feat: system tools and admin enhancements
This commit is contained in:
@@ -6,6 +6,7 @@ use App\Actions\BbcodeFormatter;
|
||||
use App\Models\Post;
|
||||
use App\Models\Thread;
|
||||
use App\Models\Setting;
|
||||
use App\Services\AuditLogger;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
@@ -54,6 +55,10 @@ class PostController extends Controller
|
||||
'body' => $data['body'],
|
||||
]);
|
||||
|
||||
app(AuditLogger::class)->log($request, 'post.created', $post, [
|
||||
'thread_id' => $thread->id,
|
||||
]);
|
||||
|
||||
$post->loadMissing([
|
||||
'user' => fn ($query) => $query
|
||||
->withCount(['posts', 'threads', 'thanksGiven', 'thanksReceived'])
|
||||
@@ -67,6 +72,13 @@ class PostController extends Controller
|
||||
|
||||
public function destroy(Request $request, Post $post): JsonResponse
|
||||
{
|
||||
$reason = $request->input('reason');
|
||||
$reasonText = $request->input('reason_text');
|
||||
app(AuditLogger::class)->log($request, 'post.deleted', $post, [
|
||||
'thread_id' => $post->thread_id,
|
||||
'reason' => $reason,
|
||||
'reason_text' => $reasonText,
|
||||
]);
|
||||
$post->deleted_by = $request->user()?->id;
|
||||
$post->save();
|
||||
$post->delete();
|
||||
@@ -74,6 +86,41 @@ class PostController extends Controller
|
||||
return response()->json(null, 204);
|
||||
}
|
||||
|
||||
public function update(Request $request, Post $post): JsonResponse
|
||||
{
|
||||
$user = $request->user();
|
||||
if (!$user) {
|
||||
return response()->json(['message' => 'Unauthorized.'], 401);
|
||||
}
|
||||
|
||||
$isAdmin = $user->roles()->where('name', 'ROLE_ADMIN')->exists();
|
||||
if (!$isAdmin && $post->user_id !== $user->id) {
|
||||
return response()->json(['message' => 'Not authorized to edit posts.'], 403);
|
||||
}
|
||||
|
||||
$data = $request->validate([
|
||||
'body' => ['required', 'string'],
|
||||
]);
|
||||
|
||||
$post->body = $data['body'];
|
||||
$post->save();
|
||||
$post->refresh();
|
||||
|
||||
app(AuditLogger::class)->log($request, 'post.edited', $post, [
|
||||
'thread_id' => $post->thread_id,
|
||||
]);
|
||||
|
||||
$post->loadMissing([
|
||||
'user' => fn ($query) => $query
|
||||
->withCount(['posts', 'threads', 'thanksGiven', 'thanksReceived'])
|
||||
->with(['rank', 'roles']),
|
||||
'attachments.extension',
|
||||
'attachments.group',
|
||||
]);
|
||||
|
||||
return response()->json($this->serializePost($post));
|
||||
}
|
||||
|
||||
private function parseIriId(?string $value): ?int
|
||||
{
|
||||
if (!$value) {
|
||||
@@ -163,6 +210,9 @@ class PostController extends Controller
|
||||
$map[$name] = [
|
||||
'url' => "/api/attachments/{$attachment->id}/download",
|
||||
'mime' => $attachment->mime_type ?? '',
|
||||
'thumb' => $attachment->thumbnail_path
|
||||
? "/api/attachments/{$attachment->id}/thumbnail"
|
||||
: null,
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -181,6 +231,10 @@ class PostController extends Controller
|
||||
$url = $entry['url'];
|
||||
$mime = $entry['mime'] ?? '';
|
||||
if (str_starts_with($mime, 'image/') && $this->displayImagesInline()) {
|
||||
if (!empty($entry['thumb'])) {
|
||||
$thumb = $entry['thumb'];
|
||||
return "[url={$url}][img]{$thumb}[/img][/url]";
|
||||
}
|
||||
return "[img]{$url}[/img]";
|
||||
}
|
||||
return "[url={$url}]{$rawName}[/url]";
|
||||
|
||||
Reference in New Issue
Block a user