mirror of
https://github.com/flarum/framework.git
synced 2025-02-13 20:02:45 +08:00
ad4bd3d001
* Overhaul the way model visibility scoping works - Previously post visibility scoping required concrete knowledge of the parent discussion, ie. you needed a Discussion model on which you would call `postsVisibleTo($actor)`. This meant that to fetch posts from different discussions (eg. when listing user posts), it was a convoluted process, ultimately causing #1333. Now posts behave like any other model in terms of visibility scoping, and you simply call `whereVisibleTo($actor)` on a Post query. This scope will automatically apply a WHERE EXISTS clause that scopes the query to only include posts whose discussions are visible too. Thus, fetching posts from multiple discussions can now be done in a single query, simplifying things greatly and fixing #1333. - As such, the ScopePostVisibility event has been removed. Also, the rest of the "Scope" events have been consolidated into a single event, ScopeModelVisibility. This event is called whenever a user must have a certain $ability in order to see a set of discussions. Typically this ability is just "view". But in the case of discussions which have been marked as `is_private`, it is "viewPrivate". And in the case of discussions which have been hidden, it is "hide". etc. The relevant API on AbstractPolicy has been refined, now providing `find`, `findPrivate`, `findEmpty`, and `findWithPermission` methods. This could probably do with further refinement and we can re-address it once we get around to implementing more Extenders. - An additional change is that Discussion::comments() (the relation used to calculate the cached number of replies) now yields "comments that are not private", where before it meant "comments that are visible to Guests". This was flawed because eg. comments in non-public tags are technically not visible to Guests. Consequently, the Approval extension must adopt usage of `is_private`, so that posts which are not approved are not included in the replies count. Fundamentally, `is_private` now indicates that a discussion/ post should be hidden by default and should only be visible if it meets certain criteria. This is in comparison to non-is_private entities, which are visible by default and may be hidden if they don't meet certain criteria. Note that these changes have not been extensively tested, but I have been over the logic multiple times and it seems to check out. * Add event to determine whether a discussion `is_private` See https://github.com/flarum/core/pull/1153#issuecomment-292693624 * Don't include hidden posts in the comments count * Apply fixes from StyleCI (#1350)
164 lines
4.3 KiB
PHP
164 lines
4.3 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Flarum.
|
|
*
|
|
* (c) Toby Zerner <toby.zerner@gmail.com>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Flarum\Post;
|
|
|
|
use Flarum\Discussion\Discussion;
|
|
use Flarum\User\User;
|
|
use Illuminate\Database\Eloquent\Builder;
|
|
|
|
class PostRepository
|
|
{
|
|
/**
|
|
* Get a new query builder for the posts table.
|
|
*
|
|
* @return Builder
|
|
*/
|
|
public function query()
|
|
{
|
|
return Post::query();
|
|
}
|
|
|
|
/**
|
|
* @param User|null $user
|
|
* @return Builder
|
|
*/
|
|
protected function queryVisibleTo(User $user = null)
|
|
{
|
|
$query = $this->query();
|
|
|
|
if ($user !== null) {
|
|
$query->whereVisibleTo($user);
|
|
}
|
|
|
|
return $query;
|
|
}
|
|
|
|
/**
|
|
* Find a post by ID, optionally making sure it is visible to a certain
|
|
* user, or throw an exception.
|
|
*
|
|
* @param int $id
|
|
* @param \Flarum\User\User $actor
|
|
* @return \Flarum\Post\Post
|
|
*
|
|
* @throws \Illuminate\Database\Eloquent\ModelNotFoundException
|
|
*/
|
|
public function findOrFail($id, User $actor = null)
|
|
{
|
|
return $this->queryVisibleTo($actor)->findOrFail($id);
|
|
}
|
|
|
|
/**
|
|
* Find posts that match certain conditions, optionally making sure they
|
|
* are visible to a certain user, and/or using other criteria.
|
|
*
|
|
* @param array $where
|
|
* @param \Flarum\User\User|null $actor
|
|
* @param array $sort
|
|
* @param int $count
|
|
* @param int $start
|
|
* @return \Illuminate\Database\Eloquent\Collection
|
|
*/
|
|
public function findWhere(array $where = [], User $actor = null, $sort = [], $count = null, $start = 0)
|
|
{
|
|
$query = $this->queryVisibleTo($actor)
|
|
->where($where)
|
|
->skip($start)
|
|
->take($count);
|
|
|
|
foreach ((array) $sort as $field => $order) {
|
|
$query->orderBy($field, $order);
|
|
}
|
|
|
|
return $query->get();
|
|
}
|
|
|
|
/**
|
|
* Find posts by their IDs, optionally making sure they are visible to a
|
|
* certain user.
|
|
*
|
|
* @param array $ids
|
|
* @param \Flarum\User\User|null $actor
|
|
* @return \Illuminate\Database\Eloquent\Collection
|
|
*/
|
|
public function findByIds(array $ids, User $actor = null)
|
|
{
|
|
$posts = $this->queryIds($ids, $actor)->get();
|
|
|
|
$posts = $posts->sort(function ($a, $b) use ($ids) {
|
|
$aPos = array_search($a->id, $ids);
|
|
$bPos = array_search($b->id, $ids);
|
|
|
|
if ($aPos === $bPos) {
|
|
return 0;
|
|
}
|
|
|
|
return $aPos < $bPos ? -1 : 1;
|
|
});
|
|
|
|
return $posts;
|
|
}
|
|
|
|
/**
|
|
* Filter a list of post IDs to only include posts that are visible to a
|
|
* certain user.
|
|
*
|
|
* @param array $ids
|
|
* @param User $actor
|
|
* @return array
|
|
*/
|
|
public function filterVisibleIds(array $ids, User $actor)
|
|
{
|
|
return $this->queryIds($ids, $actor)->pluck('posts.id')->all();
|
|
}
|
|
|
|
/**
|
|
* Get the position within a discussion where a post with a certain number
|
|
* is. If the post with that number does not exist, the index of the
|
|
* closest post to it will be returned.
|
|
*
|
|
* @param int $discussionId
|
|
* @param int $number
|
|
* @param \Flarum\User\User|null $actor
|
|
* @return int
|
|
*/
|
|
public function getIndexForNumber($discussionId, $number, User $actor = null)
|
|
{
|
|
$query = Discussion::find($discussionId)
|
|
->posts()
|
|
->whereVisibleTo($actor)
|
|
->where('time', '<', function ($query) use ($discussionId, $number) {
|
|
$query->select('time')
|
|
->from('posts')
|
|
->where('discussion_id', $discussionId)
|
|
->whereNotNull('number')
|
|
->take(1)
|
|
|
|
// We don't add $number as a binding because for some
|
|
// reason doing so makes the bindings go out of order.
|
|
->orderByRaw('ABS(CAST(number AS SIGNED) - '.(int) $number.')');
|
|
});
|
|
|
|
return $query->count();
|
|
}
|
|
|
|
/**
|
|
* @param array $ids
|
|
* @param User|null $actor
|
|
* @return Builder
|
|
*/
|
|
protected function queryIds(array $ids, User $actor = null)
|
|
{
|
|
return $this->queryVisibleTo($actor)->whereIn('posts.id', $ids);
|
|
}
|
|
}
|