diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module index 0c2cd55..c45c19d 100644 --- a/core/modules/comment/comment.module +++ b/core/modules/comment/comment.module @@ -239,12 +239,7 @@ function comment_menu() { ); $items['comment/%comment/approve'] = array( 'title' => 'Approve', - 'page callback' => 'comment_approve', - 'page arguments' => array(1), - 'access callback' => 'entity_page_access', - 'access arguments' => array(1, 'approve'), - 'file' => 'comment.pages.inc', - 'weight' => 10, + 'route_name' => 'comment_approve_page', ); $items['comment/%comment/delete'] = array( 'title' => 'Delete', diff --git a/core/modules/comment/comment.pages.inc b/core/modules/comment/comment.pages.inc index 5e1b190..5f408d4 100644 --- a/core/modules/comment/comment.pages.inc +++ b/core/modules/comment/comment.pages.inc @@ -99,26 +99,3 @@ function comment_reply(EntityInterface $node, $pid = NULL) { return $build; } -/** - * Page callback: Publishes the specified comment. - * - * @param \Drupal\comment\Plugin\Core\Entity\Comment $comment - * A comment entity. - * - * @see comment_menu() - */ -function comment_approve(Comment $comment) { - // @todo CSRF tokens are validated in page callbacks rather than access - // callbacks, because access callbacks are also invoked during menu link - // generation. Add token support to routing: http://drupal.org/node/755584. - $token = drupal_container()->get('request')->query->get('token'); - if (!isset($token) || !drupal_valid_token($token, 'comment/' . $comment->id() . '/approve')) { - throw new AccessDeniedHttpException(); - } - - $comment->status->value = COMMENT_PUBLISHED; - $comment->save(); - - drupal_set_message(t('Comment approved.')); - drupal_goto('node/' . $comment->nid->target_id); -} diff --git a/core/modules/comment/comment.routing.yml b/core/modules/comment/comment.routing.yml index 6f786dd..da9f61f 100644 --- a/core/modules/comment/comment.routing.yml +++ b/core/modules/comment/comment.routing.yml @@ -5,3 +5,12 @@ comment_edit_page: requirements: _entity_access: comment.update +comment_approve_page: + pattern: 'comment/{comment}/approve' + defaults: + _content: '\Drupal\comment\Controller\CommentController::commentApprovePage' + entity_type: 'comment' + requirements: + _entity_access: comment.approve + + diff --git a/core/modules/comment/lib/Drupal/comment/Controller/CommentController.php b/core/modules/comment/lib/Drupal/comment/Controller/CommentController.php new file mode 100644 index 0000000..0c06a3a --- /dev/null +++ b/core/modules/comment/lib/Drupal/comment/Controller/CommentController.php @@ -0,0 +1,59 @@ +query->get('token'); + if (!isset($token) || !drupal_valid_token($token, 'comment/' . $comment->id() . '/approve')) { + throw new AccessDeniedHttpException(); + } + + $comment->status->value = COMMENT_PUBLISHED; + $comment->save(); + + return new RedirectResponse(url('node/' . $comment->nid->target_id, array('absolute' => TRUE))); + } + +}