From e3e5536188cfec1e98571ed687ec8f96a261f8f2 Mon Sep 17 00:00:00 2001
From: Max Magorsch <arzano@gentoo.org>
Date: Mon, 20 Apr 2020 17:20:35 +0200
Subject: Correctly sort the comments

Signed-off-by: Max Magorsch <arzano@gentoo.org>
---
 pkg/app/handler/cvetool/comments.go |  2 +-
 pkg/app/handler/cvetool/state.go    |  6 ------
 pkg/app/handler/glsa/comments.go    |  7 +------
 pkg/app/handler/glsa/edit.go        |  5 +++++
 pkg/app/handler/glsa/view.go        |  5 +++++
 web/packs/src/javascript/cvetool.js | 10 +++++-----
 6 files changed, 17 insertions(+), 18 deletions(-)

diff --git a/pkg/app/handler/cvetool/comments.go b/pkg/app/handler/cvetool/comments.go
index 37649a1..3d76d75 100644
--- a/pkg/app/handler/cvetool/comments.go
+++ b/pkg/app/handler/cvetool/comments.go
@@ -26,7 +26,7 @@ func AddComment(w http.ResponseWriter, r *http.Request) {
 
 	newComment, err := addNewCommment(id, user, comment)
 
-	if err != nil {
+	if err != nil || comment == "" {
 		logger.Info.Println("Err")
 		logger.Info.Println(err)
 		w.Write([]byte("err"))
diff --git a/pkg/app/handler/cvetool/state.go b/pkg/app/handler/cvetool/state.go
index 8ff46cb..e422343 100644
--- a/pkg/app/handler/cvetool/state.go
+++ b/pkg/app/handler/cvetool/state.go
@@ -20,12 +20,6 @@ func ChangeState(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !user.CanEditCVEs() {
-		logger.Error.Println("Err, user can not edit.")
-		w.Write([]byte("err"))
-		return
-	}
-
 	id, newState, reason, err := getStateParams(r)
 
 	cveItem := &cve.DefCveItem{Id: id}
diff --git a/pkg/app/handler/glsa/comments.go b/pkg/app/handler/glsa/comments.go
index 73d11c2..1381984 100644
--- a/pkg/app/handler/glsa/comments.go
+++ b/pkg/app/handler/glsa/comments.go
@@ -26,16 +26,11 @@ func AddComment(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !user.CanEditCVEs() {
-		w.Write([]byte("err"))
-		return
-	}
-
 	id, comment, commentType, err := getParams(r)
 
 	newComment, err := AddNewCommment(id, user, comment, commentType)
 
-	if err != nil {
+	if err != nil || comment == "" {
 		logger.Info.Println("Err")
 		logger.Info.Println(err)
 		w.Write([]byte("err"))
diff --git a/pkg/app/handler/glsa/edit.go b/pkg/app/handler/glsa/edit.go
index c89e68f..6c6bb1e 100644
--- a/pkg/app/handler/glsa/edit.go
+++ b/pkg/app/handler/glsa/edit.go
@@ -9,6 +9,7 @@ import (
 	"glsamaker/pkg/models/bugzilla"
 	"glsamaker/pkg/models/gpackage"
 	"net/http"
+	"sort"
 	"strconv"
 	"time"
 )
@@ -180,6 +181,10 @@ func Edit(w http.ResponseWriter, r *http.Request) {
 	currentGlsa.ComputeStatus(user)
 	currentGlsa.ComputeCommentBadges()
 
+	// sort the comments by creation date
+	sort.Slice(currentGlsa.Comments, func(p, q int) bool {
+		return currentGlsa.Comments[p].Date.Before(currentGlsa.Comments[q].Date) })
+
 	glsaCount, err := connection.DB.Model((*models.Glsa)(nil)).Count()
 
 	renderEditTemplate(w, user, currentGlsa, int64(glsaCount))
diff --git a/pkg/app/handler/glsa/view.go b/pkg/app/handler/glsa/view.go
index 945af2d..9b89573 100644
--- a/pkg/app/handler/glsa/view.go
+++ b/pkg/app/handler/glsa/view.go
@@ -6,6 +6,7 @@ import (
 	"glsamaker/pkg/database/connection"
 	"glsamaker/pkg/models"
 	"net/http"
+	"sort"
 	"strconv"
 )
 
@@ -43,6 +44,10 @@ func View(w http.ResponseWriter, r *http.Request) {
 	glsa.ComputeStatus(user)
 	glsa.ComputeCommentBadges()
 
+	// sort the comments by creation date
+	sort.Slice(glsa.Comments, func(p, q int) bool {
+		return glsa.Comments[p].Date.Before(glsa.Comments[q].Date) })
+
 	glsaCount, err := connection.DB.Model((*models.Glsa)(nil)).Count()
 
 	renderViewTemplate(w, user, glsa, int64(glsaCount))
diff --git a/web/packs/src/javascript/cvetool.js b/web/packs/src/javascript/cvetool.js
index 0a48167..b43e806 100644
--- a/web/packs/src/javascript/cvetool.js
+++ b/web/packs/src/javascript/cvetool.js
@@ -227,8 +227,10 @@ function format ( d ) {
         var commentsObjects = JSON.parse(d[7]);
         comments = '';
         commentsObjects.forEach(function (comment, index) {
-            var commentDate = '<small class="text-muted">' + comment.Date.split("T")[0] + ' ' + comment.Date.split("T")[1].split(".")[0] + ' UTC</small>';
-            comments = comments + '<div class="col-3 text-right mb-3"><b>' + comment.User.Name + '</b><br/>' + commentDate + '</div><div class="col-9 mb-3"><div class="card" style="background: none;"><div class="card-body">' + comment.Message + '</div></div></div>';
+            if(comment.Message != "") {
+                var commentDate = '<small class="text-muted">' + comment.Date.split("T")[0] + ' ' + comment.Date.split("T")[1].split(".")[0] + ' UTC</small>';
+                comments = comments + '<div class="col-3 text-right mb-3"><b>' + comment.User.Name + '</b><br/>' + commentDate + '</div><div class="col-9 mb-3"><div class="card" style="background: none;"><div class="card-body">' + escape(comment.Message) + '</div></div></div>';
+            }
         });
     }
 
@@ -335,11 +337,9 @@ function registerCommentListener(){
             function(data) {
 
                 if(data != "err") {
-                    console.log("hi");
-                    console.log(data);
                     var comment = JSON.parse(data);
                     var commentDate = '<small class="text-muted">' + comment.Date.split("T")[0] + ' ' + comment.Date.split("T")[1].split(".")[0] + ' UTC</small>';
-                    var newComment = '<div class="col-3 text-right mb-3"><b>' + comment.User.Name + '</b><br/>' + commentDate + '</div><div class="col-9 mb-3"><div class="card" style="background: none;"><div class="card-body">' + comment.Message + '</div></div></div>';
+                    var newComment = '<div class="col-3 text-right mb-3"><b>' + comment.User.Name + '</b><br/>' + commentDate + '</div><div class="col-9 mb-3"><div class="card" style="background: none;"><div class="card-body">' + escape(comment.Message) + '</div></div></div>';
                     $('.comments-section[data-cveid="' + cveid + '"]').append(newComment);
                 }
                 return
-- 
cgit v1.2.3-65-gdbad