xref: /webtrees/app/Module/FamilyTreeNewsModule.php (revision 81b729d3a9a6e0a0e8b96285d1ad7955d2d0c659) 
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2021 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Module;
21
22use Fisharebest\Webtrees\Auth;
23use Fisharebest\Webtrees\Carbon;
24use Fisharebest\Webtrees\Http\Exceptions\HttpAccessDeniedException;
25use Fisharebest\Webtrees\Http\RequestHandlers\TreePage;
26use Fisharebest\Webtrees\I18N;
27use Fisharebest\Webtrees\Services\HtmlService;
28use Fisharebest\Webtrees\Tree;
29use Illuminate\Database\Capsule\Manager as DB;
30use Illuminate\Database\Query\Expression;
31use Illuminate\Support\Str;
32use Psr\Http\Message\ResponseInterface;
33use Psr\Http\Message\ServerRequestInterface;
34use stdClass;
35
36use function assert;
37
38/**
39 * Class FamilyTreeNewsModule
40 */
41class FamilyTreeNewsModule extends AbstractModule implements ModuleBlockInterface
42{
43    use ModuleBlockTrait;
44
45    /** @var HtmlService */
46    private $html_service;
47
48    /**
49     * HtmlBlockModule constructor.
50     *
51     * @param HtmlService $html_service
52     */
53    public function __construct(HtmlService $html_service)
54    {
55        $this->html_service = $html_service;
56    }
57
58    /**
59     * A sentence describing what this module does.
60     *
61     * @return string
62     */
63    public function description(): string
64    {
65        /* I18N: Description of the “News” module */
66        return I18N::translate('Family news and site announcements.');
67    }
68
69    /**
70     * Generate the HTML content of this block.
71     *
72     * @param Tree     $tree
73     * @param int      $block_id
74     * @param string   $context
75     * @param string[] $config
76     *
77     * @return string
78     */
79    public function getBlock(Tree $tree, int $block_id, string $context, array $config = []): string
80    {
81        $articles = DB::table('news')
82            ->where('gedcom_id', '=', $tree->id())
83            ->orderByDesc('updated')
84            ->get()
85            ->map(static function (stdClass $row): stdClass {
86                $row->updated = Carbon::make($row->updated);
87
88                return $row;
89            });
90
91        $content = view('modules/gedcom_news/list', [
92            'articles' => $articles,
93            'block_id' => $block_id,
94            'limit'    => 5,
95            'tree'     => $tree,
96        ]);
97
98        if ($context !== self::CONTEXT_EMBED) {
99            return view('modules/block-template', [
100                'block'      => Str::kebab($this->name()),
101                'id'         => $block_id,
102                'config_url' => '',
103                'title'      => $this->title(),
104                'content'    => $content,
105            ]);
106        }
107
108        return $content;
109    }
110
111    /**
112     * How should this module be identified in the control panel, etc.?
113     *
114     * @return string
115     */
116    public function title(): string
117    {
118        /* I18N: Name of a module */
119        return I18N::translate('News');
120    }
121
122    /**
123     * Should this block load asynchronously using AJAX?
124     *
125     * Simple blocks are faster in-line, more complex ones can be loaded later.
126     *
127     * @return bool
128     */
129    public function loadAjax(): bool
130    {
131        return false;
132    }
133
134    /**
135     * Can this block be shown on the user’s home page?
136     *
137     * @return bool
138     */
139    public function isUserBlock(): bool
140    {
141        return false;
142    }
143
144    /**
145     * Can this block be shown on the tree’s home page?
146     *
147     * @return bool
148     */
149    public function isTreeBlock(): bool
150    {
151        return true;
152    }
153
154    /**
155     * @param ServerRequestInterface $request
156     *
157     * @return ResponseInterface
158     */
159    public function getEditNewsAction(ServerRequestInterface $request): ResponseInterface
160    {
161        $tree = $request->getAttribute('tree');
162        assert($tree instanceof Tree);
163
164        if (!Auth::isManager($tree)) {
165            throw new HttpAccessDeniedException();
166        }
167
168        $news_id = $request->getQueryParams()['news_id'] ?? '';
169
170        if ($news_id !== '') {
171            $row = DB::table('news')
172                ->where('news_id', '=', $news_id)
173                ->where('gedcom_id', '=', $tree->id())
174                ->first();
175        } else {
176            $row = (object) [
177                'body'    => '',
178                'subject' => '',
179            ];
180        }
181
182        $title = I18N::translate('Add/edit a journal/news entry');
183
184        return $this->viewResponse('modules/gedcom_news/edit', [
185            'body'    => $row->body,
186            'news_id' => $news_id,
187            'subject' => $row->subject,
188            'title'   => $title,
189            'tree'    => $tree,
190        ]);
191    }
192
193    /**
194     * @param ServerRequestInterface $request
195     *
196     * @return ResponseInterface
197     */
198    public function postEditNewsAction(ServerRequestInterface $request): ResponseInterface
199    {
200        $tree = $request->getAttribute('tree');
201        assert($tree instanceof Tree);
202
203        if (!Auth::isManager($tree)) {
204            throw new HttpAccessDeniedException();
205        }
206
207        $news_id = $request->getQueryParams()['news_id'] ?? '';
208
209        $params = (array) $request->getParsedBody();
210
211        $subject = $params['subject'];
212        $body    = $params['body'];
213
214        $subject = $this->html_service->sanitize($subject);
215        $body    = $this->html_service->sanitize($body);
216
217        if ($news_id > 0) {
218            DB::table('news')
219                ->where('news_id', '=', $news_id)
220                ->where('gedcom_id', '=', $tree->id())
221                ->update([
222                    'body'    => $body,
223                    'subject' => $subject,
224                    'updated' => new Expression('updated'), // See issue #3208
225                ]);
226        } else {
227            DB::table('news')->insert([
228                'body'      => $body,
229                'subject'   => $subject,
230                'gedcom_id' => $tree->id(),
231            ]);
232        }
233
234        $url = route(TreePage::class, ['tree' => $tree->name()]);
235
236        return redirect($url);
237    }
238
239    /**
240     * @param ServerRequestInterface $request
241     *
242     * @return ResponseInterface
243     */
244    public function postDeleteNewsAction(ServerRequestInterface $request): ResponseInterface
245    {
246        $tree = $request->getAttribute('tree');
247        assert($tree instanceof Tree);
248
249        $news_id = $request->getQueryParams()['news_id'];
250
251        if (!Auth::isManager($tree)) {
252            throw new HttpAccessDeniedException();
253        }
254
255        DB::table('news')
256            ->where('news_id', '=', $news_id)
257            ->where('gedcom_id', '=', $tree->id())
258            ->delete();
259
260        $url = route(TreePage::class, ['tree' => $tree->name()]);
261
262        return redirect($url);
263    }
264}
265