diff options
Diffstat (limited to 'perllib/FixMyStreet')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Photo.pm | 24 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report.pm | 3 | ||||
| -rw-r--r-- | perllib/FixMyStreet/DB/ResultSet/Problem.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Roles/PhotoSet.pm | 7 |
5 files changed, 30 insertions, 8 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm index 2f4669456..5ba3e1da4 100644 --- a/perllib/FixMyStreet/App/Controller/Admin.pm +++ b/perllib/FixMyStreet/App/Controller/Admin.pm @@ -535,7 +535,7 @@ sub report_edit : Path('report_edit') : Args(1) { $self->remove_photo($c, $problem, $remove_photo_param); } - if ($problem->state eq 'hidden') { + if ($problem->state eq 'hidden' || $problem->non_public) { $problem->get_photoset->delete_cached; } diff --git a/perllib/FixMyStreet/App/Controller/Photo.pm b/perllib/FixMyStreet/App/Controller/Photo.pm index aeb40f520..d7a5b4bb3 100644 --- a/perllib/FixMyStreet/App/Controller/Photo.pm +++ b/perllib/FixMyStreet/App/Controller/Photo.pm @@ -39,6 +39,7 @@ sub during :LocalRegex('^(temp|fulltemp)\.([0-9a-f]{40}\.(?:jpeg|png|gif|tiff))$ $size = $size eq 'temp' ? 'default' : 'full'; my $photo = $photoset->get_image_data(size => $size, default => $c->cobrand->default_photo_resize); + $c->stash->{non_public} = 0; $c->forward( 'output', [ $photo ] ); } @@ -69,6 +70,19 @@ sub index :LocalRegex('^(c/)?([1-9]\d*)(?:\.(\d+))?(?:\.(full|tn|fp))?\.(?:jpeg| $c->detach( 'no_photo' ) unless $c->cobrand->allow_photo_display($item, $photo_number); # Should only be for reports, not updates + my $problem = $is_update ? $item->problem : $item; + $c->stash->{non_public} = $problem->non_public; + + if ($c->stash->{non_public}) { + my $body_ids = $problem->bodies_str_ids; + # Check permission + $c->detach('no_photo') unless $c->user_exists; + $c->detach('no_photo') unless $c->user->is_superuser + || $c->user->id == $problem->user->id + || $c->user->has_permission_to('report_inspect', $body_ids) + || $c->user->has_permission_to('report_mark_private', $body_ids); + } + my $photo; $photo = $item->get_photoset ->get_image_data( num => $photo_number, size => $size, default => $c->cobrand->default_photo_resize ) @@ -81,10 +95,12 @@ sub output : Private { my ( $self, $c, $photo ) = @_; # Save to file - path(FixMyStreet->path_to('web', 'photo', 'c'))->mkpath; - my $out = FixMyStreet->path_to('web', $c->req->path); - my $symlink_exists = $photo->{symlink} ? symlink($photo->{symlink}, $out) : undef; - path($out)->spew_raw($photo->{data}) unless $symlink_exists; + if (!FixMyStreet->config('LOGIN_REQUIRED') && !$c->stash->{non_public}) { + path(FixMyStreet->path_to('web', 'photo', 'c'))->mkpath; + my $out = FixMyStreet->path_to('web', $c->req->path); + my $symlink_exists = $photo->{symlink} ? symlink($photo->{symlink}, $out) : undef; + path($out)->spew_raw($photo->{data}) unless $symlink_exists; + } $c->res->content_type( $photo->{content_type} ); $c->res->body( $photo->{data} ); diff --git a/perllib/FixMyStreet/App/Controller/Report.pm b/perllib/FixMyStreet/App/Controller/Report.pm index 7f798f4f4..27238fa1b 100644 --- a/perllib/FixMyStreet/App/Controller/Report.pm +++ b/perllib/FixMyStreet/App/Controller/Report.pm @@ -477,6 +477,9 @@ sub inspect : Private { } $problem->non_public($c->get_param('non_public') ? 1 : 0); + if ($problem->non_public) { + $problem->get_photoset->delete_cached; + } if ( !$c->forward( '/admin/report_edit_location', [ $problem ] ) ) { # New lat/lon isn't valid, show an error diff --git a/perllib/FixMyStreet/DB/ResultSet/Problem.pm b/perllib/FixMyStreet/DB/ResultSet/Problem.pm index 37fc34057..9e45ac35e 100644 --- a/perllib/FixMyStreet/DB/ResultSet/Problem.pm +++ b/perllib/FixMyStreet/DB/ResultSet/Problem.pm @@ -158,7 +158,7 @@ sub _recent { # Need to reattach schema so that confirmed column gets reinflated. $probs->[0]->result_source->schema( $rs->result_source->schema ) if $probs->[0]; # Catch any cached ones since hidden - $probs = [ grep { $_->photo && ! $_->is_hidden } @$probs ]; + $probs = [ grep { $_->photo && ! $_->is_hidden && !$_->non_public } @$probs ]; } else { $probs = [ $rs->search( $query, $attrs )->all ]; Memcached::set($key, $probs, _cache_timeout()); diff --git a/perllib/FixMyStreet/Roles/PhotoSet.pm b/perllib/FixMyStreet/Roles/PhotoSet.pm index 4a40ef3f9..27a63bad5 100644 --- a/perllib/FixMyStreet/Roles/PhotoSet.pm +++ b/perllib/FixMyStreet/Roles/PhotoSet.pm @@ -38,15 +38,18 @@ sub photos { my $id = $self->id; my $typ = $self->result_source->name eq 'comment' ? 'c/' : ''; + my $non_public = $self->result_source->name eq 'comment' + ? $self->problem->non_public : $self->non_public; + my @photos = map { my $cachebust = substr($_, 0, 8); # Some Varnish configurations (e.g. on mySociety infra) strip cookies from # images, which means image requests will be redirected to the login page - # if LOGIN_REQUIRED is set. To stop this happening, Varnish should be + # if e.g. LOGIN_REQUIRED is set. To stop this happening, Varnish should be # configured to not strip cookies if the cookie_passthrough param is # present, which this line ensures will be if LOGIN_REQUIRED is set. my $extra = ''; - if (FixMyStreet->config('LOGIN_REQUIRED')) { + if (FixMyStreet->config('LOGIN_REQUIRED') || $non_public) { $cachebust .= '&cookie_passthrough=1'; $extra = '?cookie_passthrough=1'; } |