You are here

Home » API reference » AJAX Comments 8 » AjaxCommentsController.php » AjaxCommentsController

public function AjaxCommentsController::replyAccess in AJAX Comments 8

Check the user's permission to post a comment.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The current request object.

\Drupal\Core\Ajax\AjaxResponse $response: The response object being built.

\Drupal\Core\Entity\EntityInterface $entity: The entity this comment belongs to.

string $field_name: The field_name to which the comment belongs.

int $pid: (optional) Some comments are replies to other comments. In those cases, $pid is the parent comment's comment ID. Defaults to NULL.

Return value

\Drupal\Core\Ajax\AjaxResponse $response The ajax response, if access is denied.

3 calls to AjaxCommentsController::replyAccess()
AjaxCommentsController::add in src/Controller/AjaxCommentsController.php
Builds ajax response for adding a new comment without a parent comment.
AjaxCommentsController::reply in src/Controller/AjaxCommentsController.php
Builds ajax response to display a form to reply to another comment.
AjaxCommentsController::saveReply in src/Controller/AjaxCommentsController.php
Builds ajax response to save a submitted reply to another comment.

File

src/Controller/AjaxCommentsController.php, line 842

Class

AjaxCommentsController
Controller routines for AJAX comments routes.

Namespace

Drupal\ajax_comments\Controller

Code

public function replyAccess(Request $request, AjaxResponse $response, EntityInterface $entity, $field_name, $pid = NULL) {

  // Get the selectors.
  $selectors = $this->tempStore
    ->getSelectors($request);
  $wrapper_html_id = $selectors['wrapper_html_id'];
  $form_html_id = $selectors['form_html_id'];
  $access = CommentController::create(\Drupal::getContainer())
    ->replyFormAccess($entity, $field_name, $pid);

  // If access is not explicitly allowed, then we forbid it.
  if (!$access
    ->isAllowed()) {
    $selector = $form_html_id;
    if (empty($selector)) {
      $selector = $wrapper_html_id;
    }
    $this->messenger
      ->addError(t('You do not have permission to post a comment.'));

    // If this is a new top-level comment (not a reply to another comment so
    // no $pid), replace the comment form with the error message.
    if (empty($pid)) {

      // Remove any existing status messages in the comment field,
      // if applicable.
      $response
        ->addCommand(new RemoveCommand($wrapper_html_id . ' .js-ajax-comments-messages'));

      // Add the error message.
      $response = $this
        ->addMessages($request, $response, $selector, 'replace');
    }
    else {
      $response = $this
        ->buildCommentFieldResponse($request, $response, $entity, $field_name, $pid);

      // The wrapper_html_id should have been updated when
      // $this->buildCommentFieldResponse() was called, so retrieve
      // the updated selector values for use in building the response.
      $selectors = $this->tempStore
        ->getSelectors($request);
      $selector = $selectors['wrapper_html_id'];
      $response = $this
        ->addMessages($request, $response, $selector, 'prepend');
    }

    // Clear out the tempStore variables.
    $this->tempStore
      ->deleteAll();
    return $response;
  }
}