From c95b52a5f3966e9695128707c7e04ed91480cab2 Mon Sep 17 00:00:00 2001
From: johnniang <johnniang@riseup.net>
Date: Wed, 3 Apr 2019 10:28:19 +0800
Subject: [PATCH] Complete portal comment api

---
 .../ryanc/halo/config/HaloConfiguration.java  |  3 +-
 .../admin/api/CommentController.java          | 19 ++---
 .../portal/api/CommentController.java         | 70 +++++++++++++++++++
 3 files changed, 78 insertions(+), 14 deletions(-)
 create mode 100644 src/main/java/cc/ryanc/halo/web/controller/portal/api/CommentController.java

diff --git a/src/main/java/cc/ryanc/halo/config/HaloConfiguration.java b/src/main/java/cc/ryanc/halo/config/HaloConfiguration.java
index dc5d4445d..efcadc6f2 100644
--- a/src/main/java/cc/ryanc/halo/config/HaloConfiguration.java
+++ b/src/main/java/cc/ryanc/halo/config/HaloConfiguration.java
@@ -122,12 +122,13 @@ public class HaloConfiguration {
         // Config the admin filter
         adminAuthenticationFilter.addExcludeUrlPatterns("/admin/api/login");
         adminAuthenticationFilter.addTryAuthUrlMethodPattern("/admin/api/comments", HttpMethod.POST.name());
+        adminAuthenticationFilter.addTryAuthUrlMethodPattern("/api/comments", HttpMethod.POST.name());
         adminAuthenticationFilter.setFailureHandler(
                 failureHandler);
 
         FilterRegistrationBean<AdminAuthenticationFilter> authenticationFilter = new FilterRegistrationBean<>();
         authenticationFilter.setFilter(adminAuthenticationFilter);
-        authenticationFilter.addUrlPatterns("/admin/*");
+        authenticationFilter.addUrlPatterns("/admin/*", "/api/comments");
         authenticationFilter.setOrder(1);
         return authenticationFilter;
     }
diff --git a/src/main/java/cc/ryanc/halo/web/controller/admin/api/CommentController.java b/src/main/java/cc/ryanc/halo/web/controller/admin/api/CommentController.java
index fea7e32eb..e483c09a4 100644
--- a/src/main/java/cc/ryanc/halo/web/controller/admin/api/CommentController.java
+++ b/src/main/java/cc/ryanc/halo/web/controller/admin/api/CommentController.java
@@ -3,12 +3,10 @@ package cc.ryanc.halo.web.controller.admin.api;
 import cc.ryanc.halo.model.dto.CommentOutputDTO;
 import cc.ryanc.halo.model.entity.Comment;
 import cc.ryanc.halo.model.entity.User;
-import cc.ryanc.halo.model.properties.BlogProperties;
 import cc.ryanc.halo.model.enums.CommentStatus;
 import cc.ryanc.halo.model.params.CommentParam;
+import cc.ryanc.halo.model.properties.BlogProperties;
 import cc.ryanc.halo.model.vo.CommentWithPostVO;
-import cc.ryanc.halo.security.authentication.Authentication;
-import cc.ryanc.halo.security.context.SecurityContextHolder;
 import cc.ryanc.halo.service.CommentService;
 import cc.ryanc.halo.service.OptionService;
 import cc.ryanc.halo.service.PostService;
@@ -62,16 +60,11 @@ public class CommentController {
     }
 
     @PostMapping
-    public CommentOutputDTO createBy(@RequestBody CommentParam commentParam, HttpServletRequest request) {
-        // Get authentication
-        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        if (authentication != null) {
-            User user = authentication.getDetail().getUser();
-            // If the admin is login
-            commentParam.setAuthor(StringUtils.isEmpty(user.getNickname()) ? user.getUsername() : user.getNickname());
-            commentParam.setEmail(user.getEmail());
-            commentParam.setAuthorUrl(optionService.getByPropertyOfNullable(BlogProperties.BLOG_URL));
-        }
+    public CommentOutputDTO createBy(@RequestBody CommentParam commentParam, HttpServletRequest request, User user) {
+        // Set some default info
+        commentParam.setAuthor(StringUtils.isEmpty(user.getNickname()) ? user.getUsername() : user.getNickname());
+        commentParam.setEmail(user.getEmail());
+        commentParam.setAuthorUrl(optionService.getByPropertyOfNullable(BlogProperties.BLOG_URL));
 
         // Validate the comment param manually
         ValidationUtils.validate(commentParam);
diff --git a/src/main/java/cc/ryanc/halo/web/controller/portal/api/CommentController.java b/src/main/java/cc/ryanc/halo/web/controller/portal/api/CommentController.java
new file mode 100644
index 000000000..fd21105a0
--- /dev/null
+++ b/src/main/java/cc/ryanc/halo/web/controller/portal/api/CommentController.java
@@ -0,0 +1,70 @@
+package cc.ryanc.halo.web.controller.portal.api;
+
+import cc.ryanc.halo.model.dto.CommentOutputDTO;
+import cc.ryanc.halo.model.entity.User;
+import cc.ryanc.halo.model.params.CommentParam;
+import cc.ryanc.halo.model.properties.BlogProperties;
+import cc.ryanc.halo.security.authentication.Authentication;
+import cc.ryanc.halo.security.context.SecurityContextHolder;
+import cc.ryanc.halo.service.CommentService;
+import cc.ryanc.halo.service.OptionService;
+import cc.ryanc.halo.service.PostService;
+import cc.ryanc.halo.utils.ValidationUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Portal comment controller.
+ *
+ * @author johnniang
+ * @date 4/3/19
+ */
+@RestController("PortalCommentController")
+@RequestMapping("/api/comments")
+public class CommentController {
+
+    private final CommentService commentService;
+
+    private final OptionService optionService;
+
+    private final PostService postService;
+
+    public CommentController(CommentService commentService,
+                             OptionService optionService,
+                             PostService postService) {
+        this.commentService = commentService;
+        this.optionService = optionService;
+        this.postService = postService;
+    }
+
+    @PostMapping
+    public CommentOutputDTO comment(@RequestBody CommentParam commentParam, HttpServletRequest request) {
+        // Get authentication
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication != null) {
+            User user = authentication.getDetail().getUser();
+            // If the admin is login
+            commentParam.setAuthor(StringUtils.isEmpty(user.getNickname()) ? user.getUsername() : user.getNickname());
+            commentParam.setEmail(user.getEmail());
+            commentParam.setAuthorUrl(optionService.getByPropertyOfNullable(BlogProperties.BLOG_URL));
+        }
+
+        // Validate the comment param manually
+        ValidationUtils.validate(commentParam);
+
+        // Check post id
+        postService.mustExistById(commentParam.getPostId());
+
+        // Check parent id
+        if (commentParam.getParentId() != null && commentParam.getParentId() > 0) {
+            commentService.mustExistById(commentParam.getParentId());
+        }
+
+        return new CommentOutputDTO().convertFrom(commentService.createBy(commentParam.convertTo(), request));
+    }
+}