1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2021 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <https://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees\Module; 21 22use Fisharebest\Webtrees\Auth; 23use Fisharebest\Webtrees\Carbon; 24use Fisharebest\Webtrees\Http\Exceptions\HttpAccessDeniedException; 25use Fisharebest\Webtrees\Http\Exceptions\HttpNotFoundException; 26use Fisharebest\Webtrees\Http\RequestHandlers\TreePage; 27use Fisharebest\Webtrees\I18N; 28use Fisharebest\Webtrees\Services\HtmlService; 29use Fisharebest\Webtrees\Tree; 30use Illuminate\Database\Capsule\Manager as DB; 31use Illuminate\Database\Query\Expression; 32use Illuminate\Support\Str; 33use Psr\Http\Message\ResponseInterface; 34use Psr\Http\Message\ServerRequestInterface; 35 36use function assert; 37use function is_string; 38 39/** 40 * Class FamilyTreeNewsModule 41 */ 42class FamilyTreeNewsModule extends AbstractModule implements ModuleBlockInterface 43{ 44 use ModuleBlockTrait; 45 46 private HtmlService $html_service; 47 48 /** 49 * HtmlBlockModule constructor. 50 * 51 * @param HtmlService $html_service 52 */ 53 public function __construct(HtmlService $html_service) 54 { 55 $this->html_service = $html_service; 56 } 57 58 /** 59 * A sentence describing what this module does. 60 * 61 * @return string 62 */ 63 public function description(): string 64 { 65 /* I18N: Description of the “News” module */ 66 return I18N::translate('Family news and site announcements.'); 67 } 68 69 /** 70 * Generate the HTML content of this block. 71 * 72 * @param Tree $tree 73 * @param int $block_id 74 * @param string $context 75 * @param array<string> $config 76 * 77 * @return string 78 */ 79 public function getBlock(Tree $tree, int $block_id, string $context, array $config = []): string 80 { 81 $articles = DB::table('news') 82 ->where('gedcom_id', '=', $tree->id()) 83 ->orderByDesc('updated') 84 ->get() 85 ->map(static function (object $row): object { 86 $row->updated = Carbon::make($row->updated); 87 88 return $row; 89 }); 90 91 $content = view('modules/gedcom_news/list', [ 92 'articles' => $articles, 93 'block_id' => $block_id, 94 'limit' => 5, 95 'tree' => $tree, 96 ]); 97 98 if ($context !== self::CONTEXT_EMBED) { 99 return view('modules/block-template', [ 100 'block' => Str::kebab($this->name()), 101 'id' => $block_id, 102 'config_url' => '', 103 'title' => $this->title(), 104 'content' => $content, 105 ]); 106 } 107 108 return $content; 109 } 110 111 /** 112 * How should this module be identified in the control panel, etc.? 113 * 114 * @return string 115 */ 116 public function title(): string 117 { 118 /* I18N: Name of a module */ 119 return I18N::translate('News'); 120 } 121 122 /** 123 * Should this block load asynchronously using AJAX? 124 * 125 * Simple blocks are faster in-line, more complex ones can be loaded later. 126 * 127 * @return bool 128 */ 129 public function loadAjax(): bool 130 { 131 return false; 132 } 133 134 /** 135 * Can this block be shown on the user’s home page? 136 * 137 * @return bool 138 */ 139 public function isUserBlock(): bool 140 { 141 return false; 142 } 143 144 /** 145 * Can this block be shown on the tree’s home page? 146 * 147 * @return bool 148 */ 149 public function isTreeBlock(): bool 150 { 151 return true; 152 } 153 154 /** 155 * @param ServerRequestInterface $request 156 * 157 * @return ResponseInterface 158 */ 159 public function getEditNewsAction(ServerRequestInterface $request): ResponseInterface 160 { 161 $tree = $request->getAttribute('tree'); 162 assert($tree instanceof Tree); 163 164 if (!Auth::isManager($tree)) { 165 throw new HttpAccessDeniedException(); 166 } 167 168 $news_id = $request->getQueryParams()['news_id'] ?? ''; 169 170 if ($news_id !== '') { 171 $row = DB::table('news') 172 ->where('news_id', '=', $news_id) 173 ->where('gedcom_id', '=', $tree->id()) 174 ->first(); 175 176 // Record was deleted before we could read it? 177 if (!is_string($row)) { 178 throw new HttpNotFoundException(I18N::translate('%s does not exist.', 'news_id:' . $news_id)); 179 } 180 } else { 181 $row = (object) [ 182 'body' => '', 183 'subject' => '', 184 ]; 185 } 186 187 $title = I18N::translate('Add/edit a journal/news entry'); 188 189 return $this->viewResponse('modules/gedcom_news/edit', [ 190 'body' => $row->body, 191 'news_id' => $news_id, 192 'subject' => $row->subject, 193 'title' => $title, 194 'tree' => $tree, 195 ]); 196 } 197 198 /** 199 * @param ServerRequestInterface $request 200 * 201 * @return ResponseInterface 202 */ 203 public function postEditNewsAction(ServerRequestInterface $request): ResponseInterface 204 { 205 $tree = $request->getAttribute('tree'); 206 assert($tree instanceof Tree); 207 208 if (!Auth::isManager($tree)) { 209 throw new HttpAccessDeniedException(); 210 } 211 212 $news_id = $request->getQueryParams()['news_id'] ?? ''; 213 214 $params = (array) $request->getParsedBody(); 215 216 $subject = $params['subject']; 217 $body = $params['body']; 218 219 $subject = $this->html_service->sanitize($subject); 220 $body = $this->html_service->sanitize($body); 221 222 if ($news_id > 0) { 223 DB::table('news') 224 ->where('news_id', '=', $news_id) 225 ->where('gedcom_id', '=', $tree->id()) 226 ->update([ 227 'body' => $body, 228 'subject' => $subject, 229 'updated' => new Expression('updated'), // See issue #3208 230 ]); 231 } else { 232 DB::table('news')->insert([ 233 'body' => $body, 234 'subject' => $subject, 235 'gedcom_id' => $tree->id(), 236 ]); 237 } 238 239 $url = route(TreePage::class, ['tree' => $tree->name()]); 240 241 return redirect($url); 242 } 243 244 /** 245 * @param ServerRequestInterface $request 246 * 247 * @return ResponseInterface 248 */ 249 public function postDeleteNewsAction(ServerRequestInterface $request): ResponseInterface 250 { 251 $tree = $request->getAttribute('tree'); 252 assert($tree instanceof Tree); 253 254 $news_id = $request->getQueryParams()['news_id']; 255 256 if (!Auth::isManager($tree)) { 257 throw new HttpAccessDeniedException(); 258 } 259 260 DB::table('news') 261 ->where('news_id', '=', $news_id) 262 ->where('gedcom_id', '=', $tree->id()) 263 ->delete(); 264 265 $url = route(TreePage::class, ['tree' => $tree->name()]); 266 267 return redirect($url); 268 } 269} 270