Allow listing all comments from a user

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>

4 files changed, 72 insertions, 2 deletions

diff --git a/web/html/account.php b/web/html/account.php
index c30a89aa..9695c9b7 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -8,7 +8,7 @@ include_once('acctfuncs.inc.php');   # access Account specific functions
 $action = in_request("Action");
 
 $need_userinfo = array(
-	"DisplayAccount", "DeleteAccount", "AccountInfo", "UpdateAccount"
+	"DisplayAccount", "DeleteAccount", "AccountInfo", "UpdateAccount", "ListComments"
 );
 
 if (in_array($action, $need_userinfo)) {
@@ -166,6 +166,24 @@ if (isset($_COOKIE["AURSID"])) {
 				$row["Username"]);
 		}
 
+	} elseif ($action == "ListComments") {
+		if (has_credential(CRED_ACCOUNT_LIST_COMMENTS)) {
+			# display the comment list if they're a TU/dev
+
+			$total_comment_count = account_comments_count($row["ID"]);
+			list($pagination_templs, $per_page, $offset) = calculate_pagination($total_comment_count);
+
+			$username = $row["Username"];
+			$uid = $row["ID"];
+			$comments = account_comments($uid, $per_page, $offset);
+
+			$comment_section = "account";
+			include('pkg_comments.php');
+
+		} else {
+			print __("You are not allowed to access this area.");
+		}
+
 	} else {
 		if (has_credential(CRED_ACCOUNT_SEARCH)) {
 			# display the search page if they're a TU/dev
diff --git a/web/html/css/aurweb.css b/web/html/css/aurweb.css
index f5e10371..593c9ae8 100644
--- a/web/html/css/aurweb.css
+++ b/web/html/css/aurweb.css
@@ -148,3 +148,45 @@ label.confirmation,
 	color: red;
 	font-weight: bold;
 }
+
+.package-comments {
+	margin-top: 1.5em;
+}
+
+.comments-header {
+	display: flex;
+	justify-content: space-between;
+	align-items: flex-start;
+}
+
+/* arrowed headings */
+.comments-header h3 span.text {
+	display: block;
+	background: #1794D1;
+	font-size: 15px;
+	padding: 2px 10px;
+	color: white;
+}
+
+.comments-header .comments-header-nav {
+	align-self: flex-end;
+}
+
+.comment-header {
+	clear: both;
+	font-size: 1em;
+	margin-top: 1.5em;
+	border-bottom: 1px dotted #bbb;
+}
+
+.comments div {
+	margin-bottom: 1em;
+}
+
+.comments div p {
+	margin-bottom: 0.5em;
+}
+
+.comments .more {
+	font-weight: normal;
+}
diff --git a/web/html/index.php b/web/html/index.php
index 2c53cddd..b2cd840e 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -142,6 +142,8 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) {
 				$_REQUEST['Action'] = "UpdateAccount";
 			} elseif ($tokens[3] == 'delete') {
 				$_REQUEST['Action'] = "DeleteAccount";
+			} elseif ($tokens[3] == 'comments') {
+				$_REQUEST['Action'] = "ListComments";
 			} else {
 				header("HTTP/1.0 404 Not Found");
 				include "./404.php";
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php
index cf9a6c60..46ad77e6 100644
--- a/web/html/pkgbase.php
+++ b/web/html/pkgbase.php
@@ -43,6 +43,7 @@ if (isset($_POST['IDs'])) {
 
 /* Perform package base actions. */
 $via = isset($_POST['via']) ? $_POST['via'] : NULL;
+$return_to = isset($_POST['return_to']) ? $_POST['return_to'] : NULL;
 $ret = false;
 $output = "";
 $fragment = "";
@@ -133,7 +134,14 @@ if (check_token()) {
 			/* Redirect back to package request page on success. */
 			header('Location: ' . get_pkgreq_route());
 			exit();
-		} if (isset($base_id)) {
+		} elseif ((current_action("do_DeleteComment") ||
+		           current_action("do_UndeleteComment")) && $return_to) {
+			header('Location: ' . $return_to);
+			exit();
+		} elseif (current_action("do_PinComment") && $return_to) {
+			header('Location: ' . $return_to);
+			exit();
+		} elseif (isset($base_id)) {
 			/* Redirect back to package base page on success. */
 			header('Location: ' . get_pkgbase_uri($pkgbase_name) . $fragment);
 			exit();