Merge pull request #4906 from matkoniecz/sotmeu-banner

[rails.git] / app / controllers / diary_comments_controller.rb

diff --git a/app/controllers/diary_comments_controller.rb b/app/controllers/diary_comments_controller.rb
index f1add85f03329363b8668431477b504f68ddaf56..8abf2071b383a4e9842f7b430376b6ce11b47209 100644 (file)
--- a/app/controllers/diary_comments_controller.rb
+++ b/app/controllers/diary_comments_controller.rb
@@ -11,6 +11,7 @@ class DiaryCommentsController < ApplicationController
   authorize_resource
 
   before_action :lookup_user, :only => :index
+  before_action :check_database_writable, :only => [:hide, :unhide]
 
   allow_thirdparty_images :only => :index
 
@@ -18,10 +19,22 @@ class DiaryCommentsController < ApplicationController
     @title = t ".title", :user => @user.display_name
 
     comments = DiaryComment.where(:user => @user)
-    comments = comments.visible unless can? :unhidecomment, DiaryEntry
+    comments = comments.visible unless can? :unhide, DiaryComment
 
     @params = params.permit(:display_name, :before, :after)
 
     @comments, @newer_comments_id, @older_comments_id = get_page_items(comments, :includes => [:user])
   end
+
+  def hide
+    comment = DiaryComment.find(params[:comment])
+    comment.update(:visible => false)
+    redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
+  end
+
+  def unhide
+    comment = DiaryComment.find(params[:comment])
+    comment.update(:visible => true)
+    redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
+  end
 end