1 class DiaryEntriesController < ApplicationController
4 layout "site", :except => :rss
6 before_action :authorize_web
7 before_action :set_locale
8 before_action :check_database_readable
12 before_action :lookup_user, :only => [:show, :comments]
13 before_action :check_database_writable, :only => [:new, :create, :edit, :update, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
14 before_action :allow_thirdparty_images, :only => [:new, :create, :edit, :update, :index, :show, :comments]
17 if params[:display_name]
18 @user = User.active.find_by(:display_name => params[:display_name])
21 @title = t ".user_title", :user => @user.display_name
22 entries = @user.diary_entries
24 render_unknown_user params[:display_name]
27 elsif params[:friends]
29 @title = t ".title_friends"
30 entries = DiaryEntry.where(:user => current_user.friends)
37 @title = t ".title_nearby"
38 entries = DiaryEntry.where(:user => current_user.nearby)
44 entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
47 @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
48 entries = entries.where(:language_code => params[:language])
50 candidate_codes = preferred_languages.flat_map(&:candidates).uniq.map(&:to_s)
51 @languages = Language.where(:code => candidate_codes).in_order_of(:code, candidate_codes)
56 entries = entries.visible unless can? :unhide, DiaryEntry
58 @params = params.permit(:display_name, :friends, :nearby, :language)
60 @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, [:user, :language])
64 entries = @user.diary_entries
65 entries = entries.visible unless can? :unhide, DiaryEntry
66 @entry = entries.find_by(:id => params[:id])
68 @title = t ".title", :user => params[:display_name], :title => @entry.title
69 @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments
71 @title = t "diary_entries.no_such_entry.title", :id => params[:id]
72 render :action => "no_such_entry", :status => :not_found
79 default_lang = current_user.preferences.find_by(:k => "diary.default_language")
80 lang_code = default_lang ? default_lang.v : current_user.preferred_language
81 @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
83 render :action => "new"
88 @diary_entry = DiaryEntry.find(params[:id])
90 redirect_to diary_entry_path(@diary_entry.user, @diary_entry) if current_user != @diary_entry.user
93 rescue ActiveRecord::RecordNotFound
94 render :action => "no_such_entry", :status => :not_found
98 @title = t "diary_entries.new.title"
100 @diary_entry = DiaryEntry.new(entry_params)
101 @diary_entry.user = current_user
104 default_lang = current_user.preferences.find_by(:k => "diary.default_language")
106 default_lang.v = @diary_entry.language_code
109 current_user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
112 # Subscribe user to diary comments
113 @diary_entry.subscriptions.create(:user => current_user)
115 redirect_to :action => "index", :display_name => current_user.display_name
117 render :action => "new"
122 @title = t "diary_entries.edit.title"
123 @diary_entry = DiaryEntry.find(params[:id])
125 if current_user != @diary_entry.user ||
126 (params[:diary_entry] && @diary_entry.update(entry_params))
127 redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
130 render :action => "edit"
132 rescue ActiveRecord::RecordNotFound
133 render :action => "no_such_entry", :status => :not_found
137 @entry = DiaryEntry.find(params[:id])
138 @comments = @entry.visible_comments
139 @diary_comment = @entry.comments.build(comment_params)
140 @diary_comment.user = current_user
141 if @diary_comment.save
143 # Notify current subscribers of the new comment
144 @entry.subscribers.visible.each do |user|
145 UserMailer.diary_comment_notification(@diary_comment, user).deliver_later if current_user != user
148 # Add the commenter to the subscribers if necessary
149 @entry.subscriptions.create(:user => current_user) unless @entry.subscribers.exists?(current_user.id)
151 redirect_to diary_entry_path(@entry.user, @entry)
153 render :action => "show"
155 rescue ActiveRecord::RecordNotFound
156 render :action => "no_such_entry", :status => :not_found
160 @diary_entry = DiaryEntry.find(params[:id])
163 @diary_entry.subscriptions.create(:user => current_user) unless @diary_entry.subscribers.exists?(current_user.id)
165 redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
167 rescue ActiveRecord::RecordNotFound
168 render :action => "no_such_entry", :status => :not_found
172 @diary_entry = DiaryEntry.find(params[:id])
175 @diary_entry.subscriptions.where(:user => current_user).delete_all if @diary_entry.subscribers.exists?(current_user.id)
177 redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
179 rescue ActiveRecord::RecordNotFound
180 render :action => "no_such_entry", :status => :not_found
184 if params[:display_name]
185 user = User.active.find_by(:display_name => params[:display_name])
188 @entries = user.diary_entries
189 @title = t("diary_entries.feed.user.title", :user => user.display_name)
190 @description = t("diary_entries.feed.user.description", :user => user.display_name)
191 @link = url_for :action => "index", :display_name => user.display_name, :host => Settings.server_url, :protocol => Settings.server_protocol
197 @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
199 # Items can't be flagged as deleted in the RSS format.
200 # For the general feeds, allow a delay before publishing, to help spam fighting
201 @entries = @entries.where("created_at < :time", :time => Settings.diary_feed_delay.hours.ago)
204 @entries = @entries.where(:language_code => params[:language])
205 @title = t("diary_entries.feed.language.title", :language_name => Language.find(params[:language]).english_name)
206 @description = t("diary_entries.feed.language.description", :language_name => Language.find(params[:language]).english_name)
207 @link = url_for :action => "index", :language => params[:language], :host => Settings.server_url, :protocol => Settings.server_protocol
209 @title = t("diary_entries.feed.all.title")
210 @description = t("diary_entries.feed.all.description")
211 @link = url_for :action => "index", :host => Settings.server_url, :protocol => Settings.server_protocol
214 @entries = @entries.visible.includes(:user).order("created_at DESC").limit(20)
218 entry = DiaryEntry.find(params[:id])
219 entry.update(:visible => false)
220 redirect_to :action => "index", :display_name => entry.user.display_name
224 entry = DiaryEntry.find(params[:id])
225 entry.update(:visible => true)
226 redirect_to :action => "index", :display_name => entry.user.display_name
230 comment = DiaryComment.find(params[:comment])
231 comment.update(:visible => false)
232 redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
236 comment = DiaryComment.find(params[:comment])
237 comment.update(:visible => true)
238 redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
242 @title = t ".title", :user => @user.display_name
244 comments = DiaryComment.where(:user => @user)
245 comments = comments.visible unless can? :unhidecomment, DiaryEntry
247 @params = params.permit(:display_name, :before, :after)
249 @comments, @newer_comments_id, @older_comments_id = get_page_items(comments, [:user])
255 # return permitted diary entry parameters
257 params.require(:diary_entry).permit(:title, :body, :language_code, :latitude, :longitude)
258 rescue ActionController::ParameterMissing
259 ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
263 # return permitted diary comment parameters
265 params.require(:diary_comment).permit(:body)
269 # decide on a location for the diary entry map
271 if @diary_entry.latitude && @diary_entry.longitude
272 @lon = @diary_entry.longitude
273 @lat = @diary_entry.latitude
275 elsif !current_user.home_location?
276 @lon = params[:lon] || -0.1
277 @lat = params[:lat] || 51.5
278 @zoom = params[:zoom] || 4
280 @lon = current_user.home_lon
281 @lat = current_user.home_lat
286 def get_page_items(items, includes)
287 id_column = "#{items.table_name}.id"
288 page_items = if params[:before]
289 items.where("#{id_column} < ?", params[:before]).order(:id => :desc)
291 items.where("#{id_column} > ?", params[:after]).order(:id => :asc)
293 items.order(:id => :desc)
296 page_items = page_items.limit(20)
297 page_items = page_items.includes(includes)
298 page_items = page_items.sort.reverse
300 newer_items_id = page_items.first.id if page_items.count.positive? && items.exists?(["#{id_column} > ?", page_items.first.id])
301 older_items_id = page_items.last.id if page_items.count.positive? && items.exists?(["#{id_column} < ?", page_items.last.id])
303 [page_items, newer_items_id, older_items_id]