before_action :authorize_web
before_action :set_locale
- before_action :require_user
- before_action :check_permission
+ before_action :check_database_readable
+
+ authorize_resource
+
before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore]
+ before_action :check_database_writable, :only => [:resolve, :ignore, :reopen]
def index
@title = t ".title"
@issue_types = []
- @issue_types.concat %w[Note] if current_user.moderator?
- @issue_types.concat %w[DiaryEntry DiaryComment User] if current_user.administrator?
+ @issue_types.push("Note", "User") if current_user.moderator?
+ @issue_types.push("DiaryEntry", "DiaryComment", "User") if current_user.administrator?
@users = User.joins(:roles).where(:user_roles => { :role => current_user.roles.map(&:role) }).distinct
- @issues = Issue.visible_to(current_user)
+ @issues = Issue.visible_to(current_user).order(:updated_at => :desc)
# If search
- if params[:search_by_user] && params[:search_by_user].present?
+ if params[:search_by_user].present?
@find_user = User.find_by(:display_name => params[:search_by_user])
if @find_user
- @issues = @issues.where(:reported_user_id => @find_user.id)
+ @issues = @issues.where(:reported_user => @find_user)
else
@issues = @issues.none
flash.now[:warning] = t(".user_not_found")
end
end
- @issues = @issues.where(:status => params[:status]) if params[:status] && params[:status].present?
+ @issues = @issues.where(:status => params[:status]) if params[:status].present?
- @issues = @issues.where(:reportable_type => params[:issue_type]) if params[:issue_type] && params[:issue_type].present?
+ @issues = @issues.where(:reportable_type => params[:issue_type]) if params[:issue_type].present?
- if params[:last_updated_by] && params[:last_updated_by].present?
+ if params[:last_updated_by].present?
last_updated_by = params[:last_updated_by].to_s == "nil" ? nil : params[:last_updated_by].to_i
@issues = @issues.where(:updated_by => last_updated_by)
end
end
def show
+ @title = t ".title", :status => @issue.status.humanize, :issue_id => @issue.id
@read_reports = @issue.read_reports
@unread_reports = @issue.unread_reports
@comments = @issue.comments
@new_comment = IssueComment.new(:issue => @issue)
end
- # Status Transistions
+ # Status Transitions
def resolve
if @issue.resolve
+ @issue.updated_by = current_user.id
@issue.save!
redirect_to @issue, :notice => t(".resolved")
else
private
def find_issue
- @issue = Issue.find(params[:id])
- end
-
- def check_permission
- unless current_user.administrator? || current_user.moderator?
- flash[:error] = t("application.require_moderator_or_admin.not_a_moderator_or_admin")
- redirect_to root_path
- end
+ @issue = Issue.visible_to(current_user).find(params[:id])
+ rescue ActiveRecord::RecordNotFound
+ redirect_to :controller => "errors", :action => "not_found"
end
end