1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2023 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <https://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees\Module; 21 22use Fisharebest\Webtrees\Auth; 23use Fisharebest\Webtrees\DB; 24use Fisharebest\Webtrees\Http\Exceptions\HttpAccessDeniedException; 25use Fisharebest\Webtrees\Http\Exceptions\HttpNotFoundException; 26use Fisharebest\Webtrees\Http\RequestHandlers\TreePage; 27use Fisharebest\Webtrees\I18N; 28use Fisharebest\Webtrees\Registry; 29use Fisharebest\Webtrees\Services\HtmlService; 30use Fisharebest\Webtrees\Tree; 31use Fisharebest\Webtrees\Validator; 32use Illuminate\Database\Query\Expression; 33use Illuminate\Support\Str; 34use Psr\Http\Message\ResponseInterface; 35use Psr\Http\Message\ServerRequestInterface; 36 37/** 38 * Class FamilyTreeNewsModule 39 */ 40class FamilyTreeNewsModule extends AbstractModule implements ModuleBlockInterface 41{ 42 use ModuleBlockTrait; 43 44 private HtmlService $html_service; 45 46 /** 47 * @param HtmlService $html_service 48 */ 49 public function __construct(HtmlService $html_service) 50 { 51 $this->html_service = $html_service; 52 } 53 54 /** 55 * A sentence describing what this module does. 56 * 57 * @return string 58 */ 59 public function description(): string 60 { 61 /* I18N: Description of the “News” module */ 62 return I18N::translate('Family news and site announcements.'); 63 } 64 65 /** 66 * Generate the HTML content of this block. 67 * 68 * @param Tree $tree 69 * @param int $block_id 70 * @param string $context 71 * @param array<string,string> $config 72 * 73 * @return string 74 */ 75 public function getBlock(Tree $tree, int $block_id, string $context, array $config = []): string 76 { 77 $articles = DB::table('news') 78 ->where('gedcom_id', '=', $tree->id()) 79 ->orderByDesc('updated') 80 ->get() 81 ->map(static function (object $row): object { 82 $row->updated = Registry::timestampFactory()->fromString($row->updated); 83 84 return $row; 85 }); 86 87 $content = view('modules/gedcom_news/list', [ 88 'articles' => $articles, 89 'block_id' => $block_id, 90 'limit' => 5, 91 'tree' => $tree, 92 ]); 93 94 if ($context !== self::CONTEXT_EMBED) { 95 return view('modules/block-template', [ 96 'block' => Str::kebab($this->name()), 97 'id' => $block_id, 98 'config_url' => '', 99 'title' => $this->title(), 100 'content' => $content, 101 ]); 102 } 103 104 return $content; 105 } 106 107 /** 108 * How should this module be identified in the control panel, etc.? 109 * 110 * @return string 111 */ 112 public function title(): string 113 { 114 /* I18N: Name of a module */ 115 return I18N::translate('News'); 116 } 117 118 /** 119 * Should this block load asynchronously using AJAX? 120 * 121 * Simple blocks are faster in-line, more complex ones can be loaded later. 122 * 123 * @return bool 124 */ 125 public function loadAjax(): bool 126 { 127 return false; 128 } 129 130 /** 131 * Can this block be shown on the user’s home page? 132 * 133 * @return bool 134 */ 135 public function isUserBlock(): bool 136 { 137 return false; 138 } 139 140 /** 141 * Can this block be shown on the tree’s home page? 142 * 143 * @return bool 144 */ 145 public function isTreeBlock(): bool 146 { 147 return true; 148 } 149 150 /** 151 * @param ServerRequestInterface $request 152 * 153 * @return ResponseInterface 154 */ 155 public function getEditNewsAction(ServerRequestInterface $request): ResponseInterface 156 { 157 $tree = Validator::attributes($request)->tree(); 158 159 if (!Auth::isManager($tree)) { 160 throw new HttpAccessDeniedException(); 161 } 162 163 $news_id = Validator::queryParams($request)->integer('news_id', 0); 164 165 if ($news_id !== 0) { 166 $row = DB::table('news') 167 ->where('news_id', '=', $news_id) 168 ->where('gedcom_id', '=', $tree->id()) 169 ->first(); 170 171 // Record was deleted before we could read it? 172 if ($row === null) { 173 throw new HttpNotFoundException(I18N::translate('%s does not exist.', 'news_id:' . $news_id)); 174 } 175 } else { 176 $row = (object) [ 177 'body' => '', 178 'subject' => '', 179 ]; 180 } 181 182 $title = I18N::translate('Add/edit a journal/news entry'); 183 184 return $this->viewResponse('modules/gedcom_news/edit', [ 185 'body' => $row->body, 186 'news_id' => $news_id, 187 'subject' => $row->subject, 188 'title' => $title, 189 'tree' => $tree, 190 ]); 191 } 192 193 /** 194 * @param ServerRequestInterface $request 195 * 196 * @return ResponseInterface 197 */ 198 public function postEditNewsAction(ServerRequestInterface $request): ResponseInterface 199 { 200 $tree = Validator::attributes($request)->tree(); 201 202 if (!Auth::isManager($tree)) { 203 throw new HttpAccessDeniedException(); 204 } 205 206 $news_id = Validator::queryParams($request)->integer('news_id', 0); 207 $subject = Validator::parsedBody($request)->string('subject'); 208 $body = Validator::parsedBody($request)->string('body'); 209 210 $subject = $this->html_service->sanitize($subject); 211 $body = $this->html_service->sanitize($body); 212 213 if ($news_id !== 0) { 214 DB::table('news') 215 ->where('news_id', '=', $news_id) 216 ->where('gedcom_id', '=', $tree->id()) 217 ->update([ 218 'body' => $body, 219 'subject' => $subject, 220 'updated' => new Expression('updated'), // See issue #3208 221 ]); 222 } else { 223 DB::table('news')->insert([ 224 'body' => $body, 225 'subject' => $subject, 226 'gedcom_id' => $tree->id(), 227 ]); 228 } 229 230 $url = route(TreePage::class, ['tree' => $tree->name()]); 231 232 return redirect($url); 233 } 234 235 /** 236 * @param ServerRequestInterface $request 237 * 238 * @return ResponseInterface 239 */ 240 public function postDeleteNewsAction(ServerRequestInterface $request): ResponseInterface 241 { 242 $tree = Validator::attributes($request)->tree(); 243 $news_id = Validator::queryParams($request)->integer('news_id'); 244 245 if (!Auth::isManager($tree)) { 246 throw new HttpAccessDeniedException(); 247 } 248 249 DB::table('news') 250 ->where('news_id', '=', $news_id) 251 ->where('gedcom_id', '=', $tree->id()) 252 ->delete(); 253 254 $url = route(TreePage::class, ['tree' => $tree->name()]); 255 256 return redirect($url); 257 } 258} 259