diff options
| author | Dave Arter <davea@mysociety.org> | 2015-03-03 17:07:44 +0000 |
|---|---|---|
| committer | Steven Day <steve@mysociety.org> | 2015-06-29 12:43:01 +0100 |
| commit | 1c0897b453e11f35956ecdfbb1363d546d3209ae (patch) | |
| tree | ada2357f4ff51f49ee8c2cb6ff972e21964dc1e1 /perllib | |
| parent | da78aadcf5beee72e685b07479e54f9e2f3b3e8d (diff) | |
Ignore invalid categories in /around query string
Diffstat (limited to 'perllib')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Around.pm | 39 |
1 files changed, 35 insertions, 4 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Around.pm b/perllib/FixMyStreet/App/Controller/Around.pm index 1533a34da..85b623372 100644 --- a/perllib/FixMyStreet/App/Controller/Around.pm +++ b/perllib/FixMyStreet/App/Controller/Around.pm @@ -165,14 +165,13 @@ sub display_location : Private { $c->stash->{all_pins} = $all_pins; my $interval = $all_pins ? undef : $c->cobrand->on_map_default_max_pin_age; - # Filter by report category - my $category = $c->req->param('category'); - $c->stash->{category} = $category; + # Check the category to filter by, if any, is valid + $c->forward('check_and_stash_category'); # get the map features my ( $on_map_all, $on_map, $around_map, $distance ) = FixMyStreet::Map::map_features( $c, $latitude, $longitude, - $interval, $category ); + $interval, $c->stash->{category} ); # copy the found reports to the stash $c->stash->{on_map} = $on_map; @@ -225,6 +224,38 @@ sub check_location_is_acceptable : Private { return $c->forward('/council/load_and_check_areas'); } +=head2 check_and_stash_category + +Check that the 'category' query param is valid, if it's present. Stores +the validated string in the stash as filter_category. +Puts all the valid categories in filter_categories on the stash. + +=cut + +sub check_and_stash_category : Private { + my ( $self, $c ) = @_; + + my $category = $c->req->param('category'); + if ( $category ) { + my $all_areas = $c->stash->{all_areas}; + my @bodies = $c->model('DB::Body')->search( + { 'body_areas.area_id' => [ keys %$all_areas ], deleted => 0 }, + { join => 'body_areas' } + )->all; + my %bodies = map { $_->id => $_ } @bodies; + + my $count = $c->model('DB::Contact')->not_deleted->search( + { + body_id => [ keys %bodies ], + category => $category + } + )->count; + if ( $count ) { + $c->stash->{category} = $category; + } + } +} + =head2 /ajax Handle the ajax calls that the map makes when it is dragged. The info returned |