if (!($course = get_record("course", "id", $cm->course))) { print_error('error_unspecified', 'oublog', $backlink, 'A4'); } // Check state if ($mcomment->approval) { print_error('error_alreadyapproved', 'oublog', $backlink); } if ($email && $key !== $mcomment->secretkey) { print_error('error_wrongkey', 'oublog', $backlink); } // Require login, it to be your own post, and commenting permission require_login($course, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); oublog_check_view_permissions($oublog, $context, $cm); if ($USER->id !== $post->userid || !oublog_can_view_post($post, $USER, $context, $oublog->global) || !oublog_can_comment($cm, $oublog, $post)) { print_error('accessdenied', 'oublog', $backlink); } // The post must (still) allow public comments if ($post->allowcomments < OUBLOG_COMMENTS_ALLOWPUBLIC || $oublog->allowcomments < OUBLOG_COMMENTS_ALLOWPUBLIC) { print_error('error_moderatednotallowed', 'oublog', $backlink); } // OK they are actually allowed to approve / reject this if (!oublog_approve_comment($mcomment, $approve)) { print_error('error_unspecified', 'oublog', 'A5', $backlink); } // Redirect back to view post $target = 'viewpost.php?post=' . $post->id; if (!$email && $redirectlower) { $target .= '#awaiting'; } redirect($target);
public function test_oublog_add_comment() { global $SITE, $USER, $DB; $this->resetAfterTest(true); $this->setAdminUser(); // Test comment using Personal blog. $oublog = $this->get_new_oublog($SITE->id, array('global' => 1, 'visibility' => OUBLOG_VISIBILITY_PUBLIC)); $cm = get_coursemodule_from_id('oublog', $oublog->cmid); $post = $this->get_post_stub($oublog->id); $postid = oublog_add_post($post, $cm, $oublog, $SITE); $comment = new stdClass(); $comment->title = 'Test Comment'; $comment->messagecomment = array(); $comment->messagecomment['text'] = 'Message for test comment'; $comment->postid = $postid; $comment->userid = $USER->id; $commentid = oublog_add_comment($SITE, $cm, $oublog, $comment); $this->assertTrue(is_int($commentid)); // Get post with comments to check created correctly. $post = oublog_get_post($postid); $this->assertNotEmpty($post->comments); $this->assertTrue(array_key_exists($commentid, $post->comments)); $this->assertEquals($comment->message, $post->comments[$commentid]->message); $this->assertEquals($comment->title, $post->comments[$commentid]->title); $this->assertEquals(fullname($USER), fullname($post->comments[$commentid])); // Check $canaudit sees deleted comments (and other users don't). $DB->update_record('oublog_comments', (object) array('id' => $commentid, 'deletedby' => $USER->id)); $post = oublog_get_post($postid, true); $this->assertNotEmpty($post->comments); $post = oublog_get_post($postid); $this->assertFalse(isset($post->comments)); // Check moderated (not logged-in comments). $bloginstance = $DB->get_record('oublog_instances', array('id' => $post->oubloginstancesid)); $adminid = $USER->id; $this->setGuestUser(); $this->assertFalse(oublog_too_many_comments_from_ip()); $modcomment = new stdClass(); $modcomment->messagecomment = 'TEST'; $modcomment->title = 'TITLE'; $modcomment->postid = $postid; $modcomment->authorname = 'Unittest'; // Catch email sent. unset_config('noemailever'); $sink = $this->redirectEmails(); // Update our admin user email as default is blank. $DB->update_record('user', (object) array('id' => $adminid, 'email' => '*****@*****.**')); $result = oublog_add_comment_moderated($oublog, $bloginstance, $post, $modcomment); $messages = $sink->get_messages(); $this->assertTrue($result); $this->assertEquals(1, count($messages)); $modcomment = $DB->get_record('oublog_comments_moderated', array('postid' => $postid)); $this->assertInstanceOf('stdClass', $modcomment); $id = oublog_approve_comment($modcomment, true); $this->assertTrue(is_int($id)); $saved = $DB->get_record('oublog_comments', array('authorname' => $modcomment->authorname)); $this->assertInstanceOf('stdClass', $saved); // Check post without allowcomments returns no comments (even if added already). $DB->update_record('oublog_posts', (object) array('id' => $postid, 'allowcomments' => 0)); $post = oublog_get_post($postid); $this->assertFalse(isset($post->comments)); }
} if ($email && $key !== $mcomment->secretkey) { print_error('error_wrongkey', 'oublog', $backlink); } // Require login, it to be your own post, and commenting permission require_login($course, $cm); $context = context_module::instance($cm->id); oublog_check_view_permissions($oublog, $context, $cm); if ($USER->id !== $post->userid || !oublog_can_view_post($post, $USER, $context, $oublog->global) || !oublog_can_comment($cm, $oublog, $post)) { print_error('accessdenied', 'oublog', $backlink); } // The post must (still) allow public comments if ($post->allowcomments < OUBLOG_COMMENTS_ALLOWPUBLIC || $oublog->allowcomments < OUBLOG_COMMENTS_ALLOWPUBLIC) { print_error('error_moderatednotallowed', 'oublog', $backlink); } // OK they are actually allowed to approve / reject this if (!($approvedcomment = oublog_approve_comment($mcomment, $approve))) { print_error('error_unspecified', 'oublog', 'A5', $backlink); } // Redirect back to view post $target = 'viewpost.php?post=' . $post->id; if (!$email && $redirectlower) { $target .= '#awaiting'; } if ($approvedcomment > 0) { // Log approved comment event. $params = array('context' => $context, 'objectid' => $approvedcomment, 'other' => array('postid' => $mcomment->postid, 'mcommentid' => $mcommentid, 'oublogid' => $oublog->id)); $event = \mod_oublog\event\comment_approved::create($params); $event->trigger(); } redirect($target);