diff options
| -rw-r--r-- | conf/httpd.conf | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/Update.pm | 59 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Tokens.pm | 36 | ||||
| -rw-r--r-- | perllib/FixMyStreet/DB/Result/Comment.pm | 25 | ||||
| -rw-r--r-- | t/app/controller/alert.t | 20 | ||||
| -rw-r--r-- | t/app/controller/report_updates.t | 7 |
6 files changed, 134 insertions, 15 deletions
diff --git a/conf/httpd.conf b/conf/httpd.conf index 1a090226b..8d70c475d 100644 --- a/conf/httpd.conf +++ b/conf/httpd.conf @@ -109,7 +109,7 @@ RewriteRule /(.+) /$1 [L] # RewriteRule ^/contact(.*) /contact.cgi$1 [L] RewriteRule ^/flickr(.*) /flickr.cgi$1 [L] RewriteRule ^/fun(.*) /fun.cgi$1 [L] -RewriteRule ^/json(.*) /json.cgi$1 [L] +# RewriteRule ^/json(.*) /json.cgi$1 [L] # RewriteRule ^/photo(.*) /photo.cgi$1 [L] RewriteRule ^/questionnaire(.*) /questionnaire.cgi$1 [L] # RewriteRule ^/reports(.*) /reports.cgi$1 [L] diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm index 1100cf17b..91f05c32f 100644 --- a/perllib/FixMyStreet/App/Controller/Report/Update.pm +++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm @@ -31,6 +31,59 @@ sub report_update : Path : Args(0) { && $c->forward('redirect_or_confirm_creation'); } +sub confirm : Private { + my ( $self, $c ) = @_; + + $c->stash->{update}->confirm; + $c->stash->{update}->update; + + $c->forward('update_problem'); + $c->forward('signup_for_alerts'); + + return 1; +} + +sub update_problem : Private { + my ( $self, $c ) = @_; + + my $update = $c->stash->{update}; + my $problem = $c->stash->{problem} || $update->problem; + + if ( $update->mark_fixed ) { + $problem->state( 'fixed' ); + + if ( $update->user->id == $problem->user->id ) { + $problem->send_questionnaire( 'f' ); + } else { + $c->forward( 'ask_questionnaire' ); + } + } + + $problem->lastupdate( \'ms_current_timestamp()' ); + $problem->update; + + $c->stash->{problem} = $problem; + + + return 1; +} + +sub ask_questionnaire : Private { + my ( $self, $c ) = @_; + + # FIXME send out questionnaire token here + + return 1; +} + +sub display_confirmation : Private { + my ( $self, $c ) = @_; + + $c->stash->{template} = 'tokens/confirm_update.html'; + + return 1; +} + =head2 setup_page Setup things we need for later. @@ -118,6 +171,7 @@ sub process_update : Private { ); $c->stash->{update} = $update; + $c->stash->{add_alert} = $c->req->param('add_alert'); return 1; } @@ -209,6 +263,7 @@ sub redirect_or_confirm_creation : Private { # If confirmed send the user straight there. if ( $update->confirmed ) { $c->forward( 'signup_for_alerts' ); + $c->forward( 'update_problem' ); my $report_uri = $c->uri_for( '/report', $update->problem_id ); $c->res->redirect($report_uri); $c->detach; @@ -247,9 +302,9 @@ happen before calling this. sub signup_for_alerts : Private { my ( $self, $c ) = @_; - if ( $c->req->param( 'add_alert' ) ) { + if ( $c->stash->{add_alert} ) { my $alert = $c->model( 'DB::Alert' )->find_or_create( - user => $c->stash->{update_user}, + user => $c->stash->{update}->user, alert_type => 'new_updates', parameter => $c->stash->{problem}->id ); diff --git a/perllib/FixMyStreet/App/Controller/Tokens.pm b/perllib/FixMyStreet/App/Controller/Tokens.pm index 8e45581a8..1c3d89b54 100644 --- a/perllib/FixMyStreet/App/Controller/Tokens.pm +++ b/perllib/FixMyStreet/App/Controller/Tokens.pm @@ -120,6 +120,42 @@ sub confirm_alert : Path('/A') { $c->forward('/alert/confirm'); } +=head2 confirm_update + + /C/([0-9A-Za-z]{16,18}).*$ + +Confirm an update - url appears in emails sent to users after they create the +update but are not logged in. + +=cut + +sub confirm_update : Path('/C') { + my ( $self, $c, $token_code ) = @_; + + my $auth_token = + $c->forward( 'load_auth_token', [ $token_code, 'comment' ] ); + + # Load the problem + my $comment_id = $auth_token->data->{id}; + $c->stash->{add_alert} = $auth_token->data->{add_alert}; + + my $comment = $c->model('DB::Comment')->find( { id => $comment_id } ) + || $c->detach('token_error'); + $c->stash->{update} = $comment; + + # check that this email or domain are not the cause of abuse. If so hide it. + if ( $comment->is_from_abuser ) { + $c->stash->{template} = 'tokens/abuse.html'; + return; + } + + $c->forward('/report/update/confirm'); + + $c->authenticate( { email => $comment->user->email }, 'no_password' ); + + return 1; +} + =head2 load_auth_token my $auth_token = diff --git a/perllib/FixMyStreet/DB/Result/Comment.pm b/perllib/FixMyStreet/DB/Result/Comment.pm index 53337c6e7..22c0fb444 100644 --- a/perllib/FixMyStreet/DB/Result/Comment.pm +++ b/perllib/FixMyStreet/DB/Result/Comment.pm @@ -117,4 +117,29 @@ sub get_photo_params { return $photo; } + +=head2 is_from_abuser + + $bool = $update->is_from_abuser( ); + +Returns true if the user's email or its domain is listed in the 'abuse' table. + +=cut + +sub is_from_abuser { + my $self = shift; + + # get the domain + my $email = $self->user->email; + my ($domain) = $email =~ m{ @ (.*) \z }x; + + # search for an entry in the abuse table + my $abuse_rs = $self->result_source->schema->resultset('Abuse'); + + return + $abuse_rs->find( { email => $email } ) + || $abuse_rs->find( { email => $domain } ) + || undef; +} + 1; diff --git a/t/app/controller/alert.t b/t/app/controller/alert.t index 2f25a1c23..f32d0d6e9 100644 --- a/t/app/controller/alert.t +++ b/t/app/controller/alert.t @@ -51,20 +51,16 @@ $mech->content_contains('Please select the feed you want'); $mech->get_ok('/alert/subscribe?rss=1&feed=invalid:1000:A_Locationtype=local&pc=ky16+8yg&rss=Give+me+an+RSS+feed&rznvy='); $mech->content_contains('Illegal feed selection'); -TODO: { - local $TODO = 'not implemented rss feeds yet'; +$mech->get_ok('/alert/subscribe?rss=1&feed=area:1000:A_Location'); +$mech->uri->path('/rss/area/A+Location'); - $mech->get_ok('/alert/subscribe?rss=1&feed=area:1000:A_Location'); - $mech->uri->path('/rss/area/A+Location'); +$mech->get_ok('/alert/subscribe?rss=1&feed=area:1000:1001:A_Location:Diff_Location'); +$mech->uri->path('/rss/area/A+Location/Diff+Location'); - $mech->get_ok('/alert/subscribe?rss=1&feed=area:1000:1001:A_Location:Diff_Location'); - $mech->uri->path('/rss/area/A+Location/Diff+Location'); +$mech->get_ok('/alert/subscribe?rss=1&feed=council:1000:A_Location'); +$mech->uri->path('/rss/reports/A+Location'); - $mech->get_ok('/alert/subscribe?rss=1&feed=council:1000:A_Location'); - $mech->uri->path('/rss/reports/A+Location'); - - $mech->get_ok('/alert/subscribe?rss=1&feed=ward:1000:1001:A_Location:Diff_Location'); - $mech->uri->path('/rss/ward/A+Location/Diff+Location'); -} +$mech->get_ok('/alert/subscribe?rss=1&feed=ward:1000:1001:A_Location:Diff_Location'); +$mech->uri->path('/rss/ward/A+Location/Diff+Location'); done_testing(); diff --git a/t/app/controller/report_updates.t b/t/app/controller/report_updates.t index 3c07ac054..8c34541ed 100644 --- a/t/app/controller/report_updates.t +++ b/t/app/controller/report_updates.t @@ -265,6 +265,13 @@ subtest "submit an update for a non registered user" => sub { is $update->user->email, 'unregistered@example.com', 'update email'; is $update->text, 'Update from an unregistered user', 'update text'; is $add_alerts, 0, 'do not sign up for alerts'; + + $mech->get_ok( $url . $url_token ); + $mech->content_contains( "/report/$report_id#$update_id" ); + + $update->discard_changes; + + is $update->state, 'confirmed', 'update confirmed'; }; for my $test ( |