app/controllers/diary_entries_controller.rb

   1 class DiaryEntriesController < ApplicationController
   2   include UserMethods
   3   include PaginationMethods
   4
   5   layout "site", :except => :rss
   6
   7   before_action :authorize_web
   8   before_action :set_locale
   9   before_action :check_database_readable
  10
  11   authorize_resource
  12
  13   before_action :lookup_user, :only => :show
  14   before_action :check_database_writable, :only => [:new, :create, :edit, :update, :hide, :unhide, :subscribe, :unsubscribe]
  15
  16   allow_thirdparty_images :only => [:new, :create, :edit, :update, :index, :show]
  17
  18   def index
  19     if params[:display_name]
  20       @user = User.active.find_by(:display_name => params[:display_name])
  21
  22       if @user
  23         @title = t ".user_title", :user => @user.display_name
  24         entries = @user.diary_entries
  25       else
  26         render_unknown_user params[:display_name]
  27         return
  28       end
  29     elsif params[:friends]
  30       if current_user
  31         @title = t ".title_friends"
  32         entries = DiaryEntry.where(:user => current_user.friends)
  33       else
  34         require_user
  35         return
  36       end
  37     elsif params[:nearby]
  38       if current_user
  39         @title = t ".title_nearby"
  40         entries = DiaryEntry.where(:user => current_user.nearby)
  41       else
  42         require_user
  43         return
  44       end
  45     else
  46       entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
  47
  48       if params[:language]
  49         @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
  50         entries = entries.where(:language_code => params[:language])
  51       else
  52         candidate_codes = preferred_languages.flat_map(&:candidates).uniq.map(&:to_s)
  53         @languages = Language.where(:code => candidate_codes).in_order_of(:code, candidate_codes)
  54         @title = t ".title"
  55       end
  56     end
  57
  58     entries = entries.visible unless can? :unhide, DiaryEntry
  59
  60     @params = params.permit(:display_name, :friends, :nearby, :language)
  61
  62     @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, :includes => [:user, :language])
  63
  64     render :partial => "page" if turbo_frame_request_id == "pagination"
  65   end
  66
  67   def show
  68     entries = @user.diary_entries
  69     entries = entries.visible unless can? :unhide, DiaryEntry
  70     @entry = entries.find_by(:id => params[:id])
  71     if @entry
  72       @title = t ".title", :user => params[:display_name], :title => @entry.title
  73       @opengraph_properties = {
  74         "og:image" => @entry.body.image,
  75         "og:image:alt" => @entry.body.image_alt,
  76         "og:description" => @entry.body.description,
  77         "article:published_time" => @entry.created_at.xmlschema
  78       }
  79       @comments = can?(:unhide, DiaryComment) ? @entry.comments : @entry.visible_comments
  80     else
  81       @title = t "diary_entries.no_such_entry.title", :id => params[:id]
  82       render :action => "no_such_entry", :status => :not_found
  83     end
  84   end
  85
  86   def new
  87     @title = t ".title"
  88
  89     default_lang = current_user.preferences.find_by(:k => "diary.default_language")
  90     lang_code = default_lang ? default_lang.v : current_user.preferred_language
  91     @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
  92     set_map_location
  93     render :action => "new"
  94   end
  95
  96   def edit
  97     @title = t ".title"
  98     @diary_entry = DiaryEntry.find(params[:id])
  99
 100     redirect_to diary_entry_path(@diary_entry.user, @diary_entry) if current_user != @diary_entry.user
 101
 102     set_map_location
 103   rescue ActiveRecord::RecordNotFound
 104     render :action => "no_such_entry", :status => :not_found
 105   end
 106
 107   def create
 108     @title = t "diary_entries.new.title"
 109
 110     @diary_entry = DiaryEntry.new(entry_params)
 111     @diary_entry.user = current_user
 112
 113     if @diary_entry.save
 114       default_lang = current_user.preferences.find_by(:k => "diary.default_language")
 115       if default_lang
 116         default_lang.v = @diary_entry.language_code
 117         default_lang.save!
 118       else
 119         current_user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
 120       end
 121
 122       # Subscribe user to diary comments
 123       @diary_entry.subscriptions.create(:user => current_user)
 124
 125       redirect_to :action => "index", :display_name => current_user.display_name
 126     else
 127       render :action => "new"
 128     end
 129   end
 130
 131   def update
 132     @title = t "diary_entries.edit.title"
 133     @diary_entry = DiaryEntry.find(params[:id])
 134
 135     if cannot?(:update, @diary_entry) ||
 136        (params[:diary_entry] && @diary_entry.update(entry_params))
 137       redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
 138     else
 139       set_map_location
 140       render :action => "edit"
 141     end
 142   rescue ActiveRecord::RecordNotFound
 143     render :action => "no_such_entry", :status => :not_found
 144   end
 145
 146   def subscribe
 147     @diary_entry = DiaryEntry.find(params[:id])
 148
 149     if request.post?
 150       @diary_entry.subscriptions.create(:user => current_user) unless @diary_entry.subscribers.exists?(current_user.id)
 151
 152       redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
 153     end
 154   rescue ActiveRecord::RecordNotFound
 155     render :action => "no_such_entry", :status => :not_found
 156   end
 157
 158   def unsubscribe
 159     @diary_entry = DiaryEntry.find(params[:id])
 160
 161     if request.post?
 162       @diary_entry.subscriptions.where(:user => current_user).delete_all if @diary_entry.subscribers.exists?(current_user.id)
 163
 164       redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
 165     end
 166   rescue ActiveRecord::RecordNotFound
 167     render :action => "no_such_entry", :status => :not_found
 168   end
 169
 170   def rss
 171     if params[:display_name]
 172       user = User.active.find_by(:display_name => params[:display_name])
 173
 174       if user
 175         @entries = user.diary_entries
 176         @title = t("diary_entries.feed.user.title", :user => user.display_name)
 177         @description = t("diary_entries.feed.user.description", :user => user.display_name)
 178         @link = url_for :action => "index", :display_name => user.display_name, :host => Settings.server_url, :protocol => Settings.server_protocol
 179       else
 180         head :not_found
 181         return
 182       end
 183     else
 184       @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
 185
 186       # Items can't be flagged as deleted in the RSS format.
 187       # For the general feeds, allow a delay before publishing, to help spam fighting
 188       @entries = @entries.where("created_at < :time", :time => Settings.diary_feed_delay.hours.ago)
 189
 190       if params[:language]
 191         @entries = @entries.where(:language_code => params[:language])
 192         @title = t("diary_entries.feed.language.title", :language_name => Language.find(params[:language]).english_name)
 193         @description = t("diary_entries.feed.language.description", :language_name => Language.find(params[:language]).english_name)
 194         @link = url_for :action => "index", :language => params[:language], :host => Settings.server_url, :protocol => Settings.server_protocol
 195       else
 196         @title = t("diary_entries.feed.all.title")
 197         @description = t("diary_entries.feed.all.description")
 198         @link = url_for :action => "index", :host => Settings.server_url, :protocol => Settings.server_protocol
 199       end
 200     end
 201     @entries = @entries.visible.includes(:user).order("created_at DESC").limit(20)
 202   end
 203
 204   def hide
 205     entry = DiaryEntry.find(params[:id])
 206     entry.update(:visible => false)
 207     redirect_to :action => "index", :display_name => entry.user.display_name
 208   end
 209
 210   def unhide
 211     entry = DiaryEntry.find(params[:id])
 212     entry.update(:visible => true)
 213     redirect_to :action => "index", :display_name => entry.user.display_name
 214   end
 215
 216   private
 217
 218   ##
 219   # return permitted diary entry parameters
 220   def entry_params
 221     params.require(:diary_entry).permit(:title, :body, :language_code, :latitude, :longitude)
 222   rescue ActionController::ParameterMissing
 223     ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
 224   end
 225
 226   ##
 227   # decide on a location for the diary entry map
 228   def set_map_location
 229     if @diary_entry.latitude && @diary_entry.longitude
 230       @lon = @diary_entry.longitude
 231       @lat = @diary_entry.latitude
 232       @zoom = 12
 233     elsif !current_user.home_location?
 234       @lon = params[:lon] || -0.1
 235       @lat = params[:lat] || 51.5
 236       @zoom = params[:zoom] || 4
 237     else
 238       @lon = current_user.home_lon
 239       @lat = current_user.home_lat
 240       @zoom = 12
 241     end
 242   end
 243 end