Code Coverage for /Users/ericduran/Sites/drupal/drupal/core/modules/comment/src/CommentForm.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 9	CRAP	0.00% covered (danger)	0.00%	0 / 226
CommentForm	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 9	3080	0.00% covered (danger)	0.00%	0 / 226
create				0.00% covered (danger)	0.00%	0 / 1	2	0.00% covered (danger)	0.00%	0 / 6
__construct				0.00% covered (danger)	0.00%	0 / 1	2	0.00% covered (danger)	0.00%	0 / 4
form				0.00% covered (danger)	0.00%	0 / 1	650	0.00% covered (danger)	0.00%	0 / 116
actions				0.00% covered (danger)	0.00%	0 / 1	20	0.00% covered (danger)	0.00%	0 / 16
buildEntity				0.00% covered (danger)	0.00%	0 / 1	156	0.00% covered (danger)	0.00%	0 / 34
getEditedFieldNames				0.00% covered (danger)	0.00%	0 / 1	2	0.00% covered (danger)	0.00%	0 / 2
flagViolations				0.00% covered (danger)	0.00%	0 / 1	12	0.00% covered (danger)	0.00%	0 / 8
preview				0.00% covered (danger)	0.00%	0 / 1	2	0.00% covered (danger)	0.00%	0 / 5
save				0.00% covered (danger)	0.00%	0 / 1	56	0.00% covered (danger)	0.00%	0 / 35

1	<?php
2
3	/**
4	* @file
5	* Contains \Drupal\comment\CommentForm.
6	*/
7
8	namespace Drupal\comment;
9
10	use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
11	use Drupal\Component\Utility\Html;
12	use Drupal\Component\Utility\Unicode;
13	use Drupal\Core\Datetime\DrupalDateTime;
14	use Drupal\Core\Entity\ContentEntityForm;
15	use Drupal\Core\Entity\EntityConstraintViolationListInterface;
16	use Drupal\Core\Entity\EntityManagerInterface;
17	use Drupal\Core\Form\FormStateInterface;
18	use Drupal\Core\Render\RendererInterface;
19	use Drupal\Core\Session\AccountInterface;
20	use Symfony\Component\DependencyInjection\ContainerInterface;
21
22	/**
23	* Base for controller for comment forms.
24	*/
25	class CommentForm extends ContentEntityForm {
26
27	/**
28	* The current user.
29	*
30	* @var \Drupal\Core\Session\AccountInterface
31	*/
32	protected $currentUser;
33
34	/**
35	* The renderer.
36	*
37	* @var \Drupal\Core\Render\RendererInterface
38	*/
39	protected $renderer;
40
41	/**
42	* {@inheritdoc}
43	*/
44	public static function create(ContainerInterface $container) {
45	return new static(
46	$container->get('entity.manager'),
47	$container->get('current_user'),
48	$container->get('renderer')
49	);
50	}
51
52	/**
53	* Constructs a new CommentForm.
54	*
55	* @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
56	* The entity manager service.
57	* @param \Drupal\Core\Session\AccountInterface $current_user
58	* The current user.
59	* @param \Drupal\Core\Render\RendererInterface $renderer
60	* The renderer.
61	*/
62	public function __construct(EntityManagerInterface $entity_manager, AccountInterface $current_user, RendererInterface $renderer) {
63	parent::__construct($entity_manager);
64	$this->currentUser = $current_user;
65	$this->renderer = $renderer;
66	}
67
68	/**
69	* {@inheritdoc}
70	*/
71	public function form(array $form, FormStateInterface $form_state) {
72	/** @var \Drupal\comment\CommentInterface $comment */
73	$comment = $this->entity;
74	$entity = $this->entityManager->getStorage($comment->getCommentedEntityTypeId())->load($comment->getCommentedEntityId());
75	$field_name = $comment->getFieldName();
76	$field_definition = $this->entityManager->getFieldDefinitions($entity->getEntityTypeId(), $entity->bundle())[$comment->getFieldName()];
77	$config = $this->config('user.settings');
78
79	// In several places within this function, we vary $form on:
80	// - The current user's permissions.
81	// - Whether the current user is authenticated or anonymous.
82	// - The 'user.settings' configuration.
83	// - The comment field's definition.
84	$form['#cache']['contexts'][] = 'user.permissions';
85	$form['#cache']['contexts'][] = 'user.roles:authenticated';
86	$this->renderer->addCacheableDependency($form, $config);
87	$this->renderer->addCacheableDependency($form, $field_definition->getConfig($entity->bundle()));
88
89	// Use #comment-form as unique jump target, regardless of entity type.
90	$form['#id'] = Html::getUniqueId('comment_form');
91	$form['#theme'] = array('comment_form__' . $entity->getEntityTypeId() . '__' . $entity->bundle() . '__' . $field_name, 'comment_form');
92
93	$anonymous_contact = $field_definition->getSetting('anonymous');
94	$is_admin = $comment->id() && $this->currentUser->hasPermission('administer comments');
95
96	if (!$this->currentUser->isAuthenticated() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
97	$form['#attached']['library'][] = 'core/drupal.form';
98	$form['#attributes']['data-user-info-from-browser'] = TRUE;
99	}
100
101	// If not replying to a comment, use our dedicated page callback for new
102	// Comments on entities.
103	if (!$comment->id() && !$comment->hasParentComment()) {
104	$form['#action'] = $this->url('comment.reply', array('entity_type' => $entity->getEntityTypeId(), 'entity' => $entity->id(), 'field_name' => $field_name));
105	}
106
107	$comment_preview = $form_state->get('comment_preview');
108	if (isset($comment_preview)) {
109	$form += $comment_preview;
110	}
111
112	$form['author'] = array();
113	// Display author information in a details element for comment moderators.
114	if ($is_admin) {
115	$form['author'] += array(
116	'#type' => 'details',
117	'#title' => $this->t('Administration'),
118	);
119	}
120
121	// Prepare default values for form elements.
122	$author = '';
123	if ($is_admin) {
124	if (!$comment->getOwnerId()) {
125	$author = $comment->getAuthorName();
126	}
127	$status = $comment->getStatus();
128	if (empty($comment_preview)) {
129	$form['#title'] = $this->t('Edit comment %title', array(
130	'%title' => $comment->getSubject(),
131	));
132	}
133	}
134	else {
135	$status = ($this->currentUser->hasPermission('skip comment approval') ? CommentInterface::PUBLISHED : CommentInterface::NOT_PUBLISHED);
136	}
137
138	$date = '';
139	if ($comment->id()) {
140	$date = !empty($comment->date) ? $comment->date : DrupalDateTime::createFromTimestamp($comment->getCreatedTime());
141	}
142
143	// The uid field is only displayed when a user with the permission
144	// 'administer comments' is editing an existing comment from an
145	// authenticated user.
146	$owner = $comment->getOwner();
147	$form['author']['uid'] = [
148	'#type' => 'entity_autocomplete',
149	'#target_type' => 'user',
150	'#default_value' => $owner->isAnonymous() ? NULL : $owner,
151	// A comment can be made anonymous by leaving this field empty therefore
152	// there is no need to list them in the autocomplete.
153	'#selection_settings' => ['include_anonymous' => FALSE],
154	'#title' => $this->t('Authored by'),
155	'#description' => $this->t('Leave blank for %anonymous.', ['%anonymous' => $config->get('anonymous')]),
156	'#access' => $is_admin,
157	];
158
159	// The name field is displayed when an anonymous user is adding a comment or
160	// when a user with the permission 'administer comments' is editing an
161	// existing comment from an anonymous user.
162	$form['author']['name'] = array(
163	'#type' => 'textfield',
164	'#title' => $is_admin ? $this->t('Name for @anonymous', ['@anonymous' => $config->get('anonymous')]) : $this->t('Your name'),
165	'#default_value' => $author,
166	'#required' => ($this->currentUser->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT),
167	'#maxlength' => 60,
168	'#access' => $this->currentUser->isAnonymous() \|\| $is_admin,
169	'#size' => 30,
170	'#attributes'=> [
171	'data-drupal-default-value' => $config->get('anonymous'),
172	],
173	);
174
175	if ($is_admin) {
176	// When editing a comment only display the name textfield if the uid field
177	// is empty.
178	$form['author']['name']['#states'] = [
179	'visible' => [
180	':input[name="uid"]' => array('empty' => TRUE),
181	],
182	];
183	}
184
185	// Add author email and homepage fields depending on the current user.
186	$form['author']['mail'] = array(
187	'#type' => 'email',
188	'#title' => $this->t('Email'),
189	'#default_value' => $comment->getAuthorEmail(),
190	'#required' => ($this->currentUser->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT),
191	'#maxlength' => 64,
192	'#size' => 30,
193	'#description' => $this->t('The content of this field is kept private and will not be shown publicly.'),
194	'#access' => ($comment->getOwner()->isAnonymous() && $is_admin) \|\| ($this->currentUser->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT),
195	);
196
197	$form['author']['homepage'] = array(
198	'#type' => 'url',
199	'#title' => $this->t('Homepage'),
200	'#default_value' => $comment->getHomepage(),
201	'#maxlength' => 255,
202	'#size' => 30,
203	'#access' => $is_admin \|\| ($this->currentUser->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT),
204	);
205
206	// Add administrative comment publishing options.
207	$form['author']['date'] = array(
208	'#type' => 'datetime',
209	'#title' => $this->t('Authored on'),
210	'#default_value' => $date,
211	'#size' => 20,
212	'#access' => $is_admin,
213	);
214
215	$form['author']['status'] = array(
216	'#type' => 'radios',
217	'#title' => $this->t('Status'),
218	'#default_value' => $status,
219	'#options' => array(
220	CommentInterface::PUBLISHED => $this->t('Published'),
221	CommentInterface::NOT_PUBLISHED => $this->t('Not published'),
222	),
223	'#access' => $is_admin,
224	);
225
226	return parent::form($form, $form_state, $comment);
227	}
228
229	/**
230	* {@inheritdoc}
231	*/
232	protected function actions(array $form, FormStateInterface $form_state) {
233	$element = parent::actions($form, $form_state);
234	/* @var \Drupal\comment\CommentInterface $comment */
235	$comment = $this->entity;
236	$entity = $comment->getCommentedEntity();
237	$field_definition = $this->entityManager->getFieldDefinitions($entity->getEntityTypeId(), $entity->bundle())[$comment->getFieldName()];
238	$preview_mode = $field_definition->getSetting('preview');
239
240	// No delete action on the comment form.
241	unset($element['delete']);
242
243	// Mark the submit action as the primary action, when it appears.
244	$element['submit']['#button_type'] = 'primary';
245
246	// Only show the save button if comment previews are optional or if we are
247	// already previewing the submission.
248	$element['submit']['#access'] = ($comment->id() && $this->currentUser->hasPermission('administer comments')) \|\| $preview_mode != DRUPAL_REQUIRED \|\| $form_state->get('comment_preview');
249
250	$element['preview'] = array(
251	'#type' => 'submit',
252	'#value' => $this->t('Preview'),
253	'#access' => $preview_mode != DRUPAL_DISABLED,
254	'#submit' => array('::submitForm', '::preview'),
255	);
256
257	return $element;
258	}
259
260	/**
261	* {@inheritdoc}
262	*/
263	public function buildEntity(array $form, FormStateInterface $form_state) {
264	/** @var \Drupal\comment\CommentInterface $comment */
265	$comment = parent::buildEntity($form, $form_state);
266	if (!$form_state->isValueEmpty('date') && $form_state->getValue('date') instanceof DrupalDateTime) {
267	$comment->setCreatedTime($form_state->getValue('date')->getTimestamp());
268	}
269	else {
270	$comment->setCreatedTime(REQUEST_TIME);
271	}
272	// Empty author ID should revert to anonymous.
273	$author_id = $form_state->getValue('uid');
274	if ($comment->id() && $this->currentUser->hasPermission('administer comments')) {
275	// Admin can leave the author ID blank to revert to anonymous.
276	$author_id = $author_id ?: 0;
277	}
278	if (!is_null($author_id)) {
279	if ($author_id === 0 && $form['author']['name']['#access']) {
280	// Use the author name value when the form has access to the element and
281	// the author ID is anonymous.
282	$comment->setAuthorName($form_state->getValue('name'));
283	}
284	else {
285	// Ensure the author name is not set.
286	$comment->setAuthorName(NULL);
287	}
288	}
289	else {
290	$author_id = $this->currentUser->id();
291	}
292	$comment->setOwnerId($author_id);
293
294	// Validate the comment's subject. If not specified, extract from comment
295	// body.
296	if (trim($comment->getSubject()) == '') {
297	if ($comment->hasField('comment_body')) {
298	// The body may be in any format, so:
299	// 1) Filter it into HTML
300	// 2) Strip out all HTML tags
301	// 3) Convert entities back to plain-text.
302	$comment_text = $comment->comment_body->processed;
303	$comment->setSubject(Unicode::truncate(trim(Html::decodeEntities(strip_tags($comment_text))), 29, TRUE, TRUE));
304	}
305	// Edge cases where the comment body is populated only by HTML tags will
306	// require a default subject.
307	if ($comment->getSubject() == '') {
308	$comment->setSubject($this->t('(No subject)'));
309	}
310	}
311	return $comment;
312	}
313
314	/**
315	* {@inheritdoc}
316	*/
317	protected function getEditedFieldNames(FormStateInterface $form_state) {
318	return array_merge(['created', 'name'], parent::getEditedFieldNames($form_state));
319	}
320
321	/**
322	* {@inheritdoc}
323	*/
324	protected function flagViolations(EntityConstraintViolationListInterface $violations, array $form, FormStateInterface $form_state) {
325	// Manually flag violations of fields not handled by the form display.
326	foreach ($violations->getByField('created') as $violation) {
327	$form_state->setErrorByName('date', $violation->getMessage());
328	}
329	foreach ($violations->getByField('name') as $violation) {
330	$form_state->setErrorByName('name', $violation->getMessage());
331	}
332	parent::flagViolations($violations, $form, $form_state);
333	}
334
335	/**
336	* Form submission handler for the 'preview' action.
337	*
338	* @param $form
339	* An associative array containing the structure of the form.
340	* @param $form_state
341	* The current state of the form.
342	*/
343	public function preview(array &$form, FormStateInterface $form_state) {
344	$comment_preview = comment_preview($this->entity, $form_state);
345	$comment_preview['#title'] = $this->t('Preview comment');
346	$form_state->set('comment_preview', $comment_preview);
347	$form_state->setRebuild();
348	}
349
350	/**
351	* {@inheritdoc}
352	*/
353	public function save(array $form, FormStateInterface $form_state) {
354	$comment = $this->entity;
355	$entity = $comment->getCommentedEntity();
356	$field_name = $comment->getFieldName();
357	$uri = $entity->urlInfo();
358	$logger = $this->logger('content');
359
360	if ($this->currentUser->hasPermission('post comments') && ($this->currentUser->hasPermission('administer comments') \|\| $entity->{$field_name}->status == CommentItemInterface::OPEN)) {
361	$comment->save();
362	$form_state->setValue('cid', $comment->id());
363
364	// Add a log entry.
365	$logger->notice('Comment posted: %subject.', array(
366	'%subject' => $comment->getSubject(),
367	'link' => $this->l(t('View'), $comment->urlInfo()->setOption('fragment', 'comment-' . $comment->id()))
368	));
369
370	// Explain the approval queue if necessary.
371	if (!$comment->isPublished()) {
372	if (!$this->currentUser->hasPermission('administer comments')) {
373	drupal_set_message($this->t('Your comment has been queued for review by site administrators and will be published after approval.'));
374	}
375	}
376	else {
377	drupal_set_message($this->t('Your comment has been posted.'));
378	}
379	$query = array();
380	// Find the current display page for this comment.
381	$field_definition = $this->entityManager->getFieldDefinitions($entity->getEntityTypeId(), $entity->bundle())[$field_name];
382	$page = $this->entityManager->getStorage('comment')->getDisplayOrdinal($comment, $field_definition->getSetting('default_mode'), $field_definition->getSetting('per_page'));
383	if ($page > 0) {
384	$query['page'] = $page;
385	}
386	// Redirect to the newly posted comment.
387	$uri->setOption('query', $query);
388	$uri->setOption('fragment', 'comment-' . $comment->id());
389	}
390	else {
391	$logger->warning('Comment: unauthorized comment submitted or comment submitted to a closed post %subject.', array('%subject' => $comment->getSubject()));
392	drupal_set_message($this->t('Comment: unauthorized comment submitted or comment submitted to a closed post %subject.', array('%subject' => $comment->getSubject())), 'error');
393	// Redirect the user to the entity they are commenting on.
394	}
395	$form_state->setRedirectUrl($uri);
396	}
397	}