From fdffd22ccadda9c4ed2a4332de4c3b7c77bae012 Mon Sep 17 00:00:00 2001 From: Andy Allan Date: Wed, 5 Jun 2019 15:52:15 +0200 Subject: [PATCH] Allow admins to unhide diary comments, if they wish --- app/abilities/ability.rb | 2 +- app/controllers/diary_entries_controller.rb | 6 ++++ .../diary_entries/_diary_comment.html.erb | 6 +++- config/locales/en.yml | 1 + config/routes.rb | 1 + .../diary_entries_controller_test.rb | 32 +++++++++++++++++++ 6 files changed, 46 insertions(+), 2 deletions(-) diff --git a/app/abilities/ability.rb b/app/abilities/ability.rb index a663dc4be..28380392d 100644 --- a/app/abilities/ability.rb +++ b/app/abilities/ability.rb @@ -51,7 +51,7 @@ class Ability end if user.administrator? - can [:hide, :unhide, :hidecomment], [DiaryEntry, DiaryComment] + can [:hide, :unhide, :hidecomment, :unhidecomment], [DiaryEntry, DiaryComment] can [:index, :show, :resolve, :ignore, :reopen], Issue can :create, IssueComment can [:set_status, :delete, :index], User diff --git a/app/controllers/diary_entries_controller.rb b/app/controllers/diary_entries_controller.rb index 58671652f..464e9e971 100644 --- a/app/controllers/diary_entries_controller.rb +++ b/app/controllers/diary_entries_controller.rb @@ -226,6 +226,12 @@ class DiaryEntriesController < ApplicationController redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry) end + def unhidecomment + comment = DiaryComment.find(params[:comment]) + comment.update(:visible => true) + redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry) + end + def comments @comment_pages, @comments = paginate(:diary_comments, :conditions => { diff --git a/app/views/diary_entries/_diary_comment.html.erb b/app/views/diary_entries/_diary_comment.html.erb index 9ee675343..25bdcd968 100644 --- a/app/views/diary_entries/_diary_comment.html.erb +++ b/app/views/diary_entries/_diary_comment.html.erb @@ -9,7 +9,11 @@
<%= diary_comment.body.to_html %>
<% if current_user && current_user.administrator? %> - <%= link_to t(".hide_link"), hide_diary_comment_path(:display_name => diary_comment.diary_entry.user.display_name, :id => diary_comment.diary_entry.id, :comment => diary_comment.id), :method => :post, :data => { :confirm => t(".confirm") } %> + <% if diary_comment.visible? %> + <%= link_to t(".hide_link"), hide_diary_comment_path(:display_name => diary_comment.diary_entry.user.display_name, :id => diary_comment.diary_entry.id, :comment => diary_comment.id), :method => :post, :data => { :confirm => t(".confirm") } %> + <% else %> + <%= link_to t(".unhide_link"), unhide_diary_comment_path(:display_name => diary_comment.diary_entry.user.display_name, :id => diary_comment.diary_entry.id, :comment => diary_comment.id), :method => :post, :data => { :confirm => t(".confirm") } %> + <% end %> <% end %> diff --git a/config/locales/en.yml b/config/locales/en.yml index b4cfad091..6426ee56b 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -337,6 +337,7 @@ en: diary_comment: comment_from: "Comment from %{link_user} on %{comment_created_at}" hide_link: Hide this comment + unhide_link: Unhide this comment confirm: Confirm report: Report this comment location: diff --git a/config/routes.rb b/config/routes.rb index 994d08550..3f0c7b494 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -236,6 +236,7 @@ OpenStreetMap::Application.routes.draw do post "/user/:display_name/diary/:id/hide" => "diary_entries#hide", :id => /\d+/, :as => :hide_diary_entry post "/user/:display_name/diary/:id/unhide" => "diary_entries#unhide", :id => /\d+/, :as => :unhide_diary_entry post "/user/:display_name/diary/:id/hidecomment/:comment" => "diary_entries#hidecomment", :id => /\d+/, :comment => /\d+/, :as => :hide_diary_comment + post "/user/:display_name/diary/:id/unhidecomment/:comment" => "diary_entries#unhidecomment", :id => /\d+/, :comment => /\d+/, :as => :unhide_diary_comment post "/user/:display_name/diary/:id/subscribe" => "diary_entries#subscribe", :as => :diary_entry_subscribe, :id => /\d+/ post "/user/:display_name/diary/:id/unsubscribe" => "diary_entries#unsubscribe", :as => :diary_entry_unsubscribe, :id => /\d+/ diff --git a/test/controllers/diary_entries_controller_test.rb b/test/controllers/diary_entries_controller_test.rb index 6011de9ab..2b4230db7 100644 --- a/test/controllers/diary_entries_controller_test.rb +++ b/test/controllers/diary_entries_controller_test.rb @@ -93,6 +93,10 @@ class DiaryEntriesControllerTest < ActionController::TestCase { :path => "/user/username/diary/1/hidecomment/2", :method => :post }, { :controller => "diary_entries", :action => "hidecomment", :display_name => "username", :id => "1", :comment => "2" } ) + assert_routing( + { :path => "/user/username/diary/1/unhidecomment/2", :method => :post }, + { :controller => "diary_entries", :action => "unhidecomment", :display_name => "username", :id => "1", :comment => "2" } + ) assert_routing( { :path => "/user/username/diary/1/subscribe", :method => :post }, { :controller => "diary_entries", :action => "subscribe", :display_name => "username", :id => "1" } @@ -809,6 +813,34 @@ class DiaryEntriesControllerTest < ActionController::TestCase assert_equal false, DiaryComment.find(diary_comment.id).visible end + def test_unhidecomment + user = create(:user) + administrator_user = create(:administrator_user) + diary_entry = create(:diary_entry, :user => user) + diary_comment = create(:diary_comment, :diary_entry => diary_entry, :visible => false) + # Try without logging in + post :unhidecomment, + :params => { :display_name => user.display_name, :id => diary_entry.id, :comment => diary_comment.id } + assert_response :forbidden + assert_equal false, DiaryComment.find(diary_comment.id).visible + + # Now try as a normal user + post :unhidecomment, + :params => { :display_name => user.display_name, :id => diary_entry.id, :comment => diary_comment.id }, + :session => { :user => user } + assert_response :redirect + assert_redirected_to :controller => :errors, :action => :forbidden + assert_equal false, DiaryComment.find(diary_comment.id).visible + + # Finally try as an administrator + post :unhidecomment, + :params => { :display_name => user.display_name, :id => diary_entry.id, :comment => diary_comment.id }, + :session => { :user => administrator_user } + assert_response :redirect + assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id + assert_equal true, DiaryComment.find(diary_comment.id).visible + end + def test_comments user = create(:user) other_user = create(:user) -- 2.39.5