mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-05 17:51:40 +09:00
Merge branch 'security/document-module-check' into develop
This commit is contained in:
Kijin Sung
commit
83e4b763ce
8 changed files with 168 additions and 54 deletions
|
|
@ -39,16 +39,17 @@ class commentController extends comment
|
|||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
}
|
||||
|
||||
$oComment = CommentModel::getComment($comment_srl, FALSE, FALSE);
|
||||
$module_srl = $oComment->get('module_srl');
|
||||
if(!$module_srl)
|
||||
$oComment = CommentModel::getComment($comment_srl, false, false);
|
||||
if(!$oComment->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
|
||||
$comment_config = ModuleModel::getModulePartConfig('comment', $module_srl);
|
||||
if($comment_config->use_vote_up == 'N')
|
||||
if(!$oComment->isAccessible(true))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
$comment_config = ModuleModel::getModulePartConfig('comment', $oComment->get('module_srl'));
|
||||
if($comment_config->use_vote_up === 'N')
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\FeatureDisabled;
|
||||
}
|
||||
|
|
@ -70,13 +71,24 @@ class commentController extends comment
|
|||
}
|
||||
|
||||
$comment_srl = Context::get('target_srl');
|
||||
if(!$comment_srl) throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
|
||||
$oComment = CommentModel::getComment($comment_srl, FALSE, FALSE);
|
||||
if(!$comment_srl)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
}
|
||||
$oComment = CommentModel::getComment($comment_srl, false, false);
|
||||
if(!$oComment->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
if(!$oComment->isAccessible(true))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
if($oComment->get('voted_count') <= 0)
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('failed_voted_canceled');
|
||||
}
|
||||
|
||||
$point = 1;
|
||||
$output = $this->updateVotedCountCancel($comment_srl, $oComment, $point);
|
||||
|
||||
|
|
@ -106,16 +118,17 @@ class commentController extends comment
|
|||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
}
|
||||
|
||||
$oComment = CommentModel::getComment($comment_srl, FALSE, FALSE);
|
||||
$module_srl = $oComment->get('module_srl');
|
||||
if(!$module_srl)
|
||||
$oComment = CommentModel::getComment($comment_srl, false, false);
|
||||
if(!$oComment->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
|
||||
$comment_config = ModuleModel::getModulePartConfig('comment', $module_srl);
|
||||
if($comment_config->use_vote_down == 'N')
|
||||
if(!$oComment->isAccessible(true))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
$comment_config = ModuleModel::getModulePartConfig('comment', $oComment->get('module_srl'));
|
||||
if($comment_config->use_vote_down === 'N')
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\FeatureDisabled;
|
||||
}
|
||||
|
|
@ -137,13 +150,24 @@ class commentController extends comment
|
|||
}
|
||||
|
||||
$comment_srl = Context::get('target_srl');
|
||||
if(!$comment_srl) throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
|
||||
$oComment = CommentModel::getComment($comment_srl, FALSE, FALSE);
|
||||
if(!$comment_srl)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
}
|
||||
$oComment = CommentModel::getComment($comment_srl, false, false);
|
||||
if(!$oComment->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
if(!$oComment->isAccessible(true))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
if($oComment->get('blamed_count') >= 0)
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('failed_blamed_canceled');
|
||||
}
|
||||
|
||||
$point = -1;
|
||||
$output = $this->updateVotedCountCancel($comment_srl, $oComment, $point);
|
||||
|
||||
|
|
@ -243,7 +267,16 @@ class commentController extends comment
|
|||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
}
|
||||
|
||||
$oComment = CommentModel::getComment($comment_srl, false, false);
|
||||
if(!$oComment->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
if(!$oComment->isAccessible(true))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
|
||||
// if an user select message from options, message would be the option.
|
||||
$message_option = strval(Context::get('message_option'));
|
||||
$improper_comment_reasons = lang('improper_comment_reasons');
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue