feat(api): Add endpoint for GetComments

[ioslife]

To address: #2081 (comment)

*  API_GetComments - returns the comments associated to a game or achievement
*    i : game or achievement id
*    u : username
*    t : 1 = game, 2 = achievement, 3 = user
*    o : offset - number of entries to skip (default: 0)
*    c : count - number of entries to return (default: 100, max: 500)
*
*  int         Count                       number of comment records returned in the response
*  int         Total                       number of comment records the game/achievement/user actually has overall
*  array       Results
*   object      [value]
*    int         User                      username of the commenter
*    string      Submitted                 date time the comment was submitted
*    string      CommentText               text of the comment
*/

[ioslife]

I broke my tests before the last push. Fixing now.

[wescopeland]

This endpoint surfaces multiple security issues.

Comments for banned users are still returned even though they're invisible in the UI. Comments for users are still returned if they have their wall disabled.

[ioslife]

I've converted this to a draft for now. After talking with Wes, there is a bigger effort going on to deprecate Permissions and start using Policies.

resources/views/components/comment/item.blade.php first needs to be refactored to use policies.
This is nontrivial because there are multiple types of commentables and different policies mapping to each.

• comments from Wes

I will keep looking at this, but it's getting to a point that is out of my wheel house. I'd love for someone to work with me to make sure we get this done properly.

[ioslife]

docs: RetroAchievements/api-docs#59

[wescopeland]

Not entirely sure what I'm doing wrong:

http://localhost:64000/API/API_GetComments.php?z=...&y=...&i=1&t=1

{
	"message": "App\\Models\\User::getUsernameAttribute(): Return value must be of type string, null returned",
	"exception": "TypeError",
	"file": "/var/www/html/app/Models/User.php",
	"line": 412,
	"trace": [
		{
			"file": "/var/www/html/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Concerns/HasAttributes.php",
			"line": 658,
			"function": "getUsernameAttribute",
			"class": "App\\Models\\User",
			"type": "->"
		},
... a bunch of stuff

[wescopeland]

This is looking a lot better. I've spent some time trying to break things and I'm not able to. I have only one (minor) suggested refactor from this final review and then I think we'll be in good shape.