]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/diary_entries_controller.rb
Really remove login.live.com from CSP allow list
[rails.git] / app / controllers / diary_entries_controller.rb
index 1f9574b9cbab8313e7cc0e9b7540c85ae5d9f3fe..8da0842eb09cbee7942cf28d725d5ee6b49e9308 100644 (file)
@@ -1,5 +1,6 @@
 class DiaryEntriesController < ApplicationController
   include UserMethods
+  include PaginationMethods
 
   layout "site", :except => :rss
 
@@ -57,7 +58,7 @@ class DiaryEntriesController < ApplicationController
 
     @params = params.permit(:display_name, :friends, :nearby, :language)
 
-    @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, [:user, :language])
+    @entries, @newer_entries_id, @older_entries_id = get_page_items(entries, :includes => [:user, :language])
   end
 
   def show
@@ -157,21 +158,25 @@ class DiaryEntriesController < ApplicationController
   end
 
   def subscribe
-    diary_entry = DiaryEntry.find(params[:id])
+    @diary_entry = DiaryEntry.find(params[:id])
 
-    diary_entry.subscriptions.create(:user => current_user) unless diary_entry.subscribers.exists?(current_user.id)
+    if request.post?
+      @diary_entry.subscriptions.create(:user => current_user) unless @diary_entry.subscribers.exists?(current_user.id)
 
-    redirect_to diary_entry_path(diary_entry.user, diary_entry)
+      redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
+    end
   rescue ActiveRecord::RecordNotFound
     render :action => "no_such_entry", :status => :not_found
   end
 
   def unsubscribe
-    diary_entry = DiaryEntry.find(params[:id])
+    @diary_entry = DiaryEntry.find(params[:id])
 
-    diary_entry.subscriptions.where(:user => current_user).delete_all if diary_entry.subscribers.exists?(current_user.id)
+    if request.post?
+      @diary_entry.subscriptions.where(:user => current_user).delete_all if @diary_entry.subscribers.exists?(current_user.id)
 
-    redirect_to diary_entry_path(diary_entry.user, diary_entry)
+      redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
+    end
   rescue ActiveRecord::RecordNotFound
     render :action => "no_such_entry", :status => :not_found
   end
@@ -242,7 +247,7 @@ class DiaryEntriesController < ApplicationController
 
     @params = params.permit(:display_name, :before, :after)
 
-    @comments, @newer_comments_id, @older_comments_id = get_page_items(comments, [:user])
+    @comments, @newer_comments_id, @older_comments_id = get_page_items(comments, :includes => [:user])
   end
 
   private
@@ -278,24 +283,4 @@ class DiaryEntriesController < ApplicationController
       @zoom = 12
     end
   end
-
-  def get_page_items(items, includes)
-    id_column = "#{items.table_name}.id"
-    page_items = if params[:before]
-                   items.where("#{id_column} < ?", params[:before]).order(:id => :desc)
-                 elsif params[:after]
-                   items.where("#{id_column} > ?", params[:after]).order(:id => :asc)
-                 else
-                   items.order(:id => :desc)
-                 end
-
-    page_items = page_items.limit(20)
-    page_items = page_items.includes(includes)
-    page_items = page_items.sort.reverse
-
-    newer_items_id = page_items.first.id if page_items.count.positive? && items.exists?(["#{id_column} > ?", page_items.first.id])
-    older_items_id = page_items.last.id if page_items.count.positive? && items.exists?(["#{id_column} < ?", page_items.last.id])
-
-    [page_items, newer_items_id, older_items_id]
-  end
 end