Fossil SCM
Do not show the Attach button for anonymous/nobody.
Commit
dfe39cc5c25c907aa78dbb0ab27691cc6ed1fc2b07969723820bbd310217db04
Parent
129082a4850ccf9…
1 file changed
+20
-12
+20
-12
| --- src/forum.c | ||
| +++ src/forum.c | ||
| @@ -205,50 +205,55 @@ | ||
| 205 | 205 | #define FORUMPOST_MOD_ATTACHMENTS 1 |
| 206 | 206 | #if FORUMPOST_MOD_ATTACHMENTS |
| 207 | 207 | /* |
| 208 | 208 | ** Internal helper for moderation_forumpost_...(). |
| 209 | 209 | */ |
| 210 | -static void forumpost_prepare_attachids(Stmt *q, int fpid){ | |
| 210 | +static void forumpost_prep_pending_attachids(Stmt *q, int fpid){ | |
| 211 | 211 | db_prepare( |
| 212 | 212 | q, |
| 213 | - "SELECT attachid FROM attachment a " | |
| 214 | - "WHERE a.target=(" | |
| 213 | + "SELECT attachid FROM attachment " | |
| 214 | + "WHERE target=(" | |
| 215 | 215 | " SELECT uuid FROM blob WHERE rid=%d" |
| 216 | 216 | ") and attachid in (" |
| 217 | 217 | " SELECT objid FROM modreq" |
| 218 | 218 | ")", |
| 219 | 219 | forumpost_head_rid(fpid) |
| 220 | 220 | ); |
| 221 | 221 | } |
| 222 | 222 | #endif |
| 223 | + | |
| 223 | 224 | /* |
| 224 | 225 | ** Approve the given forum post RID and any pending-approval |
| 225 | -** attachments associated with it. | |
| 226 | +** attachments associated with its initial version. | |
| 226 | 227 | */ |
| 227 | 228 | static void moderation_forumpost_approve(int fpid){ |
| 228 | 229 | #if !FORUMPOST_MOD_ATTACHMENTS |
| 229 | 230 | moderation_approve('f', fpid); |
| 230 | 231 | #else |
| 231 | 232 | /* Also approve any pending attachments */ |
| 232 | 233 | Stmt q; |
| 233 | 234 | moderation_approve('f', fpid); |
| 234 | - forumpost_prepare_attachids(&q, fpid); | |
| 235 | + forumpost_prep_pending_attachids(&q, fpid); | |
| 235 | 236 | while( SQLITE_ROW==db_step(&q) ){ |
| 236 | 237 | moderation_approve('a', db_column_int(&q, 0)); |
| 237 | 238 | } |
| 238 | 239 | db_finalize(&q); |
| 239 | 240 | #endif |
| 240 | 241 | } |
| 241 | 242 | |
| 243 | +/* | |
| 244 | +** Disapprove the given forum post and any pending-moderation | |
| 245 | +** attachments on its initial version. | |
| 246 | +*/ | |
| 242 | 247 | static void moderation_forumpost_disapprove(int fpid){ |
| 243 | 248 | #if !FORUMPOST_MOD_ATTACHMENTS |
| 244 | 249 | moderation_disapprove(fpid); |
| 245 | 250 | #else |
| 246 | 251 | /* Also disapprove any pending attachments */ |
| 247 | 252 | Stmt q; |
| 248 | 253 | moderation_disapprove(fpid); |
| 249 | - forumpost_prepare_attachids(&q, fpid); | |
| 254 | + forumpost_prep_pending_attachids(&q, fpid); | |
| 250 | 255 | while( SQLITE_ROW==db_step(&q) ){ |
| 251 | 256 | moderation_disapprove(db_column_int(&q, 0)); |
| 252 | 257 | } |
| 253 | 258 | db_finalize(&q); |
| 254 | 259 | #endif |
| @@ -263,18 +268,18 @@ | ||
| 263 | 268 | ** the head of the chain. |
| 264 | 269 | ** |
| 265 | 270 | ** If addTag is true then a propagating tag is added, except as noted |
| 266 | 271 | ** below, with the given optional zReason string as the tag's |
| 267 | 272 | ** value. If addTag is false then any matching active tag on frid is |
| 268 | -** cancelled, except as noted below. zReason is ignored if doClose is | |
| 269 | -** false or if zReason is NULL or starts with a NUL byte. | |
| 273 | +** cancelled, except as noted below. zReason is ignored if it is NULL | |
| 274 | +** or starts with a NUL byte, or if addTag is false. | |
| 270 | 275 | ** |
| 271 | 276 | ** This function only adds a tag if forum_rid_is_tagged() indicates |
| 272 | 277 | ** that frid's head is not tagged. If a parent post is already tagged, |
| 273 | -** no tag is added. Similarly, it will only remove a tagtag from a | |
| 274 | -** post which has its own tag tag, and will not remove an inherited | |
| 275 | -** one from a parent post. | |
| 278 | +** no tag is added. Similarly, it will only remove a tag from a post | |
| 279 | +** which has its own tag, and will not remove an inherited one from a | |
| 280 | +** parent post. | |
| 276 | 281 | ** |
| 277 | 282 | ** If addTag is true and frid is already tagged (directly or |
| 278 | 283 | ** inherited), this is a no-op. Likewise, if addTag is false and frid |
| 279 | 284 | ** itself is not tagged (not accounting for an inherited closed tag), |
| 280 | 285 | ** this is a no-op. |
| @@ -1054,19 +1059,22 @@ | ||
| 1054 | 1059 | @ <input type="button" value='%s(iClosed ? "Re-open" : "Close")' \ |
| 1055 | 1060 | @ class='%s(iClosed ? "action-reopen" : "action-close")'/> |
| 1056 | 1061 | } |
| 1057 | 1062 | @ </form> |
| 1058 | 1063 | } |
| 1059 | - if( g.perm.Admin || forumpost_is_owner(p/*not pHead*/->fpid, 0) ){ | |
| 1064 | + if( g.perm.Admin || | |
| 1065 | + (login_is_individual() | |
| 1066 | + && forumpost_is_owner(p/*not pHead*/->fpid, 0)) ){ | |
| 1060 | 1067 | /* When an admin edits someone else's post, the admin |
| 1061 | 1068 | ** effectively takes over ownership of it (and we currently |
| 1062 | 1069 | ** have no way of passing it back). Because of this, we |
| 1063 | 1070 | ** check the ownership of `p` instead of `pHead`. */ |
| 1064 | 1071 | @ <form method="post" action="%R/attachadd">\ |
| 1065 | 1072 | @ <input type="hidden" name="forumpost" value="%T(pHead->zUuid)"> |
| 1066 | 1073 | @ <input type="submit" value="Attach..."> |
| 1067 | 1074 | login_insert_csrf_secret(); |
| 1075 | + moderation_pending_www(p->fpid); | |
| 1068 | 1076 | @ </form> |
| 1069 | 1077 | } |
| 1070 | 1078 | } |
| 1071 | 1079 | @ </div> |
| 1072 | 1080 | } |
| 1073 | 1081 |
| --- src/forum.c | |
| +++ src/forum.c | |
| @@ -205,50 +205,55 @@ | |
| 205 | #define FORUMPOST_MOD_ATTACHMENTS 1 |
| 206 | #if FORUMPOST_MOD_ATTACHMENTS |
| 207 | /* |
| 208 | ** Internal helper for moderation_forumpost_...(). |
| 209 | */ |
| 210 | static void forumpost_prepare_attachids(Stmt *q, int fpid){ |
| 211 | db_prepare( |
| 212 | q, |
| 213 | "SELECT attachid FROM attachment a " |
| 214 | "WHERE a.target=(" |
| 215 | " SELECT uuid FROM blob WHERE rid=%d" |
| 216 | ") and attachid in (" |
| 217 | " SELECT objid FROM modreq" |
| 218 | ")", |
| 219 | forumpost_head_rid(fpid) |
| 220 | ); |
| 221 | } |
| 222 | #endif |
| 223 | /* |
| 224 | ** Approve the given forum post RID and any pending-approval |
| 225 | ** attachments associated with it. |
| 226 | */ |
| 227 | static void moderation_forumpost_approve(int fpid){ |
| 228 | #if !FORUMPOST_MOD_ATTACHMENTS |
| 229 | moderation_approve('f', fpid); |
| 230 | #else |
| 231 | /* Also approve any pending attachments */ |
| 232 | Stmt q; |
| 233 | moderation_approve('f', fpid); |
| 234 | forumpost_prepare_attachids(&q, fpid); |
| 235 | while( SQLITE_ROW==db_step(&q) ){ |
| 236 | moderation_approve('a', db_column_int(&q, 0)); |
| 237 | } |
| 238 | db_finalize(&q); |
| 239 | #endif |
| 240 | } |
| 241 | |
| 242 | static void moderation_forumpost_disapprove(int fpid){ |
| 243 | #if !FORUMPOST_MOD_ATTACHMENTS |
| 244 | moderation_disapprove(fpid); |
| 245 | #else |
| 246 | /* Also disapprove any pending attachments */ |
| 247 | Stmt q; |
| 248 | moderation_disapprove(fpid); |
| 249 | forumpost_prepare_attachids(&q, fpid); |
| 250 | while( SQLITE_ROW==db_step(&q) ){ |
| 251 | moderation_disapprove(db_column_int(&q, 0)); |
| 252 | } |
| 253 | db_finalize(&q); |
| 254 | #endif |
| @@ -263,18 +268,18 @@ | |
| 263 | ** the head of the chain. |
| 264 | ** |
| 265 | ** If addTag is true then a propagating tag is added, except as noted |
| 266 | ** below, with the given optional zReason string as the tag's |
| 267 | ** value. If addTag is false then any matching active tag on frid is |
| 268 | ** cancelled, except as noted below. zReason is ignored if doClose is |
| 269 | ** false or if zReason is NULL or starts with a NUL byte. |
| 270 | ** |
| 271 | ** This function only adds a tag if forum_rid_is_tagged() indicates |
| 272 | ** that frid's head is not tagged. If a parent post is already tagged, |
| 273 | ** no tag is added. Similarly, it will only remove a tagtag from a |
| 274 | ** post which has its own tag tag, and will not remove an inherited |
| 275 | ** one from a parent post. |
| 276 | ** |
| 277 | ** If addTag is true and frid is already tagged (directly or |
| 278 | ** inherited), this is a no-op. Likewise, if addTag is false and frid |
| 279 | ** itself is not tagged (not accounting for an inherited closed tag), |
| 280 | ** this is a no-op. |
| @@ -1054,19 +1059,22 @@ | |
| 1054 | @ <input type="button" value='%s(iClosed ? "Re-open" : "Close")' \ |
| 1055 | @ class='%s(iClosed ? "action-reopen" : "action-close")'/> |
| 1056 | } |
| 1057 | @ </form> |
| 1058 | } |
| 1059 | if( g.perm.Admin || forumpost_is_owner(p/*not pHead*/->fpid, 0) ){ |
| 1060 | /* When an admin edits someone else's post, the admin |
| 1061 | ** effectively takes over ownership of it (and we currently |
| 1062 | ** have no way of passing it back). Because of this, we |
| 1063 | ** check the ownership of `p` instead of `pHead`. */ |
| 1064 | @ <form method="post" action="%R/attachadd">\ |
| 1065 | @ <input type="hidden" name="forumpost" value="%T(pHead->zUuid)"> |
| 1066 | @ <input type="submit" value="Attach..."> |
| 1067 | login_insert_csrf_secret(); |
| 1068 | @ </form> |
| 1069 | } |
| 1070 | } |
| 1071 | @ </div> |
| 1072 | } |
| 1073 |
| --- src/forum.c | |
| +++ src/forum.c | |
| @@ -205,50 +205,55 @@ | |
| 205 | #define FORUMPOST_MOD_ATTACHMENTS 1 |
| 206 | #if FORUMPOST_MOD_ATTACHMENTS |
| 207 | /* |
| 208 | ** Internal helper for moderation_forumpost_...(). |
| 209 | */ |
| 210 | static void forumpost_prep_pending_attachids(Stmt *q, int fpid){ |
| 211 | db_prepare( |
| 212 | q, |
| 213 | "SELECT attachid FROM attachment " |
| 214 | "WHERE target=(" |
| 215 | " SELECT uuid FROM blob WHERE rid=%d" |
| 216 | ") and attachid in (" |
| 217 | " SELECT objid FROM modreq" |
| 218 | ")", |
| 219 | forumpost_head_rid(fpid) |
| 220 | ); |
| 221 | } |
| 222 | #endif |
| 223 | |
| 224 | /* |
| 225 | ** Approve the given forum post RID and any pending-approval |
| 226 | ** attachments associated with its initial version. |
| 227 | */ |
| 228 | static void moderation_forumpost_approve(int fpid){ |
| 229 | #if !FORUMPOST_MOD_ATTACHMENTS |
| 230 | moderation_approve('f', fpid); |
| 231 | #else |
| 232 | /* Also approve any pending attachments */ |
| 233 | Stmt q; |
| 234 | moderation_approve('f', fpid); |
| 235 | forumpost_prep_pending_attachids(&q, fpid); |
| 236 | while( SQLITE_ROW==db_step(&q) ){ |
| 237 | moderation_approve('a', db_column_int(&q, 0)); |
| 238 | } |
| 239 | db_finalize(&q); |
| 240 | #endif |
| 241 | } |
| 242 | |
| 243 | /* |
| 244 | ** Disapprove the given forum post and any pending-moderation |
| 245 | ** attachments on its initial version. |
| 246 | */ |
| 247 | static void moderation_forumpost_disapprove(int fpid){ |
| 248 | #if !FORUMPOST_MOD_ATTACHMENTS |
| 249 | moderation_disapprove(fpid); |
| 250 | #else |
| 251 | /* Also disapprove any pending attachments */ |
| 252 | Stmt q; |
| 253 | moderation_disapprove(fpid); |
| 254 | forumpost_prep_pending_attachids(&q, fpid); |
| 255 | while( SQLITE_ROW==db_step(&q) ){ |
| 256 | moderation_disapprove(db_column_int(&q, 0)); |
| 257 | } |
| 258 | db_finalize(&q); |
| 259 | #endif |
| @@ -263,18 +268,18 @@ | |
| 268 | ** the head of the chain. |
| 269 | ** |
| 270 | ** If addTag is true then a propagating tag is added, except as noted |
| 271 | ** below, with the given optional zReason string as the tag's |
| 272 | ** value. If addTag is false then any matching active tag on frid is |
| 273 | ** cancelled, except as noted below. zReason is ignored if it is NULL |
| 274 | ** or starts with a NUL byte, or if addTag is false. |
| 275 | ** |
| 276 | ** This function only adds a tag if forum_rid_is_tagged() indicates |
| 277 | ** that frid's head is not tagged. If a parent post is already tagged, |
| 278 | ** no tag is added. Similarly, it will only remove a tag from a post |
| 279 | ** which has its own tag, and will not remove an inherited one from a |
| 280 | ** parent post. |
| 281 | ** |
| 282 | ** If addTag is true and frid is already tagged (directly or |
| 283 | ** inherited), this is a no-op. Likewise, if addTag is false and frid |
| 284 | ** itself is not tagged (not accounting for an inherited closed tag), |
| 285 | ** this is a no-op. |
| @@ -1054,19 +1059,22 @@ | |
| 1059 | @ <input type="button" value='%s(iClosed ? "Re-open" : "Close")' \ |
| 1060 | @ class='%s(iClosed ? "action-reopen" : "action-close")'/> |
| 1061 | } |
| 1062 | @ </form> |
| 1063 | } |
| 1064 | if( g.perm.Admin || |
| 1065 | (login_is_individual() |
| 1066 | && forumpost_is_owner(p/*not pHead*/->fpid, 0)) ){ |
| 1067 | /* When an admin edits someone else's post, the admin |
| 1068 | ** effectively takes over ownership of it (and we currently |
| 1069 | ** have no way of passing it back). Because of this, we |
| 1070 | ** check the ownership of `p` instead of `pHead`. */ |
| 1071 | @ <form method="post" action="%R/attachadd">\ |
| 1072 | @ <input type="hidden" name="forumpost" value="%T(pHead->zUuid)"> |
| 1073 | @ <input type="submit" value="Attach..."> |
| 1074 | login_insert_csrf_secret(); |
| 1075 | moderation_pending_www(p->fpid); |
| 1076 | @ </form> |
| 1077 | } |
| 1078 | } |
| 1079 | @ </div> |
| 1080 | } |
| 1081 |