diff options
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/My.pm | 32 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report.pm | 6 | ||||
| -rw-r--r-- | t/app/controller/my.t | 51 | ||||
| -rw-r--r-- | t/app/controller/report_display.t | 6 | ||||
| -rw-r--r-- | t/app/controller/report_updates.t | 20 | ||||
| -rw-r--r-- | templates/web/base/my/anonymize.html | 26 | ||||
| -rw-r--r-- | templates/web/base/report/_main.html | 4 | ||||
| -rw-r--r-- | templates/web/base/report/_report_meta_info.html | 3 | ||||
| -rw-r--r-- | templates/web/base/report/update.html | 5 | ||||
| -rw-r--r-- | templates/web/fixmystreet.com/report/_report_meta_info.html | 3 | ||||
| -rw-r--r-- | web/cobrands/fixmystreet/fixmystreet.js | 22 |
11 files changed, 160 insertions, 18 deletions
diff --git a/perllib/FixMyStreet/App/Controller/My.pm b/perllib/FixMyStreet/App/Controller/My.pm index 0eb1ad3f1..6fee25ec5 100644 --- a/perllib/FixMyStreet/App/Controller/My.pm +++ b/perllib/FixMyStreet/App/Controller/My.pm @@ -234,6 +234,38 @@ sub by_shortlisted { } } +sub anonymize : Path('anonymize') { + my ($self, $c) = @_; + $c->forward('/auth/get_csrf_token'); + + my $object; + if (my $id = $c->get_param('problem')) { + $c->forward( '/report/load_problem_or_display_error', [ $id ] ); + $object = $c->stash->{problem}; + } elsif ($id = $c->get_param('update')) { + $c->stash->{update} = $object = $c->model('DB::Comment')->find({ id => $id }); + $c->detach('/page_error_400_bad_request') unless $object; + } else { + $c->detach('/page_error_404_not_found'); + } + $c->detach('/page_error_400_bad_request') unless $c->user->id == $object->user_id; + $c->detach('/page_error_400_bad_request') if $object->anonymous; + + if ($c->get_param('hide') || $c->get_param('hide_everywhere')) { + $c->detach('/page_error_400_bad_request') unless $c->req->method eq 'POST'; + $c->forward('/auth/check_csrf_token'); + if ($c->get_param('hide')) { + $object->update({ anonymous => 1 }); + $c->flash->{anonymized} = _('Your name has been hidden.'); + } elsif ($c->get_param('hide_everywhere')) { + $c->user->problems->update({anonymous => 1}); + $c->user->comments->update({anonymous => 1}); + $c->flash->{anonymized} = _('Your name has been hidden from all your reports and updates.'); + } + $c->res->redirect($object->url); + } +} + __PACKAGE__->meta->make_immutable; 1; diff --git a/perllib/FixMyStreet/App/Controller/Report.pm b/perllib/FixMyStreet/App/Controller/Report.pm index b6978424f..368bbcf27 100644 --- a/perllib/FixMyStreet/App/Controller/Report.pm +++ b/perllib/FixMyStreet/App/Controller/Report.pm @@ -181,8 +181,10 @@ sub load_updates : Private { @combined = map { $_->[1] } sort { $a->[0] <=> $b->[0] } @combined; $c->stash->{updates} = \@combined; - if ($c->sessionid && $c->flash->{alert_to_reporter}) { - $c->stash->{alert_to_reporter} = 1; + if ($c->sessionid) { + foreach (qw(alert_to_reporter anonymized)) { + $c->stash->{$_} = $c->flash->{$_} if $c->flash->{$_}; + } } return 1; diff --git a/t/app/controller/my.t b/t/app/controller/my.t index 8803e7877..47539ba55 100644 --- a/t/app/controller/my.t +++ b/t/app/controller/my.t @@ -4,9 +4,14 @@ my $mech = FixMyStreet::TestMech->new; $mech->get_ok('/my'); is $mech->uri->path, '/auth', "got sent to the sign in page"; -$mech->create_problems_for_body(1, 1234, 'Test Title'); +$mech->get_ok('/my/anonymize'); +is $mech->uri->path, '/auth', "got sent to the sign in page"; + +my @problems = $mech->create_problems_for_body(3, 1234, 'Test Title'); +$problems[1]->update({anonymous => 1}); + my $other_user = FixMyStreet::DB->resultset('User')->find_or_create({ email => 'another@example.com' }); -$mech->create_problems_for_body(1, 1234, 'Another Title', { user => $other_user }); +my @other = $mech->create_problems_for_body(1, 1234, 'Another Title', { user => $other_user }); my $user = $mech->log_in_ok( 'test@example.com' ); $mech->get_ok('/my'); @@ -15,6 +20,48 @@ is $mech->uri->path, '/my', "stayed on '/my' page"; $mech->content_contains('Test Title'); $mech->content_lacks('Another Title'); +my @update; +my $i = 0; +foreach ($user, $user, $other_user) { + $update[$i] = FixMyStreet::App->model('DB::Comment')->create({ + text => 'this is an update', + user => $_, + state => 'confirmed', + problem => $problems[0], + mark_fixed => 0, + confirmed => \'current_timestamp', + anonymous => $i % 2, + }); + $i++; +} + +foreach ( + { type => 'problem', id => 0, result => 404, desc => 'nothing' }, + { type => 'problem', obj => $problems[0], result => 200, desc => 'own report' }, + { type => 'problem', obj => $problems[1], result => 400, desc => 'already anon report' }, + { type => 'problem', obj => $other[0], result => 400, desc => 'other user report' }, + { type => 'update', id => -1, result => 400, desc => 'non-existent update' }, + { type => 'update', obj => $update[0], result => 200, desc => 'own update' }, + { type => 'update', obj => $update[1], result => 400, desc => 'already anon update' }, + { type => 'update', obj => $update[2], result => 400, desc => 'other user update' }, +) { + my $id = $_->{id} // $_->{obj}->id; + $mech->get("/my/anonymize?$_->{type}=$id"); + is $mech->res->code, $_->{result}, "Got $_->{result} fetching $_->{desc}"; + if ($_->{result} == 200) { + $mech->submit_form_ok( { button => 'hide' }, 'Submit button to hide name' ); + $_->{obj}->discard_changes; + is $_->{obj}->anonymous, 1, 'Object now made anonymous'; + $_->{obj}->update({anonymous => 0}); + } +} + +$mech->get("/my/anonymize?problem=" . $problems[0]->id); +$mech->submit_form_ok( { button => 'hide_everywhere' }, 'Submit button to hide name everywhere' ); +is $problems[0]->discard_changes->anonymous, 1, 'Problem from form made anonymous'; +is $problems[2]->discard_changes->anonymous, 1, 'Other user problem made anonymous'; +is $update[0]->discard_changes->anonymous, 1, 'User update made anonymous'; + done_testing(); END { diff --git a/t/app/controller/report_display.t b/t/app/controller/report_display.t index 81b0ffb86..5993a6304 100644 --- a/t/app/controller/report_display.t +++ b/t/app/controller/report_display.t @@ -547,14 +547,14 @@ subtest "check user details show when a user has correct permissions" => sub { $mech->log_in_ok( $oxfordshireuser->email ); ok $mech->get("/report/$report_id"), "get '/report/$report_id'"; is $mech->extract_problem_meta, - 'Reported in the Roads category by Oxfordshire County Council (Council User) at 15:17, Tue 10 January 2012', + 'Reported in the Roads category by Oxfordshire County Council (Council User) at 15:17, Tue 10 January 2012 (Hide your name?)', 'correct problem meta information'; ok $oxfordshireuser->user_body_permissions->delete_all, "Remove view_body_contribute_details permissions"; ok $mech->get("/report/$report_id"), "get '/report/$report_id'"; is $mech->extract_problem_meta, - 'Reported in the Roads category by Oxfordshire County Council at 15:17, Tue 10 January 2012', + 'Reported in the Roads category by Oxfordshire County Council at 15:17, Tue 10 January 2012 (Hide your name?)', 'correct problem meta information for user without relevant permissions'; $mech->log_out_ok; @@ -574,7 +574,7 @@ subtest "check brackets don't appear when username and report name are the same" $mech->log_in_ok( $oxfordshireuser->email ); ok $mech->get("/report/$report_id"), "get '/report/$report_id'"; is $mech->extract_problem_meta, - 'Reported in the Roads category by Council User at 15:17, Tue 10 January 2012', + 'Reported in the Roads category by Council User at 15:17, Tue 10 January 2012 (Hide your name?)', 'correct problem meta information'; }; diff --git a/t/app/controller/report_updates.t b/t/app/controller/report_updates.t index 941989f24..2a20320bc 100644 --- a/t/app/controller/report_updates.t +++ b/t/app/controller/report_updates.t @@ -716,11 +716,11 @@ for my $test ( my $update_meta = $mech->extract_update_metas; my $meta_state = $test->{meta} || $test->{fields}->{state}; if ( $test->{reopened} ) { - like $update_meta->[0], qr/reopened$/, 'update meta says reopened'; + like $update_meta->[0], qr/reopened/, 'update meta says reopened'; } elsif ( $test->{state} eq 'duplicate' ) { - like $update_meta->[0], qr/closed as $meta_state$/, 'update meta includes state change'; + like $update_meta->[0], qr/closed as $meta_state/, 'update meta includes state change'; } else { - like $update_meta->[0], qr/marked as $meta_state$/, 'update meta includes state change'; + like $update_meta->[0], qr/marked as $meta_state/, 'update meta includes state change'; } if ($test->{view_username}) { @@ -755,24 +755,24 @@ subtest 'check meta correct for comments marked confirmed but not marked open' = $mech->get_ok( "/report/" . $report->id ); my $update_meta = $mech->extract_update_metas; - unlike $update_meta->[0], qr/reopened$/, + unlike $update_meta->[0], qr/reopened/, 'update meta does not say reopened'; $comment->update( { mark_open => 1, problem_state => undef } ); $mech->get_ok( "/report/" . $report->id ); $update_meta = $mech->extract_update_metas; - unlike $update_meta->[0], qr/marked as open$/, + unlike $update_meta->[0], qr/marked as open/, 'update meta does not says marked as open'; - like $update_meta->[0], qr/reopened$/, 'update meta does say reopened'; + like $update_meta->[0], qr/reopened/, 'update meta does say reopened'; $comment->update( { mark_open => 0, problem_state => undef } ); $mech->get_ok( "/report/" . $report->id ); $update_meta = $mech->extract_update_metas; - unlike $update_meta->[0], qr/marked as open$/, + unlike $update_meta->[0], qr/marked as open/, 'update meta does not says marked as open'; - unlike $update_meta->[0], qr/reopened$/, 'update meta does not say reopened'; + unlike $update_meta->[0], qr/reopened/, 'update meta does not say reopened'; }; subtest "check first comment with no status change has no status in meta" => sub { @@ -911,7 +911,7 @@ subtest 'check meta correct for second comment marking as reopened' => sub { $mech->get_ok( "/report/" . $report->id ); my $update_meta = $mech->extract_update_metas; - like $update_meta->[0], qr/fixed$/, 'update meta says fixed'; + like $update_meta->[0], qr/fixed/, 'update meta says fixed'; $comment = FixMyStreet::App->model('DB::Comment')->create( { @@ -929,7 +929,7 @@ subtest 'check meta correct for second comment marking as reopened' => sub { $mech->get_ok( "/report/" . $report->id ); $update_meta = $mech->extract_update_metas; - like $update_meta->[1], qr/reopened$/, 'update meta says reopened'; + like $update_meta->[1], qr/reopened/, 'update meta says reopened'; }; $user->from_body(undef); diff --git a/templates/web/base/my/anonymize.html b/templates/web/base/my/anonymize.html new file mode 100644 index 000000000..e82a03ce0 --- /dev/null +++ b/templates/web/base/my/anonymize.html @@ -0,0 +1,26 @@ +[% INCLUDE 'header.html', + title = loc('Hide my name'), + bodyclass = 'twothirdswidthpage' %] + +<form method="post" action="/my/anonymize" class="box-warning hide-name-form"> + <input type="hidden" name="token" value="[% csrf_token %]"> + + [% IF update %] + <input type="hidden" name="update" value="[% update.id %]"> + <input class="btn-primary" type="submit" name="hide" value="[% loc('Hide my name in this update') %]"> + [% ELSIF problem %] + [% IF problem.bodies_str %] + <p>[% tprintf(loc('Your name has already been sent to %s, but we can hide it on this page:'), problem.body(c)) %]</p> + [% END %] + <input type="hidden" name="problem" value="[% problem.id %]"> + <input class="btn-primary" type="submit" name="hide" value="[% loc('Hide my name on this report') %]"> + [% END %] + + [% IF NOT c.user.from_body %] + <p>[% loc('Alternatively, we can hide your name on <strong>all of your reports and updates</strong> across the site:') %]</p> + <input class="btn" type="submit" name="hide_everywhere" value="[% loc('Hide my name everywhere') %]"> + [% END %] + +</form> + +[% INCLUDE 'footer.html' %] diff --git a/templates/web/base/report/_main.html b/templates/web/base/report/_main.html index 83a3a1109..405cb2118 100644 --- a/templates/web/base/report/_main.html +++ b/templates/web/base/report/_main.html @@ -64,6 +64,10 @@ [% INCLUDE 'report/_report_meta_info.html' %] </p> + [% IF anonymized ~%] + <p class="form-success">[% anonymized %]</p> + [% END ~%] + [% INCLUDE 'report/_main_sent_info.html' %] [% mlog = problem.latest_moderation_log_entry(); IF mlog %] <p>[% tprintf(loc('Moderated by %s at %s'), mlog.admin_user, prettify_dt(mlog.whenedited)) %]</p> diff --git a/templates/web/base/report/_report_meta_info.html b/templates/web/base/report/_report_meta_info.html index da7339c81..e2a6412a3 100644 --- a/templates/web/base/report/_report_meta_info.html +++ b/templates/web/base/report/_report_meta_info.html @@ -1,2 +1,5 @@ [% problem.meta_line(c) | html %] +[% IF c.user_exists AND c.user.id == problem.user_id AND !problem.anonymous %] + <small>(<a href="/my/anonymize?problem=[% problem.id | uri %]" class="js-hide-name">[% loc('Hide your name?') %]</a>)</small> +[% END %] [%- IF !problem.used_map %]; <strong>([% loc('there is no pin shown as the user did not use the map') %])</strong>[% END %] diff --git a/templates/web/base/report/update.html b/templates/web/base/report/update.html index 51c1a9e4f..1f1438bfc 100644 --- a/templates/web/base/report/update.html +++ b/templates/web/base/report/update.html @@ -24,7 +24,7 @@ <div class="item-list__update-wrap"> [% IF update.whenanswered %] <div class="item-list__update-text"> - <p class="meta-2"> [% INCLUDE meta_line %] </p> + <p class="meta-2">[% INCLUDE meta_line %]</p> </div> [% ELSE %] <a name="update_[% update.id %]" class="internal-link-fixed-header"></a> @@ -45,6 +45,9 @@ <p class="meta-2"> [% INCLUDE meta_line %] + [% IF c.user_exists AND c.user.id == update.user_id AND !update.anonymous %] + <small>(<a href="/my/anonymize?update=[% update.id | uri %]" class="js-hide-name">[% loc('Hide your name?') %]</a>)</small> + [% END %] [% mlog = update.latest_moderation_log_entry(); IF mlog %] <br />[% tprintf(loc('Moderated by %s at %s'), mlog.admin_user, prettify_dt(mlog.whenedited)) %] [% END %] diff --git a/templates/web/fixmystreet.com/report/_report_meta_info.html b/templates/web/fixmystreet.com/report/_report_meta_info.html index 88abd97be..5063d5284 100644 --- a/templates/web/fixmystreet.com/report/_report_meta_info.html +++ b/templates/web/fixmystreet.com/report/_report_meta_info.html @@ -2,4 +2,7 @@ [% IF c.cobrand.moniker != problem.get_cobrand_logged.moniker AND problem.get_cobrand_logged.is_council %] using <a href="https://www.fixmystreet.com/about/council">FixMyStreet Professional</a> [% END %] +[% IF c.user_exists AND c.user.id == problem.user_id AND !problem.anonymous %] + <small>(<a href="/my/anonymize?problem=[% problem.id | uri %]" class="js-hide-name">[% loc('Hide your name?') %]</a>)</small> +[% END %] [%- IF !problem.used_map %]; <strong>([% loc('there is no pin shown as the user did not use the map') %])</strong>[% END %] diff --git a/web/cobrands/fixmystreet/fixmystreet.js b/web/cobrands/fixmystreet/fixmystreet.js index 9afb28294..0bad32b4e 100644 --- a/web/cobrands/fixmystreet/fixmystreet.js +++ b/web/cobrands/fixmystreet/fixmystreet.js @@ -434,6 +434,28 @@ $.extend(fixmystreet.set_up, { }); }, + hide_name: function() { + $('body').on('click', '.js-hide-name', function(e){ + e.preventDefault(); + + var $p = $(this).parents('p'); + var $form = $p.next('.hide-name-form'); // might not exist yet + var url = $(this).attr('href'); + + if ($form.length) { + $form.slideUp(function(){ + $form.remove(); + }); + } else { + $.get(url).done(function(html){ + $(html).find('.hide-name-form').hide().insertAfter($p).slideDown(); + }).fail(function(){ + window.location.href = url; + }); + } + }); + }, + on_resize: function() { var last_type; $(window).on('resize', function() { |