Evolution #792: Log me and do what i want to do

src/Muzich/CommentBundle/Controller/CommentController.php

@@ -18,7 +18,7 @@ class CommentController extends Controller
    * @param string $token
    * @return \Symfony\Component\HttpFoundation\Response 
    */
-  public function addAction($element_id, $token)
+  public function addAction($element_id)
   {
     if (($non_condition = $this->userHaveNonConditionToMakeAction(SecurityContext::ACTION_COMMENT_ADD)) !== false)
     {
@@ -26,7 +26,7 @@ class CommentController extends Controller
     }
     
     if (!($element = $this->getDoctrine()->getRepository('MuzichCoreBundle:Element')
-      ->findOneById($element_id)) || $this->getUser()->getPersonalHash($element_id) != $token)
+      ->findOneById($element_id)) || !$this->tokenIsCorrect())
     {
       return $this->jsonResponse(array(
         'status' => 'error',

src/Muzich/CoreBundle/Controller/CoreController.php

@@ -701,4 +701,23 @@ class CoreController extends Controller
     return $this->jsonSuccessResponse($csrfToken);
   }
   
+  public function reloadTopEndSideBarAction()
+  {
+    return $this->jsonSuccessResponse(array(
+      'top'   => $this->render('MuzichCoreBundle:Layout:header.html.twig')->getContent(),
+      'right' => $this->render('MuzichCoreBundle:Layout:side.html.twig')->getContent()
+    ));
+  }
+  
+  public function getUrlAction()
+  {
+    if (($response = $this->mustBeConnected(true)))
+      return $response;
+    
+    return $this->jsonSuccessResponse($this->generateUrl(
+      $this->getRequest()->get('route'),
+      $this->getRequest()->get('parameters') 
+    ));
+  }
+  
 }

src/Muzich/CoreBundle/Resources/config/routing.yml

@@ -222,3 +222,6 @@ get_csrf_token:
   pattern: /ajax/getcsrf
   defaults: { _controller: MuzichCoreBundle:Core:getCsrfToken }
   
+reload_top_right_bars:
+  pattern: /ajax/reload-bars
+  defaults: { _controller: MuzichCoreBundle:Core:reloadTopEndSideBar }

src/Muzich/CoreBundle/Resources/public/js/muzich.js

@@ -1551,23 +1551,18 @@ $(document).ready(function(){
   });
   $('form[name="add"]').ajaxForm(function(response) {
     
-    var callback_login = null;
-    // Dans le cas d'un ajout depuis l'extérieur (iframe)
-    if ($('form[name="add"] input[name="shared_from"]').val() === "1")
-    {
-      callback_login = function(){ 
-        $('#form_add_loader').show();
-        JQueryJson(url_csrf, {}, function(response){
-          if (response.status == 'success')
-          {
-            $('form[name="add"] input[name="element_add[_token]"]').val(response.data);
-            $('form[name="add"]').submit();
-            $('#form_add_loader').hide();
-          }
-        });
-         
-      };
-    }
+    var callback_login = function(){ 
+      $('#form_add_loader').show();
+      JQueryJson(url_csrf, {}, function(response){
+        if (response.status == 'success')
+        {
+          $('form[name="add"] input[name="element_add[_token]"]').val(response.data);
+          $('form[name="add"]').submit();
+          $('#form_add_loader').hide();
+        }
+      });
+    };
+    
     
     $('form[name="add"] img.tag_loader').hide();
     window.ResponseController.execute(
@@ -1969,10 +1964,23 @@ $(document).ready(function(){
       li_element.find('form.add_comment').show();
       
       li_element.find('form.add_comment').ajaxForm(function(response) {
+        
         window.ResponseController.execute(
         response,
         function(){},
-        function(){}
+        function(){},
+        function(){
+  
+          JQueryJson(url_csrf, {}, function(response){
+            if (response.status === 'success')
+            {
+              li_element.find('form.add_comment').attr('action', str_replace('unknown', response.data, li_element.find('form.add_comment').attr('action')));
+              li_element.find('form.add_comment').submit();
+            }
+          });
+          scrollTo(li_element);
+  
+        }
       );
 
         li_element.find('img.comments_loader').hide();
@@ -3045,7 +3053,9 @@ $(document).ready(function(){
     * MUSTBECONNECTED links
     */
    
-    $('a.mustbeconnected').live('click', function(){open_connection_or_subscription_window();});
+    $('a.mustbeconnected').live('click', function(){
+      open_connection_or_subscription_window();
+    });
     $('a.mustbeconnected').off('click').on('click',function(){
       open_connection_or_subscription_window();
     });
@@ -3424,6 +3434,7 @@ function open_connection_or_subscription_window(open_login_part, data, login_suc
           {
             $('a#helpbox_close').click();
             login_success_callback();
+            reload_top_and_side();
           }
           else
           {
@@ -3449,6 +3460,7 @@ function open_connection_or_subscription_window(open_login_part, data, login_suc
           {
             $('a#helpbox_close').click();
             login_success_callback();
+            reload_top_and_side();
           }
           else
           {
@@ -3501,4 +3513,27 @@ function sidebar_fix_to_bottom_finish()
       $('.sidebar').css('bottom', '')
     });
   }
+}
+
+function reload_top_and_side()
+{
+  JQueryJson(url_reload_top_and_side, {}, function(response){
+    if (response.status == 'success')
+    {
+      if ($('div#header'))
+      {
+        $('div#header').html(response.data.top);
+      }
+        
+      if ($('aside#sidebar div.sidebar'))
+      {
+        $('aside#sidebar div.sidebar').html(response.data.right);
+      }
+    }
+  });
+}
+
+function scrollTo(element)
+{
+  $('html, body').animate({ scrollTop: element.offset().top }, 'fast');
 }

src/Muzich/CoreBundle/Resources/views/Layout/head_js.html.twig

@@ -133,6 +133,7 @@
   url_subscription_or_login = "{{ path('subscribe_or_login') }}";
   url_email_not_confirmed = "{{ path('email_not_confirmed') }}";
   url_send_email_confirmation = "{{ path('send_email_confirmation') }}";
+  url_reload_top_and_side = "{{ path('reload_top_right_bars') }}";
   
   config_player_youtube_width = "{{ player_config_youtube_width }}";
   config_player_youtube_height = "{{ player_config_youtube_height }}";

src/Muzich/CoreBundle/Resources/views/SearchElement/element.html.twig

@@ -397,15 +397,9 @@
           {%endif %}
         {% endautoescape %}
         
-        {% if app.user %}
-          <a href="#add_comment_{{ element.id }}" class="add_comment">
-            {{ 'element.comments.add'|trans({}, 'elements') }}
-          </a>
-        {% else %}
-          <a href="#" class="mustbeconnected add_comment_disabled">
-            {{ 'element.comments.add'|trans({}, 'elements') }}
-          </a>
-        {% endif %}
+        <a href="#add_comment_{{ element.id }}" class="add_comment">
+          {{ 'element.comments.add'|trans({}, 'elements') }}
+        </a>
       
       {% endif %}
       
@@ -481,23 +475,21 @@
     <div class="comments_loader">
       <img class="comments_loader" style="display: none;" src="{{ asset('/bundles/muzichcore/img/ajax-loader.gif') }}" alt="loading"/>
     </div>
-    
-    {% if app.user %}
-      <form 
-        action="{{ path('ajax_add_comment', {'element_id':element.id, 'token':app.user.getPersonalHash(element.id)}) }}" 
-        method="post" 
-        name="add_comment"
-        style="display: none;"
-        class="add_comment"
-      >
-        {% include "MuzichCommentBundle:Comment:form.html.twig" with {
-          'submit_value' : 'element.comments.add_submit'|trans({}, 'elements'),
-          'cancel_value' : 'element.comments.add_cancel'|trans({}, 'elements'),
-          'following'    : element.userFollowComments(app.user.id),
-          'own'          : (app.user.id == element.owner.id)
-        } %}
-      </form>
-    {% endif %}
+          
+    <form 
+      action="{{ path('ajax_add_comment', {'element_id':element.id, 'token' : token_or_unknow(app.user)}) }}" 
+      method="post" 
+      name="add_comment"
+      style="display: none;"
+      class="add_comment"
+    >
+      {% include "MuzichCommentBundle:Comment:form.html.twig" with {
+        'submit_value' : 'element.comments.add_submit'|trans({}, 'elements'),
+        'cancel_value' : 'element.comments.add_cancel'|trans({}, 'elements'),
+        'following'    : element.userFollowComments(app.user|userId),
+        'own'          : (app.user|userId == element.owner.id)
+      } %}
+    </form>
       
     <a href="#add_comment_{{ element.id }}" class="add_comment">
       {{ 'element.comments.add'|trans({}, 'elements') }}

src/Muzich/CoreBundle/Twig/Extensions/MyTwigExtension.php

@@ -41,7 +41,9 @@ class MyTwigExtension extends \Twig_Extension {
       'event_const'            => new \Twig_Function_Method($this, 'event_const'),
       'css_list_length_class'  => new \Twig_Function_Method($this, 'getCssLengthClassForList'),
       'token'                  => new \Twig_Function_Method($this, 'token'),
-      'path_token'             => new \Twig_Function_Method($this, 'path_token')
+      'path_token'             => new \Twig_Function_Method($this, 'path_token'),
+      'token'                  => new \Twig_Function_Method($this, 'getToken'),
+      'token_or_unknow'        => new \Twig_Function_Method($this, 'getTokenOrUnknown')
     );
   }
   
@@ -249,4 +251,22 @@ class MyTwigExtension extends \Twig_Extension {
     return null;
   }
 
+  public function getToken()
+  {
+    return $this->container->get('form.csrf_provider')->generateCsrfToken('unknown');
+  }
+  
+  public function getTokenOrUnknown($user)
+  {
+    if ($user)
+    {
+      if ($user instanceof User)
+      {
+        return $this->getToken();
+      }
+    }
+    
+    return 'unknown';
+  }
+  
 }

src/Muzich/CoreBundle/lib/Controller.php

@@ -701,8 +701,8 @@ class Controller extends BaseController
     return $this->createForm(new PlaylistForm(), $playlist);
   }
   
-  protected function tokenIsCorrect($intention = '')
-  {
+  protected function tokenIsCorrect($intention = 'unknown')
+  {    
     if ($this->getRequest()->get('token') != $this->container->get('form.csrf_provider')->generateCsrfToken($intention))
       return false;