app/controllers/user_blocks_controller.rb

   1 class UserBlocksController < ApplicationController
   2   include UserMethods
   3   include PaginationMethods
   4
   5   layout "site"
   6
   7   before_action :authorize_web
   8   before_action :set_locale
   9
  10   authorize_resource
  11
  12   before_action :lookup_user, :only => [:new, :create, :revoke_all, :blocks_on, :blocks_by]
  13   before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke]
  14   before_action :require_valid_params, :only => [:create, :update]
  15   before_action :check_database_readable
  16   before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all]
  17
  18   def index
  19     @params = params.permit
  20
  21     user_blocks = UserBlock.all
  22
  23     @user_blocks, @newer_user_blocks_id, @older_user_blocks_id = get_page_items(user_blocks, :includes => [:user, :creator, :revoker])
  24   end
  25
  26   def show
  27     if current_user && current_user == @user_block.user
  28       @user_block.needs_view = false
  29       @user_block.deactivates_at = [@user_block.ends_at, Time.now.utc].max
  30       @user_block.save!
  31     end
  32   end
  33
  34   def new
  35     @user_block = UserBlock.new
  36   end
  37
  38   def edit
  39     params[:user_block_period] = ((@user_block.ends_at - Time.now.utc) / 1.hour).ceil.to_s
  40   end
  41
  42   def create
  43     if @valid_params
  44       now = Time.now.utc
  45       @user_block = UserBlock.new(
  46         :user => @user,
  47         :creator => current_user,
  48         :reason => params[:user_block][:reason],
  49         :created_at => now,
  50         :ends_at => now + @block_period.hours,
  51         :needs_view => params[:user_block][:needs_view]
  52       )
  53       @user_block.deactivates_at = @user_block.ends_at unless @user_block.needs_view
  54
  55       if @user_block.save
  56         flash[:notice] = t(".flash", :name => @user.display_name)
  57         redirect_to @user_block
  58       else
  59         render :action => "new"
  60       end
  61     else
  62       redirect_to new_user_block_path(:display_name => params[:display_name])
  63     end
  64   end
  65
  66   def update
  67     if @valid_params
  68       if current_user != @user_block.creator &&
  69          current_user != @user_block.revoker
  70         flash[:error] = t(@user_block.revoker ? ".only_creator_or_revoker_can_edit" : ".only_creator_can_edit")
  71         redirect_to :action => "edit"
  72       else
  73         user_block_was_active = @user_block.active?
  74         @user_block.reason = params[:user_block][:reason]
  75         @user_block.needs_view = params[:user_block][:needs_view]
  76         @user_block.ends_at = Time.now.utc + @block_period.hours
  77         @user_block.deactivates_at = (@user_block.ends_at unless @user_block.needs_view)
  78         @user_block.revoker = current_user if user_block_was_active && !@user_block.active?
  79         if !user_block_was_active && @user_block.active?
  80           flash.now[:error] = t(".inactive_block_cannot_be_reactivated")
  81           render :action => "edit"
  82         else
  83           unless user_block_was_active
  84             @user_block.ends_at = @user_block.ends_at_was
  85             @user_block.deactivates_at = @user_block.deactivates_at_was
  86             @user_block.deactivates_at = [@user_block.ends_at, @user_block.updated_at].max unless @user_block.deactivates_at # take updated_at into account before deactivates_at is backfilled
  87           end
  88           if @user_block.save
  89             flash[:notice] = t(".success")
  90             redirect_to @user_block
  91           else
  92             render :action => "edit"
  93           end
  94         end
  95       end
  96     else
  97       redirect_to edit_user_block_path(:id => params[:id])
  98     end
  99   end
 100
 101   ##
 102   # revokes the block, setting the end_time to now
 103   def revoke
 104     if request.post? && params[:confirm] && @user_block.revoke!(current_user)
 105       flash[:notice] = t ".flash"
 106       redirect_to(@user_block)
 107     end
 108   end
 109
 110   ##
 111   # revokes all active blocks
 112   def revoke_all
 113     if request.post? && params[:confirm]
 114       @user.blocks.active.each { |block| block.revoke!(current_user) }
 115       flash[:notice] = t ".flash"
 116       redirect_to user_blocks_on_path(@user)
 117     end
 118   end
 119
 120   ##
 121   # shows a list of all the blocks on the given user
 122   def blocks_on
 123     @params = params.permit(:display_name)
 124
 125     user_blocks = UserBlock.where(:user => @user)
 126
 127     @user_blocks, @newer_user_blocks_id, @older_user_blocks_id = get_page_items(user_blocks, :includes => [:user, :creator, :revoker])
 128   end
 129
 130   ##
 131   # shows a list of all the blocks by the given user.
 132   def blocks_by
 133     @params = params.permit(:display_name)
 134
 135     user_blocks = UserBlock.where(:creator => @user)
 136
 137     @user_blocks, @newer_user_blocks_id, @older_user_blocks_id = get_page_items(user_blocks, :includes => [:user, :creator, :revoker])
 138   end
 139
 140   private
 141
 142   ##
 143   # ensure that there is a "user_block" instance variable
 144   def lookup_user_block
 145     @user_block = UserBlock.find(params[:id])
 146   rescue ActiveRecord::RecordNotFound
 147     render :action => "not_found", :status => :not_found
 148   end
 149
 150   ##
 151   # check that the input parameters are valid, setting an instance
 152   # variable if not. note that this doesn't do any redirection, as it's
 153   # called before two different actions, each of which should redirect
 154   # to a different place.
 155   def require_valid_params
 156     @block_period = params[:user_block_period].to_i
 157     @valid_params = false
 158
 159     if UserBlock::PERIODS.exclude?(@block_period)
 160       flash[:error] = t("user_blocks.filter.block_period")
 161
 162     else
 163       @valid_params = true
 164     end
 165   end
 166 end