feat: notify users, config: editor's file uploads disk, security: sanitize raw HTML

config/filament-comments.php

@@ -43,6 +43,7 @@
      * The rich editor toolbar buttons that are available to users.
      */
     'toolbar_buttons' => [
+        'attachFiles',
         'blockquote',
         'bold',
         'bulletList',
@@ -56,6 +57,18 @@
         'undo',
     ],
 
+    /*
+     * The disk on which editor uploads are stored, needs 'attachFiles' to be added to 'toolbar_buttons'.
+     */
+    'editor_disk' => 'public',
+    'editor_directory' => 'comments',
+    'editor_visibility' => 'public',
+
+    /*
+     * Allow user to select other users to be notified via Filament database notifications.
+     */
+    'notify_users' => true,
+
     /*
      * The attribute used to display the user's name.
      */

resources/lang/de/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Kommentar gelöscht.',
 
     'modal.heading' => 'Kommentare',
+
+    'comments.delete.tooltip' => 'Kommentar löschen',
+
+    'notify_users.placeholder' => 'Benutzer auswählen, die benachrichtigt werden sollen...',
+    'notify_users.notification_title' => 'Neuer Kommentar von :user',
+    'notify_users.notification_action' => 'Datensatz anzeigen',
 ];

resources/lang/en/filament-comments.php

@@ -11,5 +11,9 @@
 
     'modal.heading' => 'Comments',
 
-    'comments.delete.tooltip' => 'Delete comment'
+    'comments.delete.tooltip' => 'Delete comment',
+
+    'notify_users.placeholder' => 'Select users to notify...',
+    'notify_users.notification_title' => 'New comment from :user',
+    'notify_users.notification_action' => 'View record',
 ];

resources/lang/fa/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'نظر حذف شد.',
 
     'modal.heading' => 'نظرات',
+
+    'comments.delete.tooltip' => 'حذف نظر',
+
+    'notify_users.placeholder' => 'کاربرانی را انتخاب کنید که مایل به اطلاع رسانی هستند...',
+    'notify_users.notification_title' => 'نظر جدید از :user',
+    'notify_users.notification_action' => 'مشاهده رکورد',
 ];

resources/lang/fr/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Commentaire supprimé.',
 
     'modal.heading' => 'Commentaires',
+
+    'comments.delete.tooltip' => 'Supprimer le commentaire',
+
+    'notify_users.placeholder' => 'Sélectionner les utilisateurs à notifier...',
+    'notify_users.notification_title' => 'Nouveau commentaire de :user',
+    'notify_users.notification_action' => 'Voir l\'enregistrement',
 ];

resources/lang/it/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Commento cancellato.',
 
     'modal.heading' => 'Commenti',
+
+    'comments.delete.tooltip' => 'Cancella commento',
+
+    'notify_users.placeholder' => 'Seleziona utenti da notificare...',
+    'notify_users.notification_title' => 'Nuovo commento da :user',
+    'notify_users.notification_action' => 'Visualizza record',
 ];

resources/lang/nl/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Reactie verwijderd.',
 
     'modal.heading' => 'Reacties',
-];
+
+    'comments.delete.tooltip' => 'Verwijder reactie',
+
+    'notify_users.placeholder' => 'Selecteer gebruikers om op de hoogte te stellen...',
+    'notify_users.notification_title' => 'Nieuwe reactie van :user',
+    'notify_users.notification_action' => 'Bekijk record',
+];

resources/lang/no/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Kommentar slettet.',
 
     'modal.heading' => 'Kommentarer',
+
+    'comments.delete.tooltip' => 'Slett kommentar',
+
+    'notify_users.placeholder' => 'Velg brukere som skal varsles...',
+    'notify_users.notification_title' => 'Ny kommentar fra :user',
+    'notify_users.notification_action' => 'Se post',
 ];

resources/lang/pt_BR/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Comentário deletado.',
 
     'modal.heading' => 'Comentários',
+
+    'comments.delete.tooltip' => 'Deletar comentário',
+
+    'notify_users.placeholder' => 'Selecione usuários para notificar...',
+    'notify_users.notification_title' => 'Novo comentário de :user',
+    'notify_users.notification_action' => 'Ver registro',
 ];

resources/lang/ru/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Комментарий удален.',
 
     'modal.heading' => 'Комментарии',
+
+    'comments.delete.tooltip' => 'Удалить комментарий',
+
+    'notify_users.placeholder' => 'Выберите пользователей для уведомления...',
+    'notify_users.notification_title' => 'Новый комментарий от :user',
+    'notify_users.notification_action' => 'Просмотреть запись',
 ];

resources/lang/uk/filament-comments.php

@@ -10,4 +10,10 @@
     'notifications.deleted' => 'Коментар видалено.',
 
     'modal.heading' => 'Коментарі',
+
+    'comments.delete.tooltip' => 'Видалити коментар',
+
+    'notify_users.placeholder' => 'Виберіть користувачів для сповіщення...',
+    'notify_users.notification_title' => 'Новий коментар від :user',
+    'notify_users.notification_action' => 'Переглянути запис',
 ];

resources/views/comments.blade.php

@@ -1,8 +1,8 @@
 <div class="flex flex-col h-full space-y-4">
-    @if (auth()->user()->can('create', \Parallax\FilamentComments\Models\FilamentComment::class))
+    @if (auth()->user()->can('create', config('filament-comments.comment_model')))
         <div class="space-y-4">
             {{ $this->form }}
-            
+
             <x-filament::button
                 wire:click="create"
                 color="primary"
@@ -47,9 +47,9 @@
 
                             <div class="prose dark:prose-invert [&>*]:mb-2 [&>*]:mt-0 [&>*:last-child]:mb-0 prose-sm text-sm leading-6 text-gray-950 dark:text-white">
                                 @if(config('filament-comments.editor') === 'markdown')
-                                    {{ Str::of($comment->comment)->markdown()->toHtmlString() }}
+                                    {{ Str::of($comment->comment)->markdown()->sanitizeHtml()->toHtmlString() }}
                                 @else
-                                    {{ Str::of($comment->comment)->toHtmlString() }}
+                                    {{ Str::of($comment->comment)->sanitizeHtml()->toHtmlString() }}
                                 @endif
                             </div>
                         </div>
@@ -63,7 +63,7 @@
                 icon="{{ config('filament-comments.icons.empty') }}"
                 class="h-12 w-12 text-gray-400 dark:text-gray-500"
             />
-            
+
             <div class="text-sm text-gray-400 dark:text-gray-500">
                 {{ __('filament-comments::filament-comments.comments.empty') }}
             </div>

src/Actions/CommentsAction.php

@@ -5,7 +5,6 @@
 use Filament\Actions\Action;
 use Filament\Support\Enums\MaxWidth;
 use Illuminate\Contracts\View\View;
-use Parallax\FilamentComments\Models\FilamentComment;
 
 class CommentsAction extends Action
 {

src/FilamentCommentsServiceProvider.php

@@ -5,15 +5,12 @@
 use Filament\Support\Assets\Asset;
 use Filament\Support\Assets\Css;
 use Filament\Support\Facades\FilamentAsset;
-use Illuminate\Filesystem\Filesystem;
 use Illuminate\Support\Facades\Gate;
 use Livewire\Livewire;
 use Spatie\LaravelPackageTools\Commands\InstallCommand;
 use Spatie\LaravelPackageTools\Package;
 use Spatie\LaravelPackageTools\PackageServiceProvider;
 use Parallax\FilamentComments\Livewire\CommentsComponent;
-use Parallax\FilamentComments\Models\FilamentComment;
-use Parallax\FilamentComments\Policies\FilamentCommentPolicy;
 
 class FilamentCommentsServiceProvider extends PackageServiceProvider
 {
@@ -55,7 +52,7 @@ public function packageBooted(): void
     {
         Livewire::component('comments', CommentsComponent::class);
 
-        Gate::policy(config('filament-comments.comment_model'), config('filament-comments.model_policy', FilamentCommentPolicy::class));
+        Gate::policy(config('filament-comments.comment_model'), config('filament-comments.model_policy'));
 
         FilamentAsset::register(
             $this->getAssets(),

src/Infolists/Components/CommentsEntry.php

@@ -3,7 +3,6 @@
 namespace Parallax\FilamentComments\Infolists\Components;
 
 use Filament\Infolists\Components\Entry;
-use Parallax\FilamentComments\Models\FilamentComment;
 
 class CommentsEntry extends Entry
 {

src/Livewire/CommentsComponent.php

@@ -2,15 +2,16 @@
 
 namespace Parallax\FilamentComments\Livewire;
 
+use Filament\Facades\Filament;
 use Filament\Forms;
 use Filament\Forms\Concerns\InteractsWithForms;
 use Filament\Forms\Contracts\HasForms;
 use Filament\Forms\Form;
+use Filament\Notifications\Actions\Action;
 use Filament\Notifications\Notification;
 use Illuminate\Contracts\View\View;
 use Illuminate\Database\Eloquent\Model;
 use Livewire\Component;
-use Parallax\FilamentComments\Models\FilamentComment;
 
 class CommentsComponent extends Component implements HasForms
 {
@@ -31,25 +32,44 @@ public function form(Form $form): Form
             return $form;
         }
 
+        $schema = [];
+
+        if (config('filament-comments.notify_users')) {
+            $users = config('filament-comments.authenticatable')::query()
+                ->where(auth()->user()->getKeyName(), '!=', auth()->id())
+                ->pluck(config('filament-comments.user_name_attribute'), auth()->user()->getKeyName());
+            $schema[] = Forms\Components\Select::make('users_to_notify')
+                ->hiddenLabel()
+                ->placeholder(__('filament-comments::filament-comments.notify_users.placeholder'))
+                ->options($users)
+                ->multiple()
+                ->searchable()
+                ->preload();
+        }
+
         if (config('filament-comments.editor') === 'markdown') {
-            $editor = Forms\Components\MarkdownEditor::make('comment')
+            $schema[] = Forms\Components\MarkdownEditor::make('comment')
                 ->hiddenLabel()
                 ->required()
                 ->placeholder(__('filament-comments::filament-comments.comments.placeholder'))
-                ->toolbarButtons(config('filament-comments.toolbar_buttons'));
+                ->toolbarButtons(config('filament-comments.toolbar_buttons'))
+                ->fileAttachmentsDisk(config('filament-comments.editor_disk'))
+                ->fileAttachmentsDirectory(config('filament-comments.editor_directory'))
+                ->fileAttachmentsVisibility(config('filament-comments.editor_visibility'));
         } else {
-            $editor = Forms\Components\RichEditor::make('comment')
+            $schema[] = Forms\Components\RichEditor::make('comment')
                 ->hiddenLabel()
                 ->required()
                 ->placeholder(__('filament-comments::filament-comments.comments.placeholder'))
                 ->extraInputAttributes(['style' => 'min-height: 6rem'])
-                ->toolbarButtons(config('filament-comments.toolbar_buttons'));
+                ->toolbarButtons(config('filament-comments.toolbar_buttons'))
+                ->fileAttachmentsDisk(config('filament-comments.editor_disk'))
+                ->fileAttachmentsDirectory(config('filament-comments.editor_directory'))
+                ->fileAttachmentsVisibility(config('filament-comments.editor_visibility'));
         }
 
         return $form
-            ->schema([
-                $editor,
-            ])
+            ->schema($schema)
             ->statePath('data');
     }
 
@@ -74,12 +94,33 @@ public function create(): void
             ->success()
             ->send();
 
+        if (config('filament-comments.notify_users')) {
+            $title = __('filament-comments::filament-comments.notify_users.notification_title', [
+                'user' => auth()->user()[config('filament-comments.user_name_attribute')]
+            ]);
+            $viewAction = Action::make('view')
+                ->label(__('filament-comments::filament-comments.notify_users.notification_action'))
+                ->color('info')
+                ->url(Filament::getResourceUrl($this->record, 'view', ['action' => 'comments']))
+                ->extraAttributes(['wire:click' => '$dispatch(`close-modal`, JSON.parse(`{\u0022id\u0022:\u0022database-notifications\u0022}`))'])
+                ->close();
+            Notification::make()
+                ->title($title)
+                ->body($data['comment'])
+                ->icon(config('filament-comments.icons.action'))
+                ->iconColor('info')
+                ->actions([
+                    $viewAction,
+                ])
+                ->sendToDatabase(config('filament-comments.authenticatable')::find($data['users_to_notify']));
+        }
+
         $this->form->fill();
     }
 
     public function delete(int $id): void
     {
-        $comment = FilamentComment::find($id);
+        $comment = config('filament-comments.comment_model')::find($id);
 
         if (!$comment) {
             return;

src/Models/Traits/HasFilamentComments.php

@@ -3,7 +3,6 @@
 namespace Parallax\FilamentComments\Models\Traits;
 
 use Illuminate\Database\Eloquent\Relations\HasMany;
-use Parallax\FilamentComments\Models\FilamentComment;
 
 trait HasFilamentComments
 {

src/Tables/Actions/CommentsAction.php

@@ -6,7 +6,6 @@
 use Filament\Support\Enums\MaxWidth;
 use Illuminate\Contracts\View\View;
 use Illuminate\Database\Eloquent\Model;
-use Parallax\FilamentComments\Models\FilamentComment;
 
 class CommentsAction extends Action
 {