ENHANCEMENT: dont allow comments to be displayed on fake pages such as security. BUGFIX: updated commentadmin tests to just work

2010-12-11 18:33:21 +13:00 · 2010-12-11 18:33:21 +13:00 · 5dec31c84f
parent d9580ed600
commit 5dec31c84f
5 changed files with 200 additions and 162 deletions
--- a/code/CommentAdmin.php
+++ b/code/CommentAdmin.php
@ -27,7 +27,7 @@ class CommentAdmin extends LeftAndMain {
 	/**
 	 * @var int The number of comments per page for the {@link CommentTable} in this admin.
 	 */
-	static $comments_per_page = '20';
+	static $comments_per_page = 20;

 	public function init() {
 		parent::init();
@ -78,18 +78,18 @@ class CommentAdmin extends LeftAndMain {
 			"Name" => _t('CommentAdmin.AUTHOR', 'Author'),
 			"Comment" => _t('CommentAdmin.COMMENT', 'Comment'),
 			"Parent.Title" => _t('CommentAdmin.PAGE', 'Page'),
-			"CommenterURL" => _t('CommentAdmin.COMMENTERURL', 'URL'),
+			"URL" => _t('CommentAdmin.COMMENTERURL', 'URL'),
 			"Created" => _t('CommentAdmin.DATEPOSTED', 'Date Posted')
 		);

 		$popupFields = new FieldSet(
 			new TextField('Name', _t('CommentAdmin.NAME', 'Name')),
-			new TextField('CommenterURL', _t('CommentAdmin.COMMENTERURL', 'URL')),
+			new TextField('URL', _t('CommentAdmin.URL', 'URL')),
 			new TextareaField('Comment', _t('CommentAdmin.COMMENT', 'Comment'))
 		);

 		$idField = new HiddenField('ID', '', $section);
-		$table = new CommentTableField($this, "Comments", "PageComment", $section, $tableFields, $popupFields, array($filter), 'Created DESC');
+		$table = new CommentTableField($this, "Comments", "Comment", $section, $tableFields, $popupFields, array($filter), 'Created DESC');
 		
 		$table->setParentClass(false);
 		$table->setFieldCasting(array(
@ -133,38 +133,40 @@ class CommentAdmin extends LeftAndMain {
 	}

 	function deletemarked() {
-			$numComments = 0;
-			$folderID = 0;
-			$deleteList = '';
+		$numComments = 0;
+		$folderID = 0;
+		$deleteList = '';

-			if($_REQUEST['Comments']) {
-				foreach($_REQUEST['Comments'] as $commentid) {
-					$comment = DataObject::get_by_id('PageComment', $commentid);
-					if($comment) {
-						$comment->delete();
-						$numComments++;
-					}
+		if($_REQUEST['Comments']) {
+			foreach($_REQUEST['Comments'] as $commentid) {
+				$comment = DataObject::get_by_id('Comment', $commentid);
+				if($comment && $comment->canDelete()) {
+					$comment->delete();
+					$numComments++;
 				}
-			} else {
-				user_error("No comments in $commentList could be found!", E_USER_ERROR);
 			}
+		} else {
+			user_error("No comments in $commentList could be found!", E_USER_ERROR);
+		}

-			echo <<<JS
-				$deleteList
-				$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
-				statusMessage("Deleted $numComments comments.");
+		echo <<<JS
+			$deleteList
+			$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
+			statusMessage("Deleted $numComments comments.");
 JS;
 	}

 	function deleteall() {
 		$numComments = 0;
-		$spam = DataObject::get('PageComment', '"PageComment"."IsSpam" = 1');
+		$spam = DataObject::get('Comment', "\"Comment\".\"IsSpam\" = '1'");

 		if($spam) {
 			$numComments = $spam->Count();

 			foreach($spam as $comment) {
-				$comment->delete();
+				if($comment->canDelete()) {
+					$comment->delete();
+				}
 			}
 		}

@ -177,134 +179,118 @@ JS;
 	}

 	function spammarked() {
-			$numComments = 0;
-			$folderID = 0;
-			$deleteList = '';
+		$numComments = 0;
+		$folderID = 0;
+		$deleteList = '';

-			if($_REQUEST['Comments']) {
-				foreach($_REQUEST['Comments'] as $commentid) {
-					$comment = DataObject::get_by_id('PageComment', $commentid);
-					if($comment) {
-						$comment->IsSpam = true;
-						$comment->NeedsModeration = false;
-						$comment->write();
+		if($_REQUEST['Comments']) {
+			foreach($_REQUEST['Comments'] as $commentid) {
+				$comment = DataObject::get_by_id('Comment', $commentid);
+				if($comment) {
+					$comment->IsSpam = true;
+					$comment->Moderated = true;
+					$comment->write();

-						if(SSAkismet::isEnabled()) {
-							try {
-								$akismet = new SSAkismet();
-								$akismet->setCommentAuthor($comment->getField('Name'));
-								$akismet->setCommentContent($comment->getField('Comment'));
-
-								$akismet->submitSpam();
-							} catch (Exception $e) {
-								// Akismet didn't work, most likely the service is down.
-							}
-						}
-						$numComments++;
-					}
+					$numComments++;
 				}
-			} else {
-				user_error("No comments in $commentList could be found!", E_USER_ERROR);
 			}
+		} else {
+			user_error("No comments in $commentList could be found!", E_USER_ERROR);
+		}

-			$msg = sprintf(_t('CommentAdmin.MARKEDSPAM', 'Marked %s comments as spam.'), $numComments);
-			echo <<<JS
-				$deleteList
-				$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
-				statusMessage("$msg");
+		$msg = sprintf(_t('CommentAdmin.MARKEDSPAM', 'Marked %s comments as spam.'), $numComments);
+		echo <<<JS
+			$deleteList
+			$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
+			statusMessage("$msg");
 JS;
 	}

 	function hammarked() {
-			$numComments = 0;
-			$folderID = 0;
-			$deleteList = '';
+		$numComments = 0;
+		$folderID = 0;
+		$deleteList = '';

-			if($_REQUEST['Comments']) {
-				foreach($_REQUEST['Comments'] as $commentid) {
-					$comment = DataObject::get_by_id('PageComment', $commentid);
-					if($comment) {
-						$comment->IsSpam = false;
-						$comment->NeedsModeration = false;
-						$comment->write();
+		if($_REQUEST['Comments']) {
+			foreach($_REQUEST['Comments'] as $commentid) {
+				$comment = DataObject::get_by_id('Comment', $commentid);

-						if(SSAkismet::isEnabled()) {
-							try {
-								$akismet = new SSAkismet();
-								$akismet->setCommentAuthor($comment->getField('Name'));
-								$akismet->setCommentContent($comment->getField('Comment'));
+				if($comment) {
+					$comment->IsSpam = false;
+					$comment->Moderated = true;
+					$comment->write();

-								$akismet->submitSpam();
-							} catch (Exception $e) {
-								// Akismet didn't work, most likely the service is down.
-							}
-						}
-
-						$numComments++;
-					}
+					$numComments++;
 				}
-			} else {
-				user_error("No comments in $commentList could be found!", E_USER_ERROR);
 			}
+		} else {
+			user_error("No comments in $commentList could be found!", E_USER_ERROR);
+		}

-			$msg = sprintf(_t('CommentAdmin.MARKEDNOTSPAM', 'Marked %s comments as not spam.'), $numComments);
-			echo <<<JS
-				$deleteList
-				$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
-				statusMessage("$msg");
+		$msg = sprintf(_t('CommentAdmin.MARKEDNOTSPAM', 'Marked %s comments as not spam.'), $numComments);
+		echo <<<JS
+			$deleteList
+			$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
+			statusMessage("$msg");
 JS;
 	}

 	function acceptmarked() {
-			$numComments = 0;
-			$folderID = 0;
-			$deleteList = '';
+		$numComments = 0;
+		$folderID = 0;
+		$deleteList = '';

-			if($_REQUEST['Comments']) {
-				foreach($_REQUEST['Comments'] as $commentid) {
-					$comment = DataObject::get_by_id('PageComment', $commentid);
-					if($comment) {
-						$comment->IsSpam = false;
-						$comment->NeedsModeration = false;
-						$comment->write();
-						$numComments++;
-					}
+		if($_REQUEST['Comments']) {
+			foreach($_REQUEST['Comments'] as $commentid) {
+				$comment = DataObject::get_by_id('Comment', $commentid);
+				if($comment) {
+					$comment->IsSpam = false;
+					$comment->Moderated = true;
+					$comment->write();
+					$numComments++;
 				}
-			} else {
-				user_error("No comments in $commentList could be found!", E_USER_ERROR);
 			}
+		} else {
+			user_error("No comments in $commentList could be found!", E_USER_ERROR);
+		}

-			$msg = sprintf(_t('CommentAdmin.APPROVED', 'Accepted %s comments.'), $numComments);
-			echo <<<JS
-				$deleteList
-				$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
-				statusMessage("Accepted $numComments comments.");
+		$msg = sprintf(_t('CommentAdmin.APPROVED', 'Accepted %s comments.'), $numComments);
+		echo <<<JS
+			$deleteList
+			$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
+			statusMessage("Accepted $numComments comments.");
 JS;
 	}

 	/**
 	 * Return the number of moderated comments
+	 *
+	 * @return int
 	 */
 	function NumModerated() {
-		return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=0 AND \"NeedsModeration\"=0")->value();
+		return DB::query("SELECT COUNT(*) FROM \"Comment\" WHERE \"Moderated\" = 1")->value();
 	}

 	/**
 	 * Return the number of unmoderated comments
+	 *
+	 * @return int
 	 */
 	function NumUnmoderated() {
-		return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=0 AND \"NeedsModeration\"=1")->value();
+		return DB::query("SELECT COUNT(*) FROM \"Comment\" WHERE \"Moderated\" = 0")->value();
 	}

 	/**
 	 * Return the number of comments marked as spam
+	 *
+	 * @return int
 	 */
 	function NumSpam() {
-		return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=1")->value();
+		return DB::query("SELECT COUNT(*) FROM \"Comment\" WHERE \"IsSpam\" = 1")->value();
 	}
 	
 	/**
-	 * @param $num int
+	 * @param int
 	 */	
 	function set_comments_per_page($num){
 		self::$comments_per_page = $num;
@ -317,5 +303,3 @@ JS;
 		return self::$comments_per_page;
 	}
 }
-
-?>
--- a/code/dataobjects/Comment.php
+++ b/code/dataobjects/Comment.php
@ -13,7 +13,8 @@ class Comment extends DataObject {
 		"Email"			=> "Varchar(200)",
 		"URL"			=> "Varchar(255)",
 		"BaseClass"		=> "Varchar(200)",
-		"Moderated"		=> "Boolean"
+		"Moderated"		=> "Boolean",
+		"IsSpam"		=> "Boolean"
 	);

 	static $has_one = array(
--- a/code/extensions/CommentsExtension.php
+++ b/code/extensions/CommentsExtension.php
@ -75,7 +75,10 @@ class CommentsExtension extends DataObjectDecorator {
 		// on a {@link DataObject} then it is enabled, however {@link SiteTree} objects can
 		// trigger comments on / off via ProvideComments
 		$enabled = (!$this->attachedToSiteTree() || $this->owner->ProvideComments) ? true : false;
-
+		
+		// do not include the comments on pages which don't have id's such as security pages
+		if($this->owner->ID < 0) return false;
+		
 		$controller = new CommentingController();
 		
 		// tad bit messy but needed to ensure all datas available
@ -85,6 +88,7 @@ class CommentsExtension extends DataObjectDecorator {
 		
 		$form = ($enabled) ? $controller->CommentsForm() : false;
 		
+		Debug::show(Controller::curr()->ID);
 		// a little bit all over the show but to ensure a slightly easier upgrade for users
 		// return back the same variables as previously done in comments
 		return $interface->process(new ArrayData(array(
--- a/tests/CommentAdminTest.php
+++ b/tests/CommentAdminTest.php
@ -0,0 +1,39 @@
+<?php
+
+/**
+ * @package comments
+ */
+
+class CommentAdminTest extends FunctionalTest {
+	
+	static $fixture_file = 'comments/tests/CommentsTest.yml';
+	
+	function testNumModerated() {
+		$comm = new CommentAdmin();
+		$resp = $comm->NumModerated();
+		$this->assertEquals(4, $resp);
+	}
+	
+	function testNumUnmoderated(){
+		$comm = new CommentAdmin();
+		$resp = $comm->NumUnmoderated();
+		$this->assertEquals(3, $resp);
+	}
+	
+	function testNumSpam(){
+		$comm = new CommentAdmin();
+		$resp = $comm->NumSpam();
+		$this->assertEquals(2, $resp);
+	}
+	
+	function testdeletemarked(){
+		$comm = $this->objFromFixture('Comment', 'firstComA');
+		$id = $comm->ID;
+		$this->logInWithPermission('CMS_ACCESS_CommentAdmin');
+		$result = $this->get("admin/comments/EditForm/field/Comments/item/$id/delete");
+		
+		$checkComm = DataObject::get_by_id('Comment',$id);
+
+		$this->assertFalse($checkComm);
+	}	
+}
--- a/tests/CommentsTest.yml
+++ b/tests/CommentsTest.yml
@ -1,62 +1,72 @@
 Member:
-   commentadmin:
-      FirstName: admin
-   visitor:
-      FirstName: visitor
+	commentadmin:
+		FirstName: admin
+	visitor:
+		FirstName: visitor

 Group:
-   commentadmins:
-      Title: Admin
-      Members: =>Member.commentadmin
+	commentadmins:
+		Title: Admin
+		Members: =>Member.commentadmin

 Permission:
-   admin:
-      Code: CMS_ACCESS_CommentAdmin
-      Group: =>Group.commentadmins
+	admin:
+		Code: CMS_ACCESS_CommentAdmin
+		Group: =>Group.commentadmins

 Page:
-    first:
-        Title: First page
-        URLSegment: first-page
-        ProvideComments: 1
-    second:
-        Title: Second page
-        URLSegment: second-page
-        ProvideComments: 1
-    third:
-        Title: Third page
-        URLSegment:third-page
-        ProvideComments: 1
-    pageNoComments:
-        Title: No comments
-        URLSegment: no-comments
-        ProvideComments: 0
+	first:
+		Title: First page
+		URLSegment: first-page
+		ProvideComments: 1
+	second:
+		Title: Second page
+		URLSegment: second-page
+ 		ProvideComments: 1
+	third:
+		Title: Third page
+		URLSegment:third-page
+		ProvideComments: 1
+	pageNoComments:
+		Title: No comments
+		URLSegment: no-comments
+		ProvideComments: 0

 Comment:
-    firstComA:
-        ParentID: =>Page.first
-        Name: FA
-        Comment: textFA
-    secondComA:
-        ParentID: =>Page.second
-        Name: SA
-        Comment: textSA
-    secondComB:
-        ParentID: =>Page.second
-        Name: SB
-        Comment: textSB
-    thirdComA:
-        ParentID: =>Page.third
-        Name: TA
-        Comment: textTA
-    thirdComB:
-        ParentID: =>Page.third
-        Name: TB
-        Comment: textTB
-    thirdComC:
-        ParentID: =>Page.third
-        Name: TC
-        Comment: textTC
-    disabledCom:
-        ParentID: =>Page.pageNoComments
-        Name: Disabled
+	firstComA:
+		ParentID: =>Page.first
+		Name: FA
+		Comment: textFA
+		Moderated: 1
+	secondComA:
+		ParentID: =>Page.second
+		Name: SA
+		Comment: textSA
+		Moderated: 1
+	secondComB:
+		ParentID: =>Page.second
+		Name: SB
+		Comment: textSB
+		Moderated: 1
+	thirdComA:
+		ParentID: =>Page.third
+		Name: TA
+		Comment: textTA
+		Moderated: 1
+		IsSpam: 1
+	thirdComB:
+		ParentID: =>Page.third
+		Name: TB
+		Comment: textTB
+		Moderated: 0
+	thirdComC:
+		ParentID: =>Page.third
+		Name: TC
+		Comment: textTC
+		Moderated: 0
+		
+	disabledCom:
+		ParentID: =>Page.pageNoComments
+		Name: Disabled
+		Moderated: 0
+		IsSpam: 1