diff options
| -rw-r--r-- | CHANGELOG.md | 3 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App.pm | 5 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/JSON.pm | 1 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Open311.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/BathNES.pm | 2 | ||||
| -rw-r--r-- | t/app/controller/open311.t | 41 | ||||
| -rw-r--r-- | templates/web/base/admin/bodies/body.html | 3 | ||||
| -rw-r--r-- | templates/web/base/admin/bodies/category.html | 3 | ||||
| -rw-r--r-- | templates/web/northamptonshire/header_extra.html | 1 | ||||
| -rw-r--r-- | web/cobrands/fixmystreet-uk-councils/alloy.js | 5 | ||||
| -rw-r--r-- | web/cobrands/fixmystreet/assets.js | 2 | ||||
| -rw-r--r-- | web/cobrands/northamptonshire/assets.js | 49 |
12 files changed, 99 insertions, 20 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 53a580b11..3967b8d92 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -39,6 +39,9 @@ - Stop category_change firing more than it should. - Fix extra question display when only one category. - Fix superusers creating anonymous reports. #2435 + - Ensure non_public reports aren't exposed at /open311 endpoint. + - Escape body name in admin title. + - Use REQUEST_URI, not PATH_INFO, to infer path. - Development improvements: - Make front page cache time configurable. - Better working of /fakemapit/ under https. diff --git a/perllib/FixMyStreet/App.pm b/perllib/FixMyStreet/App.pm index 2a279c4e2..36f736cd2 100644 --- a/perllib/FixMyStreet/App.pm +++ b/perllib/FixMyStreet/App.pm @@ -36,6 +36,11 @@ our $VERSION = '0.01'; __PACKAGE__->config( + # Use REQUEST_URI, not PATH_INFO, to infer path. This fixes an issue + # with slashes in category names in admin (as PATH_INFO can't tell + # the difference between / and %2F) + use_request_uri_for_path => 1, + # get the config from the core object %{ FixMyStreet->config() }, diff --git a/perllib/FixMyStreet/App/Controller/JSON.pm b/perllib/FixMyStreet/App/Controller/JSON.pm index e1e135054..ccc5b31dc 100644 --- a/perllib/FixMyStreet/App/Controller/JSON.pm +++ b/perllib/FixMyStreet/App/Controller/JSON.pm @@ -87,6 +87,7 @@ sub problems : Local { my $query = { $date_col => $range->sql, state => [ @state ], + non_public => 0, }; $query->{category} = $category if $category; my @problems = $c->cobrand->problems->search( $query, { diff --git a/perllib/FixMyStreet/App/Controller/Open311.pm b/perllib/FixMyStreet/App/Controller/Open311.pm index 97e1a782a..841330e92 100644 --- a/perllib/FixMyStreet/App/Controller/Open311.pm +++ b/perllib/FixMyStreet/App/Controller/Open311.pm @@ -309,7 +309,8 @@ sub get_requests : Private { delete $states->{unconfirmed}; delete $states->{submitted}; my $criteria = { - state => [ keys %$states ] + state => [ keys %$states ], + non_public => 0, }; my %rules = ( @@ -414,6 +415,7 @@ sub get_request : Private { my $criteria = { state => [ keys %$states ], id => $id, + non_public => 0, }; $c->forward( 'output_requests', [ $criteria ] ); } diff --git a/perllib/FixMyStreet/Cobrand/BathNES.pm b/perllib/FixMyStreet/Cobrand/BathNES.pm index e26e846c3..773edd3c3 100644 --- a/perllib/FixMyStreet/Cobrand/BathNES.pm +++ b/perllib/FixMyStreet/Cobrand/BathNES.pm @@ -22,6 +22,8 @@ sub contact_email { return join( '@', 'councilconnect_rejections', 'bathnes.gov.uk' ); } +sub suggest_duplicates { 1 } + sub admin_user_domain { 'bathnes.gov.uk' } sub base_url { diff --git a/t/app/controller/open311.t b/t/app/controller/open311.t index 9f4f594fe..79fe159a3 100644 --- a/t/app/controller/open311.t +++ b/t/app/controller/open311.t @@ -6,7 +6,7 @@ my $mech = FixMyStreet::TestMech->new; $mech->get_ok('/open311.cgi/v2/requests.rss?jurisdiction_id=fiksgatami.no&status=open&agency_responsible=1854'); like $mech->uri, qr[/open311/v2/requests\.rss\?.{65}]; # Don't know order parameters will be in now -$mech->create_problems_for_body(2, 2237, 'Around page'); +my ($problem1, $problem2) = $mech->create_problems_for_body(2, 2237, 'Around page'); $mech->get_ok('/open311/v2/requests.xml?jurisdiction_id=foo&status=open&agency_responsible=2237'); $mech->content_contains('<description>Around page Test 2 for 2237: Around page Test 2 for 2237 Detail</description>'); $mech->content_contains('<interface_used>Web interface</interface_used>'); @@ -18,4 +18,43 @@ my $problems = $json->{requests}[0]{request}; is @$problems, 2; like $problems->[0]{description}, qr/Around page Test/; +subtest "non_public reports aren't available" => sub { + $problem1->update({ + non_public => 1, + detail => 'This report is now private', + }); + $mech->get_ok('/open311/v2/requests.json?jurisdiction_id=foo'); + $json = decode_json($mech->content); + $problems = $json->{requests}[0]{request}; + is @$problems, 1; + like $problems->[0]{description}, qr/Around page Test/; + $mech->content_lacks('This report is now private'); + + my $problem_id = $problem1->id; + $mech->get_ok("/open311/v2/requests/$problem_id.json?jurisdiction_id=foo"); + $json = decode_json($mech->content); + $problems = $json->{requests}[0]{request}; + is @$problems, 0; +}; + +subtest "hidden reports aren't available" => sub { + $problem1->update({ + non_public => 0, + detail => 'This report is now hidden', + state => "hidden", + }); + $mech->get_ok('/open311/v2/requests.json?jurisdiction_id=foo'); + $json = decode_json($mech->content); + $problems = $json->{requests}[0]{request}; + is @$problems, 1; + like $problems->[0]{description}, qr/Around page Test/; + $mech->content_lacks('This report is now hidden'); + + my $problem_id = $problem1->id; + $mech->get_ok("/open311/v2/requests/$problem_id.json?jurisdiction_id=foo"); + $json = decode_json($mech->content); + $problems = $json->{requests}[0]{request}; + is @$problems, 0; +}; + done_testing(); diff --git a/templates/web/base/admin/bodies/body.html b/templates/web/base/admin/bodies/body.html index afd2eff46..8f298676e 100644 --- a/templates/web/base/admin/bodies/body.html +++ b/templates/web/base/admin/bodies/body.html @@ -1,4 +1,5 @@ -[% INCLUDE 'admin/header.html' title=tprintf(loc('Council contacts for %s'), body.name) -%] +[% body_name = body.name | html; + INCLUDE 'admin/header.html' title=tprintf(loc('Council contacts for %s'), body_name) -%] [% PROCESS 'admin/report_blocks.html' %] [% IF updated %] diff --git a/templates/web/base/admin/bodies/category.html b/templates/web/base/admin/bodies/category.html index 2f789ed81..de8cb19ec 100644 --- a/templates/web/base/admin/bodies/category.html +++ b/templates/web/base/admin/bodies/category.html @@ -1,4 +1,5 @@ -[% INCLUDE 'admin/header.html' title=tprintf(loc('Council contacts for %s'), body.name) -%] +[% body_name = body.name | html; + INCLUDE 'admin/header.html' title=tprintf(loc('Council contacts for %s'), body_name) -%] [% BLOCK highlightchanged_yesno %] [%- output = loc('No') %] diff --git a/templates/web/northamptonshire/header_extra.html b/templates/web/northamptonshire/header_extra.html index d180c614f..3915e073b 100644 --- a/templates/web/northamptonshire/header_extra.html +++ b/templates/web/northamptonshire/header_extra.html @@ -1 +1,2 @@ +[% INCLUDE 'tracking_code.html' %] <link rel="stylesheet" type="text/css" href="https://fonts.googleapis.com/css?family=Open+Sans:400,700"> diff --git a/web/cobrands/fixmystreet-uk-councils/alloy.js b/web/cobrands/fixmystreet-uk-councils/alloy.js index 1ceabef66..1ade3a1fa 100644 --- a/web/cobrands/fixmystreet-uk-councils/alloy.js +++ b/web/cobrands/fixmystreet-uk-councils/alloy.js @@ -11,7 +11,7 @@ OpenLayers.Protocol.Alloy = OpenLayers.Class(OpenLayers.Protocol.HTTP, { var rresp; var start = new Date(); var max = all_tiles.length; - $(fixmystreet).trigger('alloy:start_request', [start, max]); + options.scope.newRequest(start, max); for (var i = 0; i < max; i++) { var resp = new OpenLayers.Protocol.Response({requestType: "read"}); resp.start = start; @@ -69,9 +69,8 @@ OpenLayers.Strategy.Alloy = OpenLayers.Class(OpenLayers.Strategy.FixMyStreet, { requestStart: 0, initialize: function(name, options) { OpenLayers.Strategy.FixMyStreet.prototype.initialize.apply(this, arguments); - $(fixmystreet).on('alloy:start_request', this.newRequest.bind(this)); }, - newRequest: function(evt, start, max) { + newRequest: function(start, max) { this.max = max; this.requestStart = start; this.count = 0; diff --git a/web/cobrands/fixmystreet/assets.js b/web/cobrands/fixmystreet/assets.js index e4a48dc34..8b121066b 100644 --- a/web/cobrands/fixmystreet/assets.js +++ b/web/cobrands/fixmystreet/assets.js @@ -405,6 +405,8 @@ function layer_visibilitychanged() { this.road_not_found(); } return; + } else if (!this.getVisibility()) { + this.asset_not_found(); } check_zoom_message_visibility.call(this); diff --git a/web/cobrands/northamptonshire/assets.js b/web/cobrands/northamptonshire/assets.js index 9d27933f0..36f354761 100644 --- a/web/cobrands/northamptonshire/assets.js +++ b/web/cobrands/northamptonshire/assets.js @@ -30,6 +30,11 @@ function disable_report_form() { $(".js-hide-if-invalid-category").hide(); } +var is_live = false; +if ( location.hostname === 'www.fixmystreet.com' || location.hostname == 'fixmystreet.northamptonshire.gov.uk' ) { + is_live = true; +} + var layers = [ /* { @@ -267,8 +272,8 @@ var layers = [ "categories": [ "Damaged / Missing / Facing Wrong Way", "Obscured by vegetation or Dirty" ], "item_name": "sign", "layer_name": "Signs", - "layer": 60, - "version": "60.2113-" + "layer": is_live ? 60 : 303, + "version": is_live ? "60.2113-" : "303.1-" }, { "categories": [ "Shelter Damaged", "Sign/Pole Damaged" ], @@ -322,12 +327,10 @@ var layers = [ { "categories": [ "Fallen Tree", - "Restricted Visibility / Overgrown / Overhanging", - "Restricted Visibility", ], "layer_name": "Tree", - "layer": 307, - "version": "307.1-" + "layer": is_live ? 307 : 228, + "version": is_live ? "307.1-" : "228.24-" }, { "categories": [ "Safety Bollard - Damaged/Missing" ], @@ -343,6 +346,7 @@ $(fixmystreet).on('report_new:highways_change', function() { if (fixmystreet.body_overrides.get_only_send() === 'Highways England') { hide_responsibility_errors(); enable_report_form(); + $('#ncc_streetlights').remove(); } else { $(fixmystreet).trigger('report_new:category_change', [ $('#form_category') ]); } @@ -360,10 +364,6 @@ OpenLayers.Layer.NCCVectorAsset = OpenLayers.Class(OpenLayers.Layer.VectorAsset, CLASS_NAME: 'OpenLayers.Layer.NCCVectorAsset' }); -var is_live = false; -if ( location.hostname === 'www.fixmystreet.com' || location.hostname == 'fixmystreet.northamptonshire.gov.uk' ) { - is_live = true; -} // default options for northants assets include // a) checking for multiple assets in same location // b) preventing submission unless an asset is selected @@ -422,7 +422,7 @@ var northants_defaults = $.extend(true, {}, fixmystreet.assets.alloy_defaults, { var emergency_state = ncc_is_emergency_category(); disable_report_form(); - if (!emergency_state.relevant || emergency_state.body) { + if ((!emergency_state.relevant || emergency_state.body) && this.visibility) { show_responsibility_error('#js-not-an-asset', this.fixmystreet.asset_item, this.fixmystreet.asset_type); } else { hide_responsibility_errors(); @@ -536,8 +536,8 @@ var highways_style = new OpenLayers.Style({ fixmystreet.assets.add($.extend(true, {}, northants_road_defaults, { protocol_class: OpenLayers.Protocol.Alloy, http_options: { - layerid: 20, - layerVersion: '20.123-', + layerid: is_live ? 20 : 308, + layerVersion: is_live ? '20.123-' : '308.8-', }, stylemap: new OpenLayers.StyleMap({ 'default': highways_style @@ -568,6 +568,8 @@ fixmystreet.assets.add($.extend(true, {}, northants_road_defaults, { "Icy Footpath", "Icy Road", "Missed published Gritted Route", + "Restricted Visibility / Overgrown / Overhanging", + "Restricted Visibility", ] })); @@ -628,4 +630,25 @@ function check_emergency() { } $(fixmystreet).on('report_new:category_change', check_emergency); +function ncc_check_streetlights() { + var relevant_body = OpenLayers.Util.indexOf(fixmystreet.bodies, northants_defaults.body) > -1; + var relevant_cat = $('#form_category').val() == 'Street lighting'; + var relevant = relevant_body && relevant_cat; + var currently_shown = !!$('#ncc_streetlights').length; + + if (relevant === currently_shown || fixmystreet.body_overrides.get_only_send() == 'Highways England') { + return; + } + + if (!relevant) { + $('#ncc_streetlights').remove(); + return; + } + + var $msg = $('<p id="ncc_streetlights" class="box-warning">Street lighting in Northamptonshire is maintained by Balfour Beatty on behalf of the County Council under a Street Lighting Private Finance Initiative (PFI) contract. Please view our <b><a href="https://www3.northamptonshire.gov.uk/councilservices/northamptonshire-highways/roads-and-streets/Pages/street-lighting.aspx">Street Lighting</a></b> page to report any issues.</p>'); + $msg.insertBefore('#js-post-category-messages'); + disable_report_form(); +} +$(fixmystreet).on('report_new:category_change', ncc_check_streetlights); + })(); |