diff options
| author | Louise Crow <louise.crow@gmail.com> | 2013-06-03 16:41:14 +0100 |
|---|---|---|
| committer | Louise Crow <louise.crow@gmail.com> | 2013-06-03 17:20:07 +0100 |
| commit | d9d9997a1d0f6d361097a8a4bdf1aa0fee24edaa (patch) | |
| tree | 38ee4f809402a447585d7f9c4124d6977d2dbc5b /app/controllers/request_controller.rb | |
| parent | 832da034a6855b94eb5eefd3b3dc4fb8fc9f78a6 (diff) | |
Handle json requests for hidden info requests.
Diffstat (limited to 'app/controllers/request_controller.rb')
| -rw-r--r-- | app/controllers/request_controller.rb | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index b8ccdf926..a455d1725 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -67,8 +67,7 @@ class RequestController < ApplicationController # Test for whole request being hidden if !@info_request.user_can_view?(authenticated_user) - render :template => 'request/hidden', :status => 410 # gone - return + return render_hidden end # Other parameters @@ -126,8 +125,7 @@ class RequestController < ApplicationController long_cache @info_request = InfoRequest.find_by_url_title!(params[:url_title]) if !@info_request.user_can_view?(authenticated_user) - render :template => 'request/hidden', :status => 410 # gone - return + return render_hidden end @columns = ['id', 'event_type', 'created_at', 'described_state', 'last_described_at', 'calculated_state' ] end @@ -146,8 +144,7 @@ class RequestController < ApplicationController raise ActiveRecord::RecordNotFound.new("Request not found") if @info_request.nil? if !@info_request.user_can_view?(authenticated_user) - render :template => 'request/hidden', :status => 410 # gone - return + return render_hidden end @xapian_object = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, :offset => (@page - 1) * @per_page, :limit => @per_page, :collapse_by_prefix => 'request_collapse') @@ -587,8 +584,7 @@ class RequestController < ApplicationController # Test for hidden requests if !authenticated_user.nil? && !@info_request.user_can_view?(authenticated_user) - render :template => 'request/hidden', :status => 410 # gone - return + return render_hidden end # Check address is good @@ -671,7 +667,7 @@ class RequestController < ApplicationController raise ActiveRecord::RecordNotFound.new("Message not found") if incoming_message.nil? if !incoming_message.info_request.user_can_view?(authenticated_user) @info_request = incoming_message.info_request # used by view - render :template => 'request/hidden', :status => 410 # gone + return render_hidden end # Is this a completely public request that we can cache attachments for # to be served up without authentication? @@ -711,7 +707,7 @@ class RequestController < ApplicationController logger.info("Reading cache for #{key_path}") if File.directory?(key_path) - render :text => "Directory listing not allowed", :status => 403 + render :text => "Directory listing not allowed", :status => 403 else render :text => foi_fragment_cache_read(key_path), :content_type => (AlaveteliFileTypes.filename_to_mimetype(params[:file_name]) || 'application/octet-stream') @@ -882,8 +878,7 @@ class RequestController < ApplicationController @info_request = InfoRequest.find_by_url_title!(params[:url_title]) # Test for whole request being hidden or requester-only if !@info_request.all_can_view? - render :template => 'request/hidden', :status => 410 # gone - return + return render_hidden end if authenticated?( :web => _("To download the zip file"), @@ -943,5 +938,17 @@ class RequestController < ApplicationController end end end + + private + + def render_hidden + respond_to do |format| + response_code = 410 # gone + format.html{ render :template => 'request/hidden', :status => response_code } + format.any{ render :nothing => true, :status => response_code } + end + false + end + end |