From 79e2b1c30fb8ae01747eff3c2722419360c24445 Mon Sep 17 00:00:00 2001 From: dartcafe Date: Sat, 10 Oct 2020 08:28:27 +0200 Subject: [PATCH 1/2] fix #1137 --- appinfo/routes.php | 3 ++- lib/Controller/CommentController.php | 2 ++ src/js/store/modules/subModules/comments.js | 9 +++++++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/appinfo/routes.php b/appinfo/routes.php index 66313b0a0..4190adf81 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -66,7 +66,8 @@ ['name' => 'subscription#set', 'url' => '/subscription', 'verb' => 'POST'], ['name' => 'comment#add', 'url' => '/comment', 'verb' => 'POST'], - ['name' => 'comment#delete', 'url' => '/comment/{commentId}', 'verb' => 'DELETE'], + ['name' => 'comment#delete', 'url' => '/comment/{commentId}', 'verb' => 'DELETE', 'postfix' => 'auth'], + ['name' => 'comment#delete', 'url' => '/comment/s/{token}/{commentId}', 'verb' => 'DELETE', 'postfix' => 'public'], ['name' => 'system#get_site_users_and_groups', 'url' => '/siteusers/get', 'verb' => 'POST'], ['name' => 'system#validate_public_username', 'url' => '/check/username', 'verb' => 'POST'], diff --git a/lib/Controller/CommentController.php b/lib/Controller/CommentController.php index 662b170c9..e7031f7bb 100644 --- a/lib/Controller/CommentController.php +++ b/lib/Controller/CommentController.php @@ -92,6 +92,8 @@ public function add($pollId, $message, $token) { * @return DataResponse */ public function delete($commentId, $token) { + \OC::$server->getLogger()->alert('CommentId: ' . $commentId); + \OC::$server->getLogger()->alert('Token: ' . $token); try { return new DataResponse($this->commentService->delete($commentId, $token), Http::STATUS_OK); } catch (NotAuthorizedException $e) { diff --git a/src/js/store/modules/subModules/comments.js b/src/js/store/modules/subModules/comments.js index 5d1042317..fbf780fc6 100644 --- a/src/js/store/modules/subModules/comments.js +++ b/src/js/store/modules/subModules/comments.js @@ -64,6 +64,7 @@ const getters = { const actions = { add(context, payload) { const endPoint = 'apps/polls/comment' + return axios.post(generateUrl(endPoint), { message: payload.message, pollId: context.rootState.poll.id, @@ -80,9 +81,13 @@ const actions = { }, delete(context, payload) { - const endPoint = 'apps/polls/comment' + let endPoint = 'apps/polls/comment' + if (context.rootState.poll.acl.token) { + endPoint = endPoint.concat('/s/', context.rootState.poll.acl.token) + } context.commit('delete', { comment: payload.comment }) - return axios.delete(generateUrl(endPoint.concat('/', payload.comment.id)), { token: context.rootState.poll.acl.token }) + + return axios.delete(generateUrl(endPoint.concat('/', payload.comment.id))) .then((response) => { context.commit('delete', { comment: response.data.comment }) return response.data From 18e51c684cf5ae8eb910de3ae531374b50c1d55a Mon Sep 17 00:00:00 2001 From: dartcafe Date: Sat, 10 Oct 2020 09:08:43 +0200 Subject: [PATCH 2/2] removed logging --- lib/Controller/CommentController.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/Controller/CommentController.php b/lib/Controller/CommentController.php index e7031f7bb..662b170c9 100644 --- a/lib/Controller/CommentController.php +++ b/lib/Controller/CommentController.php @@ -92,8 +92,6 @@ public function add($pollId, $message, $token) { * @return DataResponse */ public function delete($commentId, $token) { - \OC::$server->getLogger()->alert('CommentId: ' . $commentId); - \OC::$server->getLogger()->alert('Token: ' . $token); try { return new DataResponse($this->commentService->delete($commentId, $token), Http::STATUS_OK); } catch (NotAuthorizedException $e) {