commento/api/comment_new.go

package main

import (
	"net/http"
	"time"
)

// Take `creationDate` as a param because comment import (from Disqus, for
// example) will require a custom time.
func commentNew(commenterHex string, domain string, path string, parentHex string, markdown string, state string, creationDate time.Time) (string, error) {
	// path is allowed to be empty
	if commenterHex == "" || domain == "" || parentHex == "" || markdown == "" || state == "" {
		return "", errorMissingField
	}

	p, err := pageGet(domain, path)
	if err != nil {
		logger.Errorf("cannot get page attributes: %v", err)
		return "", errorInternal
	}

	if p.IsLocked {
		return "", errorThreadLocked
	}

	commentHex, err := randomHex(32)
	if err != nil {
		return "", err
	}

	html := markdownToHtml(markdown)

	if err = pageNew(domain, path); err != nil {
		return "", err
	}

	statement := `
		INSERT INTO
		comments (commentHex, domain, path, commenterHex, parentHex, markdown, html, creationDate, state)
		VALUES   ($1,         $2,     $3,   $4,           $5,        $6,       $7,   $8,           $9   );
	`
	_, err = db.Exec(statement, commentHex, domain, path, commenterHex, parentHex, markdown, html, creationDate, state)
	if err != nil {
		logger.Errorf("cannot insert comment: %v", err)
		return "", errorInternal
	}

	return commentHex, nil
}

func commentNewHandler(w http.ResponseWriter, r *http.Request) {
	type request struct {
		CommenterToken *string `json:"commenterToken"`
		Domain         *string `json:"domain"`
		Path           *string `json:"path"`
		ParentHex      *string `json:"parentHex"`
		Markdown       *string `json:"markdown"`
	}

	var x request
	if err := bodyUnmarshal(r, &x); err != nil {
		bodyMarshal(w, response{"success": false, "message": err.Error()})
		return
	}

	domain := domainStrip(*x.Domain)
	path := *x.Path

	d, err := domainGet(domain)
	if err != nil {
		bodyMarshal(w, response{"success": false, "message": err.Error()})
		return
	}

	if d.State == "frozen" {
		bodyMarshal(w, response{"success": false, "message": errorDomainFrozen.Error()})
		return
	}

	if d.RequireIdentification && *x.CommenterToken == "anonymous" {
		bodyMarshal(w, response{"success": false, "message": errorNotAuthorised.Error()})
		return
	}

	var commenterHex, commenterName, commenterEmail, commenterLink string
	var isModerator bool
	if *x.CommenterToken == "anonymous" {
		commenterHex, commenterName, commenterEmail, commenterLink = "anonymous", "Anonymous", "", ""
	} else {
		c, err := commenterGetByCommenterToken(*x.CommenterToken)
		if err != nil {
			bodyMarshal(w, response{"success": false, "message": err.Error()})
			return
		}
		commenterHex, commenterName, commenterEmail, commenterLink = c.CommenterHex, c.Name, c.Email, c.Link
		for _, mod := range d.Moderators {
			if mod.Email == c.Email {
				isModerator = true
				break
			}
		}
	}

	var state string
	if isModerator {
		state = "approved"
	} else if d.RequireModeration {
		state = "unapproved"
	} else if commenterHex == "anonymous" && d.ModerateAllAnonymous {
		state = "unapproved"
	} else if d.AutoSpamFilter && isSpam(*x.Domain, getIp(r), getUserAgent(r), commenterName, commenterEmail, commenterLink, *x.Markdown) {
		state = "flagged"
	} else {
		state = "approved"
	}

	commentHex, err := commentNew(commenterHex, domain, path, *x.ParentHex, *x.Markdown, state, time.Now().UTC())
	if err != nil {
		bodyMarshal(w, response{"success": false, "message": err.Error()})
		return
	}

	// TODO: reuse html in commentNew and do only one markdown to HTML conversion?
	html := markdownToHtml(*x.Markdown)

	bodyMarshal(w, response{"success": true, "commentHex": commentHex, "state": state, "html": html})
	if smtpConfigured {
		go emailNotificationNew(d, path, commenterHex, commentHex, html, *x.ParentHex, state)
	}
}
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`package main`

			`import (`
			`"net/http"`
			`"time"`
			`)`

			// Take `creationDate` as a param because comment import (from Disqus, for
			`// example) will require a custom time.`
			`func commentNew(commenterHex string, domain string, path string, parentHex string, markdown string, state string, creationDate time.Time) (string, error) {`
			`// path is allowed to be empty`
			`if commenterHex == "" \|\| domain == "" \|\| parentHex == "" \|\| markdown == "" \|\| state == "" {`
			`return "", errorMissingField`
			`}`

api,db: add page attributes and thread locking 2018-07-05 13:06:52 +08:00			`p, err := pageGet(domain, path)`
			`if err != nil {`
			`logger.Errorf("cannot get page attributes: %v", err)`
			`return "", errorInternal`
			`}`

			`if p.IsLocked {`
			`return "", errorThreadLocked`
			`}`

api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`commentHex, err := randomHex(32)`
			`if err != nil {`
			`return "", err`
			`}`

			`html := markdownToHtml(markdown)`

comment_new.go: create page before inserting comment Fixes https://gitlab.com/commento/commento/issues/173 2019-05-09 13:28:20 +08:00			`if err = pageNew(domain, path); err != nil {`
			`return "", err`
			`}`

api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			statement := `
			`INSERT INTO`
			`comments (commentHex, domain, path, commenterHex, parentHex, markdown, html, creationDate, state)`
			`VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9 );`
			`
			`_, err = db.Exec(statement, commentHex, domain, path, commenterHex, parentHex, markdown, html, creationDate, state)`
			`if err != nil {`
			`logger.Errorf("cannot insert comment: %v", err)`
			`return "", errorInternal`
			`}`

			`return commentHex, nil`
			`}`

			`func commentNewHandler(w http.ResponseWriter, r *http.Request) {`
			`type request struct {`
everywhere: use different session cookie names If the user is hosting the dashboard in the same domain as their blog (with a nginx suburi, for example), the two session cookies clash; logging into one service logs you out of the other. With this patch, both have separate names. Fixes https://gitlab.com/commento/commento-ce/issues/49 2018-06-20 11:29:55 +08:00			CommenterToken *string `json:"commenterToken"`
api: run go fmt 2018-06-20 11:50:11 +08:00			Domain *string `json:"domain"`
			Path *string `json:"path"`
			ParentHex *string `json:"parentHex"`
			Markdown *string `json:"markdown"`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`}`

			`var x request`
api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`if err := bodyUnmarshal(r, &x); err != nil {`
			`bodyMarshal(w, response{"success": false, "message": err.Error()})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`return`
			`}`

api: standardise strip fn names 2018-07-24 15:00:45 +08:00			`domain := domainStrip(*x.Domain)`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`path := *x.Path`

			`d, err := domainGet(domain)`
			`if err != nil {`
api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`bodyMarshal(w, response{"success": false, "message": err.Error()})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`return`
			`}`

			`if d.State == "frozen" {`
api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`bodyMarshal(w, response{"success": false, "message": errorDomainFrozen.Error()})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`return`
			`}`

comment_new.go: enforce RequireIdentification when anonymous Yikes, I can't believe I forgot about this. 2019-02-19 00:07:16 +08:00			`if d.RequireIdentification && *x.CommenterToken == "anonymous" {`
			`bodyMarshal(w, response{"success": false, "message": errorNotAuthorised.Error()})`
			`return`
			`}`

comment_new.go: simplify state logic Signed-off-by: Adhityaa Chandrasekar <adtac@adtac.in> 2021-02-28 16:13:58 +08:00			`var commenterHex, commenterName, commenterEmail, commenterLink string`
			`var isModerator bool`
everywhere: use different session cookie names If the user is hosting the dashboard in the same domain as their blog (with a nginx suburi, for example), the two session cookies clash; logging into one service logs you out of the other. With this patch, both have separate names. Fixes https://gitlab.com/commento/commento-ce/issues/49 2018-06-20 11:29:55 +08:00			`if *x.CommenterToken == "anonymous" {`
comment_new.go: simplify state logic Signed-off-by: Adhityaa Chandrasekar <adtac@adtac.in> 2021-02-28 16:13:58 +08:00			`commenterHex, commenterName, commenterEmail, commenterLink = "anonymous", "Anonymous", "", ""`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`} else {`
everywhere: use different session cookie names If the user is hosting the dashboard in the same domain as their blog (with a nginx suburi, for example), the two session cookies clash; logging into one service logs you out of the other. With this patch, both have separate names. Fixes https://gitlab.com/commento/commento-ce/issues/49 2018-06-20 11:29:55 +08:00			`c, err := commenterGetByCommenterToken(*x.CommenterToken)`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`if err != nil {`
api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`bodyMarshal(w, response{"success": false, "message": err.Error()})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`return`
			`}`
comment_new.go: simplify state logic Signed-off-by: Adhityaa Chandrasekar <adtac@adtac.in> 2021-02-28 16:13:58 +08:00			`commenterHex, commenterName, commenterEmail, commenterLink = c.CommenterHex, c.Name, c.Email, c.Link`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`for _, mod := range d.Moderators {`
			`if mod.Email == c.Email {`
			`isModerator = true`
			`break`
			`}`
			`}`
comment_new.go: simplify state logic Signed-off-by: Adhityaa Chandrasekar <adtac@adtac.in> 2021-02-28 16:13:58 +08:00			`}`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00
comment_new.go: simplify state logic Signed-off-by: Adhityaa Chandrasekar <adtac@adtac.in> 2021-02-28 16:13:58 +08:00			`var state string`
			`if isModerator {`
			`state = "approved"`
			`} else if d.RequireModeration {`
			`state = "unapproved"`
			`} else if commenterHex == "anonymous" && d.ModerateAllAnonymous {`
			`state = "unapproved"`
			`} else if d.AutoSpamFilter && isSpam(x.Domain, getIp(r), getUserAgent(r), commenterName, commenterEmail, commenterLink, x.Markdown) {`
			`state = "flagged"`
			`} else {`
			`state = "approved"`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`}`

			`commentHex, err := commentNew(commenterHex, domain, path, x.ParentHex, x.Markdown, state, time.Now().UTC())`
			`if err != nil {`
api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`bodyMarshal(w, response{"success": false, "message": err.Error()})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`return`
			`}`

everywhere: add email notifications 2019-02-19 00:23:44 +08:00			`// TODO: reuse html in commentNew and do only one markdown to HTML conversion?`
			`html := markdownToHtml(*x.Markdown)`

			`bodyMarshal(w, response{"success": true, "commentHex": commentHex, "state": state, "html": html})`
			`if smtpConfigured {`
api: do not batch email notifications Closes https://gitlab.com/commento/commento/issues/234 2019-10-25 16:04:27 +08:00			`go emailNotificationNew(d, path, commenterHex, commentHex, html, *x.ParentHex, state)`
everywhere: add email notifications 2019-02-19 00:23:44 +08:00			`}`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`}`