- before_action :check_database_writable, :only => [:new, :edit, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
- before_action :allow_thirdparty_images, :only => [:new, :edit, :index, :show, :comments]
+ before_action :check_database_writable, :only => [:new, :create, :edit, :update, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
+ before_action :allow_thirdparty_images, :only => [:new, :create, :edit, :update, :index, :show, :comments]
+
+ def index
+ if params[:display_name]
+ @user = User.active.find_by(:display_name => params[:display_name])
+
+ if @user
+ @title = t ".user_title", :user => @user.display_name
+ entries = @user.diary_entries
+ else
+ render_unknown_user params[:display_name]
+ return
+ end
+ elsif params[:friends]
+ if current_user
+ @title = t ".title_friends"
+ entries = DiaryEntry.where(:user => current_user.friends)
+ else
+ require_user
+ return
+ end
+ elsif params[:nearby]
+ if current_user
+ @title = t ".title_nearby"
+ entries = DiaryEntry.where(:user => current_user.nearby)
+ else
+ require_user
+ return
+ end
+ else
+ entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
+
+ if params[:language]
+ @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
+ entries = entries.where(:language_code => params[:language])
+ else
+ @title = t ".title"
+ end
+ end
+
+ entries = entries.visible unless can? :unhide, DiaryEntry
+
+ @params = params.permit(:display_name, :friends, :nearby, :language)
+
+ @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, [:user, :language])
+ end
+
+ def show
+ entries = @user.diary_entries
+ entries = entries.visible unless can? :unhide, DiaryEntry
+ @entry = entries.find_by(:id => params[:id])
+ if @entry
+ @title = t ".title", :user => params[:display_name], :title => @entry.title
+ @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments
+ else
+ @title = t "diary_entries.no_such_entry.title", :id => params[:id]
+ render :action => "no_such_entry", :status => :not_found
+ end
+ end