]> git.openstreetmap.org Git - rails.git/blob - app/controllers/user_blocks_controller.rb
Merge remote-tracking branch 'upstream/pull/4991'
[rails.git] / app / controllers / user_blocks_controller.rb
1 class UserBlocksController < ApplicationController
2   include UserMethods
3   include PaginationMethods
4
5   layout "site"
6
7   before_action :authorize_web
8   before_action :set_locale
9
10   authorize_resource
11
12   before_action :lookup_user, :only => [:new, :create, :revoke_all, :blocks_on, :blocks_by]
13   before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke]
14   before_action :require_valid_params, :only => [:create, :update]
15   before_action :check_database_readable
16   before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all]
17
18   def index
19     @params = params.permit
20
21     user_blocks = UserBlock.all
22
23     @user_blocks, @newer_user_blocks_id, @older_user_blocks_id = get_page_items(user_blocks, :includes => [:user, :creator, :revoker])
24   end
25
26   def show
27     if current_user && current_user == @user_block.user
28       @user_block.needs_view = false
29       @user_block.save!
30     end
31   end
32
33   def new
34     @user_block = UserBlock.new
35   end
36
37   def edit
38     params[:user_block_period] = ((@user_block.ends_at - Time.now.utc) / 1.hour).ceil.to_s
39   end
40
41   def create
42     if @valid_params
43       now = Time.now.utc
44       @user_block = UserBlock.new(
45         :user => @user,
46         :creator => current_user,
47         :reason => params[:user_block][:reason],
48         :created_at => now,
49         :ends_at => now + @block_period.hours,
50         :needs_view => params[:user_block][:needs_view]
51       )
52
53       if @user_block.save
54         flash[:notice] = t(".flash", :name => @user.display_name)
55         redirect_to @user_block
56       else
57         render :action => "new"
58       end
59     else
60       redirect_to new_user_block_path(:display_name => params[:display_name])
61     end
62   end
63
64   def update
65     if @valid_params
66       if @user_block.creator != current_user
67         flash[:error] = t(".only_creator_can_edit")
68         redirect_to :action => "edit"
69       elsif @user_block.update(
70         :ends_at => Time.now.utc + @block_period.hours,
71         :reason => params[:user_block][:reason],
72         :needs_view => params[:user_block][:needs_view]
73       )
74         flash[:notice] = t(".success")
75         redirect_to(@user_block)
76       else
77         render :action => "edit"
78       end
79     else
80       redirect_to edit_user_block_path(:id => params[:id])
81     end
82   end
83
84   ##
85   # revokes the block, setting the end_time to now
86   def revoke
87     if request.post? && params[:confirm] && @user_block.revoke!(current_user)
88       flash[:notice] = t ".flash"
89       redirect_to(@user_block)
90     end
91   end
92
93   ##
94   # revokes all active blocks
95   def revoke_all
96     if request.post? && params[:confirm]
97       @user.blocks.active.each { |block| block.revoke!(current_user) }
98       flash[:notice] = t ".flash"
99       redirect_to user_blocks_on_path(@user)
100     end
101   end
102
103   ##
104   # shows a list of all the blocks on the given user
105   def blocks_on
106     @params = params.permit(:display_name)
107
108     user_blocks = UserBlock.where(:user => @user)
109
110     @user_blocks, @newer_user_blocks_id, @older_user_blocks_id = get_page_items(user_blocks, :includes => [:user, :creator, :revoker])
111   end
112
113   ##
114   # shows a list of all the blocks by the given user.
115   def blocks_by
116     @params = params.permit(:display_name)
117
118     user_blocks = UserBlock.where(:creator => @user)
119
120     @user_blocks, @newer_user_blocks_id, @older_user_blocks_id = get_page_items(user_blocks, :includes => [:user, :creator, :revoker])
121   end
122
123   private
124
125   ##
126   # ensure that there is a "user_block" instance variable
127   def lookup_user_block
128     @user_block = UserBlock.find(params[:id])
129   rescue ActiveRecord::RecordNotFound
130     render :action => "not_found", :status => :not_found
131   end
132
133   ##
134   # check that the input parameters are valid, setting an instance
135   # variable if not. note that this doesn't do any redirection, as it's
136   # called before two different actions, each of which should redirect
137   # to a different place.
138   def require_valid_params
139     @block_period = params[:user_block_period].to_i
140     @valid_params = false
141
142     if UserBlock::PERIODS.exclude?(@block_period)
143       flash[:error] = t("user_blocks.filter.block_period")
144
145     elsif @user_block && !@user_block.active?
146       flash[:error] = t("user_blocks.filter.block_expired")
147
148     else
149       @valid_params = true
150     end
151   end
152 end