refactor: migrated sticky FAQs page to controller (#3257)

thorsten · Dec 2, 2024 · 1118078 · 1118078
1 parent 0058aac
commit 1118078
Show file tree

Hide file tree

Showing 11 changed files with 101 additions and 92 deletions.
diff --git a/nginx.conf b/nginx.conf
@@ -129,7 +129,7 @@ server {
             rewrite admin/api/(.*)                                  /admin/api/index.php last;
 
             # Administration pages
-            rewrite admin/(attachments|backup|comments|configuration|elasticsearch|export|glossary|group|import|instance|instances|news|password|questions|session-keep-alive|statistics|stopwords|system|tags|update|user) /admin/front.php last;
+            rewrite admin/(attachments|backup|comments|configuration|elasticsearch|export|glossary|group|import|instance|instances|news|password|questions|session-keep-alive|statistics|sticky-faqs|stopwords|system|tags|update|user) /admin/front.php last;
 
             # REST API v3.0 and v3.1
             rewrite ^api/v3\.[01]/(.*)                              /api/index.php last;

diff --git a/phpmyfaq/.htaccess b/phpmyfaq/.htaccess
@@ -143,7 +143,7 @@ Header set Access-Control-Allow-Headers "Content-Type, Authorization"
     # Administration API
     RewriteRule ^admin/api/(.*) admin/api/index.php [L,QSA]
     # Administration pages
-    RewriteRule ^admin/(attachments|backup|comments|configuration|elasticsearch|export|glossary|group|import|instance|instances|news|password|questions|session-keep-alive|statistics|stopwords|system|tags|update|user) admin/front.php [L,QSA]
+    RewriteRule ^admin/(attachments|backup|comments|configuration|elasticsearch|export|glossary|group|import|instance|instances|news|password|questions|session-keep-alive|statistics|sticky-faqs|stopwords|system|tags|update|user) admin/front.php [L,QSA]
     # Private APIs
     RewriteRule ^api/(autocomplete|bookmark/delete|bookmark/create|user/data/update|user/password/update|user/request-removal|user/remove-twofactor|contact|voting|register|captcha|share|comment/create|faq/create|question/create|webauthn/prepare|webauthn/register|webauthn/prepare-login|webauthn/login) api/index.php [L,QSA]
     # Setup APIs

diff --git a/phpmyfaq/admin/header.php b/phpmyfaq/admin/header.php
@@ -77,7 +77,8 @@
 $secLevelEntries['content'] .= $adminHelper->addMenuEntry(
     PermissionType::FAQ_EDIT->value,
     'stickyfaqs',
-    'stickyRecordsHeader'
+    'stickyRecordsHeader',
+    'sticky-faqs'
 );
 $secLevelEntries['content'] .= $adminHelper->addMenuEntry('delquestion', 'question', 'ad_menu_open', 'questions');
 $secLevelEntries['content'] .= $adminHelper->addMenuEntry('delcomment', 'comments', 'ad_menu_comments', 'comments');

diff --git a/phpmyfaq/admin/index.php b/phpmyfaq/admin/index.php
@@ -267,9 +267,6 @@
             case 'copyentry':
                 require 'faqs.editor.php';
                 break;
-            case 'stickyfaqs':
-                require 'stickyfaqs.php';
-                break;
             // category administration
             case 'savecategory':
             case 'updatecategory':

diff --git a/phpmyfaq/admin/stickyfaqs.php b/phpmyfaq/admin/stickyfaqs.php
diff --git a/phpmyfaq/assets/templates/admin/content/sticky-faqs.twig b/phpmyfaq/assets/templates/admin/content/sticky-faqs.twig
@@ -0,0 +1,35 @@
+{% extends '@admin/index.twig' %}
+
+{% block content %}
+  <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
+    <h1 class="h2">
+      <i aria-hidden="true" class="bi bi-star"></i> {{ stickyFAQsHeader }}
+    </h1>
+  </div>
+
+  {% if orderingStickyFaqsActivated == false %}
+    <div class="alert alert-warning alert-dismissible fade show">{{ alertMessageStickyFaqsDeactivated | raw }}
+      <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+    </div>
+  {% endif %}
+
+  {% if stickyData is empty %}
+    <div class="alert alert-danger alert-dismissible fade show">{{ alertMessageNoStickyRecords | raw }}
+      <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+    </div>
+  {% endif %}
+
+  {% if orderingStickyFaqsActivated != false %}
+  <div class="card shadow mt-5 ml-5" id="mainCardStickyFAQs">
+    <div class="card-body">
+      <ul class="list-group list-group-numbered {{ sortableDisabled }}" id="stickyFAQs" data-csrf="{{ csrfToken }}">
+      {% for faq in stickyData %}
+        <li class="list-group-item" data-pmf-faqid="{{ faq.id|e }}">
+          <a href="{{ faq.url|e }}">{{ faq.question|e }}</a>
+        </li>
+      {% endfor %}
+      </ul>
+    </div>
+  </div>
+  {% endif %}
+{% endblock %}
diff --git a/phpmyfaq/assets/templates/admin/content/stickyfaqs.twig b/phpmyfaq/assets/templates/admin/content/stickyfaqs.twig
diff --git a/phpmyfaq/src/admin-routes.php b/phpmyfaq/src/admin-routes.php
@@ -34,6 +34,7 @@
 use phpMyFAQ\Controller\Administration\SessionKeepAliveController;
 use phpMyFAQ\Controller\Administration\StatisticsSearchController;
 use phpMyFAQ\Controller\Administration\StatisticsSessionsController;
+use phpMyFAQ\Controller\Administration\StickyFaqsController;
 use phpMyFAQ\Controller\Administration\StopWordsController;
 use phpMyFAQ\Controller\Administration\SystemInformationController;
 use phpMyFAQ\Controller\Administration\TagController;
@@ -65,6 +66,11 @@
         'controller' => [BackupController::class, 'restore'],
         'methods' => 'POST'
     ],
+    'admin.content.sticky-faqs' => [
+        'path' => '/sticky-faqs',
+        'controller' => [StickyFaqsController::class, 'index'],
+        'methods' => 'GET'
+    ],
     'admin.comments' => [
         'path' => '/comments',
         'controller' => [CommentsController::class, 'index'],

diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php
@@ -90,7 +90,8 @@ protected function getHeader(Request $request): array
         $secLevelEntries['content'] .= $adminHelper->addMenuEntry(
             PermissionType::FAQ_EDIT->value,
             'stickyfaqs',
-            'stickyRecordsHeader'
+            'stickyRecordsHeader',
+            'sticky-faqs'
         );
         $secLevelEntries['content'] .= $adminHelper->addMenuEntry(
             'delquestion',
@@ -232,7 +233,6 @@ protected function getHeader(Request $request): array
             case 'editentry':
             case 'copyentry':
             case 'takequestion':
-            case 'stickyfaqs':
                 $contentPage = true;
                 break;
             case 'forms':
@@ -259,6 +259,7 @@ protected function getHeader(Request $request): array
                 $userPage = true;
                 break;
             case 'admin.attachments':
+            case 'admin.content.sticky-faqs':
             case 'admin.comments':
             case 'admin.glossary':
             case 'admin.news':

diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/FaqController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/FaqController.php
@@ -504,7 +504,7 @@ public function activate(Request $request): JsonResponse
         $faqLanguage = Filter::filterVar($data->faqLanguage, FILTER_SANITIZE_SPECIAL_CHARS);
         $checked = Filter::filterVar($data->checked, FILTER_VALIDATE_BOOLEAN);
 
-        if (!Token::getInstance()->verifyToken('faq-overview', $data->csrf)) {
+        if (!Token::getInstance($this->container->get('session'))->verifyToken('faq-overview', $data->csrf)) {
             return $this->json(['error' => Translation::get('msgNoPermission')], Response::HTTP_UNAUTHORIZED);
         }
 
@@ -542,7 +542,7 @@ public function sticky(Request $request): JsonResponse
         $faqLanguage = Filter::filterVar($data->faqLanguage, FILTER_SANITIZE_SPECIAL_CHARS);
         $checked = Filter::filterVar($data->checked, FILTER_VALIDATE_BOOLEAN);
 
-        if (!Token::getInstance()->verifyToken('faq-overview', $data->csrf)) {
+        if (!Token::getInstance($this->container->get('session'))->verifyToken('faq-overview', $data->csrf)) {
             return $this->json(['error' => Translation::get('msgNoPermission')], Response::HTTP_UNAUTHORIZED);
         }
 
@@ -582,7 +582,7 @@ public function delete(Request $request): JsonResponse
         $faqId = Filter::filterVar($data->faqId, FILTER_VALIDATE_INT);
         $faqLanguage = Filter::filterVar($data->faqLanguage, FILTER_SANITIZE_SPECIAL_CHARS);
 
-        if (!Token::getInstance()->verifyToken('faq-overview', $data->csrf)) {
+        if (!Token::getInstance($this->container->get('session'))->verifyToken('faq-overview', $data->csrf)) {
             return $this->json(['error' => Translation::get('msgNoPermission')], Response::HTTP_UNAUTHORIZED);
         }
 
@@ -610,7 +610,7 @@ public function search(Request $request): JsonResponse
 
         $data = json_decode($request->getContent());
 
-        if (!Token::getInstance()->verifyToken('edit-faq', $data->csrf)) {
+        if (!Token::getInstance($this->container->get('session'))->verifyToken('edit-faq', $data->csrf)) {
             return $this->json(['error' => Translation::get('msgNoPermission')], Response::HTTP_UNAUTHORIZED);
         }
 
@@ -648,7 +648,7 @@ public function saveOrderOfStickyFaqs(Request $request): JsonResponse
 
         $data = json_decode($request->getContent());
 
-        if (!Token::getInstance()->verifyToken('order-stickyfaqs', $data->csrf)) {
+        if (!Token::getInstance($this->container->get('session'))->verifyToken('order-stickyfaqs', $data->csrf)) {
             return $this->json(['error' => Translation::get('msgNoPermission')], Response::HTTP_UNAUTHORIZED);
         }
 
@@ -666,12 +666,14 @@ public function import(Request $request): JsonResponse
     {
         $this->userHasPermission(PermissionType::FAQ_ADD);
 
+        $session = $this->container->get('session');
+
         $file = $request->files->get('file');
         if (!isset($file)) {
             return $this->json(['error' => 'Bad request: There is no file submitted.'], Response::HTTP_BAD_REQUEST);
         }
 
-        if (!Token::getInstance()->verifyToken('importfaqs', $request->request->get('csrf'))) {
+        if (!Token::getInstance($session)->verifyToken('importfaqs', $request->request->get('csrf'))) {
             return $this->json(['error' => Translation::get('msgNoPermission')], Response::HTTP_UNAUTHORIZED);
         }
 

diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/StickyFaqsController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/StickyFaqsController.php
@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+
+namespace phpMyFAQ\Controller\Administration;
+
+use phpMyFAQ\Core\Exception;
+use phpMyFAQ\Enums\PermissionType;
+use phpMyFAQ\Session\Token;
+use phpMyFAQ\Translation;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+use Twig\Error\LoaderError;
+
+class StickyFaqsController extends AbstractAdministrationController
+{
+    /**
+     * @throws Exception
+     * @throws LoaderError
+     * @throws \Exception
+     */
+    #[Route('/sticky-faqs')]
+    public function index(Request $request): Response
+    {
+        $this->userHasPermission(PermissionType::FAQ_EDIT);
+
+        $customOrdering = $this->configuration->get('records.orderStickyFaqsCustom');
+
+        return $this->render(
+            '@admin/content/sticky-faqs.twig',
+            [
+                ... $this->getHeader($request),
+                ... $this->getFooter(),
+                'stickyFAQsHeader' => Translation::get('stickyRecordsHeader'),
+                'stickyData' => $this->container->get('phpmyfaq.faq')->getStickyFaqsData(),
+                'sortableDisabled' => ($customOrdering === false) ? 'sortable-disabled' : '',
+                'orderingStickyFaqsActivated' => $this->configuration->get('records.orderStickyFaqsCustom'),
+                'alertMessageStickyFaqsDeactivated' => Translation::get('msgOrderStickyFaqsCustomDeactivated'),
+                'alertMessageNoStickyRecords' => Translation::get('msgNoStickyFaqs'),
+                'csrfToken' => Token::getInstance($this->container->get('session'))->getTokenString('order-stickyfaqs')
+            ]
+        );
+    }
+}