Add comment deletion

Add comment policy for delete action

app/Http/Controllers/Projects/CommentsController.php

@@ -74,4 +74,29 @@ class CommentsController extends Controller
 
         return redirect()->route('projects.comments.index', [$project] + request(['page']));
     }
+
+    /**
+     * Remove the specified comment.
+     *
+     * @param  \App\Entities\Projects\Comment  $comment
+     * @return \Illuminate\Routing\Redirector
+     */
+    public function destroy(Project $project, Comment $comment)
+    {
+        $this->authorize('delete', $comment);
+
+        request()->validate([
+            'comment_id' => 'required|exists:comments,id',
+        ]);
+
+        if (request('comment_id') == $comment->id && $comment->delete()) {
+            $routeParam = [$project] + request(['page']);
+            flash(__('comment.deleted'), 'warning');
+
+            return redirect()->route('projects.comments.index', $routeParam);
+        }
+        flash(__('comment.undeleted'), 'error');
+
+        return back();
+    }
 }

app/Policies/Projects/CommentPolicy.php

@@ -24,7 +24,21 @@ class CommentPolicy
      */
     public function update(User $user, Comment $comment)
     {
+        // Only admin and comment creator can update comment.
         return $user->hasRole('admin')
             || ($user->hasRole('worker') && $comment->creator_id == $user->id);
     }
+
+    /**
+     * Determine whether the user can delete the comment.
+     *
+     * @param \App\Entities\Users\User  $user
+     * @param \App\Entities\Projects\Comment  $comment
+     * @return bool
+     */
+    public function delete(User $user, Comment $comment)
+    {
+        // Only admin and comment creator can delete comment.
+        return $this->update($user, $comment);
+    }
 }

resources/views/projects/partials/comment-section.blade.php

@@ -14,9 +14,19 @@
         <span class="label label-default pull-right">{{ $comment->created_at }}</span>
         <strong>{{ $comment->creator->name }}</strong>
     </legend>
-    @can('update', $comment)
-        {{ link_to_route('projects.comments.index', __('app.edit'), [$project, 'action' => 'comment-edit', 'comment_id' => $comment->id], ['id' => 'edit-comment-'.$comment->id, 'class' => 'small pull-right', 'title' => __('comment.edit')]) }}
-    @endcan
+    <div class="pull-right">
+        @can('update', $comment)
+            {{ link_to_route('projects.comments.index', __('app.edit'), [$project, 'action' => 'comment-edit', 'comment_id' => $comment->id], ['id' => 'edit-comment-'.$comment->id, 'class' => 'small', 'title' => __('comment.edit')]) }}
+        @endcan
+        @can('delete', $comment)
+            {!! FormField::delete(
+                ['route' => ['projects.comments.destroy', $project, $comment], 'class' => ''],
+                '&times;',
+                ['class' => 'btn-link', 'id' => 'delete-comment-'.$comment->id],
+                ['comment_id' => $comment->id, 'page' => request('page')]
+            ) !!}
+        @endcan
+    </div>
     {!! nl2br($comment->body) !!}
 </div>
 @endforeach

routes/web/projects.php

@@ -43,6 +43,7 @@ Route::group(['middleware' => ['auth'], 'namespace' => 'Projects'], function ()
     Route::get('projects/{project}/comments', 'CommentsController@index')->name('projects.comments.index');
     Route::post('projects/{project}/comments', 'CommentsController@store')->name('projects.comments.store');
     Route::patch('projects/{project}/comments/{comment}', 'CommentsController@update')->name('projects.comments.update');
+    Route::delete('projects/{project}/comments/{comment}', 'CommentsController@destroy')->name('projects.comments.destroy');
 
     /*
      * Tasks Routes

tests/Feature/Projects/ProjectCommentsTest.php

@@ -81,4 +81,27 @@ class ProjectCommentsTest extends TestCase
             'body'             => 'Komentar pertama.',
         ]);
     }
+
+    /** @test */
+    public function user_can_delete_comment()
+    {
+        $this->adminUserSigningIn();
+        $project = factory(Project::class)->create();
+        $comment = factory(Comment::class)->create([
+            'commentable_type' => 'projects',
+            'commentable_id'   => $project->id,
+            'body'             => 'This is project comment.',
+        ]);
+
+        $this->visitRoute('projects.comments.index', $project);
+        $this->seeElement('button', ['id' => 'delete-comment-'.$comment->id]);
+        $this->press('delete-comment-'.$comment->id);
+
+        $this->seePageIs(route('projects.comments.index', $project));
+        $this->see(__('comment.deleted'));
+
+        $this->dontSeeInDatabase('comments', [
+            'id' => $comment->id,
+        ]);
+    }
 }

tests/Unit/Policies/CommentPolicyTest.php

@@ -26,4 +26,24 @@ class CommentPolicyTest extends TestCase
         $this->assertTrue($admin->can('update', $comment));
         $this->assertTrue($worker->can('update', $comment));
     }
+
+    /** @test */
+    public function admin_can_delete_any_comments()
+    {
+        $admin = $this->createUser('admin');
+        $comment = factory(Comment::class)->create();
+
+        $this->assertTrue($admin->can('delete', $comment));
+    }
+
+    /** @test */
+    public function worker_can_only_delete_their_comments()
+    {
+        $admin = $this->createUser('admin');
+        $worker = $this->createUser('worker');
+        $comment = factory(Comment::class)->create(['creator_id' => $worker->id]);
+
+        $this->assertTrue($admin->can('delete', $comment));
+        $this->assertTrue($worker->can('delete', $comment));
+    }
 }