diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-08-22 14:25:41 +0100 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-08-29 13:50:27 +0100 |
| commit | c90b7fdc9b46e4aa444346e2c4ba0be0838f1506 (patch) | |
| tree | 1d8a24081b6c1813a4f8e47ef9cea60e6fbc2014 /perllib/FixMyStreet/App/Controller/Moderate.pm | |
| parent | 71e86b456f99418cc646dac3f8bffe87ec4fc7f6 (diff) | |
Allow cobrand to add extra ability to moderate.
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Moderate.pm')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Moderate.pm | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Moderate.pm b/perllib/FixMyStreet/App/Controller/Moderate.pm index 17e4c6dd2..45a303309 100644 --- a/perllib/FixMyStreet/App/Controller/Moderate.pm +++ b/perllib/FixMyStreet/App/Controller/Moderate.pm @@ -42,6 +42,7 @@ sub moderate : Chained('/') : PathPart('moderate') : CaptureArgs(0) { } sub report : Chained('moderate') : PathPart('report') : CaptureArgs(1) { my ($self, $c, $id) = @_; my $problem = $c->model('DB::Problem')->find($id); + $c->detach unless $problem; my $cobrand_base = $c->cobrand->base_url_for_report( $problem ); my $report_uri = $cobrand_base . $problem->url; @@ -49,9 +50,8 @@ sub report : Chained('moderate') : PathPart('report') : CaptureArgs(1) { $c->stash->{report_uri} = $report_uri; $c->res->redirect( $report_uri ); # this will be the final endpoint after all processing... - # ... and immediately, if the user isn't authorized + # ... and immediately, if the user isn't logged in $c->detach unless $c->user_exists; - $c->detach unless $c->user->can_moderate($problem); $c->forward('/auth/check_csrf_token'); @@ -69,6 +69,9 @@ sub report : Chained('moderate') : PathPart('report') : CaptureArgs(1) { sub moderate_report : Chained('report') : PathPart('') : Args(0) { my ($self, $c) = @_; + # Make sure user can moderate this report + $c->detach unless $c->user->can_moderate($c->stash->{problem}); + $c->forward('report_moderate_hide'); my @types = grep $_, @@ -208,6 +211,9 @@ sub update : Chained('report') : PathPart('update') : CaptureArgs(1) { my ($self, $c, $id) = @_; my $comment = $c->stash->{problem}->comments->find($id); + # Make sure user can moderate this update + $c->detach unless $comment && $c->user->can_moderate($comment); + my $original = $comment->find_or_new_related( moderation_original_data => { detail => $comment->text, photo => $comment->photo, @@ -263,13 +269,6 @@ sub update_moderate_hide : Private { return; } -sub return_text : Private { - my ($self, $c, $text) = @_; - - $c->res->content_type('text/plain; charset=utf-8'); - $c->res->body( $text // '' ); -} - __PACKAGE__->meta->make_immutable; 1; |