Help on phpcode and its small extension

[Masetrix]

Hi,

I have to adapt an addon and would like to check in the code below whether the current user, who already has the group right to change the topic title, is also the owner of the topic that he wants to work on ... If not, "Exit - Not your thread ".

class Thread extends XFCP_Thread
{
    public function actionEditThreadTitle(ParameterBag $params)
    {    
        // get visitor
        $visitor = \XF::visitor();        

        // check for user group permission
        if (!$visitor->hasPermission('editThreadTitle', 'view'))
        {
            return $parent;
        }
        // get thread
        $thread = $this->assertViewableThread($params->thread_id);
        // get title
        $title = $thread['title'];
        // prepare viewParams
        $viewParams = [
            'thread' => $thread,
            'title' => $title
        ];

        // send to template
        return $this->view('My\EditThreadTitle:EditThreadTitle', 'My_edit_thread_title', $viewParams);
    }

Any help is welcome

 

[kick]

You need to extend the Thread entity and implement a method with type checking
if ($this->user_id == $visitor->user_id && $visitor->hasPermission('editThreadTitle', 'view'))

 

[Masetrix]

You need to extend the Thread entity and implement a method with type checking
if ($this->user_id == $visitor->user_id && $visitor->hasPermission('editThreadTitle', 'view'))

The right code is:
if ($visitor->user_id !== $thread->user_id || !$visitor->hasPermission('editThreadTitle', 'view'))

 

[Masetrix]

You need to extend the Thread entity and implement a method with type checking
if ($this->user_id == $visitor->user_id && $visitor->hasPermission('editThreadTitle', 'view'))

@kick
Do you know a way to return a meaningful error?
The error that is output in the function is somewhat misleading:

Oops! We ran into some problems. Please try again later. More error details may be in the browser console.

I have already tried exit or return ('Error: This is not your topic'); without success ...

if ($visitor->user_id !== $thread->user_id || !$visitor->hasPermission('editThreadTitle', 'view'))
        {
            return $parent;
        }

 

[Kirby]

return $this->error(\XF::phrase('your_error_phrase'));