Skip authorization checks for amf controller

[rails.git] / app / controllers / issues_controller.rb
diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb

index 4f88dce849605066cecd7a1ee11ba5519654cd5d..61f466f626a0ef94e27fc908e0b670d0f6aaac82 100644 (file)
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -2,110 +2,56 @@ class IssuesController < ApplicationController
    layout "site"
  
    before_action :authorize_web
    layout "site"
  
    before_action :authorize_web
-  before_action :require_user
-  before_action :check_permission, only: [:index, :show, :resolve,:open,:ignore,:comment]
-  before_action :find_issue, only: [:show, :resolve, :reopen, :ignore]
+  before_action :set_locale
  
  
-  def index
-    @issues = Issue.all.order(:status)
-  end
-
-  def show
-    @read_reports = @issue.read_reports
-    @unread_reports = @issue.unread_reports
-    @comments = @issue.comments
-    @related_issues = @issue.user.issues
-  end
-
-  def new
-    unless create_new_issue_params.blank?
-      @issue = Issue.find_or_initialize_by(create_new_issue_params)
-    end
-  end
+  authorize_resource
  
  
-  def create
-    @issue = Issue.find_by_reportable_id_and_reportable_type(params[:reportable_id],params[:reportable_type])
+  before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore]
  
  
-    # Check if Issue alrwady exists
-    if !@issue 
-      @issue = Issue.find_or_initialize_by(issue_params)
-      @admins = UserRole.where(role: "administrator")
-      @admins.each do |admin|
-        Notifier.new_issue_notification(User.find(admin.user_id)).deliver_now
-      end
-    end
-
-    # Check if details provided are sufficient
-    if params[:report][:details] and (params[:spam] or params[:offensive] or params[:threat] or params[:vandal] or params[:other])
-      @report = @issue.reports.build(report_params)
-      details =  params[:report][:details].to_s + "||" + params[:spam].to_s + "||" + params[:offensive].to_s + "||" + params[:threat].to_s + "||" + params[:vandal].to_s + "||" + params[:other].to_s
-      @report.reporter_user_id = @user.id
-      @report.details = details
-
-      # Checking if instance has been updated since last report
-      @last_report = @issue.reports.order(updated_at: :desc).last
-      if @issue.reportable.updated_at.present? and (@issue.ignored? or @issue.resolved?) and @issue.reportable.updated_at > @last_report.updated_at
-        if @issue.reopen
-          @issue.save!
-        end
-      end
-
-      if @issue.save!
-        redirect_to root_path, notice: t('issues.create.successful_report')
+  def index
+    @title = t ".title"
+
+    @issue_types = []
+    @issue_types.concat %w[Note] if current_user.moderator?
+    @issue_types.concat %w[DiaryEntry DiaryComment User] if current_user.administrator?
+
+    @users = User.joins(:roles).where(:user_roles => { :role => current_user.roles.map(&:role) }).distinct
+    @issues = Issue.visible_to(current_user)
+
+    # If search
+    if params[:search_by_user]&.present?
+      @find_user = User.find_by(:display_name => params[:search_by_user])
+      if @find_user
+        @issues = @issues.where(:reported_user_id => @find_user.id)
+      else
+        @issues = @issues.none
+        flash.now[:warning] = t(".user_not_found")
        end
        end
-    else
-      redirect_to new_issue_path(reportable_type: @issue.reportable_type,reportable_id: @issue.reportable_id, reported_user_id: @issue.reported_user_id), notice: t('issues.create.provide_details')
      end
      end
-  end
-
-  def update
-    @issue = Issue.find_by(issue_params)
-
-    # Check if details provided are sufficient
-    if params[:report][:details] and (params[:spam] or params[:offensive] or params[:threat] or params[:vandal] or params[:other])
-      @report = @issue.reports.where(reporter_user_id: @user.id).first
-      
-      if @report == nil
-        @report = @issue.reports.build(report_params)
-        @report.reporter_user_id = @user.id
-        notice = t('issues.update.new_report')
-      end
  
  
-      details =  params[:report][:details].to_s + "||" + params[:spam].to_s + "||" + params[:offensive].to_s + "||" + params[:threat].to_s + "||" + params[:vandal].to_s + "||" + params[:other].to_s
-      @report.details = details    
-
-    # Checking if instance has been updated since last report
-      @last_report = @issue.reports.order(updated_at: :desc).last
-      if @issue.reportable.updated_at.present? and (@issue.ignored? or @issue.resolved?) and @issue.reportable.updated_at > @last_report.updated_at
-        @issue.reopen
-        @issue.save!
-      end
+    @issues = @issues.where(:status => params[:status]) if params[:status]&.present?
  
  
-      if notice == nil
-        notice = t('issues.update.successful_update')
-      end
+    @issues = @issues.where(:reportable_type => params[:issue_type]) if params[:issue_type]&.present?
  
  
-      if @report.save!
-        redirect_to root_path, notice: notice
-      end
-    else
-      redirect_to new_issue_path(reportable_type: @issue.reportable_type,reportable_id: @issue.reportable_id, reported_user_id: @issue.reported_user_id), notice: t('issues.update.provide_details')
-    end  
+    if params[:last_updated_by]&.present?
+      last_updated_by = params[:last_updated_by].to_s == "nil" ? nil : params[:last_updated_by].to_i
+      @issues = @issues.where(:updated_by => last_updated_by)
+    end
    end
  
    end
  
-  def comment
-    @issue = Issue.find(params[:id])
-    @issue_comment = @issue.comments.build(issue_comment_params)
-    @issue_comment.commenter_user_id = @user.id
-    @issue_comment.save!
-    redirect_to @issue
+  def show
+    @read_reports = @issue.read_reports
+    @unread_reports = @issue.unread_reports
+    @comments = @issue.comments
+    @related_issues = @issue.reported_user.issues.where(:assigned_role => current_user.roles.map(&:role)) if @issue.reported_user
+    @new_comment = IssueComment.new(:issue => @issue)
    end
  
    # Status Transistions
    def resolve
      if @issue.resolve
        @issue.save!
    end
  
    # Status Transistions
    def resolve
      if @issue.resolve
        @issue.save!
-      redirect_to @issue, notice: t('issues.resolved')
+      redirect_to @issue, :notice => t(".resolved")
      else
        render :show
      end
      else
        render :show
      end
@@ -113,8 +59,9 @@ class IssuesController < ApplicationController
  
    def ignore
      if @issue.ignore
  
    def ignore
      if @issue.ignore
+      @issue.updated_by = current_user.id
        @issue.save!
        @issue.save!
-      redirect_to @issue, notice: t('issues.ignored')
+      redirect_to @issue, :notice => t(".ignored")
      else
        render :show
      end
      else
        render :show
      end
@@ -122,8 +69,9 @@ class IssuesController < ApplicationController
  
    def reopen
      if @issue.reopen
  
    def reopen
      if @issue.reopen
+      @issue.updated_by = current_user.id
        @issue.save!
        @issue.save!
-      redirect_to @issue, notice: t('issues.reopened')
+      redirect_to @issue, :notice => t(".reopened")
      else
        render :show
      end
      else
        render :show
      end
@@ -131,30 +79,7 @@ class IssuesController < ApplicationController
  
    private
  
  
    private
  
-    def find_issue
-      @issue = Issue.find(params[:id])
-    end
-
-    def check_permission
-      unless @user.administrator?
-        flash[:error] = t("application.require_admin.not_an_admin")
-        redirect_to root_path
-      end
-    end
-
-    def create_new_issue_params
-      params.permit(:reportable_id, :reportable_type, :reported_user_id)
-    end
-
-    def issue_params
-      params[:issue].permit(:reportable_id, :reportable_type,:reported_user_id)
-    end
-
-    def report_params
-      params[:report].permit(:details)
-    end
-
-    def issue_comment_params
-      params.require(:issue_comment).permit(:body)
-    end
+  def find_issue
+    @issue = Issue.find(params[:id])
+  end
  end
  end