Admins can view/edit authors

Author: soatok

public/index.php

@@ -13,7 +13,7 @@
 
 require __DIR__ . '/../vendor/autoload.php';
 
-session_start();
+session_start(['cookie.samesite' => 'Strict']);
 
 // Instantiate the app
 $settings = require __DIR__ . '/../src/settings.php';

public/static/admin-authors-edit.js

@@ -0,0 +1,36 @@
+
+function entryPreview()
+{
+    $.post('/manage/ajax/preview', {
+        "markdown": $("#author-bio").val()
+    }, function (res) {
+        if (res['status'] !== 'SUCCESS') {
+            console.log(res);
+            return;
+        }
+        $("#contents-preview").html(res['preview']);
+    });
+}
+
+function addContributor()
+{
+    $("#admin-contributors-list")
+        .append(
+            '<li><input class="admin-contrib" name="contributors[]" size="1" type="text" /></li>'
+        );
+    $('.admin-contrib').on('keydown', adminContribOnChange)
+}
+
+function adminContribOnChange()
+{
+    let el = $(this);
+    let size =  el.val().length + 1;
+    el.attr('size', size < 10 ? size : 10);
+}
+
+$(document).ready(function() {
+    $("#author-bio").on('change', entryPreview);
+    $("#add-contributor").on('click', addContributor);
+    entryPreview();
+    $('.admin-contrib').on('keydown', adminContribOnChange)
+});

public/static/faqoff.css

@@ -300,3 +300,12 @@ i.color-error {
 .dark-body i.color-error {
     color: #c66;
 }
+
+#admin-contributors-list {
+    padding: 0.5rem 2.5rem 0.5rem 2.5rem;
+    list-style: none;
+}
+#admin-contributors-list li {
+    display: inline-block;
+    margin-right: 0.5rem;
+}

public/static/manage-author.js

@@ -68,7 +68,6 @@ function addDeleteEvent() {
 
 $(document).ready(function() {
     $("#author-bio").on('change', entryPreview);
-    entryPreview();
 
     $("#add-contributor-button").on('click', function (e) {
         let author = $("#contributors-form").data('id');

src/FaqOff/Endpoints/Admin/Accounts.php

@@ -81,6 +81,7 @@ protected function listAccounts(): ResponseInterface
             ]
         );
     }
+
     /**
      * @param RequestInterface $request
      * @param int $accountId
@@ -90,7 +91,7 @@ protected function listAccounts(): ResponseInterface
      * @throws RuntimeError
      * @throws SyntaxError
      */
-    protected function viewAccount(RequestInterface $request, int $accountId): ResponseInterface
+    protected function viewAccount(int $accountId): ResponseInterface
     {
         return $this->view(
             'admin/accounts-view.twig',
@@ -122,7 +123,7 @@ public function __invoke(
             case 'edit':
                 return $this->editAccount($request, (int) $routerParams['id']);
             case 'view':
-                return $this->viewAccount($request, (int) $routerParams['id']);
+                return $this->viewAccount((int) $routerParams['id']);
             case '':
                 return $this->listAccounts();
             default:

src/FaqOff/Endpoints/Admin/Authors.php

@@ -3,9 +3,17 @@
 namespace Soatok\FaqOff\Endpoints\Admin;
 
 use Interop\Container\Exception\ContainerException;
+use ParagonIE\Ionizer\InvalidDataException;
 use Psr\Http\Message\RequestInterface;
 use Psr\Http\Message\ResponseInterface;
+use Slim\Container;
 use Soatok\AnthroKit\Endpoint;
+use Soatok\FaqOff\Filter\AdminEditAccountFilter;
+use Soatok\FaqOff\Filter\AdminEditAuthorFilter;
+use Soatok\FaqOff\MessageOnceTrait;
+use Soatok\FaqOff\Splices\Accounts as AccountSplice;
+use Soatok\FaqOff\Splices\Authors as AuthorSplice;
+use Soatok\FaqOff\Splices\EntryCollection;
 use Twig\Error\LoaderError;
 use Twig\Error\RuntimeError;
 use Twig\Error\SyntaxError;
@@ -16,12 +24,78 @@
  */
 class Authors extends Endpoint
 {
+    use MessageOnceTrait;
+
+    /** @var AccountSplice $accounts */
+    protected $accounts;
+
+    /** @var AuthorSplice $authors */
+    protected $authors;
+
+    /** @var EntryCollection $collections */
+    protected $collections;
+
+    public function __construct(Container $container)
+    {
+        parent::__construct($container);
+        $this->accounts = $this->splice('Accounts');
+        $this->authors = $this->splice('Authors');
+        $this->collections = $this->splice('EntryCollection');
+    }
+
+    /**
+     * @param RequestInterface $request
+     * @param int $authorId
+     * @return ResponseInterface
+     * @throws ContainerException
+     * @throws InvalidDataException
+     * @throws LoaderError
+     * @throws RuntimeError
+     * @throws SyntaxError
+     */
+    protected function editAuthor(RequestInterface $request, int $authorId): ResponseInterface
+    {
+        $filter = new AdminEditAuthorFilter();
+        $post = $this->post($request, self::TYPE_FORM, $filter);
+        if ($post) {
+            if ($this->authors->updateAuthorByAdmin($authorId, $post)) {
+                $this->messageOnce('Author updated successfully.', 'success');
+                return $this->redirect('/admin/author/edit/' . $authorId);
+            }
+        }
+        return $this->view(
+            'admin/authors-edit.twig',
+            [
+                'author' => $this->authors->getById($authorId),
+                'contributors' => $this->authors->getContributorIds($authorId)
+            ]
+        );
+    }
+
+    /**
+     * @return ResponseInterface
+     * @throws ContainerException
+     * @throws LoaderError
+     * @throws RuntimeError
+     * @throws SyntaxError
+     */
+    protected function listAuthors(): ResponseInterface
+    {
+        return $this->view(
+            'admin/authors-list.twig',
+            [
+                'authors' => $this->authors->listAll(true)
+            ]
+        );
+    }
+
     /**
      * @param RequestInterface $request
      * @param ResponseInterface|null $response
      * @param array $routerParams
      * @return ResponseInterface
      * @throws ContainerException
+     * @throws InvalidDataException
      * @throws LoaderError
      * @throws RuntimeError
      * @throws SyntaxError
@@ -31,6 +105,14 @@ public function __invoke(
         ?ResponseInterface $response = null,
         array $routerParams = []
     ): ResponseInterface {
-        return $this->json($routerParams);
+        $action = $routerParams['action'] ?? null;
+        switch ($action) {
+            case 'edit':
+                return $this->editAuthor($request, (int) $routerParams['id']);
+            case '':
+                return $this->listAuthors();
+            default:
+                return $this->redirect('/admin/authors');
+        }
     }
 }

src/FaqOff/Filter/AdminEditAuthorFilter.php

@@ -0,0 +1,24 @@
+<?php
+declare(strict_types=1);
+namespace Soatok\FaqOff\Filter;
+
+use ParagonIE\Ionizer\Filter\BoolFilter;
+use ParagonIE\Ionizer\Filter\IntArrayFilter;
+use ParagonIE\Ionizer\Filter\StringFilter;
+use ParagonIE\Ionizer\InputFilterContainer;
+
+/**
+ * Class AdminEditAuthorFilter
+ * @package Soatok\FaqOff\Filter
+ */
+class AdminEditAuthorFilter extends InputFilterContainer
+{
+    public function __construct()
+    {
+        $this
+            ->addFilter('screenname', new StringFilter())
+            ->addFilter('biography', new StringFilter())
+            ->addFilter('contributors', new IntArrayFilter())
+        ;
+    }
+}

src/FaqOff/Splices/Authors.php

@@ -61,6 +61,30 @@ public function accountIsContributor(int $authorId, int $accountId): bool
         );
     }
 
+    /**
+     * @param int $authorId
+     * @return int
+     */
+    public function countCollections(int $authorId): int
+    {
+        return (int) $this->db->cell(
+            "SELECT count(*) FROM faqoff_collection WHERE authorid = ?",
+            $authorId
+        );
+    }
+
+    /**
+     * @param int $authorId
+     * @return int
+     */
+    public function countContributors(int $authorId): int
+    {
+        return (int) $this->db->cell(
+            "SELECT count(*) FROM faqoff_author_contributor WHERE authorid = ?",
+            $authorId
+        );
+    }
+
     /**
      * @param string $screenName
      * @param int $accountId
@@ -148,11 +172,33 @@ public function getByScreenName(string $screenName): array
         }
         return $author;
     }
+
     /**
+     * @param bool $extraData
      * @return array
      */
-    public function listAll(): array
+    public function listAll(bool $extraData = false): array
     {
+        if ($extraData) {
+            $authors = $this->db->run(
+                "SELECT a.*, fa.public_id AS owner_public_id
+                 FROM faqoff_author a
+                 LEFT JOIN faqoff_accounts fa ON a.ownerid = fa.accountid
+                 ORDER BY a.screenname ASC"
+            );
+            if (empty($authors)) {
+                return [];
+            }
+            foreach ($authors as $i => $auth) {
+                $authors[$i]['collections'] = $this->countCollections(
+                    (int) $auth['authorid']
+                );
+                $authors[$i]['contributors'] = $this->countContributors(
+                    (int) $auth['authorid']
+                );
+            }
+            return $authors;
+        }
         return $this->db->run(
             "SELECT authorid, screenname FROM faqoff_author ORDER BY screenname ASC"
         );
@@ -204,6 +250,19 @@ public function listContributors(int $authorId): array
         return $contributors;
     }
 
+    /**
+     * @param int $authorId
+     * @return array<int, int>
+     */
+    public function getContributorIds(int $authorId): array
+    {
+        return $this->db->col(
+            "SELECT accountid FROM faqoff_author_contributor WHERE authorid = ?",
+            0,
+            $authorId
+        );
+    }
+
     /**
      * Revoke a user's access to this author profile
      *
@@ -250,6 +309,54 @@ public function screenNameIsTaken(string $screenName): bool
         );
     }
 
+    /**
+     * @param int $authorId
+     * @param array $post
+     * @return bool
+     */
+    public function updateAuthorByAdmin(int $authorId, array $post): bool
+    {
+        $this->db->beginTransaction();
+        $oldContributors = $this->getContributorIds($authorId);
+        $newContributors = $post['contributors'];
+
+        $deletes = array_diff($oldContributors, $newContributors);
+        $inserts = array_diff($newContributors, $oldContributors);
+
+        if ($deletes) {
+            $placeholders = implode(', ', array_fill(0, count($deletes), '?'));
+            $params = $deletes;
+            array_unshift($params, $authorId);
+            $this->db->safeQuery(
+                "DELETE FROM faqoff_author_contributor 
+                 WHERE authorid = ? AND accountid IN ({$placeholders})",
+                array_values($params)
+            );
+        }
+        foreach ($inserts as $newId) {
+            $this->db->insert(
+                'faqoff_author_contributor',
+                [
+                    'authorid' => $authorId,
+                    'accountid' => $newId
+                ]
+            );
+        }
+
+        $this->db->update(
+            'faqoff_author',
+            [
+                'screenname' => $post['screenname'],
+                'biography' => $post['biography']
+            ],
+            [
+                'authorid' => $authorId
+            ]
+        );
+
+        return $this->db->commit();
+    }
+
     /**
      * Update biography.
      *

templates/admin/accounts-list.twig

@@ -10,6 +10,7 @@
         <thead>
             <tr>
                 <th></th>
+                <th class="min-width">ID</th>
                 <th>Public ID</th>
                 <th>Username</th>
                 <th>Active?</th>
@@ -36,6 +37,9 @@
                         <i class="fas fa-pencil-alt"></i> Edit
                     </a>
                 </td>
+                <td>
+                    {{ acc.accountid }}
+                </td>
                 <td>
                     {{ acc.public_id|default("No public ID") }}
                 </td>