core/modules/comment/comment.module | 15 ++++++++-
core/modules/comment/js/comment-link-edit-own.js | 33 ++++++++++++++++++++
.../lib/Drupal/comment/CommentRenderController.php | 16 +++++++++-
.../lib/Drupal/comment/Tests/CommentLinksTest.php | 27 +++++++++++++++-
4 files changed, 88 insertions(+), 3 deletions(-)
diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module
index 2cd2d7a..f6fb239 100644
--- a/core/modules/comment/comment.module
+++ b/core/modules/comment/comment.module
@@ -1507,7 +1507,8 @@ function template_preprocess_comment(&$variables) {
// Add clearfix class.
$variables['attributes']['class'][] = 'clearfix';
- // Add comment author user ID. Necessary for the comment-by-viewer library.
+ // Add comment author user ID. Necessary for the comment-by-viewer and
+ // comment-link-edit-own libraries.
$variables['attributes']['data-comment-user-id'] = $comment->uid->value;
$variables['content_attributes']['class'][] = 'content';
@@ -1731,5 +1732,17 @@ function comment_library_info() {
array('history', 'drupal.history'),
),
);
+ $libraries['drupal.comment-link-edit-own'] = array(
+ 'title' => 'Comment link "edit" own',
+ 'version' => \Drupal::VERSION,
+ 'js' => array(
+ $path . '/js/comment-link-edit-own.js' => array(),
+ ),
+ 'dependencies' => array(
+ array('system', 'jquery'),
+ array('system', 'drupal'),
+ array('system', 'drupalSettings'),
+ ),
+ );
return $libraries;
}
diff --git a/core/modules/comment/js/comment-link-edit-own.js b/core/modules/comment/js/comment-link-edit-own.js
new file mode 100644
index 0000000..26d7b7a
--- /dev/null
+++ b/core/modules/comment/js/comment-link-edit-own.js
@@ -0,0 +1,33 @@
+/**
+ * @file
+ * Attaches behaviors for the Comment module's "edit" comment links.
+ *
+ * May only be loaded for users that have the "edit own comments" permission.
+ */
+
+(function ($, Drupal, drupalSettings) {
+
+"use strict";
+
+Drupal.behaviors.commentLinkEditOwn = {
+ attach: function (context) {
+ var userID = parseInt(drupalSettings.user.uid, 10);
+ $(context)
+ // Find the "edit" comment links.
+ .find('a[data-comment-link-edit-own]')
+ .once('comment-link-edit-own', function () {
+ var $editCommentLink = $(this);
+ var commentUserID = $editCommentLink
+ .closest('[data-comment-user-id')
+ .attr('data-comment-user-id');
+ // If the comment author's user ID equals the current user ID, then we
+ // must show the "edit" link, because the user has the
+ // "edit own comments" permission.
+ if (parseInt(commentUserID, 10) === userID) {
+ $editCommentLink.removeClass('hidden');
+ }
+ });
+ }
+};
+
+})(jQuery, Drupal, drupalSettings);
diff --git a/core/modules/comment/lib/Drupal/comment/CommentRenderController.php b/core/modules/comment/lib/Drupal/comment/CommentRenderController.php
index 3306df5..836d6f7 100644
--- a/core/modules/comment/lib/Drupal/comment/CommentRenderController.php
+++ b/core/modules/comment/lib/Drupal/comment/CommentRenderController.php
@@ -161,6 +161,7 @@ public function buildContent(array $entities, array $displays, $view_mode, $lang
* An array that can be processed by drupal_pre_render_links().
*/
protected function buildLinks(CommentInterface $entity, EntityInterface $commented_entity) {
+ $attached = array();
$links = array();
$status = $commented_entity->get($entity->field_name->value)->status;
@@ -173,12 +174,24 @@ protected function buildLinks(CommentInterface $entity, EntityInterface $comment
);
}
- if ($entity->access('update')) {
+ if ($entity->status->value == COMMENT_PUBLISHED && \Drupal::currentUser()->hasPermission('edit own comments') || \Drupal::currentUser()->hasPermission('administer comments')) {
$links['comment-edit'] = array(
'title' => t('edit'),
'href' => "comment/{$entity->id()}/edit",
'html' => TRUE,
);
+ // When the user does not have the "administer comments" permission,
+ // and only has the "edit own comments" permission, we must hide the
+ // "edit" link by default to not break the render cache. We then use
+ // JavaScript to only show the "edit" link on comments where the
+ // comment author is the same user as the currently active user.
+ if (!\Drupal::currentUser()->hasPermission('administer comments')) {
+ $links['comment-edit']['attributes'] = array(
+ 'class' => 'hidden',
+ 'data-comment-link-edit-own' => TRUE,
+ );
+ $attached['library'][] = array('comment', 'drupal.comment-link-edit-own');
+ }
}
if ($entity->access('create')) {
$links['comment-reply'] = array(
@@ -221,6 +234,7 @@ protected function buildLinks(CommentInterface $entity, EntityInterface $comment
// check.
'#links' => $links,
'#attributes' => array('class' => array('links', 'inline')),
+ '#attached' => $attached,
);
}
diff --git a/core/modules/comment/lib/Drupal/comment/Tests/CommentLinksTest.php b/core/modules/comment/lib/Drupal/comment/Tests/CommentLinksTest.php
index c529ab9..f23e38e 100644
--- a/core/modules/comment/lib/Drupal/comment/Tests/CommentLinksTest.php
+++ b/core/modules/comment/lib/Drupal/comment/Tests/CommentLinksTest.php
@@ -62,6 +62,8 @@ function testCommentLinks() {
'comment count' => array(FALSE, TRUE),
'access comments' => array(0, 1),
'post comments' => array(0, 1),
+ 'edit own comments' => array(0, 1),
+ 'administer comments' => array(0, 1),
'form' => array(COMMENT_FORM_BELOW, COMMENT_FORM_SEPARATE_PAGE),
// USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL is irrelevant for this
// test; there is only a difference between open and closed registration.
@@ -103,6 +105,7 @@ function testCommentLinks() {
* - post comments
* - skip comment approval
* - edit own comments
+ * - administer comments
*/
function setEnvironment(array $info) {
static $current;
@@ -120,6 +123,7 @@ function setEnvironment(array $info) {
'post comments' => 0,
// Enabled by default, because it's irrelevant for this test.
'skip comment approval' => 1,
+ 'administer comments' => 0,
'edit own comments' => 0,
);
}
@@ -175,7 +179,7 @@ function setEnvironment(array $info) {
// Change user permissions.
$rid = ($this->loggedInUser ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID);
- $perms = array_intersect_key($info, array('access comments' => 1, 'post comments' => 1, 'skip comment approval' => 1, 'edit own comments' => 1));
+ $perms = array_intersect_key($info, array('access comments' => 1, 'post comments' => 1, 'skip comment approval' => 1, 'edit own comments' => 1, 'administer comments' => 1));
user_role_change_permissions($rid, $perms);
// Output verbose debugging information.
@@ -241,6 +245,27 @@ function assertCommentLinks(array $info) {
}
}
}
+
+ // Check the "edit" link on individual comments.
+ if ($path === "node/$nid" && $info['comment count']) {
+ $comment_edit_url = url('comment/' . $this->comment->id() . '/edit');
+ // When given the "administer comments" permission, all comments can
+ // be edited.
+ if ($info['administer comments']) {
+ $this->assertRaw('edit');
+ }
+ // When given the "edit own comments" permission and *not* the
+ // "administer comments" permission, only own comments can be edited,
+ // yet the "edit" link will always be in the HTML, even for comments
+ // that the current user may not edit, because comment (entity) render
+ // caching happens per user role, and hence it may be editable for
+ // another user. Thus, we add a class and a data- attribute plus some
+ // JavaScript that shows the "edit" link only when appropriate.
+ else if ($info['edit own comments']) {
+ $this->assertRaw('edit');
+ $this->assertRaw('core/modules/comment/js/comment-link-edit-own.js');
+ }
+ }
}
else {
$this->assertNoLink(t('1 comment'));