diff options
Diffstat (limited to 'perllib/FixMyStreet/App/Controller')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report.pm | 42 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/New.pm | 3 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Reports.pm | 27 |
3 files changed, 45 insertions, 27 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Report.pm b/perllib/FixMyStreet/App/Controller/Report.pm index 8708c6128..ec0e6f886 100644 --- a/perllib/FixMyStreet/App/Controller/Report.pm +++ b/perllib/FixMyStreet/App/Controller/Report.pm @@ -76,7 +76,7 @@ sub _display : Private { $c->forward( 'load_updates' ); $c->forward( 'format_problem_for_display' ); - my $permissions = $c->stash->{_permissions} = $c->forward( 'check_has_permission_to', + my $permissions = $c->stash->{_permissions} ||= $c->forward( 'check_has_permission_to', [ qw/report_inspect report_edit_category report_edit_priority/ ] ); if (any { $_ } values %$permissions) { $c->stash->{template} = 'report/inspect.html'; @@ -128,7 +128,11 @@ sub load_problem_or_display_error : Private { [ _('That report has been removed from FixMyStreet.') ] # ); } elsif ( $problem->non_public ) { - if ( !$c->user || $c->user->id != $problem->user->id ) { + # Creator, and inspection users can see non_public reports + $c->stash->{problem} = $problem; + my $permissions = $c->stash->{_permissions} = $c->forward( 'check_has_permission_to', + [ qw/report_inspect report_edit_category report_edit_priority/ ] ); + if ( !$c->user || ($c->user->id != $problem->user->id && !$permissions->{report_inspect}) ) { $c->detach( '/page_error_403_access_denied', [ sprintf(_('That report cannot be viewed on %s.'), $c->stash->{site_name}) ] @@ -348,6 +352,8 @@ sub inspect : Private { my %update_params = (); if ($permissions->{report_inspect}) { + $problem->non_public($c->get_param('non_public') ? 1 : 0); + $problem->set_extra_metadata( traffic_information => $c->get_param('traffic_information') ); if ( my $info = $c->get_param('detailed_information') ) { @@ -461,22 +467,24 @@ sub inspect : Private { } $problem->lastupdate( \'current_timestamp' ); $problem->update; - my $timestamp = \'current_timestamp'; - if (my $saved_at = $c->get_param('saved_at')) { - $timestamp = DateTime->from_epoch( epoch => $saved_at ); + if ($update_text || %update_params) { + my $timestamp = \'current_timestamp'; + if (my $saved_at = $c->get_param('saved_at')) { + $timestamp = DateTime->from_epoch( epoch => $saved_at ); + } + my $name = $c->user->from_body ? $c->user->from_body->name : $c->user->name; + $problem->add_to_comments( { + text => $update_text, + created => $timestamp, + confirmed => $timestamp, + user_id => $c->user->id, + name => $name, + state => 'confirmed', + mark_fixed => 0, + anonymous => 0, + %update_params, + } ); } - my $name = $c->user->from_body ? $c->user->from_body->name : $c->user->name; - $problem->add_to_comments( { - text => $update_text, - created => $timestamp, - confirmed => $timestamp, - user_id => $c->user->id, - name => $name, - state => 'confirmed', - mark_fixed => 0, - anonymous => 0, - %update_params, - } ); my $redirect_uri; $problem->discard_changes; diff --git a/perllib/FixMyStreet/App/Controller/Report/New.pm b/perllib/FixMyStreet/App/Controller/Report/New.pm index f9e07dd41..888110429 100644 --- a/perllib/FixMyStreet/App/Controller/Report/New.pm +++ b/perllib/FixMyStreet/App/Controller/Report/New.pm @@ -870,6 +870,7 @@ sub process_report : Private { 'subcategory', # 'partial', # 'service', # + 'non_public', ); # load the report @@ -897,6 +898,8 @@ sub process_report : Private { $report->anonymous( $params{may_show_name} ? 0 : 1 ); } + $report->non_public($params{non_public} ? 1 : 0); + # clean up text before setting $report->title( Utils::cleanup_text( $params{title} ) ); diff --git a/perllib/FixMyStreet/App/Controller/Reports.pm b/perllib/FixMyStreet/App/Controller/Reports.pm index 7c3796c42..15a220644 100644 --- a/perllib/FixMyStreet/App/Controller/Reports.pm +++ b/perllib/FixMyStreet/App/Controller/Reports.pm @@ -544,20 +544,27 @@ sub load_and_group_problems : Private { my $states = $c->stash->{filter_problem_states}; my $where = { - non_public => 0, state => [ keys %$states ] }; + + my $body = $c->stash->{body}; # Might be undef + + if ($c->user_exists && ($c->user->is_superuser || ($body && $c->user->has_permission_to('report_inspect', $body->id)))) { + # See all reports, no restriction + } else { + $where->{non_public} = 0; + } + my $filter = { order_by => $c->stash->{sort_order}, rows => $c->cobrand->reports_per_page, }; - if ($c->user_exists && $c->stash->{body}) { - my $bid = $c->stash->{body}->id; + if ($c->user_exists && $body) { my $prefetch = []; - if ($c->user->has_permission_to('planned_reports', $bid)) { + if ($c->user->has_permission_to('planned_reports', $body->id)) { push @$prefetch, 'user_planned_reports'; } - if ($c->user->has_permission_to('report_edit_priority', $bid) || $c->user->has_permission_to('report_inspect', $bid)) { + if ($c->user->has_permission_to('report_edit_priority', $body->id) || $c->user->has_permission_to('report_inspect', $body->id)) { push @$prefetch, 'response_priority'; } $prefetch = $prefetch->[0] if @$prefetch == 1; @@ -589,9 +596,9 @@ sub load_and_group_problems : Private { $where->{areas} = [ map { { 'like', '%,' . $_->{id} . ',%' } } @{$c->stash->{wards}} ]; - $problems = $problems->to_body($c->stash->{body}); - } elsif ($c->stash->{body}) { - $problems = $problems->to_body($c->stash->{body}); + $problems = $problems->to_body($body); + } elsif ($body) { + $problems = $problems->to_body($body); } if (my $bbox = $c->get_param('bbox')) { @@ -609,7 +616,7 @@ sub load_and_group_problems : Private { my ( %problems, @pins ); while ( my $problem = $problems->next ) { - if ( !$c->stash->{body} ) { + if ( !$body ) { add_row( $c, $problem, 0, \%problems, \@pins ); next; } @@ -623,7 +630,7 @@ sub load_and_group_problems : Private { # Add to bodies it was sent to my $bodies = $problem->bodies_str_ids; foreach ( @$bodies ) { - next if $_ != $c->stash->{body}->id; + next if $_ != $body->id; add_row( $c, $problem, $_, \%problems, \@pins ); } } |