]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/diary_entries_controller.rb
Really remove login.live.com from CSP allow list
[rails.git] / app / controllers / diary_entries_controller.rb
index 6981ed797f92112956e2097bf7a11a1e54d9465b..8da0842eb09cbee7942cf28d725d5ee6b49e9308 100644 (file)
@@ -1,4 +1,7 @@
 class DiaryEntriesController < ApplicationController
 class DiaryEntriesController < ApplicationController
+  include UserMethods
+  include PaginationMethods
+
   layout "site", :except => :rss
 
   before_action :authorize_web
   layout "site", :except => :rss
 
   before_action :authorize_web
@@ -25,7 +28,7 @@ class DiaryEntriesController < ApplicationController
     elsif params[:friends]
       if current_user
         @title = t ".title_friends"
     elsif params[:friends]
       if current_user
         @title = t ".title_friends"
-        entries = DiaryEntry.where(:user_id => current_user.friends)
+        entries = DiaryEntry.where(:user => current_user.friends)
       else
         require_user
         return
       else
         require_user
         return
@@ -33,7 +36,7 @@ class DiaryEntriesController < ApplicationController
     elsif params[:nearby]
       if current_user
         @title = t ".title_nearby"
     elsif params[:nearby]
       if current_user
         @title = t ".title_nearby"
-        entries = DiaryEntry.where(:user_id => current_user.nearby)
+        entries = DiaryEntry.where(:user => current_user.nearby)
       else
         require_user
         return
       else
         require_user
         return
@@ -45,6 +48,8 @@ class DiaryEntriesController < ApplicationController
         @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
         entries = entries.where(:language_code => params[:language])
       else
         @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
         entries = entries.where(:language_code => params[:language])
       else
+        candidate_codes = preferred_languages.flat_map(&:candidates).uniq.map(&:to_s)
+        @languages = Language.where(:code => candidate_codes).in_order_of(:code, candidate_codes)
         @title = t ".title"
       end
     end
         @title = t ".title"
       end
     end
@@ -53,26 +58,13 @@ class DiaryEntriesController < ApplicationController
 
     @params = params.permit(:display_name, :friends, :nearby, :language)
 
 
     @params = params.permit(:display_name, :friends, :nearby, :language)
 
-    @entries = if params[:before]
-                 entries.where("diary_entries.id < ?", params[:before]).order(:id => :desc)
-               elsif params[:after]
-                 entries.where("diary_entries.id > ?", params[:after]).order(:id => :asc)
-               else
-                 entries.order(:id => :desc)
-               end
-
-    @entries = @entries.limit(20)
-    @entries = @entries.includes(:user, :language)
-    @entries = @entries.sort.reverse
-
-    @newer_entries = @entries.count.positive? && entries.exists?(["diary_entries.id > ?", @entries.first.id])
-    @older_entries = @entries.count.positive? && entries.exists?(["diary_entries.id < ?", @entries.last.id])
+    @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, :includes => [:user, :language])
   end
 
   def show
     entries = @user.diary_entries
     entries = entries.visible unless can? :unhide, DiaryEntry
   end
 
   def show
     entries = @user.diary_entries
     entries = entries.visible unless can? :unhide, DiaryEntry
-    @entry = entries.where(:id => params[:id]).first
+    @entry = entries.find_by(:id => params[:id])
     if @entry
       @title = t ".title", :user => params[:display_name], :title => @entry.title
       @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments
     if @entry
       @title = t ".title", :user => params[:display_name], :title => @entry.title
       @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments
@@ -85,7 +77,7 @@ class DiaryEntriesController < ApplicationController
   def new
     @title = t ".title"
 
   def new
     @title = t ".title"
 
-    default_lang = current_user.preferences.where(:k => "diary.default_language").first
+    default_lang = current_user.preferences.find_by(:k => "diary.default_language")
     lang_code = default_lang ? default_lang.v : current_user.preferred_language
     @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
     set_map_location
     lang_code = default_lang ? default_lang.v : current_user.preferred_language
     @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
     set_map_location
@@ -110,7 +102,7 @@ class DiaryEntriesController < ApplicationController
     @diary_entry.user = current_user
 
     if @diary_entry.save
     @diary_entry.user = current_user
 
     if @diary_entry.save
-      default_lang = current_user.preferences.where(:k => "diary.default_language").first
+      default_lang = current_user.preferences.find_by(:k => "diary.default_language")
       if default_lang
         default_lang.v = @diary_entry.language_code
         default_lang.save!
       if default_lang
         default_lang.v = @diary_entry.language_code
         default_lang.save!
@@ -166,21 +158,25 @@ class DiaryEntriesController < ApplicationController
   end
 
   def subscribe
   end
 
   def subscribe
-    diary_entry = DiaryEntry.find(params[:id])
+    @diary_entry = DiaryEntry.find(params[:id])
 
 
-    diary_entry.subscriptions.create(:user => current_user) unless diary_entry.subscribers.exists?(current_user.id)
+    if request.post?
+      @diary_entry.subscriptions.create(:user => current_user) unless @diary_entry.subscribers.exists?(current_user.id)
 
 
-    redirect_to diary_entry_path(diary_entry.user, diary_entry)
+      redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
+    end
   rescue ActiveRecord::RecordNotFound
     render :action => "no_such_entry", :status => :not_found
   end
 
   def unsubscribe
   rescue ActiveRecord::RecordNotFound
     render :action => "no_such_entry", :status => :not_found
   end
 
   def unsubscribe
-    diary_entry = DiaryEntry.find(params[:id])
+    @diary_entry = DiaryEntry.find(params[:id])
 
 
-    diary_entry.subscriptions.where(:user => current_user).delete_all if diary_entry.subscribers.exists?(current_user.id)
+    if request.post?
+      @diary_entry.subscriptions.where(:user => current_user).delete_all if @diary_entry.subscribers.exists?(current_user.id)
 
 
-    redirect_to diary_entry_path(diary_entry.user, diary_entry)
+      redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
+    end
   rescue ActiveRecord::RecordNotFound
     render :action => "no_such_entry", :status => :not_found
   end
   rescue ActiveRecord::RecordNotFound
     render :action => "no_such_entry", :status => :not_found
   end
@@ -246,15 +242,12 @@ class DiaryEntriesController < ApplicationController
   def comments
     @title = t ".title", :user => @user.display_name
 
   def comments
     @title = t ".title", :user => @user.display_name
 
-    conditions = { :user_id => @user }
+    comments = DiaryComment.where(:user => @user)
+    comments = comments.visible unless can? :unhidecomment, DiaryEntry
 
 
-    conditions[:visible] = true unless can? :unhidecomment, DiaryEntry
+    @params = params.permit(:display_name, :before, :after)
 
 
-    @comment_pages, @comments = paginate(:diary_comments,
-                                         :conditions => conditions,
-                                         :order => "created_at DESC",
-                                         :per_page => 20)
-    @page = (params[:page] || 1).to_i
+    @comments, @newer_comments_id, @older_comments_id = get_page_items(comments, :includes => [:user])
   end
 
   private
   end
 
   private