherBB\Core\Utils;
+
 class Post extends Api
 {
     private $model;
@@ -22,4 +25,21 @@ public function display($req, $res, $args)
     {
         return json_encode($this->model->display($args['id']), JSON_PRETTY_PRINT);
     }
+
+    public function delete($req, $res, $args)
+    {
+        // Fetch some information about the post, the topic and the forum
+        $cur_post = \FeatherBB\Model\Post::get_info_delete($args['id']);
+
+        if (ForumSettings::get('o_censoring') == '1') {
+            $cur_post['subject'] = Utils::censor($cur_post['subject']);
+        }
+
+        // Sort out who the moderators are and if we are currently a moderator (or an admin)
+        $is_topic_post = $this->model->getPermissions($cur_post, $args);
+
+        \FeatherBB\Model\Post::handle_deletion($is_topic_post, $args['id'], $cur_post);
+
+        return json_encode("Success", JSON_PRETTY_PRINT);
+    }
 }
diff --git a/featherbb/Model/Api/Post.php b/featherbb/Model/Api/Post.php
@@ -29,4 +29,27 @@ public function display($id)
 
         return $data;
     }
+
+    public function getPermissions($cur_post, $args)
+    {
+        $mods_array = ($cur_post['moderators'] != '') ? unserialize($cur_post['moderators']) : array();
+        $is_admmod = ($this->user->g_id == ForumEnv::get('FEATHER_ADMIN') || ($this->user->g_moderator == '1' && array_key_exists($this->user->username, $mods_array))) ? true : false;
+
+        $is_topic_post = ($args['id'] == $cur_post['first_post_id']) ? true : false;
+
+        // Do we have permission to edit this post?
+        if (($this->user->g_delete_posts == '0' ||
+                ($this->user->g_delete_topics == '0' && $is_topic_post) ||
+                $cur_post['poster_id'] != $this->user->id ||
+                $cur_post['closed'] == '1') &&
+            !$is_admmod) {
+            throw new Error(__('No permission'), 403);
+        }
+
+        if ($is_admmod && $this->user->g_id != ForumEnv::get('FEATHER_ADMIN') && in_array($cur_post['poster_id'], Utils::get_admin_ids())) {
+            throw new Error(__('No permission'), 403);
+        }
+
+        return $is_topic_post;
+    }
 }
diff --git a/featherbb/Model/Post.php b/featherbb/Model/Post.php
@@ -349,7 +349,7 @@ public function setup_edit_variables($cur_post, $is_admmod, $can_edit_subject, $
         return $post;
     }
 
-    public function get_info_delete($id)
+    public static function get_info_delete($id)
     {
         $id = Container::get('hooks')->fire('model.post.get_info_delete_start', $id);
 
@@ -380,7 +380,7 @@ public function get_info_delete($id)
         return $query;
     }
 
-    public function handle_deletion($is_topic_post, $id, $cur_post)
+    public static function handle_deletion($is_topic_post, $id, $cur_post)
     {
         Container::get('hooks')->fire('model.post.handle_deletion_start', $is_topic_post, $id, $cur_post);
 
@@ -401,7 +401,7 @@ public function handle_deletion($is_topic_post, $id, $cur_post)
             Container::get('hooks')->fire('model.post.handle_deletion', $is_topic_post, $id, $cur_post);
 
             // Delete just this one post
-            $this->delete($id, $tid);
+            self::delete($id, $tid);
             Forum::update($fid);
 
             // Redirect towards the previous post
diff --git a/featherbb/routes.php b/featherbb/routes.php
@@ -189,6 +189,7 @@
     Route::get('/topic/{id:\d+}', '\FeatherBB\Controller\Api\Topic:display')->setName('topicApi');
     Route::post('/topic/{id:\d+}[/quote/{qid:\d+}]', '\FeatherBB\Controller\Api\Topic:newReply')->setName('newReplyApi');
     Route::get('/post/{id:\d+}', '\FeatherBB\Controller\Api\Post:display')->setName('postApi');
+    Route::delete('/post/{id:\d+}', '\FeatherBB\Controller\Api\Post:delete')->setName('deletePostApi');
 })->add(new JsonHeader);
 
 // Override the default Not Found Handler

Original file line number	Diff line number	Diff line change
`@@ -349,7 +349,7 @@ public function setup_edit_variables($cur_post, $is_admmod, $can_edit_subject, $`
`349`	`349`	`return $post;`
`350`	`350`	`}`
`351`	`351`
`352`		`- public function get_info_delete($id)`
	`352`	`+ public static function get_info_delete($id)`
`353`	`353`	`{`
`354`	`354`	`$id = Container::get('hooks')->fire('model.post.get_info_delete_start', $id);`
`355`	`355`
`@@ -380,7 +380,7 @@ public function get_info_delete($id)`
`380`	`380`	`return $query;`
`381`	`381`	`}`
`382`	`382`
`383`		`- public function handle_deletion($is_topic_post, $id, $cur_post)`
	`383`	`+ public static function handle_deletion($is_topic_post, $id, $cur_post)`
`384`	`384`	`{`
`385`	`385`	`Container::get('hooks')->fire('model.post.handle_deletion_start', $is_topic_post, $id, $cur_post);`
`386`	`386`
`@@ -401,7 +401,7 @@ public function handle_deletion($is_topic_post, $id, $cur_post)`
`401`	`401`	`Container::get('hooks')->fire('model.post.handle_deletion', $is_topic_post, $id, $cur_post);`
`402`	`402`
`403`	`403`	`// Delete just this one post`
`404`		`- $this->delete($id, $tid);`
	`404`	`+ self::delete($id, $tid);`
`405`	`405`	`Forum::update($fid);`
`406`	`406`
`407`	`407`	`// Redirect towards the previous post`