diff options
Diffstat (limited to 'perllib/FixMyStreet/App/Controller')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Alert.pm | 14 | ||||
| -rwxr-xr-x | perllib/FixMyStreet/App/Controller/Questionnaire.pm | 32 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/Update.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Tokens.pm | 4 |
4 files changed, 45 insertions, 9 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Alert.pm b/perllib/FixMyStreet/App/Controller/Alert.pm index db9602ff5..b8b7cce40 100644 --- a/perllib/FixMyStreet/App/Controller/Alert.pm +++ b/perllib/FixMyStreet/App/Controller/Alert.pm @@ -58,9 +58,14 @@ sub subscribe : Path('subscribe') : Args(0) { if ( $c->req->param('rss') ) { $c->detach('rss'); } - elsif ( $c->req->param('rznvy') ) { + # if it exists then it's been submitted so we should + # go to subscribe email and let it work out the next step + elsif ( exists $c->req->params->{'rznvy'} ) { $c->detach('subscribe_email'); } + + # shouldn't get to here but if we have then do something sensible + $c->go('index'); } =head2 rss @@ -194,7 +199,10 @@ sub create_alert : Private { unless ($alert) { $options->{cobrand} = $c->cobrand->moniker(); $options->{cobrand_data} = $c->cobrand->extra_update_data(); - $options->{confirmed} = 1 if $c->stash->{alert_user}->in_storage; + + if ( $c->user && $c->user->id == $c->stash->{alert_user}->id ) { + $options->{confirmed} = 1; + } $alert = $c->model('DB::Alert')->new($options); $alert->insert(); @@ -221,7 +229,6 @@ sub set_update_alert_options : Private { }; $c->stash->{alert_options} = $options; - $c->forward('create_alert'); } =head2 set_local_alert_options @@ -255,7 +262,6 @@ sub set_local_alert_options : Private { push @params, $1, $2; } - my $options = { user => $c->stash->{alert_user}, alert_type => $type diff --git a/perllib/FixMyStreet/App/Controller/Questionnaire.pm b/perllib/FixMyStreet/App/Controller/Questionnaire.pm index 001578196..766c886f7 100755 --- a/perllib/FixMyStreet/App/Controller/Questionnaire.pm +++ b/perllib/FixMyStreet/App/Controller/Questionnaire.pm @@ -46,9 +46,7 @@ sub load_questionnaire : Private { } unless ( $questionnaire->problem->state eq 'confirmed' || $questionnaire->problem->state eq 'fixed' ) { - $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); - $c->stash->{template} = 'questionnaire/error.html'; - $c->detach; + $c->detach('missing_problem'); } $c->stash->{problem} = $questionnaire->problem; @@ -84,6 +82,19 @@ sub submit : Path('submit') { return 1; } +=head2 missing_problem + +Display couldn't locate problem error message + +=cut + +sub missing_problem : Private { + my ( $self, $c ) = @_; + + $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); + $c->stash->{template} = 'questionnaire/error.html'; +} + sub submit_creator_fixed : Private { my ( $self, $c ) = @_; @@ -91,6 +102,21 @@ sub submit_creator_fixed : Private { map { $c->stash->{$_} = $c->req->params->{$_} || '' } qw(reported problem); + # should only be able to get to here if we are logged and we have a + # problem + unless ( $c->user && $c->stash->{problem} ) { + $c->detach('missing_problem'); + } + + my $problem = $c->model('DB::Problem')->find( { id => + $c->stash->{problem} } ); + + # you should not be able to answer questionnaires about problems + # that you've not submitted + if ( $c->user->id != $problem->user->id ) { + $c->detach('missing_problem'); + } + push @errors, _('Please say whether you\'ve ever reported a problem to your council before') unless $c->stash->{reported}; $c->stash->{problem_id} = $c->stash->{problem}; diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm index be0f8dc16..e8bb0f70d 100644 --- a/perllib/FixMyStreet/App/Controller/Report/Update.pm +++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm @@ -20,6 +20,10 @@ Creates an update to a report sub report_update : Path : Args(0) { my ( $self, $c ) = @_; + # if there's no id then we should just stop now + $c->detach( '/page_error_404_not_found', [ _('Unknown problem ID') ] ) + unless $c->req->param('id'); + $c->forward('setup_page') && $c->forward('process_user') && $c->forward('process_update') diff --git a/perllib/FixMyStreet/App/Controller/Tokens.pm b/perllib/FixMyStreet/App/Controller/Tokens.pm index 7053edc95..5d1d9eafb 100644 --- a/perllib/FixMyStreet/App/Controller/Tokens.pm +++ b/perllib/FixMyStreet/App/Controller/Tokens.pm @@ -149,10 +149,10 @@ sub confirm_update : Path('/C') { return; } - $c->forward('/report/update/confirm'); - $c->authenticate( { email => $comment->user->email }, 'no_password' ); + $c->forward('/report/update/confirm'); + return 1; } |