#!/usr/bin/perl -T
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

use strict;
use warnings;
use 5.10.1;

use lib qw(. lib);

use Bugzilla;
use Bugzilla::Constants;
use Bugzilla::Error;
use Bugzilla::Util;
use Bugzilla::Bug;

my $cgi      = Bugzilla->cgi;
my $template = Bugzilla->template;
my $vars     = {};

###############################################################################
# Begin Data/Security Validation
###############################################################################

# Check whether or not the user is currently logged in.
my $user = Bugzilla->login(LOGIN_REQUIRED);

# Make sure the bug ID is a positive integer representing an existing
# bug that the user is authorized to access.
my $bug_id = $cgi->param('id');
my $bug    = Bugzilla::Bug->check($bug_id);

###############################################################################
# End Data/Security Validation
###############################################################################

my $comment_id = $cgi->param('comment_id');

# The comment ID must belong to this bug.
my ($comment) = grep($_->id == $comment_id, @{$bug->comments});
$comment
  || ThrowUserError("invalid_comment_id",
  {comment_id => scalar $cgi->param('comment_id')});

if ($comment->is_private && !$user->is_insider) {
  ThrowUserError('comment_is_private', {id => $comment->id});
}

$vars->{'bug'}     = $bug;
$vars->{'comment'} = $comment;

print $cgi->header();

$template->process("bug/activity/comments.html.tmpl", $vars)
  || ThrowTemplateError($template->error());