]> git.openstreetmap.org Git - rails.git/blob - app/controllers/diary_entries_controller.rb
Test share textarea not to leak into note text on hiding resolved notes
[rails.git] / app / controllers / diary_entries_controller.rb
1 class DiaryEntriesController < ApplicationController
2   include UserMethods
3   include PaginationMethods
4
5   layout "site", :except => :rss
6
7   before_action :authorize_web
8   before_action :set_locale
9   before_action :check_database_readable
10
11   authorize_resource
12
13   before_action :lookup_user, :only => :show
14   before_action :check_database_writable, :only => [:new, :create, :edit, :update, :hide, :unhide, :subscribe, :unsubscribe]
15
16   allow_thirdparty_images :only => [:new, :create, :edit, :update, :index, :show]
17
18   def index
19     if params[:display_name]
20       @user = User.active.find_by(:display_name => params[:display_name])
21
22       if @user
23         @title = t ".user_title", :user => @user.display_name
24         entries = @user.diary_entries
25       else
26         render_unknown_user params[:display_name]
27         return
28       end
29     elsif params[:friends]
30       if current_user
31         @title = t ".title_friends"
32         entries = DiaryEntry.where(:user => current_user.friends)
33       else
34         require_user
35         return
36       end
37     elsif params[:nearby]
38       if current_user
39         @title = t ".title_nearby"
40         entries = DiaryEntry.where(:user => current_user.nearby)
41       else
42         require_user
43         return
44       end
45     else
46       entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
47
48       if params[:language]
49         @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
50         entries = entries.where(:language_code => params[:language])
51       else
52         candidate_codes = preferred_languages.flat_map(&:candidates).uniq.map(&:to_s)
53         @languages = Language.where(:code => candidate_codes).in_order_of(:code, candidate_codes)
54         @title = t ".title"
55       end
56     end
57
58     entries = entries.visible unless can? :unhide, DiaryEntry
59
60     @params = params.permit(:display_name, :friends, :nearby, :language)
61
62     @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, :includes => [:user, :language])
63
64     render :partial => "page" if turbo_frame_request_id == "pagination"
65   end
66
67   def show
68     entries = @user.diary_entries
69     entries = entries.visible unless can? :unhide, DiaryEntry
70     @entry = entries.find_by(:id => params[:id])
71     if @entry
72       @title = t ".title", :user => params[:display_name], :title => @entry.title
73       @opengraph_properties = {
74         "og:title" => @entry.title,
75         "og:image" => @entry.body.image,
76         "og:image:alt" => @entry.body.image_alt,
77         "og:description" => @entry.body.description,
78         "article:published_time" => @entry.created_at.xmlschema
79       }
80       @comments = can?(:unhide, DiaryComment) ? @entry.comments : @entry.visible_comments
81     else
82       @title = t "diary_entries.no_such_entry.title", :id => params[:id]
83       render :action => "no_such_entry", :status => :not_found
84     end
85   end
86
87   def new
88     @title = t ".title"
89
90     default_lang = current_user.preferences.find_by(:k => "diary.default_language")
91     lang_code = default_lang ? default_lang.v : current_user.preferred_language
92     @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
93     set_map_location
94     render :action => "new"
95   end
96
97   def edit
98     @title = t ".title"
99     @diary_entry = DiaryEntry.find(params[:id])
100
101     redirect_to diary_entry_path(@diary_entry.user, @diary_entry) if current_user != @diary_entry.user
102
103     set_map_location
104   rescue ActiveRecord::RecordNotFound
105     render :action => "no_such_entry", :status => :not_found
106   end
107
108   def create
109     @title = t "diary_entries.new.title"
110
111     @diary_entry = DiaryEntry.new(entry_params)
112     @diary_entry.user = current_user
113
114     if @diary_entry.save
115       default_lang = current_user.preferences.find_by(:k => "diary.default_language")
116       if default_lang
117         default_lang.v = @diary_entry.language_code
118         default_lang.save!
119       else
120         current_user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
121       end
122
123       # Subscribe user to diary comments
124       @diary_entry.subscriptions.create(:user => current_user)
125
126       redirect_to :action => "index", :display_name => current_user.display_name
127     else
128       render :action => "new"
129     end
130   end
131
132   def update
133     @title = t "diary_entries.edit.title"
134     @diary_entry = DiaryEntry.find(params[:id])
135
136     if cannot?(:update, @diary_entry) ||
137        (params[:diary_entry] && @diary_entry.update(entry_params))
138       redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
139     else
140       set_map_location
141       render :action => "edit"
142     end
143   rescue ActiveRecord::RecordNotFound
144     render :action => "no_such_entry", :status => :not_found
145   end
146
147   def subscribe
148     @diary_entry = DiaryEntry.find(params[:id])
149
150     if request.post?
151       @diary_entry.subscriptions.create(:user => current_user) unless @diary_entry.subscribers.exists?(current_user.id)
152
153       redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
154     end
155   rescue ActiveRecord::RecordNotFound
156     render :action => "no_such_entry", :status => :not_found
157   end
158
159   def unsubscribe
160     @diary_entry = DiaryEntry.find(params[:id])
161
162     if request.post?
163       @diary_entry.subscriptions.where(:user => current_user).delete_all if @diary_entry.subscribers.exists?(current_user.id)
164
165       redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
166     end
167   rescue ActiveRecord::RecordNotFound
168     render :action => "no_such_entry", :status => :not_found
169   end
170
171   def rss
172     if params[:display_name]
173       user = User.active.find_by(:display_name => params[:display_name])
174
175       if user
176         @entries = user.diary_entries
177         @title = t("diary_entries.feed.user.title", :user => user.display_name)
178         @description = t("diary_entries.feed.user.description", :user => user.display_name)
179         @link = url_for :action => "index", :display_name => user.display_name, :host => Settings.server_url, :protocol => Settings.server_protocol
180       else
181         head :not_found
182         return
183       end
184     else
185       @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
186
187       # Items can't be flagged as deleted in the RSS format.
188       # For the general feeds, allow a delay before publishing, to help spam fighting
189       @entries = @entries.where("created_at < :time", :time => Settings.diary_feed_delay.hours.ago)
190
191       if params[:language]
192         @entries = @entries.where(:language_code => params[:language])
193         @title = t("diary_entries.feed.language.title", :language_name => Language.find(params[:language]).english_name)
194         @description = t("diary_entries.feed.language.description", :language_name => Language.find(params[:language]).english_name)
195         @link = url_for :action => "index", :language => params[:language], :host => Settings.server_url, :protocol => Settings.server_protocol
196       else
197         @title = t("diary_entries.feed.all.title")
198         @description = t("diary_entries.feed.all.description")
199         @link = url_for :action => "index", :host => Settings.server_url, :protocol => Settings.server_protocol
200       end
201     end
202     @entries = @entries.visible.includes(:user).order("created_at DESC").limit(20)
203   end
204
205   def hide
206     entry = DiaryEntry.find(params[:id])
207     entry.update(:visible => false)
208     redirect_to :action => "index", :display_name => entry.user.display_name
209   end
210
211   def unhide
212     entry = DiaryEntry.find(params[:id])
213     entry.update(:visible => true)
214     redirect_to :action => "index", :display_name => entry.user.display_name
215   end
216
217   private
218
219   ##
220   # return permitted diary entry parameters
221   def entry_params
222     params.require(:diary_entry).permit(:title, :body, :language_code, :latitude, :longitude)
223   rescue ActionController::ParameterMissing
224     ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
225   end
226
227   ##
228   # decide on a location for the diary entry map
229   def set_map_location
230     if @diary_entry.latitude && @diary_entry.longitude
231       @lon = @diary_entry.longitude
232       @lat = @diary_entry.latitude
233       @zoom = 12
234     elsif !current_user.home_location?
235       @lon = params[:lon] || -0.1
236       @lat = params[:lat] || 51.5
237       @zoom = params[:zoom] || 4
238     else
239       @lon = current_user.home_lon
240       @lat = current_user.home_lat
241       @zoom = 12
242     end
243   end
244 end