diff options
Diffstat (limited to 'perllib/FixMyStreet')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin.pm | 43 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Moderate.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/New.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/Update.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/Default.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/FiksGataMi.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/FixaMinGata.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/UKCouncils.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/DB/Result/User.pm | 28 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Script/Reports.pm | 11 |
11 files changed, 90 insertions, 24 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm index 0a7b8d049..46ac10d36 100644 --- a/perllib/FixMyStreet/App/Controller/Admin.pm +++ b/perllib/FixMyStreet/App/Controller/Admin.pm @@ -345,8 +345,6 @@ sub update_contacts : Private { my $category = $self->trim( $c->get_param('category') ); $errors{category} = _("Please choose a category") unless $category; - my $email = $self->trim( $c->get_param('email') ); - $errors{email} = _('Please enter a valid email') unless is_valid_email($email) || $email eq 'REFUSED'; $errors{note} = _('Please enter a message') unless $c->get_param('note'); my $contact = $c->model('DB::Contact')->find_or_new( @@ -356,6 +354,12 @@ sub update_contacts : Private { } ); + my $email = $self->trim( $c->get_param('email') ); + my $send_method = $c->get_param('send_method') || $contact->send_method || $contact->body->send_method || ""; + unless ( $send_method eq 'Open311' ) { + $errors{email} = _('Please enter a valid email') unless is_valid_email($email) || $email eq 'REFUSED'; + } + $contact->email( $email ); $contact->confirmed( $c->get_param('confirmed') ? 1 : 0 ); $contact->deleted( $c->get_param('deleted') ? 1 : 0 ); @@ -683,7 +687,7 @@ sub report_edit : Path('report_edit') : Args(1) { unless ( $c->cobrand->moniker eq 'zurich' - || $c->user->has_permission_to(report_edit => $problem->bodies_str) + || $c->user->has_permission_to(report_edit => $problem->bodies_str_ids) ) { $c->detach( '/page_error_403_access_denied', [] ); } @@ -1272,14 +1276,14 @@ sub user_edit : Path('user_edit') : Args(1) { if (!$user->from_body) { # Non-staff users aren't allowed any permissions or to be in an area - $user->user_body_permissions->delete_all; + $user->admin_user_body_permissions->delete; $user->area_id(undef); delete $c->stash->{areas}; delete $c->stash->{fetched_areas_body_id}; } elsif ($c->stash->{available_permissions}) { my @all_permissions = map { keys %$_ } values %{ $c->stash->{available_permissions} }; my @user_permissions = grep { $c->get_param("permissions[$_]") ? 1 : undef } @all_permissions; - $user->user_body_permissions->search({ + $user->admin_user_body_permissions->search({ body_id => $user->from_body->id, permission_type => { '!=' => \@user_permissions }, })->delete; @@ -1297,6 +1301,35 @@ sub user_edit : Path('user_edit') : Args(1) { $user->area_id( $valid_areas{$new_area} ? $new_area : undef ); } + # Handle 'trusted' flag(s) + my @trusted_bodies = $c->get_param_list('trusted_bodies'); + if ( $c->user->is_superuser ) { + $user->user_body_permissions->search({ + body_id => { '!=' => \@trusted_bodies }, + permission_type => 'trusted', + })->delete; + foreach my $body_id (@trusted_bodies) { + $user->user_body_permissions->find_or_create({ + body_id => $body_id, + permission_type => 'trusted', + }); + } + } elsif ( $c->user->from_body ) { + my %trusted = map { $_ => 1 } @trusted_bodies; + my $body_id = $c->user->from_body->id; + if ( $trusted{$body_id} ) { + $user->user_body_permissions->find_or_create({ + body_id => $body_id, + permission_type => 'trusted', + }); + } else { + $user->user_body_permissions->search({ + body_id => $body_id, + permission_type => 'trusted', + })->delete; + } + } + unless ($user->email) { $c->stash->{field_errors}->{email} = _('Please enter a valid email'); return; diff --git a/perllib/FixMyStreet/App/Controller/Moderate.pm b/perllib/FixMyStreet/App/Controller/Moderate.pm index dadec5c53..94e6cd62a 100644 --- a/perllib/FixMyStreet/App/Controller/Moderate.pm +++ b/perllib/FixMyStreet/App/Controller/Moderate.pm @@ -54,7 +54,7 @@ sub report : Chained('moderate') : PathPart('report') : CaptureArgs(1) { # ... and immediately, if the user isn't authorized $c->detach unless $c->user_exists; - $c->detach unless $c->user->has_permission_to(moderate => $problem->bodies_str); + $c->detach unless $c->user->has_permission_to(moderate => $problem->bodies_str_ids); $c->forward('/auth/check_csrf_token'); diff --git a/perllib/FixMyStreet/App/Controller/Report.pm b/perllib/FixMyStreet/App/Controller/Report.pm index 1d67afd0e..34392782b 100644 --- a/perllib/FixMyStreet/App/Controller/Report.pm +++ b/perllib/FixMyStreet/App/Controller/Report.pm @@ -133,7 +133,7 @@ sub load_problem_or_display_error : Private { } $c->stash->{problem} = $problem; - if ( $c->user_exists && $c->user->has_permission_to(moderate => $problem->bodies_str) ) { + if ( $c->user_exists && $c->user->has_permission_to(moderate => $problem->bodies_str_ids) ) { $c->stash->{problem_original} = $problem->find_or_new_related( moderation_original_data => { title => $problem->title, @@ -401,7 +401,7 @@ to the current Problem in $c->stash->{problem}. Shows the 403 page if not. sub check_has_permission_to : Private { my ( $self, $c, @permissions ) = @_; - my $bodies = $c->stash->{problem}->bodies_str; + my $bodies = $c->stash->{problem}->bodies_str_ids; my %permissions = map { $_ => $c->user->has_permission_to($_, $bodies) } @permissions if $c->user_exists; diff --git a/perllib/FixMyStreet/App/Controller/Report/New.pm b/perllib/FixMyStreet/App/Controller/Report/New.pm index 7b012e0a1..267f1059d 100644 --- a/perllib/FixMyStreet/App/Controller/Report/New.pm +++ b/perllib/FixMyStreet/App/Controller/Report/New.pm @@ -188,9 +188,9 @@ sub report_form_ajax : Path('ajax') : Args(0) { my $contribute_as = {}; if ($c->user_exists) { - my $bodies = join(',', keys %{$c->stash->{bodies}}); - my $ca_another_user = $c->user->has_permission_to('contribute_as_another_user', $bodies); - my $ca_body = $c->user->has_permission_to('contribute_as_body', $bodies); + my @bodies = keys %{$c->stash->{bodies}}; + my $ca_another_user = $c->user->has_permission_to('contribute_as_another_user', \@bodies); + my $ca_body = $c->user->has_permission_to('contribute_as_body', \@bodies); $contribute_as->{another_user} = $ca_another_user if $ca_another_user; $contribute_as->{body} = $ca_body if $ca_body; } diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm index 705e6ee99..4c2d92d5e 100644 --- a/perllib/FixMyStreet/App/Controller/Report/Update.pm +++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm @@ -113,7 +113,7 @@ sub process_user : Private { if ( $c->user_exists ) { { my $user = $c->user->obj; - if ($c->stash->{contributing_as_another_user} = $user->contributing_as('another_user', $c, $update->problem->bodies_str)) { + if ($c->stash->{contributing_as_another_user} = $user->contributing_as('another_user', $c, $update->problem->bodies_str_ids)) { # Act as if not logged in (and it will be auto-confirmed later on) last; } @@ -276,7 +276,7 @@ sub process_update : Private { $update->mark_fixed($params{fixed} ? 1 : 0); $update->mark_open($params{reopen} ? 1 : 0); - $c->stash->{contributing_as_body} = $c->user_exists && $c->user->contributing_as('body', $c, $update->problem->bodies_str); + $c->stash->{contributing_as_body} = $c->user_exists && $c->user->contributing_as('body', $c, $update->problem->bodies_str_ids); if ($c->stash->{contributing_as_body}) { $update->name($c->user->from_body->name); $update->anonymous(0); @@ -286,7 +286,7 @@ sub process_update : Private { } if ( $params{state} ) { - $params{state} = 'fixed - council' + $params{state} = 'fixed - council' if $params{state} eq 'fixed' && $c->user && $c->user->belongs_to_body( $update->problem->bodies_str ); $update->problem_state( $params{state} ); } else { diff --git a/perllib/FixMyStreet/Cobrand/Default.pm b/perllib/FixMyStreet/Cobrand/Default.pm index b6d03621f..c44842dea 100644 --- a/perllib/FixMyStreet/Cobrand/Default.pm +++ b/perllib/FixMyStreet/Cobrand/Default.pm @@ -720,6 +720,12 @@ sub available_permissions { planned_reports => _("Manage shortlist"), contribute_as_another_user => _("Create reports/updates on a user's behalf"), contribute_as_body => _("Create reports/updates as the council"), + + # NB this permission is special in that it can be assigned to users + # without their from_body being set. It's included here for + # reference, but left commented out because it's not assigned in the + # same way as other permissions. + # trusted => _("Trusted to make reports that don't need to be inspected"), }, _("Users") => { user_edit => _("Edit other users' details"), diff --git a/perllib/FixMyStreet/Cobrand/FiksGataMi.pm b/perllib/FixMyStreet/Cobrand/FiksGataMi.pm index ba26b7a2c..242735073 100644 --- a/perllib/FixMyStreet/Cobrand/FiksGataMi.pm +++ b/perllib/FixMyStreet/Cobrand/FiksGataMi.pm @@ -29,6 +29,8 @@ sub disambiguate_location { } sub area_types { + my $self = shift; + return $self->next::method() if FixMyStreet->config('STAGING_SITE') && FixMyStreet->config('SKIP_CHECKS_ON_STAGING'); [ 'NKO', 'NFY', 'NRA' ]; } diff --git a/perllib/FixMyStreet/Cobrand/FixaMinGata.pm b/perllib/FixMyStreet/Cobrand/FixaMinGata.pm index 9ffbf00b8..a321d5c7c 100644 --- a/perllib/FixMyStreet/Cobrand/FixaMinGata.pm +++ b/perllib/FixMyStreet/Cobrand/FixaMinGata.pm @@ -30,6 +30,8 @@ sub disambiguate_location { } sub area_types { + my $self = shift; + return $self->next::method() if FixMyStreet->config('STAGING_SITE') && FixMyStreet->config('SKIP_CHECKS_ON_STAGING'); [ 'KOM' ]; } diff --git a/perllib/FixMyStreet/Cobrand/UKCouncils.pm b/perllib/FixMyStreet/Cobrand/UKCouncils.pm index 5d72c4962..42c9c5cbc 100644 --- a/perllib/FixMyStreet/Cobrand/UKCouncils.pm +++ b/perllib/FixMyStreet/Cobrand/UKCouncils.pm @@ -42,11 +42,13 @@ sub restriction { sub problems_restriction { my ($self, $rs) = @_; + return $rs if FixMyStreet->config('STAGING_SITE') && FixMyStreet->config('SKIP_CHECKS_ON_STAGING'); return $rs->to_body($self->council_id); } sub updates_restriction { my ($self, $rs) = @_; + return $rs if FixMyStreet->config('STAGING_SITE') && FixMyStreet->config('SKIP_CHECKS_ON_STAGING'); return $rs->to_body($self->council_id); } @@ -96,6 +98,8 @@ sub enter_postcode_text { sub area_check { my ( $self, $params, $context ) = @_; + return 1 if FixMyStreet->config('STAGING_SITE') && FixMyStreet->config('SKIP_CHECKS_ON_STAGING'); + my $councils = $params->{all_areas}; my $council_match = defined $councils->{$self->council_id}; if ($council_match) { diff --git a/perllib/FixMyStreet/DB/Result/User.pm b/perllib/FixMyStreet/DB/Result/User.pm index 363bbb930..2a2d0d5e3 100644 --- a/perllib/FixMyStreet/DB/Result/User.pm +++ b/perllib/FixMyStreet/DB/Result/User.pm @@ -257,15 +257,14 @@ sub permissions { } sub has_permission_to { - my ($self, $permission_type, $body_id) = @_; + my ($self, $permission_type, $body_ids) = @_; return 1 if $self->is_superuser; + return 0 unless $body_ids; - return 0 unless $self->belongs_to_body($body_id); - - my $permission = $self->user_body_permissions->find({ + my $permission = $self->user_body_permissions->find({ permission_type => $permission_type, - body_id => $self->from_body->id, + body_id => $body_ids, }); return $permission ? 1 : 0; } @@ -293,10 +292,25 @@ sub has_body_permission_to { return $self->has_permission_to($permission_type, $self->from_body->id); } +=head2 admin_user_body_permissions + +Some permissions aren't managed in the normal way via the admin, e.g. the +'trusted' permission. This method returns a query that excludes such exceptional +permissions. + +=cut + +sub admin_user_body_permissions { + my $self = shift; + + return $self->user_body_permissions->search({ + permission_type => { '!=' => 'trusted' }, + }); +} + sub contributing_as { my ($self, $other, $c, $bodies) = @_; - $bodies = join(',', keys %$bodies) if ref $bodies eq 'HASH'; - $c->log->error("Bad data $bodies passed to contributing_as") if ref $bodies; + $bodies = [ keys %$bodies ] if ref $bodies eq 'HASH'; my $form_as = $c->get_param('form_as') || ''; return 1 if $form_as eq $other && $self->has_permission_to("contribute_as_$other", $bodies); } diff --git a/perllib/FixMyStreet/Script/Reports.pm b/perllib/FixMyStreet/Script/Reports.pm index ab0d90ba8..8d3b2ddbc 100644 --- a/perllib/FixMyStreet/Script/Reports.pm +++ b/perllib/FixMyStreet/Script/Reports.pm @@ -144,9 +144,14 @@ sub send(;$) { $reporters{ $sender } ||= $sender->new(); my $inspection_required = $sender_info->{contact}->get_extra_metadata('inspection_required') if $sender_info->{contact}; - if ( $inspection_required && !$row->get_extra_metadata('inspected') ) { - $skip = 1; - debug_print("skipped because not yet inspected", $row->id) if $debug_mode; + if ( $inspection_required ) { + unless ( + $row->get_extra_metadata('inspected') || + $row->user->has_permission_to( trusted => $row->bodies_str_ids ) + ) { + $skip = 1; + debug_print("skipped because not yet inspected", $row->id) if $debug_mode; + } } if ( $reporters{ $sender }->should_skip( $row ) ) { |