X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/20bdbb05c32d6f93593974fbd37e811932841801..ef5352332e02c2f3a9c9d5cc7594ec8da02cb64e:/app/controllers/diary_entries_controller.rb?ds=sidebyside diff --git a/app/controllers/diary_entries_controller.rb b/app/controllers/diary_entries_controller.rb index 9af36709e..eaf6ddf9c 100644 --- a/app/controllers/diary_entries_controller.rb +++ b/app/controllers/diary_entries_controller.rb @@ -10,10 +10,10 @@ class DiaryEntriesController < ApplicationController authorize_resource - before_action :lookup_user, :only => [:show, :comments] - before_action :check_database_writable, :only => [:new, :create, :edit, :update, :comment, :hide, :hidecomment, :subscribe, :unsubscribe] + before_action :lookup_user, :only => :show + before_action :check_database_writable, :only => [:new, :create, :edit, :update, :hide, :unhide, :subscribe, :unsubscribe] - allow_thirdparty_images :only => [:new, :create, :edit, :update, :index, :show, :comments] + allow_thirdparty_images :only => [:new, :create, :edit, :update, :index, :show] def index if params[:display_name] @@ -68,7 +68,8 @@ class DiaryEntriesController < ApplicationController @entry = entries.find_by(:id => params[:id]) if @entry @title = t ".title", :user => params[:display_name], :title => @entry.title - @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments + @og_image = @entry.body.image + @comments = can?(:unhide, DiaryComment) ? @entry.comments : @entry.visible_comments else @title = t "diary_entries.no_such_entry.title", :id => params[:id] render :action => "no_such_entry", :status => :not_found @@ -124,7 +125,7 @@ class DiaryEntriesController < ApplicationController @title = t "diary_entries.edit.title" @diary_entry = DiaryEntry.find(params[:id]) - if current_user != @diary_entry.user || + if cannot?(:update, @diary_entry) || (params[:diary_entry] && @diary_entry.update(entry_params)) redirect_to diary_entry_path(@diary_entry.user, @diary_entry) else @@ -135,29 +136,6 @@ class DiaryEntriesController < ApplicationController render :action => "no_such_entry", :status => :not_found end - def comment - @entry = DiaryEntry.find(params[:id]) - @comments = @entry.visible_comments - @diary_comment = @entry.comments.build(comment_params) - @diary_comment.user = current_user - if @diary_comment.save - - # Notify current subscribers of the new comment - @entry.subscribers.visible.each do |user| - UserMailer.diary_comment_notification(@diary_comment, user).deliver_later if current_user != user - end - - # Add the commenter to the subscribers if necessary - @entry.subscriptions.create(:user => current_user) unless @entry.subscribers.exists?(current_user.id) - - redirect_to diary_entry_path(@entry.user, @entry) - else - render :action => "show" - end - rescue ActiveRecord::RecordNotFound - render :action => "no_such_entry", :status => :not_found - end - def subscribe @diary_entry = DiaryEntry.find(params[:id]) @@ -228,29 +206,6 @@ class DiaryEntriesController < ApplicationController redirect_to :action => "index", :display_name => entry.user.display_name end - def hidecomment - comment = DiaryComment.find(params[:comment]) - comment.update(:visible => false) - redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry) - end - - def unhidecomment - comment = DiaryComment.find(params[:comment]) - comment.update(:visible => true) - redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry) - end - - def comments - @title = t ".title", :user => @user.display_name - - comments = DiaryComment.where(:user => @user) - comments = comments.visible unless can? :unhidecomment, DiaryEntry - - @params = params.permit(:display_name, :before, :after) - - @comments, @newer_comments_id, @older_comments_id = get_page_items(comments, :includes => [:user]) - end - private ## @@ -261,12 +216,6 @@ class DiaryEntriesController < ApplicationController ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude) end - ## - # return permitted diary comment parameters - def comment_params - params.require(:diary_comment).permit(:body) - end - ## # decide on a location for the diary entry map def set_map_location