public function validatePost(PostWillBeSaved $event)
{
$post = $event->post;
if ($post->exists || $post->user->groups()->count()) {
return;
}
$akismet = new Akismet($this->settings->get('akismet.api_key'), Core::url());
$isSpam = $akismet->isSpam($post->content, $post->user->username, $post->user->email, null, 'comment');
if ($isSpam) {
$post->hide();
$this->savingPost = $post;
CommentPost::saved(function (CommentPost $post) {
if ($post !== $this->savingPost) {
return;
}
$report = new Report();
$report->post_id = $post->id;
$report->reporter = 'Akismet';
$report->reason = 'spam';
$report->time = time();
$report->save();
$this->savingPost = null;
});
}
}
public static function addId($tag)
{
$post = CommentPost::find($tag->getAttribute('id'));
if ($post) {
$tag->setAttribute('discussionid', (int) $post->discussion_id);
$tag->setAttribute('number', (int) $post->number);
return true;
}
}
/**
* Bootstrap the application events.
*
* @return void
*/
public function boot()
{
Post::setValidator($this->app->make('validator'));
CommentPost::setFormatter($this->app->make('flarum.formatter'));
$this->registerPostTypes();
$events = $this->app->make('events');
$settings = $this->app->make('Flarum\\Core\\Settings\\SettingsRepository');
$events->listen(ModelAllow::class, function (ModelAllow $event) use($settings) {
if ($event->model instanceof Post) {
$post = $event->model;
$action = $event->action;
$actor = $event->actor;
if ($action === 'view' && (!$post->hide_time || $post->user_id == $actor->id || $post->can($actor, 'edit'))) {
return true;
}
// A post is allowed to be edited if the user has permission to moderate
// the discussion which it's in, or if they are the author and the post
// hasn't been deleted by someone else.
if ($action === 'edit') {
if ($post->discussion->can($actor, 'editPosts')) {
return true;
}
if ($post->user_id == $actor->id && (!$post->hide_time || $post->hide_user_id == $actor->id)) {
$allowEditing = $settings->get('allow_post_editing');
if ($allowEditing === '-1' || $allowEditing === 'reply' && $event->model->number == $event->model->discussion->last_post_number || $event->model->time->diffInMinutes(Carbon::now()) < $allowEditing) {
return true;
}
}
}
if ($post->discussion->can($actor, $action . 'Posts')) {
return true;
}
}
});
// When fetching a discussion's posts: if the user doesn't have permission
// to moderate the discussion, then they can't see posts that have been
// hidden by someone other than themself.
$events->listen(ScopePostVisibility::class, function (ScopePostVisibility $event) {
$user = $event->actor;
if (!$event->discussion->can($user, 'editPosts')) {
$event->query->where(function ($query) use($user) {
$query->whereNull('hide_time')->orWhere('user_id', $user->id);
});
}
});
}
/**
* @param PostReply $command
* @return CommentPost
* @throws \Flarum\Core\Exceptions\PermissionDeniedException
*/
public function handle(PostReply $command)
{
$actor = $command->actor;
// Make sure the user has permission to reply to this discussion. First,
// make sure the discussion exists and that the user has permission to
// view it; if not, fail with a ModelNotFound exception so we don't give
// away the existence of the discussion. If the user is allowed to view
// it, check if they have permission to reply.
$discussion = $this->discussions->findOrFail($command->discussionId, $actor);
$discussion->assertCan($actor, 'reply');
// Create a new Post entity, persist it, and dispatch domain events.
// Before persistence, though, fire an event to give plugins an
// opportunity to alter the post entity based on data in the command.
$post = CommentPost::reply($command->discussionId, array_get($command->data, 'attributes.content'), $actor->id);
event(new PostWillBeSaved($post, $actor, $command->data));
$post->save();
$this->notifications->onePerUser(function () use($post) {
$this->dispatchEventsFor($post);
});
return $post;
}
protected function formatPost($post)
{
// Code blocks
$regexp = "/(.*)^\\s*\\[code\\]\n?(.*?)\n?\\[\\/code]\$/ims";
while (preg_match($regexp, $post->content)) {
$post->content = preg_replace($regexp, "\$1```\n\$2\n```", $post->content);
}
// Inline tags
$replace = ['/\\[url=(.*?)\\](.*?)\\[\\/url\\]/i' => '[$2]($1)', '/\\[b\\](.*?)\\[\\/b\\]/i' => '**$1**', '/\\[i\\](.*?)\\[\\/i\\]/i' => '*$1*', '/\\[h\\](.*?)\\[\\/h\\]/i' => '# $1', '/\\[img\\](.*?)\\[\\/img\\]/i' => '', '/\\[code\\](.*?)\\[\\/code\\]/i' => '`$1`'];
$post->content = preg_replace(array_keys($replace), array_values($replace), $post->content);
// Quotes
$regexp = "/(.*?)\n?\\[quote(?:=(.*?)(]?))?\\]\n?(.*?)\n?\\[\\/quote\\]\n{0,2}/is";
while (preg_match($regexp, $post->content)) {
$post->content = preg_replace_callback($regexp, function ($matches) use($post) {
if (strpos($matches[2], ':') !== false) {
list($postId, $user) = explode(':', $matches[2]);
$mentionedPost = CommentPost::find($postId);
return $matches[1] . "\n@" . $mentionedPost->user->username . '#' . $mentionedPost->number . ' ';
} else {
return $matches[1] . '> ' . str_replace("\n", "\n> ", $matches[4]) . "\n\n";
}
}, $post->content);
}
}
