1 class DiaryEntryController < ApplicationController
2 layout "site", :except => :rss
4 before_action :authorize_web
5 before_action :set_locale
9 before_action :lookup_user, :only => [:show, :comments]
10 before_action :check_database_readable
11 before_action :check_database_writable, :only => [:new, :edit, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
12 before_action :allow_thirdparty_images, :only => [:new, :edit, :index, :show, :comments]
15 @title = t "diary_entry.new.title"
18 @diary_entry = DiaryEntry.new(entry_params)
19 @diary_entry.user = current_user
22 default_lang = current_user.preferences.where(:k => "diary.default_language").first
24 default_lang.v = @diary_entry.language_code
27 current_user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
30 # Subscribe user to diary comments
31 @diary_entry.subscriptions.create(:user => current_user)
33 redirect_to :action => "index", :display_name => current_user.display_name
35 render :action => "edit"
38 default_lang = current_user.preferences.where(:k => "diary.default_language").first
39 lang_code = default_lang ? default_lang.v : current_user.preferred_language
40 @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
42 render :action => "edit"
47 @title = t "diary_entry.edit.title"
48 @diary_entry = DiaryEntry.find(params[:id])
50 if current_user != @diary_entry.user
51 redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
52 elsif params[:diary_entry] && @diary_entry.update(entry_params)
53 redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
57 rescue ActiveRecord::RecordNotFound
58 render :action => "no_such_entry", :status => :not_found
62 @entry = DiaryEntry.find(params[:id])
63 @diary_comment = @entry.comments.build(comment_params)
64 @diary_comment.user = current_user
65 if @diary_comment.save
67 # Notify current subscribers of the new comment
68 @entry.subscribers.visible.each do |user|
69 Notifier.diary_comment_notification(@diary_comment, user).deliver_now if current_user != user
72 # Add the commenter to the subscribers if necessary
73 @entry.subscriptions.create(:user => current_user) unless @entry.subscribers.exists?(current_user.id)
75 redirect_to diary_entry_path(@entry.user, @entry)
77 render :action => "show"
79 rescue ActiveRecord::RecordNotFound
80 render :action => "no_such_entry", :status => :not_found
84 diary_entry = DiaryEntry.find(params[:id])
86 diary_entry.subscriptions.create(:user => current_user) unless diary_entry.subscribers.exists?(current_user.id)
88 redirect_to diary_entry_path(diary_entry.user, diary_entry)
89 rescue ActiveRecord::RecordNotFound
90 render :action => "no_such_entry", :status => :not_found
94 diary_entry = DiaryEntry.find(params[:id])
96 diary_entry.subscriptions.where(:user => current_user).delete_all if diary_entry.subscribers.exists?(current_user.id)
98 redirect_to diary_entry_path(diary_entry.user, diary_entry)
99 rescue ActiveRecord::RecordNotFound
100 render :action => "no_such_entry", :status => :not_found
104 if params[:display_name]
105 @user = User.active.find_by(:display_name => params[:display_name])
108 @title = t "diary_entry.index.user_title", :user => @user.display_name
109 @entries = @user.diary_entries
111 render_unknown_user params[:display_name]
114 elsif params[:friends]
116 @title = t "diary_entry.index.title_friends"
117 @entries = DiaryEntry.where(:user_id => current_user.friend_users)
122 elsif params[:nearby]
124 @title = t "diary_entry.index.title_nearby"
125 @entries = DiaryEntry.where(:user_id => current_user.nearby)
131 @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
134 @title = t "diary_entry.index.in_language_title", :language => Language.find(params[:language]).english_name
135 @entries = @entries.where(:language_code => params[:language])
137 @title = t "diary_entry.index.title"
141 @params = params.permit(:display_name, :friends, :nearby, :language)
143 @page = (params[:page] || 1).to_i
146 @entries = @entries.visible
147 @entries = @entries.order("created_at DESC")
148 @entries = @entries.offset((@page - 1) * @page_size)
149 @entries = @entries.limit(@page_size)
150 @entries = @entries.includes(:user, :language)
154 if params[:display_name]
155 user = User.active.find_by(:display_name => params[:display_name])
158 @entries = user.diary_entries
159 @title = t("diary_entry.feed.user.title", :user => user.display_name)
160 @description = t("diary_entry.feed.user.description", :user => user.display_name)
161 @link = url_for :controller => "diary_entry", :action => "index", :display_name => user.display_name, :host => SERVER_URL, :protocol => SERVER_PROTOCOL
167 @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
170 @entries = @entries.where(:language_code => params[:language])
171 @title = t("diary_entry.feed.language.title", :language_name => Language.find(params[:language]).english_name)
172 @description = t("diary_entry.feed.language.description", :language_name => Language.find(params[:language]).english_name)
173 @link = url_for :controller => "diary_entry", :action => "index", :language => params[:language], :host => SERVER_URL, :protocol => SERVER_PROTOCOL
175 @title = t("diary_entry.feed.all.title")
176 @description = t("diary_entry.feed.all.description")
177 @link = url_for :controller => "diary_entry", :action => "index", :host => SERVER_URL, :protocol => SERVER_PROTOCOL
181 @entries = @entries.visible.includes(:user).order("created_at DESC").limit(20)
185 @entry = @user.diary_entries.visible.where(:id => params[:id]).first
187 @title = t "diary_entry.show.title", :user => params[:display_name], :title => @entry.title
189 @title = t "diary_entry.no_such_entry.title", :id => params[:id]
190 render :action => "no_such_entry", :status => :not_found
195 entry = DiaryEntry.find(params[:id])
196 entry.update(:visible => false)
197 redirect_to :action => "index", :display_name => entry.user.display_name
201 comment = DiaryComment.find(params[:comment])
202 comment.update(:visible => false)
203 redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
207 @comment_pages, @comments = paginate(:diary_comments,
212 :order => "created_at DESC",
214 @page = (params[:page] || 1).to_i
219 # This is required because, being a default-deny system, cancancan
220 # _cannot_ tell you the reason you were denied access; and so
221 # the "nice" feedback presenting next steps can't be gleaned from
224 # for the hide actions, require that the user is a administrator, or fill out
225 # a helpful error message and return them to the user page.
226 def deny_access(exception)
227 if current_user && exception.action.in?([:hide, :hidecomment])
228 flash[:error] = t("users.filter.not_an_administrator")
229 redirect_to :action => "show"
236 # return permitted diary entry parameters
238 params.require(:diary_entry).permit(:title, :body, :language_code, :latitude, :longitude)
239 rescue ActionController::ParameterMissing
240 ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
244 # return permitted diary comment parameters
246 params.require(:diary_comment).permit(:body)
250 # decide on a location for the diary entry map
252 if @diary_entry.latitude && @diary_entry.longitude
253 @lon = @diary_entry.longitude
254 @lat = @diary_entry.latitude
256 elsif current_user.home_lat.nil? || current_user.home_lon.nil?
257 @lon = params[:lon] || -0.1
258 @lat = params[:lat] || 51.5
259 @zoom = params[:zoom] || 4
261 @lon = current_user.home_lon
262 @lat = current_user.home_lat