before_filter :authorize_web
before_filter :require_user
+ before_filter :check_database_readable
+ before_filter :check_database_writable, :only => [:new, :reply, :mark]
+ # Allow the user to write a new message to another user. This action also
+ # deals with the sending of that message to the other user when the user
+ # clicks send.
+ # The user_id param is the id of the user that the message is being sent to.
def new
@title = 'send message'
+ @to_user = User.find(params[:user_id])
if params[:message]
@message = Message.new(params[:message])
- @message.to_user_id = params[:user_id]
+ @message.to_user_id = @to_user.id
@message.from_user_id = @user.id
- @message.sent_on = Time.now
+ @message.sent_on = Time.now.getutc
if @message.save
flash[:notice] = 'Message sent'
class TraceController < ApplicationController
layout 'site'
- before_filter :authorize_web
- before_filter :require_user, :only => [:mine, :edit, :delete, :make_public]
+ before_filter :authorize_web
+ before_filter :require_user, :only => [:mine, :create, :edit, :delete, :make_public]
before_filter :authorize, :only => [:api_details, :api_data, :api_create]
- before_filter :check_database_availability, :except => [:api_details, :api_data, :api_create]
- before_filter :check_read_availability, :only => [:api_details, :api_data, :api_create]
+ before_filter :check_database_readable, :except => [:api_details, :api_data, :api_create]
+ before_filter :check_database_writable, :only => [:create, :edit, :delete, :make_public]
+ before_filter :check_api_readable, :only => [:api_details, :api_data]
+ before_filter :check_api_writable, :only => [:api_create]
# Counts and selects pages of GPX traces for various criteria (by user, tags, public etc.).
# target_user - if set, specifies the user to fetch traces for. if not set will fetch all traces
projects / rails.git / commitdiff