Add three column layout for translation row.

assets/js/editor.js

@@ -363,7 +363,7 @@ $gp.editor = (
 					success: function( data ) {
 						button.prop( 'disabled', false );
 						$gp.notices.success( 'Note added!' );
-						button.closest( '.notes' ).find( '.notes' ).prepend( data );
+						button.closest( '.notes' ).find( '.notes-list' ).prepend( data );
 						$gp.editor.next();
 					},
 					error: function( xhr, msg ) {

gp-includes/routes/note.php

@@ -24,10 +24,11 @@ class GP_Route_Note extends GP_Route_Main {
 	public function new_post() {
 		$translation_id = gp_post( 'translation_id' );
 		$note           = gp_post( 'note' );
-		$translation    = new GP_Translation( array( 'id' => $translation_id ) );
+		$translation    = GP::$translation->get( $translation_id );
+		$admin          = GP::$permission->current_user_can( 'approve', 'translation', $translation_id, array( 'translation' => $translation ) );
 
-		if ( ! get_current_user_id() === $translation->user_id || ! GP::$permission->current_user_can( 'approve', 'translation', $translation_id, array( 'translation' => $translation ) ) ) {
-			return false;
+		if ( get_current_user_id() !== (int) $translation->user_id && ! $admin ) {
+			return $this->die_with_error( __( 'You don\'t have permissions. Please try again.', 'glotpress' ), 403 );
 		}
 
 		if ( ! $this->verify_nonce( 'new-note-' . $translation_id ) ) {
@@ -53,11 +54,12 @@ public function edit_post() {
 		$translation_id = gp_post( 'translation_id' );
 		$note           = gp_post( 'note' );
 		$note_id        = gp_post( 'note_id' );
-		$translation    = new GP_Translation( array( 'id' => $translation_id ) );
+		$translation    = GP::$translation->get( $translation_id );
 		$note_object    = GP::$notes->get( $note_id );
+		$admin          = GP::$permission->current_user_can( 'approve', 'translation', $translation_id, array( 'translation' => $translation ) );
 
-		if ( ! get_current_user_id() === $note_object->user_id || ! GP::$permission->current_user_can( 'approve', 'translation', $translation_id, array( 'translation' => $translation ) ) ) {
-			return false;
+		if ( get_current_user_id() !== (int) $note_object->user_id && ! $admin ) {
+			return $this->die_with_error( __( 'You don\'t have permissions. Please try again.', 'glotpress' ), 403 );
 		}
 
 		if ( ! $this->verify_nonce( 'edit-note-' . $note_id ) ) {
@@ -83,13 +85,14 @@ public function delete_post() {
 		$note_id        = gp_post( 'note_id' );
 		$translation    = new GP_Translation( array( 'id' => $translation_id ) );
 		$note_object    = GP::$notes->get( $note_id );
+		$admin          = GP::$permission->current_user_can( 'approve', 'translation', $translation_id, array( 'translation' => $translation ) );
 
-		if ( ! $this->verify_nonce( 'delete-note-' . $note_id ) ) {
-			return $this->die_with_error( __( 'An error has occurred. Please try again.', 'glotpress' ), 403 );
+		if ( get_current_user_id() !== (int) $note_object->user_id && ! $admin ) {
+			return $this->die_with_error( __( 'You don\'t have permissions. Please try again.', 'glotpress' ), 403 );
 		}
 
-		if ( ! get_current_user_id() === $note_object->user_id || ! GP::$permission->current_user_can( 'approve', 'translation', $translation_id, array( 'translation' => $translation ) ) ) {
-			return false;
+		if ( ! $this->verify_nonce( 'delete-note-' . $note_id ) ) {
+			return $this->die_with_error( __( 'An error has occurred. Please try again.', 'glotpress' ), 403 );
 		}
 
 		$this->notices[] = __( 'The note was deleted!', 'glotpress' );

gp-includes/things/note.php

@@ -98,9 +98,7 @@ public function save( $args = null ) {
 	 * @return object The output of the query.
 	 */
 	public function edit( $note_id, $note, $translation ) {
-		if ( ! GP::$permission->current_user_can( 'admin', 'notes', $translation->id ) ) {
-			return false;
-		}
+		$note_object = GP::$notes->get( $note_id );
 
 		$this->update( array( 'note' => $note ), array( 'id' => $note_id ) );
 

gp-templates/note.php

@@ -18,13 +18,13 @@
 			echo esc_html( sprintf( __( '%s ago', 'glotpress' ), human_time_diff( strtotime( $note->date_added ), time() ) ) );
 		?>
 	</span>
-	<?php if ( $can_edit || get_current_user_id() === $translation->user_id || get_current_user_id() === $note->user_id ) : ?>
+	<?php if ( $can_edit || get_current_user_id() === (int) $note->user_id ) : ?>
 		<button class="note-actions" ><?php _e( 'edit', 'glotpress' ); ?></button>
 	<?php endif; ?>
 	<div class="note-body">
 		<?php echo make_clickable( nl2br( esc_html( $note->note ) ) ); // WPCS: XSS ok. ?>
 	</div>
-	<?php if ( $can_edit || get_current_user_id() === $translation->user_id ) : ?>
+	<?php if ( $can_edit || get_current_user_id() === (int) $note->user_id ) : ?>
 	<div class="note-body edit-note-body" style="display: none;">
 		<textarea autocomplete="off" class="foreign-text" name="edit-note[<?php echo esc_attr( $note->id ); ?>]" id="edit-note-<?php echo esc_attr( $note->id ); ?>"><?php echo esc_html( $note->note ); ?></textarea>
 		<button class="update-note" tabindex="-1" data-note-id="<?php echo esc_attr( $note->id ); ?>" data-nonce="<?php echo esc_attr( wp_create_nonce( 'edit-note-' . $note->id ) ); ?>">

gp-templates/translation-row-editor-notes.php

@@ -14,9 +14,9 @@
 	<h3><?php _e( 'Translation Notes', 'glotpress' ); ?></h3>
 	<dl class="notes-list">
 		<?php
-		foreach ( $notes as $note ) {
-			gp_tmpl_load( 'note', get_defined_vars() );
-		}
+			foreach ( $notes as $note ) {
+				gp_tmpl_load( 'note', get_defined_vars() );
+			}
 		?>
 	</dl>
 	<dl>
@@ -30,8 +30,7 @@
 		array(
 			'translation' => $translation,
 		)
-	) || get_current_user_id() === $translation->user_id ) {
-		echo '<dt><br>' . __( 'New Reviewer note:', 'glotpress' ) . '</dt><br>';
+	) || get_current_user_id() === (int) $translation->user_id ) {
 	?>
 			<dt><?php _e( 'New note:', 'glotpress' ); ?></dt>
 			<dt><textarea autocomplete="off" class="foreign-text" name="note[<?php echo esc_attr( $translation->row_id ); ?>]" id="note_<?php echo esc_attr( $translation->row_id ); ?>"></textarea></dt>