diff options
Diffstat (limited to 'perllib/FixMyStreet/App/Controller')
| -rwxr-xr-x | perllib/FixMyStreet/App/Controller/Questionnaire.pm | 32 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Tokens.pm | 4 |
2 files changed, 31 insertions, 5 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Questionnaire.pm b/perllib/FixMyStreet/App/Controller/Questionnaire.pm index c6d7e7634..addbfb826 100755 --- a/perllib/FixMyStreet/App/Controller/Questionnaire.pm +++ b/perllib/FixMyStreet/App/Controller/Questionnaire.pm @@ -46,9 +46,7 @@ sub load_questionnaire : Private { } unless ( $questionnaire->problem->state eq 'confirmed' || $questionnaire->problem->state eq 'fixed' ) { - $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); - $c->stash->{template} = 'questionnaire/error.html'; - $c->detach; + $c->detach('missing_problem'); } $c->stash->{problem} = $questionnaire->problem; @@ -76,6 +74,19 @@ sub submit : Path('submit') { return 1; } +=head2 missing_problem + +Display couldn't locate problem error message + +=cut + +sub missing_problem : Private { + my ( $self, $c ) = @_; + + $c->stash->{message} = _("I'm afraid we couldn't locate your problem in the database.\n"); + $c->stash->{template} = 'questionnaire/error.html'; +} + sub submit_creator_fixed : Private { my ( $self, $c ) = @_; @@ -83,6 +94,21 @@ sub submit_creator_fixed : Private { map { $c->stash->{$_} = $c->req->params->{$_} || '' } qw(reported problem); + # should only be able to get to here if we are logged and we have a + # problem + unless ( $c->user && $c->stash->{problem} ) { + $c->detach('missing_problem'); + } + + my $problem = $c->model('DB::Problem')->find( { id => + $c->stash->{problem} } ); + + # you should not be able to answer questionnaires about problems + # that you've not submitted + if ( $c->user->id != $problem->user->id ) { + $c->detach('missing_problem'); + } + push @errors, _('Please say whether you\'ve ever reported a problem to your council before') unless $c->stash->{reported}; $c->stash->{problem_id} = $c->stash->{problem}; diff --git a/perllib/FixMyStreet/App/Controller/Tokens.pm b/perllib/FixMyStreet/App/Controller/Tokens.pm index 7053edc95..5d1d9eafb 100644 --- a/perllib/FixMyStreet/App/Controller/Tokens.pm +++ b/perllib/FixMyStreet/App/Controller/Tokens.pm @@ -149,10 +149,10 @@ sub confirm_update : Path('/C') { return; } - $c->forward('/report/update/confirm'); - $c->authenticate( { email => $comment->user->email }, 'no_password' ); + $c->forward('/report/update/confirm'); + return 1; } |