fu: Close-up of Fu, bringing a scoop of water to her mouth (Default)
fu ([personal profile] fu) wrote in [site community profile] changelog2010-10-12 03:04 pm

[dw-free] if openid user makes a suggestion, have it posted as the suggestions_bot

[commit: http://hg.dwscoalition.org/dw-free/rev/bf2ba22edace]

http://bugs.dwscoalition.org/show_bug.cgi?id=3014

Allow identity users (e.g., openid accounts) to post an entry in a community
and also add tags like normal users (if allowed) will be useful for
suggestions. Only site administrators can set this on an account.

Patch by [personal profile] fu.

Files modified:
  • bin/upgrading/proplists.dat
  • cgi-bin/LJ/Tags.pm
  • cgi-bin/ljprotocol.pl
  • t/protocol.t
--------------------------------------------------------------------------------
diff -r 68507e240fe8 -r bf2ba22edace bin/upgrading/proplists.dat
--- a/bin/upgrading/proplists.dat	Tue Oct 12 21:49:53 2010 +0800
+++ b/bin/upgrading/proplists.dat	Tue Oct 12 23:04:40 2010 +0800
@@ -405,6 +405,14 @@ userproplist.icq:
   indexed: 1
   multihomed: 1
   prettyname: ICQ
+
+userproplist.identity_posting:
+  cldversion: 4
+  datatype: bol
+  des: Whether to allow identity users to post entries to this journal
+  indexed: 0
+  multihomed: 0
+  prettyname: Entries from Identity Users
 
 userproplist.import_job:
   cldversion: 4
diff -r 68507e240fe8 -r bf2ba22edace cgi-bin/LJ/Tags.pm
--- a/cgi-bin/LJ/Tags.pm	Tue Oct 12 21:49:53 2010 +0800
+++ b/cgi-bin/LJ/Tags.pm	Tue Oct 12 23:04:40 2010 +0800
@@ -473,7 +473,11 @@ sub can_add_tags {
     my $u = LJ::want_user(shift);
     my $remote = LJ::want_user(shift);
     return undef unless $u && $remote;
-    return undef unless $remote->is_person;
+
+    # we don't allow identity users to add tags, even when tag permissions would otherwise allow any user on the site
+    # exception are communities that explicitly allow identity users to post in them
+    # FIXME: perhaps we should restrict on all users, but allow for more restrictive settings such as members?
+    return undef unless $remote->is_personal || $remote->is_identity && $u->prop( 'identity_posting' );
     return undef if $u->has_banned( $remote );
 
     # get permission hashref and check it; note that we fall back to the control
@@ -491,9 +495,9 @@ sub can_add_entry_tags {
     $remote = LJ::want_user( $remote );
 
     return undef unless $remote && $entry;
-    return undef unless $remote->is_personal;
 
     my $journal = $entry->journal;
+    return undef unless $remote->is_personal || $remote->is_identity && $journal->prop( 'identity_posting' );
     return undef if $journal->has_banned( $remote );
 
     my $perms = LJ::Tags::get_permission_levels( $journal );
@@ -529,7 +533,7 @@ sub can_control_tags {
     my $u = LJ::want_user(shift);
     my $remote = LJ::want_user(shift);
     return undef unless $u && $remote;
-    return undef unless $remote->is_person;
+    return undef unless $remote->is_personal || $remote->is_identity && $u->prop( 'identity_posting' );
     return undef if $u->has_banned( $remote );
 
     # get permission hashref and check it
diff -r 68507e240fe8 -r bf2ba22edace cgi-bin/ljprotocol.pl
--- a/cgi-bin/ljprotocol.pl	Tue Oct 12 21:49:53 2010 +0800
+++ b/cgi-bin/ljprotocol.pl	Tue Oct 12 23:04:40 2010 +0800
@@ -1157,7 +1157,7 @@ sub postevent
 
     ### make sure community or identity journals don't post
     return fail($err,150) if $u->is_community;
-    return fail($err,150) if ! $importer_bypass && $u->is_identity;
+    return fail($err,150) if ! $importer_bypass && ! $uowner->prop( "identity_posting" ) && $u->is_identity;
 
     # suspended users can't post
     return fail($err,305) if ! $importer_bypass && $u->is_suspended;
diff -r 68507e240fe8 -r bf2ba22edace t/protocol.t
--- a/t/protocol.t	Tue Oct 12 21:49:53 2010 +0800
+++ b/t/protocol.t	Tue Oct 12 23:04:40 2010 +0800
@@ -3,13 +3,14 @@ use warnings;
 use warnings;
 
 use Test::More;
-plan tests => 191;
+plan tests => 201;
 
 use lib "$ENV{LJHOME}/cgi-bin";
 require 'ljlib.pl';
 require 'ljprotocol.pl';
 
 use LJ::Test qw( temp_user temp_comm );
+no warnings "once";
 
 my $u = temp_user();
 my $watched = temp_user();
@@ -38,9 +39,10 @@ my $do_request = sub {
     my ( $mode, %request_args ) = @_;
 
     my $err = 0;
+    my %flags = %{ delete  $request_args{flags} || {} };
     my $req = \%request_args;
 
-    my $res = LJ::Protocol::do_request( $mode, $req, \$err, { noauth => 1 } );
+    my $res = LJ::Protocol::do_request( $mode, $req, \$err, { noauth => 1, %flags } );
 
     return ( $res, $err );
 };
@@ -473,3 +475,107 @@ note( "editcircle" );
     ( $res, $err ) = $do_request->( "getcircle", username => $u->user, includecontentfilters => 1 );
     ok( $res->{contentfilters}->[0]->{data} eq "", "No more data in the content filter." );
 }
+
+
+note( "post to community by various journaltypes" );
+{
+    # test cases:
+    # personal journal posting to a community
+    # community posting to a community
+    # openid to a community with no openid posting cap
+    # openid to a community which has the openid posting cap
+    # openid to a community which normally does not allow openid posting, but with the importer bypass on
+
+    # open up community posting to everybody
+    my $admin = temp_user();
+    $admin->join_community( $comm, 1, 1 );
+    LJ::set_rel( $comm->userid, $admin->userid, "A" );
+    delete $LJ::REQ_CACHE_REL{$comm->userid."-".$admin->userid."-A"};  # to be safe
+
+    $comm->set_comm_settings( $admin, { membership => "open", postlevel => "members" } );
+    $comm->set_prop( nonmember_posting => 1 );
+
+
+    # validate the user, so they can post
+    LJ::update_user( $u, { status => 'A' } );
+
+    ( $res, $err ) = $do_request->( "postevent",
+        username   => $u->user,
+        usejournal => $comm->user,
+
+        event      => "new test post to community",
+        tz         => "guess",
+    );
+    $success->( $err, "Entry posted successfully to community by personal journal." );
+
+
+    my $comm2 = temp_comm();
+    ( $res, $err ) = $do_request->( "postevent",
+        username    => $comm2->user,
+        usejournal  => $comm->user,
+        event       => "new test post to community by community2"
+    );
+    $check_err->( $err, 300, "Communities cannot post entries." );
+
+    ( $res, $err ) = $do_request->( "postevent",
+        username    => $comm->user,
+        usejournal  => $comm->user,
+
+        event       => "new test post to self by a community",
+        tz          => "guess",
+    );
+    $check_err->( $err, 300, "Communities cannot post entries, not even to themselves." );
+
+
+
+    # openid casess
+    my $identity_u = temp_user( journaltype => "I" );
+    $identity_u->update_self( { status => "A" } );
+
+    ( $res, $err ) = $do_request->( "postevent",
+        username    => $identity_u->user,
+        usejournal  => $comm->user,
+
+        event       => "new test post to a community by an identity user",
+        tz          => "guess",
+    );
+    $check_err->( $err, 150, "OpenID users cannot post entries to communities with no OpenID posting prop." );
+
+
+    ( $res, $err ) = $do_request->( "postevent",
+        username    => $identity_u->user,
+        usejournal  => $comm->user,
+
+        event       => "new test post to a community by an identity user",
+        tz          => "guess",
+
+        flags       => { importer_bypass => 1 },
+    );
+    $success->( $err, "Always allow posting with the importer bypass." );
+
+
+    # allow all users to add and control tags (for convenience)
+    $comm->set_prop( opt_tagpermissions => "public,public" );
+
+
+    ok( ! LJ::Tags::can_control_tags( $comm, $identity_u ), "Identity user cannot control tags on communities that don't allow identity posting." );
+    ok( ! LJ::Tags::can_add_tags( $comm, $identity_u ), "Identity user cannot control tags on communities that don't allow identity posting." );
+
+
+    # allow identity users to post entries and add / control tags as appropriate
+    $comm->set_prop( identity_posting => 1 );
+
+    ok( LJ::Tags::can_control_tags( $comm, $identity_u ), "Identity user can control tags on communities if they allow identity posting." );
+    ok( LJ::Tags::can_add_tags( $comm, $identity_u ), "Identity user can control tags on communities if they allow identity posting." );
+
+
+    ( $res, $err ) = $do_request->( "postevent",
+        username    => $identity_u->user,
+        usejournal  => $comm->user,
+
+        event       => "new test post to a community by an identity user",
+        props       => { taglist => "testing" },
+        tz          => "guess",
+    );
+    $success->( $err, "OpenID users can post entries to communities with the appropriate prop." );
+}
--------------------------------------------------------------------------------