diff options
| author | Struan Donald <struan@exo.org.uk> | 2011-05-27 15:21:52 +0100 |
|---|---|---|
| committer | Struan Donald <struan@exo.org.uk> | 2011-05-27 15:21:52 +0100 |
| commit | c1d452268803870478c568f1611a7dc7d211a7be (patch) | |
| tree | 82af4898832d220f51f42861edef4a6fe09b88c3 /perllib/FixMyStreet/App/Controller/Questionnaire.pm | |
| parent | d0c08d710c23eed672c2c88834820c7bcf25eb91 (diff) | |
make sure you are allowed to answer the questionnaire asked when a problem reporter marks the problem as fixed.
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Questionnaire.pm')
| -rwxr-xr-x | perllib/FixMyStreet/App/Controller/Questionnaire.pm | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Questionnaire.pm b/perllib/FixMyStreet/App/Controller/Questionnaire.pm index c6d7e7634..addbfb826 100755 --- a/perllib/FixMyStreet/App/Controller/Questionnaire.pm +++ b/perllib/FixMyStreet/App/Controller/Questionnaire.pm @@ -46,9 +46,7 @@ sub load_questionnaire : Private { } unless ( $questionnaire->problem->state eq 'confirmed' || $questionnaire->problem->state eq 'fixed' ) { - $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); - $c->stash->{template} = 'questionnaire/error.html'; - $c->detach; + $c->detach('missing_problem'); } $c->stash->{problem} = $questionnaire->problem; @@ -76,6 +74,19 @@ sub submit : Path('submit') { return 1; } +=head2 missing_problem + +Display couldn't locate problem error message + +=cut + +sub missing_problem : Private { + my ( $self, $c ) = @_; + + $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); + $c->stash->{template} = 'questionnaire/error.html'; +} + sub submit_creator_fixed : Private { my ( $self, $c ) = @_; @@ -83,6 +94,21 @@ sub submit_creator_fixed : Private { map { $c->stash->{$_} = $c->req->params->{$_} || '' } qw(reported problem); + # should only be able to get to here if we are logged and we have a + # problem + unless ( $c->user && $c->stash->{problem} ) { + $c->detach('missing_problem'); + } + + my $problem = $c->model('DB::Problem')->find( { id => + $c->stash->{problem} } ); + + # you should not be able to answer questionnaires about problems + # that you've not submitted + if ( $c->user->id != $problem->user->id ) { + $c->detach('missing_problem'); + } + push @errors, _('Please say whether you\'ve ever reported a problem to your council before') unless $c->stash->{reported}; $c->stash->{problem_id} = $c->stash->{problem}; |