/// <summary>
/// Read a single comment from the index
/// </summary>
/// <param name="client">Engine client to make the request</param>
/// <param name="commentid">id of the comment to retrieve</param>
/// <returns>a Comment object (or null if the comment was not found)</returns>
private Comment ReadComment(EngineClient client, string commentid, string docid)
{
// Get the current comment
string sql = $"SELECT * FROM {indexname} WHERE id={Str.SqlValue(commentid)} AND docid={Str.SqlValue(docid)} LIMIT 1";
Cursor cursor = client.ExecCursor(sql);
if (cursor != null && !client.HasError())
{
Comment comment = null;
if (!cursor.End())
{
comment = new Comment(cursor, Method.Session.UserId);
}
else
{
SetError(404, $"This comment could not be found");
}
cursor.Dispose();
return(comment);
}
else
{
throw new Exception("Cursor is null! " + client.GetError());
}
}
/// <summary>
/// Create a new comment
/// </summary>
/// <param name="client"></param>
/// <param name="docid"></param>
private void Create(EngineClient client, string docid)
{
// Get required inputs
string message = ensureStrInput("message");
if (message == null)
{
return;
}
string replyto = Method.JsonRequest.ValueStr("replyto", "");
// Create a Comment object
var comment = new Comment(docid, message, Method.Session.User, replyto);
// Insert into index
string sql = comment.ToInsertSQL(indexname);
client.Exec(sql);
if (client.HasError())
{
SetError(500, client.GetError());
Sys.LogError($"Error engine: {client.GetError()} for SQL: {sql}");
return;
}
// Return the new comment
JsonResponse.Set("comment", comment.ToJson());
}
/// <summary>
/// Like or Unlike a comment
/// </summary>
/// <param name="client"></param>
private void Like(EngineClient client, string docid)
{
// Get required inputs
string commentid = ensureStrInput("commentid");
if (commentid == null)
{
return;
}
// Read the comment from the engine
var comment = ReadComment(client, commentid, docid);
if (comment == null)
{
return;
}
// Prevent liking a deleted comment
if (comment.deleted)
{
SetError(400, $"Cannot like/unlike a deleted comment");
return;
}
// Update the comment
string sql;
if (comment.likes.Contains(Method.Session.UserId))
{
comment.likes.Remove(Method.Session.UserId);
comment.likedByUser = false;
sql = comment.ToUpdateDeleteLikeSQL(indexname, Method.Session.UserId);
}
else
{
comment.likes.Add(Method.Session.UserId);
comment.likedByUser = true;
sql = comment.ToUpdateAppendLikeSQL(indexname, Method.Session.UserId);
}
int res = client.Exec(sql);
if (client.HasError())
{
SetError(500, client.GetError());
Sys.LogError($"Error engine: {client.GetError()} for SQL: {sql}");
return;
}
if (res != 1)
{
SetError(404, $"This comment could not be found");
return;
}
// Return the updated comment
JsonResponse.Set("comment", comment.ToJson());
}
/// <summary>
/// Delete a comment (hard or soft delete supported)
/// </summary>
/// <param name="client"></param>
private void Delete(EngineClient client, string docid)
{
// Get required inputs
string commentid = ensureStrInput("commentid");
if (commentid == null)
{
return;
}
bool markAsDeleted = Method.JsonRequest.ValueBoo("markAsDeleted", true);
// Hard vs soft delete mode
string sql;
if (markAsDeleted)
{
// Only mark the comment as deleted (can still have replies)
sql = $"UPDATE {indexname} SET message='',userid='',username='',likes='',deleted='true' WHERE id={Str.SqlValue(commentid)} AND docid={Str.SqlValue(docid)}";
}
else
{
// Hard delete the comment
sql = $"DELETE FROM {indexname} WHERE id={Str.SqlValue(commentid)}";
}
// Admin can delete any comment
if (!Method.Session.User.IsAdministrator)
{
string userid = Method.Session.UserId;
sql = $"{sql} AND userid={Str.SqlValue(userid)}";
}
// Delete from index
int res = client.Exec(sql);
if (client.HasError())
{
SetError(500, client.GetError());
Sys.LogError($"Error engine: {client.GetError()} for SQL: {sql}");
return;
}
// Check that the comment was correctly deleted
if (res != 1)
{
SetError(404, $"This comment could not be found");
return;
}
}
/// <summary>
/// Update the content of a comment
/// </summary>
/// <param name="client"></param>
/// <param name="docid"></param>
private void Update(EngineClient client, string docid)
{
// Get required inputs
string commentid = ensureStrInput("commentid");
if (commentid == null)
{
return;
}
string message = ensureStrInput("message");
if (message == null)
{
return;
}
// Read the comment from the engine
var comment = ReadComment(client, commentid, docid);
if (comment == null)
{
return;
}
// Prevent updating a deleted comment
if (comment.deleted)
{
SetError(400, $"Cannot like/unlike a deleted comment");
return;
}
// Update the message content
comment.message = message;
comment.modified = Dat.ToUtc(DateTime.Now);
string sql = comment.ToUpdateSQL(indexname);
// Admin can update any comment
if (!Method.Session.User.IsAdministrator)
{
string userid = Method.Session.UserId;
sql = $"{sql} AND userid={Str.SqlValue(userid)}";
}
// Update the index;
int res = client.Exec(sql);
if (client.HasError())
{
SetError(500, client.GetError());
Sys.LogError($"Error engine: {client.GetError()} for SQL: {sql}");
return;
}
// Check that the comment was correctly updated
if (res != 1)
{
SetError(404, $"This comment could not be found");
return;
}
// Return the updated comment
JsonResponse.Set("comment", comment.ToJson());
}