Bug 184309: Adds an optional disabled state to quips, which allows quips to be moderated if the admin so chooses.

Patch by Tobias Burnus <burnus@gmx.de> r=joel, a=justdave
2003-01-15 06:48:17 +00:00 · 2003-01-15 06:48:17 +00:00 · 8508177592
--- a/webtools/bugzilla/buglist.cgi
+++ b/webtools/bugzilla/buglist.cgi
@ -191,7 +191,7 @@ sub GetQuip {

    my $quip;

-    SendSQL("SELECT quip FROM quips ORDER BY RAND() LIMIT 1");
+    SendSQL("SELECT quip FROM quips WHERE approved = 1 ORDER BY RAND() LIMIT 1");

    if (MoreSQLData()) {
        ($quip) = FetchSQLData();
--- a/webtools/bugzilla/checksetup.pl
+++ b/webtools/bugzilla/checksetup.pl
@ -3844,6 +3844,10 @@ if ($sth->rows == 0) {
    }
 }

+# 2003-01-11, burnus@net-b.de, bug 184309
+# Support for quips approval
+AddField('quips', 'approved', 'tinyint(1) NOT NULL  DEFAULT 1');
+ 
 # 2002-11-XX Bug 180870 - remove manual shadowdb replication code
 if (TableExists('shadowlog')) {
    print "Removing shadowlog table\n";
--- a/webtools/bugzilla/defparams.pl
+++ b/webtools/bugzilla/defparams.pl
@ -226,11 +226,12 @@ sub check_netmask {
   name => 'enablequips',
   desc => 'Controls the appearance of quips at the top of buglists.<ul> ' .
           '<li>on - Bugzilla will display a quip, and lets users add to ' .
-           'the list.</li><li>frozen - Bugzilla will display a quip but ' .
-           'not permit new additions.</li><li>off - Bugzilla will not ' .
-           'display quips.</li></ul>',
+           'the list.</li><li>approved - quips can be entered, but need ' .
+           'be approved before shown</li><li>frozen - Bugzilla will display ' .
+           'a quip but not permit new additions.</li><li>off - Bugzilla ' .
+           'will not display quips.</li></ul>',
   type => 's',
-   choices => ['on','frozen','off'],
+   choices => ['on', 'approved', 'frozen', 'off'],
   default => 'on',
   checker => \&check_multi
  },
--- a/webtools/bugzilla/quips.cgi
+++ b/webtools/bugzilla/quips.cgi
@ -21,6 +21,7 @@
 # Contributor(s): Owen Taylor <otaylor@redhat.com>
 #                 Gervase Markham <gerv@gerv.net>
 #                 David Fallon <davef@tetsubo.com>
+#                 Tobias Burnus <burnus@net-b.de>

 use strict;

@ -46,18 +47,20 @@ my $action = $::FORM{'action'} || "";

 if ($action eq "show") {
    # Read in the entire quip list
-    SendSQL("SELECT quipid,userid,quip FROM quips");
+    SendSQL("SELECT quipid, userid, quip, approved FROM quips");

    my $quips;
    my @quipids;
    while (MoreSQLData()) {
-        my ($quipid, $userid, $quip) = FetchSQLData();
-        $quips->{$quipid} = {'userid' => $userid, 'quip' => $quip};
+        my ($quipid, $userid, $quip, $approved) = FetchSQLData();
+        $quips->{$quipid} = {'userid' => $userid, 'quip' => $quip, 
+                             'approved' => $approved};
        push(@quipids, $quipid);
    }

    my $users;
    foreach my $quipid (@quipids) {
+        my $userid = $quips->{$quipid}{'userid'};
        if (not defined $users->{$userid}) {
            SendSQL("SELECT login_name FROM profiles WHERE userid = $userid");
            $users->{$userid} = FetchSQLData();
@ -70,18 +73,49 @@ if ($action eq "show") {
 }

 if ($action eq "add") {
-    (Param('enablequips') eq "on") || ThrowUserError("no_new_quips");
+    (Param('enablequips') eq "on" or Param('enablequips') eq "approved")
+      || ThrowUserError("no_new_quips");
    
    # Add the quip 
+    my $approved = (Param('enablequips') eq "on") ? '1' : '0';
+    $approved = 1 if(UserInGroup('admin'));
    my $comment = $::FORM{"quip"};
    $comment || ThrowUserError("need_quip");
    $comment !~ m/</ || ThrowUserError("no_html_in_quips");

-    SendSQL("INSERT INTO quips (userid, quip) VALUES (". $userid . ", " . SqlQuote($comment) . ")");
+    SendSQL("INSERT INTO quips (userid, quip, approved) VALUES " .
+           '(' . $userid . ', ' . SqlQuote($comment) . ', ' . $approved . ')');

    $vars->{'added_quip'} = $comment;
 }

+if ($action eq 'approve') {
+    # Read in the entire quip list
+    SendSQL("SELECT quipid, approved FROM quips");
+ 
+    my %quips;
+    while (MoreSQLData()) {
+        my ($quipid, $approved) = FetchSQLData();
+        $quips{$quipid} = $approved;
+    }
+
+    my @approved;
+    my @unapproved;
+    foreach my $quipid (keys %quips) {
+       my $form = ($::FORM{'quipid_'.$quipid}) ? 1 : 0;
+       if($quips{$quipid} ne $form) {
+           if($form) { push(@approved, $quipid); }
+           else { push(@unapproved, $quipid); }
+       }
+    }
+    SendSQL("UPDATE quips SET approved = 1 WHERE quipid IN (" .
+            join(",", @approved) . ")") if($#approved > -1);
+    SendSQL("UPDATE quips SET approved = 0 WHERE quipid IN (" .
+            join(",", @unapproved) . ")") if($#unapproved > -1);
+    $vars->{ 'approved' }   = \@approved;
+    $vars->{ 'unapproved' } = \@unapproved;
+}
+
 if ($action eq "delete") {
    if (!UserInGroup('admin')) {
        ThrowUserError("quips_edit_denied");
--- a/webtools/bugzilla/template/en/default/list/quips.html.tmpl
+++ b/webtools/bugzilla/template/en/default/list/quips.html.tmpl
@ -35,6 +35,9 @@
  <p>
    <font color="red">
      Your quip '<tt>[% added_quip FILTER html %]</tt>' has been added.
+      [% IF Param("enablequips") == "approved" AND !UserInGroup('admin') %]
+        It will be used as soon as it gets approved.
+      [% END %]
    </font>
  </p>
 [% END %]
@ -47,10 +50,17 @@
  </p>
 [% END %]

+[% IF approved or unapproved %]
+  <p>[% approved.size %] quips approved and [% unapproved.size %] quips unapproved</p>
+[% END %]
+
 <p>
  Bugzilla will pick a random quip for the headline on each bug list, and 
  you can extend the quip list. Type in something clever or funny or boring 
  (but not obscene or offensive, please) and bonk on the button.
+  [% IF Param("enablequips") == "approved" AND !UserInGroup('admin') %]
+    Note that your quip has to be approved before it is used.
+  [% END %]
 </p>

 <form method="post" action="quips.cgi">
@ -67,35 +77,66 @@
      Existing quips:
    </h2>
    <ul>
-      [% FOREACH quip = quips %]
-        <li>[% quip FILTER html %]</li>
+      [% FOREACH quipid = quipids %]
+        [% NEXT IF NOT quips.$quipid.approved %]
+        <li>[% quips.$quipid.quip FILTER html %]</li>
      [% END %]
    </ul>
  [% ELSE %]
    <h2>Edit existing quips:</h2>
-    <table border="1">
-      <thead><tr>
-        <th>Quip</th>
-        <th>Author</th>
-        <th>Action</th>
-      </tr></thead><tbody>
-      [% FOREACH quipid = quipids %]
-        <tr>
-          <td>[% quips.$quipid.quip FILTER html %]</td>
-          <td>
-            [% userid = quips.$quipid.userid  %]
-            [% users.$userid FILTER html      %]
-            [% "Unknown" IF NOT users.$userid %]
-          </td>
-          <td>
-            <a href="quips.cgi?action=delete&amp;quipid=[% quipid FILTER uri%]">
-              Delete
-            </a>
-          </td>
-        </tr>
-      [% END %]
-      </tbody>
-    </table>
+    <p>
+      <strong>Note:</strong> Only approved quips will be shown.
+      If enablequips is set to <q>on</q>, entered quips are automatically
+      approved.
+    </p>
+    <form name="editform" method="post" action="quips.cgi">
+      <input type="hidden" name="action" value="approve">
+      <table border="1">
+        <thead><tr>
+          <th>Quip</th>
+          <th>Author</th>
+          <th>Action</th>
+          <th>Approved</th>
+        </tr></thead><tbody>
+        [% FOREACH quipid = quipids %]
+          <tr>
+            <td>[% quips.$quipid.quip FILTER html %]</td>
+            <td>
+              [% userid = quips.$quipid.userid  %]
+              [% users.$userid FILTER html      %]
+              [% "Unknown" IF NOT users.$userid %]
+            </td>
+            <td>
+              <a href="quips.cgi?action=delete&amp;quipid=[% quipid FILTER uri%]">
+                Delete
+              </a>
+            </td>
+            <td>
+              <input type="checkbox" name="quipid_[% quipid FILTER uri%]"
+                     id="quipid_[% quipid FILTER uri%]"
+                     [%- ' checked="checked"' IF quips.$quipid.approved %]>
+            </td>
+          </tr>
+        [% END %]
+        </tbody>
+      </table>
+      <script type="text/javascript" language="JavaScript"><!--
+        var numelements = document.forms.editform.elements.length;
+        function SetCheckboxes(value) {
+          var item;
+          for (var i=0 ; i<numelements ; i++) {
+            item = document.forms.editform.elements[i];
+            item.checked = value;
+          }
+        }
+        document.write(' <input type="button" name="uncheck_all" '
+                      +'value="Uncheck All" onclick="SetCheckboxes(false);">');
+        document.write(' <input type="button" name="check_all" '
+                      +'value="Check All" onclick="SetCheckboxes(true);">');
+        //--></script>
+
+      <input type="submit" value="Update">
+    </form>
    <br>
  [% END %]
 [% ELSE %]