X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/2c13981b0fa6d7b6ddfc4277c53eb9c515dd2736..347c12b5ead21bdb3b127b603b9d8f3c6f8f0d16:/app/controllers/diary_entry_controller.rb?ds=inline diff --git a/app/controllers/diary_entry_controller.rb b/app/controllers/diary_entry_controller.rb index 112b80182..73e9629e0 100644 --- a/app/controllers/diary_entry_controller.rb +++ b/app/controllers/diary_entry_controller.rb @@ -3,9 +3,14 @@ class DiaryEntryController < ApplicationController before_filter :authorize_web before_filter :set_locale - before_filter :require_user, :only => [:new, :edit] + before_filter :require_user, :only => [:new, :edit, :comment, :hide, :hidecomment] before_filter :check_database_readable before_filter :check_database_writable, :only => [:new, :edit] + before_filter :require_administrator, :only => [:hide, :hidecomment] + + caches_action :list, :view, :layout => false + caches_action :rss, :layout => true + cache_sweeper :diary_sweeper, :only => [:new, :edit, :comment, :hide, :hidecomment], :unless => STATUS == :database_offline def new @title = t 'diary_entry.new.title' @@ -51,7 +56,7 @@ class DiaryEntryController < ApplicationController def comment @entry = DiaryEntry.find(params[:id]) - @diary_comment = @entry.diary_comments.build(params[:diary_comment]) + @diary_comment = @entry.comments.build(params[:diary_comment]) @diary_comment.user = @user if @diary_comment.save if @diary_comment.user != @entry.user @@ -66,12 +71,15 @@ class DiaryEntryController < ApplicationController def list if params[:display_name] - @this_user = User.find_by_display_name(params[:display_name], :conditions => {:visible => true}) + @this_user = User.find_by_display_name(params[:display_name], :conditions => { :status => ["active", "confirmed"] }) if @this_user @title = t 'diary_entry.list.user_title', :user => @this_user.display_name @entry_pages, @entries = paginate(:diary_entries, - :conditions => ['user_id = ?', @this_user.id], + :conditions => { + :user_id => @this_user.id, + :visible => true + }, :order => 'created_at DESC', :per_page => 20) else @@ -83,13 +91,20 @@ class DiaryEntryController < ApplicationController elsif params[:language] @title = t 'diary_entry.list.in_language_title', :language => Language.find(params[:language]).english_name @entry_pages, @entries = paginate(:diary_entries, :include => :user, - :conditions => ["users.visible = ? AND diary_entries.language_code = ?", true, params[:language]], + :conditions => { + :users => { :status => ["active", "confirmed"] }, + :visible => true, + :language_code => params[:language] + }, :order => 'created_at DESC', :per_page => 20) else @title = t 'diary_entry.list.title' @entry_pages, @entries = paginate(:diary_entries, :include => :user, - :conditions => ["users.visible = ?", true], + :conditions => { + :users => { :status => ["active", "confirmed"] }, + :visible => true + }, :order => 'created_at DESC', :per_page => 20) end @@ -99,11 +114,17 @@ class DiaryEntryController < ApplicationController request.format = :rss if params[:display_name] - user = User.find_by_display_name(params[:display_name], :conditions => {:visible => true}) + user = User.find_by_display_name(params[:display_name], :conditions => { :status => ["active", "confirmed"] }) if user - @entries = DiaryEntry.find(:all, :conditions => ['user_id = ?', user.id], :order => 'created_at DESC', :limit => 20) - @title = I18n.t('diary_entry.feed.user.title', :user => user.display_name, :locale => I18n.locale) + @entries = DiaryEntry.find(:all, + :conditions => { + :user_id => user.id, + :visible => true + }, + :order => 'created_at DESC', + :limit => 20) + @title = I18n.t('diary_entry.feed.user.title', :user => user.display_name) @description = I18n.t('diary_entry.feed.user.description', :user => user.display_name) @link = "http://#{SERVER_URL}/user/#{user.display_name}/diary" else @@ -111,15 +132,24 @@ class DiaryEntryController < ApplicationController end elsif params[:language] @entries = DiaryEntry.find(:all, :include => :user, - :conditions => ["users.visible = ? AND diary_entries.language_code = ?", true, params[:language]], - :order => 'created_at DESC', :limit => 20) - @title = I18n.t('diary_entry.feed.language.title', :language_name => Language.find(params[:language]).english_name, :locale => I18n.locale) - @description = I18n.t('diary_entry.feed.language.description', :language_name => Language.find(params[:language]).english_name, :locale => I18n.locale) + :conditions => { + :users => { :status => ["active", "confirmed"] }, + :visible => true, + :language_code => params[:language] + }, + :order => 'created_at DESC', + :limit => 20) + @title = I18n.t('diary_entry.feed.language.title', :language_name => Language.find(params[:language]).english_name) + @description = I18n.t('diary_entry.feed.language.description', :language_name => Language.find(params[:language]).english_name) @link = "http://#{SERVER_URL}/diary/#{params[:language]}" else @entries = DiaryEntry.find(:all, :include => :user, - :conditions => ["users.visible = ?", true], - :order => 'created_at DESC', :limit => 20) + :conditions => { + :users => { :status => ["active", "confirmed"] }, + :visible => true + }, + :order => 'created_at DESC', + :limit => 20) @title = I18n.t('diary_entry.feed.all.title') @description = I18n.t('diary_entry.feed.all.description') @link = "http://#{SERVER_URL}/diary" @@ -127,12 +157,16 @@ class DiaryEntryController < ApplicationController end def view - user = User.find_by_display_name(params[:display_name], :conditions => {:visible => true}) + user = User.find_by_display_name(params[:display_name], :conditions => { :status => ["active", "confirmed"] }) if user - @entry = DiaryEntry.find(:first, :conditions => ['user_id = ? AND id = ?', user.id, params[:id]]) + @entry = DiaryEntry.find(:first, :conditions => { + :id => params[:id], + :user_id => user.id, + :visible => true + }) if @entry - @title = t 'diary_entry.view.title', :user => params[:display_name] + @title = t 'diary_entry.view.title', :user => params[:display_name], :title => @entry.title else @title = t 'diary_entry.no_such_entry.title', :id => params[:id] render :action => 'no_such_entry', :status => :not_found @@ -143,4 +177,26 @@ class DiaryEntryController < ApplicationController render :action => 'no_such_user', :status => :not_found end end + + def hide + entry = DiaryEntry.find(params[:id]) + entry.update_attributes(:visible => false) + redirect_to :action => "list", :display_name => entry.user.display_name + end + + def hidecomment + comment = DiaryComment.find(params[:comment]) + comment.update_attributes(:visible => false) + redirect_to :action => "view", :display_name => comment.diary_entry.user.display_name, :id => comment.diary_entry.id + end +private + ## + # require that the user is a administrator, or fill out a helpful error message + # and return them to the user page. + def require_administrator + unless @user.administrator? + flash[:error] = t('user.filter.not_an_administrator') + redirect_to :controller => 'diary_entry', :action => 'view', :display_name => params[:id] + end + end end