fu: Close-up of Fu, bringing a scoop of water to her mouth (Default)
fu ([personal profile] fu) wrote in [site community profile] changelog2010-10-17 02:40 am
  • Add Memory
  • Share This Entry

[dw-free] Cannot approve posts in moderated communities for users on dversion 9

[commit: http://hg.dwscoalition.org/dw-free/rev/8fc08dcd6273]

http://bugs.dwscoalition.org/show_bug.cgi?id=3147

Let the system props through the second time around; we did a proper check
on them the first time (they were checked then frozen before coming into the
moderation queue)

Patch by [personal profile] exor674.

Files modified:
  • cgi-bin/ljprotocol.pl
  • htdocs/community/moderate.bml
--------------------------------------------------------------------------------
diff -r b5317034bbfe -r 8fc08dcd6273 cgi-bin/ljprotocol.pl
--- a/cgi-bin/ljprotocol.pl	Sat Oct 16 22:25:11 2010 +0800
+++ b/cgi-bin/ljprotocol.pl	Sun Oct 17 10:40:19 2010 +0800
@@ -1029,6 +1029,8 @@ sub common_event_validation
 
     ## handle meta-data (properties)
     LJ::load_props("log");
+
+    my $allow_system = $flags->{allow_system} || {};
     foreach my $pname (keys %{$req->{'props'}})
     {
         my $p = LJ::get_prop("log", $pname);
@@ -1041,7 +1043,7 @@ sub common_event_validation
 
         # This is a system logprop
         # fail with unknown metadata here?
-        if ( $p->{ownership} eq 'system' ) {
+        if ( $p->{ownership} eq 'system' && !( $allow_system == 1 || $allow_system->{$pname} ) ) {
             $pname =~ s/[^\w]//g;
             return fail($err,205,$pname);
         }
diff -r b5317034bbfe -r 8fc08dcd6273 htdocs/community/moderate.bml
--- a/htdocs/community/moderate.bml	Sat Oct 16 22:25:11 2010 +0800
+++ b/htdocs/community/moderate.bml	Sun Oct 17 10:40:19 2010 +0800
@@ -90,7 +90,13 @@ body<=
         $req->{user} = $poster->user;
         $req->{username} = $poster->user;
         if ($mode eq 'approve_do') {
-            my $res = LJ::Protocol::do_request('postevent', $req, \$prot_err, {'nomod'=>1, 'noauth'=>1});
+            # allow all system logprops
+            # we've already made sure that the original user didn't provide any system ones
+            my $res = LJ::Protocol::do_request('postevent', $req, \$prot_err, {
+                    nomod => 1,
+                    noauth => 1,
+                    allow_system => 1,
+                });
             if ($res) { # succeeded
                 $success = 1;
                 $ret .= "<?h1 $ML{'.posted.header'} h1?><?p $ML{'.posted.text'} p?>";
--------------------------------------------------------------------------------