Don't raise internal error when handling non-user or request rules

Handle attempts to edit or destroy global or public body censor rules with a notice and a redirect. Closes #2009
author: Louise Crow <louise.crow@gmail.com> 2014-12-12 17:25:04 +0000
committer: Louise Crow <louise.crow@gmail.com> 2014-12-18 15:21:05 +0000
commit: 8672d2783a7390d5895ec79a6f22c7d5d9b0adba (patch)
tree: 484a921ea5ef366e989eeff35836e9f102b5676f /app/controllers/admin_censor_rule_controller.rb
parent: ee30f53f6c91ca84322526d526e2f0485f440be5 (diff)
1 files changed, 9 insertions, 9 deletions
diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb
index d1a65ac09..3387fd832 100644
--- a/app/controllers/admin_censor_rule_controller.rb
+++ b/app/controllers/admin_censor_rule_controller.rb
@@ -7,6 +7,7 @@
 class AdminCensorRuleController < AdminController
 
     before_filter :set_editor, :only => [:create, :update]
+    before_filter :find_and_check_rule, :only => [:edit, :update, :destroy]
 
     def new
         if params[:request_id]
@@ -52,12 +53,9 @@ class AdminCensorRuleController < AdminController
     end
 
     def edit
-        @censor_rule = CensorRule.find(params[:id])
     end
 
     def update
-        @censor_rule = CensorRule.find(params[:id])
-
         if @censor_rule.update_attributes(params[:censor_rule])
 
             flash[:notice] = 'CensorRule was successfully updated.'
@@ -68,8 +66,6 @@ class AdminCensorRuleController < AdminController
             elsif @censor_rule.user
                 expire_requests_for_user(@censor_rule.user)
                 redirect_to admin_user_url(@censor_rule.user)
-            else
-                raise "internal error"
             end
 
         else
@@ -78,10 +74,8 @@ class AdminCensorRuleController < AdminController
     end
 
     def destroy
-        @censor_rule = CensorRule.find(params[:id])
         info_request = @censor_rule.info_request
         user = @censor_rule.user
-
         @censor_rule.destroy
 
         flash[:notice] = "CensorRule was successfully destroyed."
@@ -92,8 +86,6 @@ class AdminCensorRuleController < AdminController
         elsif user
             expire_requests_for_user(user) if user
             redirect_to admin_user_url(user)
-        else
-            raise "internal error"
         end
 
      end
@@ -103,5 +95,13 @@ class AdminCensorRuleController < AdminController
     def set_editor
         params[:censor_rule][:last_edit_editor] = admin_current_user
     end
+
+    def find_and_check_rule
+        @censor_rule = CensorRule.find(params[:id])
+        unless (@censor_rule.user || @censor_rule.info_request)
+            flash[:notice] = 'Only user and request censor rules can be edited'
+            redirect_to admin_general_index_path
+        end
+    end
 end
author	Louise Crow <louise.crow@gmail.com>	2014-12-12 17:25:04 +0000
committer	Louise Crow <louise.crow@gmail.com>	2014-12-18 15:21:05 +0000
commit	8672d2783a7390d5895ec79a6f22c7d5d9b0adba (patch)
tree	484a921ea5ef366e989eeff35836e9f102b5676f /app/controllers/admin_censor_rule_controller.rb
parent	ee30f53f6c91ca84322526d526e2f0485f440be5 (diff)