1 | <?php |
||
2 | |||
3 | namespace Apps\Controller\Api\Profile; |
||
4 | |||
5 | use Apps\ActiveRecord\WallAnswer; |
||
6 | use Ffcms\Core\App; |
||
7 | use Ffcms\Core\Exception\ForbiddenException; |
||
8 | use Ffcms\Core\Exception\NativeException; |
||
9 | use Ffcms\Core\Exception\NotFoundException; |
||
10 | use Ffcms\Core\Helper\Type\Any; |
||
11 | use Ffcms\Core\Network\Request; |
||
12 | use Ffcms\Core\Network\Response; |
||
13 | |||
14 | /** |
||
15 | * Trait ActionDeleteAnswerOwner |
||
16 | * @package Apps\Controller\Api\Profile |
||
17 | * @property Request $request |
||
18 | * @property Response $response |
||
19 | * @method void setJsonHeader |
||
20 | */ |
||
21 | trait ActionDeleteAnswerOwner |
||
22 | { |
||
23 | /** |
||
24 | * Delete answer by answer owner or wall owner |
||
25 | * @param $answerId |
||
26 | * @return string |
||
27 | * @throws ForbiddenException |
||
28 | * @throws NativeException |
||
29 | * @throws NotFoundException |
||
30 | * @throws \Exception |
||
31 | */ |
||
32 | public function deleteAnswerOwner(string $answerId): ?string |
||
33 | { |
||
34 | $this->setJsonHeader(); |
||
35 | // hello script kiddy, you must be auth ;) |
||
36 | if (!App::$User->isAuth()) { |
||
37 | throw new ForbiddenException('Auth required'); |
||
38 | } |
||
39 | |||
40 | // answer id must be an unsigned integer |
||
41 | if (!Any::isInt($answerId) || $answerId < 1) { |
||
42 | throw new NativeException('Wrong input data'); |
||
43 | } |
||
44 | |||
45 | /** @var WallAnswer $findAnswer */ |
||
46 | $findAnswer = WallAnswer::find($answerId); |
||
47 | // check if this answer id exist |
||
48 | if (!$findAnswer) { |
||
0 ignored issues
–
show
introduced
by
Loading history...
|
|||
49 | throw new NotFoundException('Wrong input data'); |
||
50 | } |
||
51 | |||
52 | // get current viewer |
||
53 | $viewer = App::$User->identity(); |
||
54 | // get post info |
||
55 | $postInfo = $findAnswer->post; |
||
56 | |||
57 | // if not a target user of answer and not answer owner - lets throw exception |
||
58 | if ($postInfo->target_id !== $viewer->id && $findAnswer->user_id !== $viewer->id) { |
||
59 | throw new ForbiddenException('Access declined!'); |
||
60 | } |
||
61 | |||
62 | // all is ok, lets remove this answer ;) |
||
63 | $findAnswer->delete(); |
||
64 | |||
65 | return json_encode([ |
||
66 | 'status' => 1, |
||
67 | 'message' => 'ok' |
||
68 | ]); |
||
69 | } |
||
70 | } |
||
71 |