From f992da84ae2a1efbbe3993dab7608f9e81d08913 Mon Sep 17 00:00:00 2001
From: Alex Cabal <alex@alexcabal.com>
Date: Sat, 13 Jan 2024 16:33:57 -0600
Subject: [PATCH] Don't allow submitters to review their own artwork

---
 config/sql/se/Benefits.sql | 11 ++++++-----
 lib/Benefits.php           |  1 +
 www/artworks/get.php       | 26 ++++++++++++++------------
 www/artworks/new.php       | 32 ++++++++++++++++++--------------
 www/artworks/post.php      | 16 ++++++++++++++--
 5 files changed, 53 insertions(+), 33 deletions(-)

diff --git a/config/sql/se/Benefits.sql b/config/sql/se/Benefits.sql
index 22555f45..1299e466 100644
--- a/config/sql/se/Benefits.sql
+++ b/config/sql/se/Benefits.sql
@@ -1,10 +1,11 @@
 CREATE TABLE `Benefits` (
   `UserId` int(10) unsigned NOT NULL,
-  `CanAccessFeeds` tinyint(1) unsigned NOT NULL,
-  `CanVote` tinyint(1) unsigned NOT NULL,
-  `CanBulkDownload` tinyint(1) unsigned NOT NULL,
-  `CanUploadArtwork` tinyint(1) unsigned NOT NULL,
-  `CanReviewArtwork` tinyint(1) unsigned NOT NULL,
+  `CanAccessFeeds` tinyint(1) unsigned NOT NULL DEFAULT 0,
+  `CanVote` tinyint(1) unsigned NOT NULL DEFAULT 0,
+  `CanBulkDownload` tinyint(1) unsigned NOT NULL DEFAULT 0,
+  `CanUploadArtwork` tinyint(1) unsigned NOT NULL DEFAULT 0,
+  `CanReviewArtwork` tinyint(1) unsigned NOT NULL DEFAULT 0,
+  `CanReviewOwnArtwork` tinyint(1) unsigned NOT NULL DEFAULT 0,
   PRIMARY KEY (`UserId`),
   KEY `idxBenefits` (`CanAccessFeeds`,`CanVote`,`CanBulkDownload`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
diff --git a/lib/Benefits.php b/lib/Benefits.php
index 783e0192..7bb8aad4 100644
--- a/lib/Benefits.php
+++ b/lib/Benefits.php
@@ -5,4 +5,5 @@ class Benefits{
 	public bool $CanBulkDownload = false;
 	public bool $CanUploadArtwork = false;
 	public bool $CanReviewArtwork = false;
+	public bool $CanReviewOwnArtwork = false;
 }
diff --git a/www/artworks/get.php b/www/artworks/get.php
index 066b2288..8143dee4 100644
--- a/www/artworks/get.php
+++ b/www/artworks/get.php
@@ -129,21 +129,23 @@ catch(Exceptions\ArtworkNotFoundException){
 		<? } ?>
 
 		<? if($isAdminView){ ?>
-			<h2>Reviewer options</h2>
+			<h2>Editor options</h2>
 			<p>Review the metadata and PD proof for this artwork submission. Approve to make it available for future producers.</p>
 			<form method="post" action="<?= $artwork->Url ?>">
 				<input type="hidden" name="_method" value="PATCH" />
-				<label class="select">
-					<span>Artwork approval status</span>
-					<span>
-						<select name="artwork-status">
-							<option value="<?= COVER_ARTWORK_STATUS_UNVERIFIED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_UNVERIFIED){ ?> selected="selected"<? } ?>>Unverified</option>
-							<option value="<?= COVER_ARTWORK_STATUS_DECLINED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_DECLINED){ ?> selected="selected"<? } ?>>Declined</option>
-							<option value="<?= COVER_ARTWORK_STATUS_APPROVED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_APPROVED){ ?> selected="selected"<? } ?>>Approved</option>
-							<option value="<?= COVER_ARTWORK_STATUS_IN_USE ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_IN_USE){ ?> selected="selected"<? } ?>>In use</option>
-						</select>
-					</span>
-				</label>
+				<? if(($artwork->SubmitterUserId != $GLOBALS['User']->UserId) || $GLOBALS['User']->Benefits->CanReviewOwnArtwork){ ?>
+					<label class="select">
+						<span>Artwork approval status</span>
+						<span>
+							<select name="artwork-status">
+								<option value="<?= COVER_ARTWORK_STATUS_UNVERIFIED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_UNVERIFIED){ ?> selected="selected"<? } ?>>Unverified</option>
+								<option value="<?= COVER_ARTWORK_STATUS_DECLINED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_DECLINED){ ?> selected="selected"<? } ?>>Declined</option>
+								<option value="<?= COVER_ARTWORK_STATUS_APPROVED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_APPROVED){ ?> selected="selected"<? } ?>>Approved</option>
+								<option value="<?= COVER_ARTWORK_STATUS_IN_USE ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_IN_USE){ ?> selected="selected"<? } ?>>In use</option>
+							</select>
+						</span>
+					</label>
+				<? } ?>
 				<label>
 					<span>In use by</span>
 					<span>Ebook file system slug, like <code>c-s-lewis_poetry</code>. If not in use, leave this blank.</span>
diff --git a/www/artworks/new.php b/www/artworks/new.php
index 7bb3b657..70dee094 100644
--- a/www/artworks/new.php
+++ b/www/artworks/new.php
@@ -19,6 +19,8 @@ try{
 		throw new Exceptions\InvalidPermissionsException();
 	}
 
+	$isAdminView = $GLOBALS['User']->Benefits->CanReviewArtwork ?? false;
+
 	// We got here because an artwork was successfully submitted
 	if($created){
 		http_response_code(201);
@@ -36,7 +38,7 @@ try{
 		$artwork = new Artwork();
 		$artwork->Artist = new Artist();
 
-		if($GLOBALS['User']->Benefits->CanReviewArtwork){
+		if($GLOBALS['User']->Benefits->CanReviewOwnArtwork){
 			$artwork->Status = COVER_ARTWORK_STATUS_APPROVED;
 		}
 	}
@@ -231,20 +233,22 @@ catch(Exceptions\InvalidPermissionsException){
 					<textarea maxlength="1024" name="artwork-notes"><?= Formatter::ToPlainText($artwork->Notes) ?></textarea>
 				</label>
 			</fieldset>
-			<? if($GLOBALS['User']->Benefits->CanReviewArtwork){ ?>
+			<? if($isAdminView){ ?>
 			<fieldset>
-				<legend>Reviewer options</legend>
-				<label class="select">
-					<span>Artwork approval status</span>
-					<span>
-						<select name="artwork-status">
-							<option value="<?= COVER_ARTWORK_STATUS_UNVERIFIED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_UNVERIFIED){ ?> selected="selected"<? } ?>>Unverified</option>
-							<option value="<?= COVER_ARTWORK_STATUS_DECLINED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_DECLINED){ ?> selected="selected"<? } ?>>Declined</option>
-							<option value="<?= COVER_ARTWORK_STATUS_APPROVED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_APPROVED){ ?> selected="selected"<? } ?>>Approved</option>
-							<option value="<?= COVER_ARTWORK_STATUS_IN_USE ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_IN_USE){ ?> selected="selected"<? } ?>>In use</option>
-						</select>
-					</span>
-				</label>
+				<legend>Editor options</legend>
+				<? if($GLOBALS['User']->Benefits->CanReviewOwnArtwork){ ?>
+					<label class="select">
+						<span>Artwork approval status</span>
+						<span>
+							<select name="artwork-status">
+								<option value="<?= COVER_ARTWORK_STATUS_UNVERIFIED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_UNVERIFIED){ ?> selected="selected"<? } ?>>Unverified</option>
+								<option value="<?= COVER_ARTWORK_STATUS_DECLINED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_DECLINED){ ?> selected="selected"<? } ?>>Declined</option>
+								<option value="<?= COVER_ARTWORK_STATUS_APPROVED ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_APPROVED){ ?> selected="selected"<? } ?>>Approved</option>
+								<option value="<?= COVER_ARTWORK_STATUS_IN_USE ?>"<? if($artwork->Status == COVER_ARTWORK_STATUS_IN_USE){ ?> selected="selected"<? } ?>>In use</option>
+							</select>
+						</span>
+					</label>
+				<? } ?>
 				<label>
 					<span>In use by</span>
 					<span>Ebook file system slug, like <code>c-s-lewis_poetry</code>. If not in use, leave this blank.</span>
diff --git a/www/artworks/post.php b/www/artworks/post.php
index 68b9db96..52e32e71 100644
--- a/www/artworks/post.php
+++ b/www/artworks/post.php
@@ -44,7 +44,8 @@ try{
 		$artwork->Notes = HttpInput::Str(POST, 'artwork-notes', false);
 
 		// Only approved reviewers can set the status to anything but unverified when uploading
-		if($artwork->Status != COVER_ARTWORK_STATUS_UNVERIFIED && !$GLOBALS['User']->Benefits->CanReviewArtwork){
+		// The submitter cannot review their own submissions unless they have special permission
+		if($artwork->Status != COVER_ARTWORK_STATUS_UNVERIFIED && !$GLOBALS['User']->Benefits->CanReviewOwnArtwork){
 			throw new Exceptions\InvalidPermissionsException();
 		}
 
@@ -82,7 +83,6 @@ try{
 		$artwork->CompletedYear = HttpInput::Int(POST, 'artwork-year') ?? $artwork->CompletedYear;
 		$artwork->CompletedYearIsCirca = HttpInput::Bool(POST, 'artwork-year-is-circa', false) ?? $artwork->CompletedYearIsCirca;
 		$artwork->Tags = HttpInput::Str(POST, 'artwork-tags', false) ?? $artwork->Tags;
-		$artwork->Status = HttpInput::Str(POST, 'artwork-status', false) ?? $artwork->Status;
 		$artwork->EbookWwwFilesystemPath = HttpInput::Str(POST, 'artwork-ebook-www-filesystem-path', false) ?? $artwork->EbookWwwFilesystemPath;
 		$artwork->IsPublishedInUs = HttpInput::Bool(POST, 'artwork-is-published-in-us', false) ?? $artwork->IsPublishedInUs;
 		$artwork->PublicationYear = HttpInput::Int(POST, 'artwork-publication-year') ?? $artwork->PublicationYear;
@@ -95,6 +95,18 @@ try{
 
 		$artwork->ReviewerUserId = $GLOBALS['User']->UserId;
 
+		$newStatus = HttpInput::Str(POST, 'artwork-status', false);
+		if($newStatus !== null){
+			if($artwork->Status != $newStatus){
+				// Is the user attempting to review their own artwork?
+				if($artwork->Status != COVER_ARTWORK_STATUS_UNVERIFIED && $GLOBALS['User']->UserId == $artwork->SubmitterUserId && !$GLOBALS['User']->Benefits->CanReviewOwnArtwork){
+					throw new Exceptions\InvalidPermissionsException();
+				}
+			}
+
+			$artwork->Status = $newStatus;
+		}
+
 		$artwork->Save();
 
 		$_SESSION['artwork'] = $artwork;