diff options
Diffstat (limited to 'perllib')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Alert.pm | 24 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Tokens.pm | 32 | ||||
| -rw-r--r-- | perllib/FixMyStreet/DB/Result/Alert.pm | 47 |
3 files changed, 101 insertions, 2 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Alert.pm b/perllib/FixMyStreet/App/Controller/Alert.pm index 12624b8f2..742aa6c1d 100644 --- a/perllib/FixMyStreet/App/Controller/Alert.pm +++ b/perllib/FixMyStreet/App/Controller/Alert.pm @@ -298,7 +298,7 @@ sub subscribe_email : Private { $options->{parameter2} = $params[1]; } - $alert = $c->model('DB::Alert')->find( $options ); + $alert = $c->model('DB::Alert')->find($options); unless ($alert) { $options->{cobrand} = $c->cobrand->moniker(); @@ -335,6 +335,28 @@ sub subscribe_email : Private { ); } +=head2 confirm + +Confirm signup to an alert + +=cut + +sub confirm : Private { + my ( $self, $c ) = @_; + + my $alert = $c->stash->{alert}; + $c->stash->{template} = 'alert/confirm.html'; + + if ( $c->stash->{confirm_type} eq 'subscribe' ) { + $alert->confirm(); + $alert->update; + } + elsif ( $c->stash->{confirm_type} eq 'unsubscribe' ) { + $alert->delete(); + $alert->update; + } +} + =head2 prettify_pc This will canonicalise and prettify the postcode and stick a pretty_pc and pretty_pc_text in the stash. diff --git a/perllib/FixMyStreet/App/Controller/Tokens.pm b/perllib/FixMyStreet/App/Controller/Tokens.pm index 369be23c6..9cbbc42b4 100644 --- a/perllib/FixMyStreet/App/Controller/Tokens.pm +++ b/perllib/FixMyStreet/App/Controller/Tokens.pm @@ -82,7 +82,37 @@ sub redirect_to_partial_problem : Path('/L') { my ( $self, $c, $token_code ) = @_; my $url = $c->uri_for( "/report/new", { partial => $token_code } ); - return $c->res->redirect( $url ); + return $c->res->redirect($url); +} + +=head2 confirm_alert + + /A/([0-9A-Za-z]{16,18}).*$ + +Confirm an alert - url appears in emails sent to users after they create the +alert but are not logged in. + +=cut + +sub confirm_alert : Path('/A') { + my ( $self, $c, $token_code ) = @_; + + my $auth_token = $c->forward( 'load_auth_token', [ $token_code, 'alert' ] ); + + # Load the problem + my $alert_id = $auth_token->data->{id}; + $c->stash->{confirm_type} = $auth_token->data->{type}; + my $alert = $c->model('DB::Alert')->find( { id => $alert_id } ) + || $c->detach('token_error'); + $c->stash->{alert} = $alert; + + # check that this email or domain are not the cause of abuse. If so hide it. + if ( $alert->is_from_abuser ) { + $c->stash->{template} = 'tokens/abuse.html'; + return; + } + + $c->forward('/alert/confirm'); } =head2 load_auth_token diff --git a/perllib/FixMyStreet/DB/Result/Alert.pm b/perllib/FixMyStreet/DB/Result/Alert.pm index 4196af4b2..9b71e16a8 100644 --- a/perllib/FixMyStreet/DB/Result/Alert.pm +++ b/perllib/FixMyStreet/DB/Result/Alert.pm @@ -49,4 +49,51 @@ __PACKAGE__->set_primary_key("id"); # DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:tfT1PBeEOwcLsQaX+HXSKA # You can replace this text with custom code or comments, and it will be preserved on regeneration + +# FIXME: this is more or less duplicated from problem. need to stick somewhere common + + +=head2 is_from_abuser + + $bool = $alert->is_from_abuser( ); + +Returns true if the user's email or its domain is listed in the 'abuse' table. + +=cut + +sub is_from_abuser { + my $self = shift; + + # get the domain + my $email = $self->email; + my ($domain) = $email =~ m{ @ (.*) \z }x; + + # search for an entry in the abuse table + my $abuse_rs = $self->result_source->schema->resultset('Abuse'); + + return + $abuse_rs->find( { email => $email } ) + || $abuse_rs->find( { email => $domain } ) + || undef; +} + +=head2 confirm + + $alert->confirm(); + +Sets the state of the alert to confirmed. + +=cut + +sub confirm { + my $self = shift; + + return if $self->confirmed == 1 and $self->whendisabled ne 'null'; + + $self->confirmed(1); + $self->whendisabled(undef); + + return 1; +} + 1; |