From 73fd75abf13b3e7c7f8a8d2910085a149f71631e Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Sun, 17 May 2015 21:52:30 +0700
Subject: [PATCH 1/2] [ticket/13846] Fix softdelete feature workflow in
 viewtopic

Changes:
- For permanent deletion of softdeleted post, disapprove mode has been changed
to delete mode;
- If post delete and softdelete are allowed, delete button triggers softdelete
mode;
- If a user can't permanently delete posts but can restore softdeleted posts,
delete button won't be displayed for softdeleted posts.
Subsilver2 is unaffected.

PHPBB3-13846
---
 phpBB/styles/prosilver/template/viewtopic_body.html | 4 +++-
 phpBB/viewtopic.php                                 | 9 ++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/phpBB/styles/prosilver/template/viewtopic_body.html b/phpBB/styles/prosilver/template/viewtopic_body.html
index e976c36f7b..13b63bb1a9 100644
--- a/phpBB/styles/prosilver/template/viewtopic_body.html
+++ b/phpBB/styles/prosilver/template/viewtopic_body.html
@@ -269,7 +269,9 @@
 			<form method="post" class="mcp_approve" action="{postrow.U_APPROVE_ACTION}">
 				<p class="post-notice deleted">
 					<strong>{L_POST_DELETED_ACTION}</strong>
-					<input class="button2" type="submit" value="{L_DELETE}" name="action[disapprove]" />
+					<!-- IF postrow.S_DELETE_PERMANENT -->
+						<input class="button2" type="submit" value="{L_DELETE}" name="action[delete]" />
+					<!-- ENDIF -->
 					<input class="button1" type="submit" value="{L_RESTORE}" name="action[restore]" />
 					<input type="hidden" name="post_id_list[]" value="{postrow.POST_ID}" />
 					{S_FORM_TOKEN}
diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php
index bb1f2c925d..7846266028 100644
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@@ -1826,6 +1826,12 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
 		(!$s_cannot_delete && !$s_cannot_delete_lastpost && !$s_cannot_delete_time && !$s_cannot_delete_locked)
 	));
 
+	$softdelete_allowed = ($auth->acl_get('m_softdelete', $forum_id) ||
+		($auth->acl_get('f_softdelete', $forum_id) && $user->data['user_id'] == $poster_id)) && ($row['post_visibility'] != ITEM_DELETED);
+
+	$permanent_delete_allowed = ($auth->acl_get('m_delete', $forum_id) ||
+		($auth->acl_get('f_delete', $forum_id) && $user->data['user_id'] == $poster_id));
+
 	// Can this user receive a Private Message?
 	$can_receive_pm = (
 		// They must be a "normal" user
@@ -1888,7 +1894,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
 		'U_EDIT'			=> ($edit_allowed) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&amp;f=$forum_id&amp;p={$row['post_id']}") : '',
 		'U_QUOTE'			=> ($quote_allowed) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=quote&amp;f=$forum_id&amp;p={$row['post_id']}") : '',
 		'U_INFO'			=> ($auth->acl_get('m_info', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=main&amp;mode=post_details&amp;f=$forum_id&amp;p=" . $row['post_id'], true, $user->session_id) : '',
-		'U_DELETE'			=> ($delete_allowed) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=delete&amp;f=$forum_id&amp;p={$row['post_id']}") : '',
+		'U_DELETE'			=> ($delete_allowed) ? append_sid("{$phpbb_root_path}posting.$phpEx", 'mode=' . (($softdelete_allowed) ? 'soft_delete' : 'delete') . "&amp;f=$forum_id&amp;p={$row['post_id']}") : '',
 
 		'U_SEARCH'		=> $user_cache[$poster_id]['search'],
 		'U_PM'			=> $u_pm,
@@ -1927,6 +1933,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
 		'L_IGNORE_POST'		=> ($row['foe']) ? sprintf($user->lang['POST_BY_FOE'], get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '',
 		'S_POST_HIDDEN'		=> $row['hide_post'],
 		'L_POST_DISPLAY'	=> ($row['hide_post']) ? $user->lang('POST_DISPLAY', '<a class="display_post" data-post-id="' . $row['post_id'] . '" href="' . $viewtopic_url . "&amp;p={$row['post_id']}&amp;view=show#p{$row['post_id']}" . '">', '</a>') : '',
+		'S_DELETE_PERMANENT'	=> $permanent_delete_allowed,
 	);
 
 	$user_poster_data = $user_cache[$poster_id];

From 0d6c323611eeacf0170dede6bd7980be894f7020 Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Thu, 30 Jul 2015 19:35:01 +0700
Subject: [PATCH 2/2] [ticket/13846] Fix MCP to disallow softdeleted posts
 deletion if not permitted.

PHPBB3-13846
---
 phpBB/includes/mcp/mcp_queue.php              | 1 +
 phpBB/styles/prosilver/template/mcp_post.html | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php
index 82c3bc9ab0..5f314f4b2f 100644
--- a/phpBB/includes/mcp/mcp_queue.php
+++ b/phpBB/includes/mcp/mcp_queue.php
@@ -283,6 +283,7 @@ class mcp_queue
 				$template->assign_vars(array(
 					'S_MCP_QUEUE'			=> true,
 					'U_APPROVE_ACTION'		=> append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&amp;p=$post_id&amp;f=$forum_id"),
+					'S_CAN_DELETE_POST'		=> $auth->acl_get('m_delete', $post_info['forum_id']),
 					'S_CAN_VIEWIP'			=> $auth->acl_get('m_info', $post_info['forum_id']),
 					'S_POST_REPORTED'		=> $post_info['post_reported'],
 					'S_POST_UNAPPROVED'		=> $post_info['post_visibility'] == ITEM_UNAPPROVED || $post_info['post_visibility'] == ITEM_REAPPROVE,
diff --git a/phpBB/styles/prosilver/template/mcp_post.html b/phpBB/styles/prosilver/template/mcp_post.html
index 10ec6f3ea9..4bf416e1e9 100644
--- a/phpBB/styles/prosilver/template/mcp_post.html
+++ b/phpBB/styles/prosilver/template/mcp_post.html
@@ -91,9 +91,9 @@
 			<form method="post" id="mcp_approve" action="{U_APPROVE_ACTION}">
 
 			<p class="post-notice deleted">
-				<input class="button2" type="submit" value="{L_DELETE}" name="action[disapprove]" /> &nbsp;
+				<!-- IF S_CAN_DELETE_POST --><input class="button2" type="submit" value="{L_DELETE}" name="action[delete]" /> &nbsp;<!-- ENDIF -->
 				<input class="button1" type="submit" value="{L_RESTORE}" name="action[restore]" />
-				<!-- IF not S_FIRST_POST --><input type="hidden" name="mode" value="unapproved_posts" /><!-- ENDIF -->
+				<!-- IF not S_FIRST_POST --><input type="hidden" name="mode" value="deleted_posts" /><!-- ENDIF -->
 				<input type="hidden" name="post_id_list[]" value="{POST_ID}" />
 				{S_FORM_TOKEN}
 			</p>