app/controllers/user_blocks_controller.rb

   1 class UserBlocksController < ApplicationController
   2   include UserMethods
   3
   4   layout "site"
   5
   6   before_action :authorize_web
   7   before_action :set_locale
   8
   9   authorize_resource
  10
  11   before_action :lookup_user, :only => [:new, :create, :revoke_all, :blocks_on, :blocks_by]
  12   before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke]
  13   before_action :require_valid_params, :only => [:create, :update]
  14   before_action :check_database_readable
  15   before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all]
  16
  17   def index
  18     @params = params.permit
  19     @user_blocks_pages, @user_blocks = paginate(:user_blocks,
  20                                                 :include => [:user, :creator, :revoker],
  21                                                 :order => "user_blocks.ends_at DESC",
  22                                                 :per_page => 20)
  23   end
  24
  25   def show
  26     if current_user && current_user == @user_block.user
  27       @user_block.needs_view = false
  28       @user_block.save!
  29     end
  30   end
  31
  32   def new
  33     @user_block = UserBlock.new
  34   end
  35
  36   def edit
  37     params[:user_block_period] = ((@user_block.ends_at - Time.now.utc) / 1.hour).ceil.to_s
  38   end
  39
  40   def create
  41     if @valid_params
  42       now = Time.now.utc
  43       @user_block = UserBlock.new(
  44         :user => @user,
  45         :creator => current_user,
  46         :reason => params[:user_block][:reason],
  47         :created_at => now,
  48         :ends_at => now + @block_period.hours,
  49         :needs_view => params[:user_block][:needs_view]
  50       )
  51
  52       if @user_block.save
  53         flash[:notice] = t(".flash", :name => @user.display_name)
  54         redirect_to @user_block
  55       else
  56         render :action => "new"
  57       end
  58     else
  59       redirect_to new_user_block_path(:display_name => params[:display_name])
  60     end
  61   end
  62
  63   def update
  64     if @valid_params
  65       if @user_block.creator != current_user
  66         flash[:error] = t(".only_creator_can_edit")
  67         redirect_to :action => "edit"
  68       elsif @user_block.update(
  69         :ends_at => Time.now.utc + @block_period.hours,
  70         :reason => params[:user_block][:reason],
  71         :needs_view => params[:user_block][:needs_view]
  72       )
  73         flash[:notice] = t(".success")
  74         redirect_to(@user_block)
  75       else
  76         render :action => "edit"
  77       end
  78     else
  79       redirect_to edit_user_block_path(:id => params[:id])
  80     end
  81   end
  82
  83   ##
  84   # revokes the block, setting the end_time to now
  85   def revoke
  86     if request.post? && params[:confirm] && @user_block.revoke!(current_user)
  87       flash[:notice] = t ".flash"
  88       redirect_to(@user_block)
  89     end
  90   end
  91
  92   ##
  93   # revokes all active blocks
  94   def revoke_all
  95     if request.post? && params[:confirm]
  96       @user.blocks.active.each { |block| block.revoke!(current_user) }
  97       flash[:notice] = t ".flash"
  98       redirect_to user_blocks_on_path(@user)
  99     end
 100   end
 101
 102   ##
 103   # shows a list of all the blocks on the given user
 104   def blocks_on
 105     @params = params.permit(:display_name)
 106     @user_blocks_pages, @user_blocks = paginate(:user_blocks,
 107                                                 :include => [:user, :creator, :revoker],
 108                                                 :conditions => { :user_id => @user.id },
 109                                                 :order => "user_blocks.ends_at DESC",
 110                                                 :per_page => 20)
 111   end
 112
 113   ##
 114   # shows a list of all the blocks by the given user.
 115   def blocks_by
 116     @params = params.permit(:display_name)
 117     @user_blocks_pages, @user_blocks = paginate(:user_blocks,
 118                                                 :include => [:user, :creator, :revoker],
 119                                                 :conditions => { :creator_id => @user.id },
 120                                                 :order => "user_blocks.ends_at DESC",
 121                                                 :per_page => 20)
 122   end
 123
 124   private
 125
 126   ##
 127   # ensure that there is a "user_block" instance variable
 128   def lookup_user_block
 129     @user_block = UserBlock.find(params[:id])
 130   rescue ActiveRecord::RecordNotFound
 131     render :action => "not_found", :status => :not_found
 132   end
 133
 134   ##
 135   # check that the input parameters are valid, setting an instance
 136   # variable if not. note that this doesn't do any redirection, as it's
 137   # called before two different actions, each of which should redirect
 138   # to a different place.
 139   def require_valid_params
 140     @block_period = params[:user_block_period].to_i
 141     @valid_params = false
 142
 143     if UserBlock::PERIODS.exclude?(@block_period)
 144       flash[:error] = t("user_blocks.filter.block_period")
 145
 146     elsif @user_block && !@user_block.active?
 147       flash[:error] = t("user_blocks.filter.block_expired")
 148
 149     else
 150       @valid_params = true
 151     end
 152   end
 153 end