]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/friendships_controller.rb
Add revoke all actions to received blocks resource
[rails.git] / app / controllers / friendships_controller.rb
index a983bec751442d36a31b26f79b8fca595ad024ea..8f0c1ad859c4332eb46c81d82db4e28d6a8fe755 100644 (file)
@@ -1,4 +1,6 @@
 class FriendshipsController < ApplicationController
 class FriendshipsController < ApplicationController
+  include UserMethods
+
   layout "site"
 
   before_action :authorize_web
   layout "site"
 
   before_action :authorize_web
@@ -8,55 +10,52 @@ class FriendshipsController < ApplicationController
   authorize_resource
 
   before_action :check_database_writable, :only => [:make_friend, :remove_friend]
   authorize_resource
 
   before_action :check_database_writable, :only => [:make_friend, :remove_friend]
+  before_action :lookup_friend, :only => [:make_friend, :remove_friend]
 
   def make_friend
 
   def make_friend
-    @new_friend = User.find_by(:display_name => params[:display_name])
-
-    if @new_friend
-      if request.post?
-        friendship = Friendship.new
-        friendship.befriender = current_user
-        friendship.befriendee = @new_friend
-        if current_user.is_friends_with?(@new_friend)
-          flash[:warning] = t "friendships.make_friend.already_a_friend", :name => @new_friend.display_name
-        elsif friendship.save
-          flash[:notice] = t "friendships.make_friend.success", :name => @new_friend.display_name
-          Notifier.friendship_notification(friendship).deliver_later
-        else
-          friendship.add_error(t("friendships.make_friend.failed", :name => @new_friend.display_name))
-        end
-
-        if params[:referer]
-          redirect_to params[:referer]
-        else
-          redirect_to user_path
-        end
+    if request.post?
+      friendship = Friendship.new
+      friendship.befriender = current_user
+      friendship.befriendee = @friend
+      if current_user.friends_with?(@friend)
+        flash[:warning] = t ".already_a_friend", :name => @friend.display_name
+      elsif current_user.friendships.where(:created_at => Time.now.utc - 1.hour..).count >= current_user.max_friends_per_hour
+        flash[:error] = t ".limit_exceeded"
+      elsif friendship.save
+        flash[:notice] = t ".success", :name => @friend.display_name
+        UserMailer.friendship_notification(friendship).deliver_later
+      else
+        friendship.add_error(t(".failed", :name => @friend.display_name))
       end
       end
-    else
-      render_unknown_user params[:display_name]
+
+      referer = safe_referer(params[:referer]) if params[:referer]
+
+      redirect_to referer || user_path
     end
   end
 
   def remove_friend
     end
   end
 
   def remove_friend
-    @friend = User.find_by(:display_name => params[:display_name])
-
-    if @friend
-      if request.post?
-        if current_user.is_friends_with?(@friend)
-          Friendship.where(:befriender => current_user, :befriendee => @friend).delete_all
-          flash[:notice] = t "friendships.remove_friend.success", :name => @friend.display_name
-        else
-          flash[:error] = t "friendships.remove_friend.not_a_friend", :name => @friend.display_name
-        end
-
-        if params[:referer]
-          redirect_to params[:referer]
-        else
-          redirect_to user_path
-        end
+    if request.post?
+      if current_user.friends_with?(@friend)
+        Friendship.where(:befriender => current_user, :befriendee => @friend).delete_all
+        flash[:notice] = t ".success", :name => @friend.display_name
+      else
+        flash[:error] = t ".not_a_friend", :name => @friend.display_name
       end
       end
-    else
-      render_unknown_user params[:display_name]
+
+      referer = safe_referer(params[:referer]) if params[:referer]
+
+      redirect_to referer || user_path
     end
   end
     end
   end
+
+  private
+
+  ##
+  # ensure that there is a "friend" instance variable
+  def lookup_friend
+    @friend = User.active.find_by!(:display_name => params[:display_name])
+  rescue ActiveRecord::RecordNotFound
+    render_unknown_user params[:display_name]
+  end
 end
 end