I originally wanted to take over #585046: 'CAPTCHA required' even though Mollom servers don't respond for this patch, but then realized that that issue is slightly different and perhaps needs a different solution to handle the edge-case, if possible at all. Not sure yet.

The goal of the changes here is to introduce a unique function that determines and stores the current healthiness of the module's configuration.

- Prevent needless client-server communication

- Prevent triggering the fallback mode under wrong circumstances

- Fix the bug that Mollom never reports invalid API keys, always network errors only.

To do this, we want to:

- Implement hook_requirements() to inform the user about configuration and network problems

- Implement a helper function to determine the current status, but also store it, so we know when the module is operable and when it is not.

- Use the helper function for hook_requirements(), but also for the global Mollom settings page.

Attached patch is work in progress. Feedback welcome, though.

CommentFileSizeAuthor
#20 mollom-DRUPAL-6--1.status-positive.20.patch3.18 KBsun
#19 mollom-DRUPAL-6--1.status-positive.19.patch1.04 KBsun
#14 mollom.status.14.patch25.39 KBsun
#13 mollom-DRUPAL-6--1.status.11.sync_.patch9.27 KBsun
#11 mollom-DRUPAL-6--1.status.11.patch5.49 KBsun
#9 mollom-DRUPAL-6--1.status.9.patch25.31 KBsun
#8 mollom-DRUPAL-6--1.status.8.patch22.49 KBsun
#7 mollom-DRUPAL-6--1.status.7.patch17.15 KBsun
#6 mollom-DRUPAL-6--1.status.6.patch15.52 KBsun
#4 mollom-DRUPAL-6--1.status.4.patch14.98 KBsun
#3 mollom-DRUPAL-6--1.status.3.patch13.49 KBsun
mollom-DRUPAL-6--1.status.0.patch6.79 KBsun

Comments

sun’s picture

sun
Primary language German
Location Karlsruhe
commented 
+++ mollom.admin.inc	18 Jan 2010 23:32:24 -0000
@@ -266,13 +266,7 @@ function mollom_admin_settings() {
   if ($keys) {
     if (!$_POST) {
       // When a user visits the Mollom administration page, automatically
-      // clear the server list.  This causes the client to fetch a fresh
-      // server list from the server.
-      // @todo Add a timeout interval. Also consider hook_enable() together with
-      //   hook_cron().
-      variable_del('mollom_servers');
-
-      // Verify the key and output a status message.
+      // verify the key and output a status message.
       _mollom_verify_key();
     }
   }

btw, deleting the server list was the cause for the bug that invalid API keys were never reported.

Powered by Dreditor.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented 
+++ mollom.admin.inc	18 Jan 2010 23:32:24 -0000
@@ -335,10 +329,7 @@ function _mollom_verify_key() {
-  else {
-    drupal_set_message(t('We contacted the Mollom servers to verify your keys: the Mollom services are operating correctly. We are now blocking spam.'));
-    return TRUE;
-  }
+  return TRUE;

Also, I removed this positive status message, because it can be totally wrong -- when no forms are protected.

Powered by Dreditor.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
StatusFileSize
new mollom-DRUPAL-6--1.status.3.patch13.49 KB
sun’s picture

sun
Primary language German
Location Karlsruhe
commented
StatusFileSize
new mollom-DRUPAL-6--1.status.4.patch14.98 KB

Posting what I have now... still failing tests (due to [my] wrong usage of xmlrpc server functions... bad/non-existing documentation... cross-linking #621618: Revamp MAINTAINERS.txt...)

dries’s picture

dries commented 
+++ mollom.inc	19 Jan 2010 23:05:23 -0000
@@ -26,9 +26,13 @@
-function _mollom_authentication() {
-  $public_key = variable_get('mollom_public_key', '');
-  $private_key = variable_get('mollom_private_key', '');
+function _mollom_authentication($public_key = NULL, $private_key = NULL) {
+  if (!isset($public_key)) {
+    $public_key = variable_get('mollom_public_key', '');
+  }
+  if (!isset($private_key)) {
+    $private_key = variable_get('mollom_private_key', '');

This change is a bit sloppy, IMO, but probably acceptable.

+++ mollom.install	18 Jan 2010 22:16:02 -0000
@@ -7,6 +7,41 @@
+      $requirements['mollom'] = array(
+        'title' => 'Mollom API keys',
+        // Set defaults for any yet unknown edge-cases.
+        'value' => '',
+        'severity' => REQUIREMENT_ERROR,
+      );

Wouldn't it be better if we moved this to an else-statement at the end of the if-elseif-elseif block?

+++ mollom.module	19 Jan 2010 23:09:48 -0000
@@ -129,7 +129,8 @@ function mollom_link($type, $object, $te
+  $status = _mollom_status();
+  if ($status['operable']) {

I found 'operable' to be an awkward word.

+++ mollom.module	19 Jan 2010 23:09:48 -0000
@@ -731,6 +732,43 @@ function _mollom_get_openid($account) {
+ * @param $reset
+ *   (optional) Boolean whether to reset the stored state and re-check.
+ *   Defaults to FALSE.
+ *
+ * @see mollom_requirements()
+ *

Would be nice to document the return type.

+++ mollom.module	19 Jan 2010 23:09:48 -0000
@@ -731,6 +732,43 @@ function _mollom_get_openid($account) {
+ * @todo Add flood protection? (don't reset multiple times within microseconds).

Flood protection doesn't seem necessary to me. We should just use the API in a smart way.

+++ mollom.module	19 Jan 2010 23:09:48 -0000
@@ -1178,12 +1216,17 @@ function mollom($method, $data = array()
+      'text' => 'Refreshed servers: %servers',

I'd maybe write 'Updated server list:'?

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Needs work » Needs review
StatusFileSize
new mollom-DRUPAL-6--1.status.6.patch15.52 KB

All tests pass now. Will implement the main change now, which isn't contained yet.

If "operable" is not acceptable (IMHO, it's the most precise term), then the following synonyms would be possible: ready, usable, workable, verified, ok, working, overall, summary, total, ...

Out of those options, I'd choose "operable" or "ready".

The goal is to have a positive term (not negated) that indicates the overall status of the module's configuration and communication, and will be used as $status['operable'].

I've also suggested the (ugly) workaround idea to return two different data types depending on the overall status; simply $status === TRUE if everything is alright, or $status == array(...) with individual indicators as array keys if something is wrong. However, just mentioning this, I don't really like the idea either ;)

+++ mollom.module	19 Jan 2010 23:09:48 -0000
@@ -1178,12 +1216,17 @@ function mollom($method, $data = array()
+      'text' => 'Refreshed servers: %servers',

This is the identical watchdog message that is already used some lines below in that function; also keeping it as short as possible but still meaningful.

Powered by Dreditor.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
StatusFileSize
new mollom-DRUPAL-6--1.status.7.patch17.15 KB

ok, now including the final change.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
StatusFileSize
new mollom-DRUPAL-6--1.status.8.patch22.49 KB

Alrighty - this new test finally reveals and proves the wrong error handling of the Mollom server response in case we have invalid keys.

Running the new "Status handling" test, we get the following errors when trying to save the settings form with 'foo' + 'bar' as keys:

Error 1000: http://xmlrpc1.mollom.com - Mollom could not find your public key 'foo'. - mollom.getServerList
Error 1000: http://xmlrpc2.mollom.com - Mollom could not find your public key 'foo'. - mollom.getServerList
Error 1000: http://xmlrpc3.mollom.com - Mollom could not find your public key 'foo'. - mollom.getServerList
All servers unavailable: --, last error: 1000 - Mollom could not find your public key 'foo'.
Refreshed servers:
All servers unreachable or returning errors. The server list was emptied.

The problem obviously is that we are invoking mollom.verifyKey, but we have an empty server list at this point. Since mollom.getServerList also requires valid keys, mollom.verifyKey is not even invoked, because we don't have a server list. Hence, we get a NETWORK_ERROR in the end - instead of a MOLLOM_ERROR.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
StatusFileSize
new mollom-DRUPAL-6--1.status.9.patch25.31 KB

Alright, this one should work. Also contains a big @todo, but not sure whether it needs to be resolved here. Reviews welcome.

Unrelated to this patch, I finally got this 1 fail about a session_id mismatch in the "Server responses" test (once). Based on the debug output in the test log, it seems like the returned session_id changed without any server redirect or refreshing of the server list. That should not happen - or at least, we currently expect it for the two aforementioned occasions only. This is not tackled in this patch and belongs into a separate issue.

Status: Needs review » Needs work

The last submitted patch, mollom-DRUPAL-6--1.status.9.patch, failed testing.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Needs work » Needs review
StatusFileSize
new mollom-DRUPAL-6--1.status.11.patch5.49 KB

So we discussed to use different return values for _mollom_status() --- however, actually not sure whether this is really prettier.

dries’s picture

dries commented
Status: Needs review » Fixed

Committed the patch. The fail is because of another problem, unrelated to this patch. Thanks sun!

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Fixed » Needs review
StatusFileSize
new mollom-DRUPAL-6--1.status.11.sync_.patch9.27 KB

Clarified and cleaned up _mollom_status() a bit.

Additionally, syncing tests with HEAD.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Version: 6.x-1.x-dev » 7.x-1.x-dev
Status: Needs review » Reviewed & tested by the community
StatusFileSize
new mollom.status.14.patch25.39 KB

#13 is RTBC. And attached patch applies the same changes to HEAD.

Status: Reviewed & tested by the community » Needs work

The last submitted patch, mollom.status.14.patch, failed testing.

dries’s picture

dries commented
Status: Needs work » Needs review

Great. I committed the patch in #13. Will commit the patch in #14 in a bit -- want to review it separately.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Needs review » Fixed

http://drupal.org/cvs?commit=321704

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Version: 7.x-1.x-dev » 6.x-1.x-dev
Status: Closed (fixed) » Needs review
StatusFileSize
new mollom-DRUPAL-6--1.status-positive.19.patch1.04 KB

Re-introducing the positive status message.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
StatusFileSize
new mollom-DRUPAL-6--1.status-positive.20.patch3.18 KB

Adjusting tests accordingly.

dries’s picture

dries commented
Status: Needs review » Fixed

Committed!

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Version: 6.x-1.x-dev » 7.x-1.x-dev
Status: Fixed » Patch (to be ported)

Needs forward-porting though. :)

dries’s picture

dries commented
Status: Patch (to be ported) » Fixed

Has been ported now.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

  • Commit 66921f4 on master, fai6, 8.x-2.x, fbajs, actions by Dries: 
    - Patch #689700 by sun: added status message and improved tests.
  • Commit c99f4fc on master, fai6, 8.x-2.x, fbajs, actions by Dries:
    - Patch #689700 by sun: improved global fallback handling. Syncing with...

  • Commit 66921f4 on master, fai6, 8.x-2.x, fbajs, actions by Dries: 
    - Patch #689700 by sun: added status message and improved tests.
  • Commit c99f4fc on master, fai6, 8.x-2.x, fbajs, actions by Dries:
    - Patch #689700 by sun: improved global fallback handling. Syncing with...