1 class DiaryEntriesController < ApplicationController
4 layout "site", :except => :rss
6 before_action :authorize_web
7 before_action :set_locale
8 before_action :check_database_readable
12 before_action :lookup_user, :only => [:show, :comments]
13 before_action :check_database_writable, :only => [:new, :create, :edit, :update, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
14 before_action :allow_thirdparty_images, :only => [:new, :create, :edit, :update, :index, :show, :comments]
17 if params[:display_name]
18 @user = User.active.find_by(:display_name => params[:display_name])
21 @title = t ".user_title", :user => @user.display_name
22 entries = @user.diary_entries
24 render_unknown_user params[:display_name]
27 elsif params[:friends]
29 @title = t ".title_friends"
30 entries = DiaryEntry.where(:user => current_user.friends)
37 @title = t ".title_nearby"
38 entries = DiaryEntry.where(:user => current_user.nearby)
44 entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
47 @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
48 entries = entries.where(:language_code => params[:language])
54 entries = entries.visible unless can? :unhide, DiaryEntry
56 @params = params.permit(:display_name, :friends, :nearby, :language)
58 @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, [:user, :language])
62 entries = @user.diary_entries
63 entries = entries.visible unless can? :unhide, DiaryEntry
64 @entry = entries.where(:id => params[:id]).first
66 @title = t ".title", :user => params[:display_name], :title => @entry.title
67 @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments
69 @title = t "diary_entries.no_such_entry.title", :id => params[:id]
70 render :action => "no_such_entry", :status => :not_found
77 default_lang = current_user.preferences.where(:k => "diary.default_language").first
78 lang_code = default_lang ? default_lang.v : current_user.preferred_language
79 @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
81 render :action => "new"
86 @diary_entry = DiaryEntry.find(params[:id])
88 redirect_to diary_entry_path(@diary_entry.user, @diary_entry) if current_user != @diary_entry.user
91 rescue ActiveRecord::RecordNotFound
92 render :action => "no_such_entry", :status => :not_found
96 @title = t "diary_entries.new.title"
98 @diary_entry = DiaryEntry.new(entry_params)
99 @diary_entry.user = current_user
102 default_lang = current_user.preferences.where(:k => "diary.default_language").first
104 default_lang.v = @diary_entry.language_code
107 current_user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
110 # Subscribe user to diary comments
111 @diary_entry.subscriptions.create(:user => current_user)
113 redirect_to :action => "index", :display_name => current_user.display_name
115 render :action => "new"
120 @title = t "diary_entries.edit.title"
121 @diary_entry = DiaryEntry.find(params[:id])
123 if current_user != @diary_entry.user ||
124 (params[:diary_entry] && @diary_entry.update(entry_params))
125 redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
128 render :action => "edit"
130 rescue ActiveRecord::RecordNotFound
131 render :action => "no_such_entry", :status => :not_found
135 @entry = DiaryEntry.find(params[:id])
136 @comments = @entry.visible_comments
137 @diary_comment = @entry.comments.build(comment_params)
138 @diary_comment.user = current_user
139 if @diary_comment.save
141 # Notify current subscribers of the new comment
142 @entry.subscribers.visible.each do |user|
143 UserMailer.diary_comment_notification(@diary_comment, user).deliver_later if current_user != user
146 # Add the commenter to the subscribers if necessary
147 @entry.subscriptions.create(:user => current_user) unless @entry.subscribers.exists?(current_user.id)
149 redirect_to diary_entry_path(@entry.user, @entry)
151 render :action => "show"
153 rescue ActiveRecord::RecordNotFound
154 render :action => "no_such_entry", :status => :not_found
158 diary_entry = DiaryEntry.find(params[:id])
160 diary_entry.subscriptions.create(:user => current_user) unless diary_entry.subscribers.exists?(current_user.id)
162 redirect_to diary_entry_path(diary_entry.user, diary_entry)
163 rescue ActiveRecord::RecordNotFound
164 render :action => "no_such_entry", :status => :not_found
168 diary_entry = DiaryEntry.find(params[:id])
170 diary_entry.subscriptions.where(:user => current_user).delete_all if diary_entry.subscribers.exists?(current_user.id)
172 redirect_to diary_entry_path(diary_entry.user, diary_entry)
173 rescue ActiveRecord::RecordNotFound
174 render :action => "no_such_entry", :status => :not_found
178 if params[:display_name]
179 user = User.active.find_by(:display_name => params[:display_name])
182 @entries = user.diary_entries
183 @title = t("diary_entries.feed.user.title", :user => user.display_name)
184 @description = t("diary_entries.feed.user.description", :user => user.display_name)
185 @link = url_for :action => "index", :display_name => user.display_name, :host => Settings.server_url, :protocol => Settings.server_protocol
191 @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
193 # Items can't be flagged as deleted in the RSS format.
194 # For the general feeds, allow a delay before publishing, to help spam fighting
195 @entries = @entries.where("created_at < :time", :time => Settings.diary_feed_delay.hours.ago)
198 @entries = @entries.where(:language_code => params[:language])
199 @title = t("diary_entries.feed.language.title", :language_name => Language.find(params[:language]).english_name)
200 @description = t("diary_entries.feed.language.description", :language_name => Language.find(params[:language]).english_name)
201 @link = url_for :action => "index", :language => params[:language], :host => Settings.server_url, :protocol => Settings.server_protocol
203 @title = t("diary_entries.feed.all.title")
204 @description = t("diary_entries.feed.all.description")
205 @link = url_for :action => "index", :host => Settings.server_url, :protocol => Settings.server_protocol
208 @entries = @entries.visible.includes(:user).order("created_at DESC").limit(20)
212 entry = DiaryEntry.find(params[:id])
213 entry.update(:visible => false)
214 redirect_to :action => "index", :display_name => entry.user.display_name
218 entry = DiaryEntry.find(params[:id])
219 entry.update(:visible => true)
220 redirect_to :action => "index", :display_name => entry.user.display_name
224 comment = DiaryComment.find(params[:comment])
225 comment.update(:visible => false)
226 redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
230 comment = DiaryComment.find(params[:comment])
231 comment.update(:visible => true)
232 redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
236 @title = t ".title", :user => @user.display_name
238 comments = DiaryComment.where(:users => @user)
239 comments = comments.visible unless can? :unhidecomment, DiaryEntry
241 @params = params.permit(:display_name, :before, :after)
243 @comments, @newer_comments_id, @older_comments_id = get_page_items(comments, [:user])
249 # return permitted diary entry parameters
251 params.require(:diary_entry).permit(:title, :body, :language_code, :latitude, :longitude)
252 rescue ActionController::ParameterMissing
253 ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
257 # return permitted diary comment parameters
259 params.require(:diary_comment).permit(:body)
263 # decide on a location for the diary entry map
265 if @diary_entry.latitude && @diary_entry.longitude
266 @lon = @diary_entry.longitude
267 @lat = @diary_entry.latitude
269 elsif !current_user.home_location?
270 @lon = params[:lon] || -0.1
271 @lat = params[:lat] || 51.5
272 @zoom = params[:zoom] || 4
274 @lon = current_user.home_lon
275 @lat = current_user.home_lat
280 def get_page_items(items, includes)
281 id_column = "#{items.table_name}.id"
282 page_items = if params[:before]
283 items.where("#{id_column} < ?", params[:before]).order(:id => :desc)
285 items.where("#{id_column} > ?", params[:after]).order(:id => :asc)
287 items.order(:id => :desc)
290 page_items = page_items.limit(20)
291 page_items = page_items.includes(includes)
292 page_items = page_items.sort.reverse
294 newer_items_id = page_items.first.id if page_items.count.positive? && items.exists?(["#{id_column} > ?", page_items.first.id])
295 older_items_id = page_items.last.id if page_items.count.positive? && items.exists?(["#{id_column} < ?", page_items.last.id])
297 [page_items, newer_items_id, older_items_id]