From ece347e32c571967c1c2f3f523ca7444d185a2ac Mon Sep 17 00:00:00 2001
From: Eric Schulte <schulte.eric@gmail.com>
Date: Tue, 21 Dec 2010 09:37:19 -0700
Subject: [PATCH] org-babel-confirm-evaluate: better doc and code when using
 function as

  Thanks to Vladimir Alexiev for submitting this patch

* lisp/ob.el (org-babel-confirm-evaluate): Fix for the case when
  org-confirm-babel-evaluate is a function (used to always ask no matter
  what the function returns).
* doc/org.texi (Code evaluation security): Add example for using a
  function.
---
 doc/org.texi | 13 ++++++++++++-
 lisp/ob.el   | 10 +++++-----
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/doc/org.texi b/doc/org.texi
index 08e9834a2..929eb06ad 100644
--- a/doc/org.texi
+++ b/doc/org.texi
@@ -12684,9 +12684,20 @@ Make sure you know what you are doing before customizing the variables
 which take off the default security brakes.
 
 @defopt org-confirm-babel-evaluate
-When set to t user is queried before code block evaluation
+When t (the default), the user is asked before every code block evaluation.
+When nil, the user is not asked.  When set to a function, it is called with
+two arguments (language and body of the code block) and should return t to
+ask and nil not to ask.
 @end defopt
 
+For example, here is how to execute "ditaa" code (which is considered safe)
+without asking:
+@example
+(defun my-org-confirm-babel-evaluate (lang body)
+  (not (string= lang "ditaa")))  ; don't ask for ditaa
+(setq org-confirm-babel-evaluate 'my-org-confirm-babel-evaluate)
+@end example
+
 @item Following @code{shell} and @code{elisp} links
 Org has two link types that can directly evaluate code (@pxref{External
 links}).  These links can be problematic because the code to be evaluated is
diff --git a/lisp/ob.el b/lisp/ob.el
index 7207a10f0..d03e2406f 100644
--- a/lisp/ob.el
+++ b/lisp/ob.el
@@ -209,11 +209,11 @@ Note disabling confirmation may result in accidental evaluation
 of potentially harmful code."
   (let* ((eval (or (cdr (assoc :eval (nth 2 info)))
 		   (when (assoc :noeval (nth 2 info)) "no")))
-	 (query (or (equal eval "query")
-		    (if (functionp org-confirm-babel-evaluate)
-			(funcall org-confirm-babel-evaluate
-				 (nth 0 info) (nth 1 info))
-		      org-confirm-babel-evaluate))))
+         (query (cond ((equal eval "query") t)
+                      ((functionp org-confirm-babel-evaluate)
+                       (funcall org-confirm-babel-evaluate
+                                (nth 0 info) (nth 1 info)))
+                      (t org-confirm-babel-evaluate))))
     (if (or (equal eval "never") (equal eval "no")
 	    (and query
 		 (not (yes-or-no-p