3 # This software is placed under the gnu General Public License, v2 (http://www.gnu.org/licenses/gpl.html)
5 # Copyright 2008 LibLime
7 # This file is part of Koha.
9 # Koha is free software; you can redistribute it and/or modify it under the
10 # terms of the GNU General Public License as published by the Free Software
11 # Foundation; either version 2 of the License, or (at your option) any later
14 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
15 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
16 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
18 # You should have received a copy of the GNU General Public License along with
19 # Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
20 # Suite 330, Boston, MA 02111-1307 USA
27 use CGI::Cookie; # need to check cookies before having CGI parse the POST request
29 use C4::Auth qw(:DEFAULT check_cookie_auth);
31 use C4::Dates qw(format_date format_date_in_iso);
33 use C4::Output 3.02 qw(:html :ajax pagination_bar);
35 use C4::Tags 0.03 qw(get_tags get_approval_rows approval_counts whitelist blacklist is_approved);
37 my $script_name = "/cgi-bin/koha/tags/review.pl";
38 my $needed_flags = { tools => 'moderate_comments' }; # FIXME: replace when more specific permission is created.
40 sub ajax_auth_cgi ($) { # returns CGI object
41 my $needed_flags = shift;
42 my %cookies = fetch CGI::Cookie;
44 my $sessid = $cookies{'CGISESSID'}->value || $input->param('CGISESSID');
45 my ($auth_status, $auth_sessid) = check_cookie_auth($sessid, $needed_flags);
47 print STDERR "($auth_status, $auth_sessid) = check_cookie_auth($sessid," . Dumper($needed_flags) . ")\n";
48 if ($auth_status ne "ok") {
49 output_ajax_with_http_headers $input,
50 "window.alert('Your CGI session cookie ($sessid) is not current. " .
51 "Please refresh the page and try again.');\n";
54 $debug and print STDERR "AJAX request: " . Dumper($input),
55 "\n(\$auth_status,\$auth_sessid) = ($auth_status,$auth_sessid)\n";
60 my $input = &ajax_auth_cgi($needed_flags);
61 my $operator = C4::Context->userenv->{'number'}; # must occur AFTER auth
62 $debug and print STDERR "op: " . Dumper($operator) . "\n";
64 if ($tag = $input->param('test')) {
65 $js_reply = ( is_approved( $tag) ? 'success' : 'failure') . "_test('$tag');\n";
67 if ($tag = $input->param('ok')) {
68 $js_reply = ( whitelist($operator,$tag) ? 'success' : 'failure') . "_approve('$tag');\n";
70 if ($tag = $input->param('rej')) {
71 $js_reply = ( blacklist($operator,$tag) ? 'success' : 'failure') . "_reject('$tag');\n";
73 output_ajax_with_http_headers $input, $js_reply;
77 ### Below is the sad, boring, necessary non-AJAX HTML code.
80 my ($template, $borrowernumber, $cookie) = get_template_and_user({
81 template_name => "tags/review.tmpl",
86 flagsrequired => $needed_flags,
89 my ($op, @errors, @tags);
90 $op = $input->param('op') || 'none';
91 @tags = $input->param('tags');
93 $borrowernumber == 0 and push @errors, {op_zero=>1};
94 if ($op eq 'approve') {
96 whitelist($borrowernumber,$_) or push @errors, {failed_ok=>$_};
98 } elsif ($op eq 'reject' ) {
100 blacklist($borrowernumber,$_) or push @errors, {failed_rej=>$_};
102 } elsif ($op eq 'test' ) {
103 my $tag = $input->param('test');
107 (is_approved($tag) ? 'verdict_ok' : 'verdict_rej') => 1,
111 my $counts = &approval_counts;
112 foreach (keys %$counts) {
113 $template->param($_ => $counts->{$_});
116 sub pagination_calc ($;$) {
117 my $query = shift or return undef;
118 my $hardlimit = (@_) ? shift : 100; # hardcoded, could be another syspref
119 my $pagesize = $query->param('limit' ) || $hardlimit;
120 my $page = $query->param('page' ) || 1;
121 my $offset = $query->param('offset') || 0;
122 ($pagesize <= $hardlimit) or $pagesize = $hardlimit;
124 $offset = ($page-1)*$pagesize;
128 return ($pagesize,$page,$offset);
131 my ($pagesize,$page,$offset) = pagination_calc($input,100);
134 limit => $offset ? "$offset,$pagesize" : $pagesize,
135 sort => 'approved,-weight_total,+term',
137 my ($filter,$date_from,$date_to);
138 if (defined $input->param('approved')) { # 0 is valid value, must check defined
139 $filter = $input->param('approved');
143 if ($filter eq 'all') {
144 $template->param(filter_approved_all => 1);
145 } elsif ($filter =~ /-?[01]/) {
146 $filters{approved} = $filter;
148 ($filter == 1 ? 'filter_approved_ok' :
149 $filter == 0 ? 'filter_approved_pending' :
150 $filter == -1 ? 'filter_approved_rej' :
151 'filter_approved') => 1
155 # my $q_count = get_approval_rows({limit=>$pagesize, sort=>'approved,-weight_total,+term', count=>1});
156 if ($filter = $input->param('tag')) {
157 $template->param(filter_tag=>$filter);
158 $filters{term} = $filter;
160 if ($filter = $input->param('from')) {
161 if ($date_from = format_date_in_iso($filter)) {
162 $template->param(filter_date_approved_from=>$filter);
163 $filters{date_approved} = ">=$date_from";
165 push @errors, {date_from=>$filter};
168 if ($filter = $input->param('to')) {
169 if ($date_to = format_date_in_iso($filter)) {
170 $template->param(filter_date_approved_to=>$filter);
171 $filters{date_approved} = "<=$date_to";
173 push @errors, {date_to=>$filter};
176 if ($filter = $input->param('approver')) { # name (or borrowernumber) from input box
177 if (($filter =~ /^\d+$/ and $filter > 0) or
178 (1) ){ # $filter=get borrowernumber from name
179 $template->param(filter_approver=>$filter);
180 $filters{approved_by} = $filter;
182 push @errors, {approver=>$filter};
185 if ($filter = $input->param('approved_by')) { # borrowernumber from link
186 if ($filter =~ /^\d+$/ and $filter > 0) {
187 $template->param(filter_approver=>$filter);
188 $filters{approved_by} = $filter;
190 push @errors, {approved_by=>$filter};
193 $debug and print STDERR "filters: " . Dumper(\%filters);
194 my $tagloop = get_approval_rows(\%filters);
195 my $qstring = $input->query_string;
196 $qstring =~ s/([&;])*\blimit=\d+//; # remove pagination var
197 $qstring =~ s/^;+//; # remove leading delims
198 $qstring = "limit=$pagesize" . ($qstring ? '&' . $qstring : '');
199 $debug and print STDERR "number of approval_rows: " . scalar(@$tagloop) . "rows\n";
200 (scalar @errors) and $template->param(message_loop=>\@errors);
202 DHTMLcalendar_dateformat => C4::Dates->DHTMLcalendar(),
203 offset => $offset, # req'd for EXPR
205 op_count => scalar(@tags),
206 script_name => $script_name,
207 approved => 0, # dummy value (also EXPR)
209 pagination_bar => pagination_bar(
210 "$script_name?$qstring\&",
211 ceil($counts->{approved_total}/$pagesize), # $page, 'page'
215 output_html_with_http_headers $input, $cookie, $template->output;