From: Tom Hughes <tom@compton.nu>
Date: Wed, 26 Jul 2023 18:01:48 +0000 (+0100)
Subject: Allow administrators to see deleted diary entries
X-Git-Tag: live~1227^2~1
X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/6651d713d7255078ed7228119bd89230b5df846b?hp=-c

Allow administrators to see deleted diary entries
---

6651d713d7255078ed7228119bd89230b5df846b
diff --git a/app/controllers/diary_entries_controller.rb b/app/controllers/diary_entries_controller.rb
index 4cdc1b55a..6e7378bf3 100644
--- a/app/controllers/diary_entries_controller.rb
+++ b/app/controllers/diary_entries_controller.rb
@@ -62,7 +62,9 @@ class DiaryEntriesController < ApplicationController
   end
 
   def show
-    @entry = @user.diary_entries.visible.where(:id => params[:id]).first
+    entries = @user.diary_entries
+    entries = entries.visible unless can? :unhide, DiaryEntry
+    @entry = entries.where(:id => params[:id]).first
     if @entry
       @title = t ".title", :user => params[:display_name], :title => @entry.title
       @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments
diff --git a/test/controllers/diary_entries_controller_test.rb b/test/controllers/diary_entries_controller_test.rb
index 42d042645..5a35ff035 100644
--- a/test/controllers/diary_entries_controller_test.rb
+++ b/test/controllers/diary_entries_controller_test.rb
@@ -680,14 +680,20 @@ class DiaryEntriesControllerTest < ActionDispatch::IntegrationTest
     assert_response :not_found
 
     # Try an entry by a suspended user
-    diary_entry_suspended = create(:diary_entry, :user => suspended_user)
-    get diary_entry_path(:display_name => suspended_user.display_name, :id => diary_entry_suspended)
+    diary_entry_suspended_user = create(:diary_entry, :user => suspended_user)
+    get diary_entry_path(:display_name => suspended_user.display_name, :id => diary_entry_suspended_user)
     assert_response :not_found
 
     # Try an entry by a deleted user
-    diary_entry_deleted = create(:diary_entry, :user => deleted_user)
-    get diary_entry_path(:display_name => deleted_user.display_name, :id => diary_entry_deleted)
+    diary_entry_deleted_user = create(:diary_entry, :user => deleted_user)
+    get diary_entry_path(:display_name => deleted_user.display_name, :id => diary_entry_deleted_user)
     assert_response :not_found
+
+    # Finally try as an administrator
+    session_for(create(:administrator_user))
+    get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted)
+    assert_response :success
+    assert_template :show
   end
 
   def test_show_hidden_comments