diff options
121 files changed, 2960 insertions, 1042 deletions
@@ -10,42 +10,42 @@ source 'https://rubygems.org' gem 'rails', '3.1.12' gem 'pg' +# New gem releases aren't being done. master is newer and supports Rails > 3.0 +gem 'acts_as_versioned', :git => 'git://github.com/technoweenie/acts_as_versioned.git' +gem 'capistrano' gem 'charlock_holmes' +gem 'dynamic_form' +gem 'exception_notification' gem 'fastercsv', '>=1.5.5' gem 'jquery-rails', '~> 2.1' gem 'json' gem 'mahoro' gem 'net-http-local' gem 'net-purge' +gem 'newrelic_rpm' gem 'rack' +gem 'rake', '0.9.2.2' gem 'rails-i18n' gem 'rdoc' gem 'recaptcha', '~> 0.3.1', :require => 'recaptcha/rails' # :require avoids "already initialized constant" warnings gem 'rmagick', :require => 'RMagick' -gem 'rake', '0.9.2.2' gem 'ruby-msg', '~> 1.5.0' gem "statistics2", "~> 0.54" +gem 'syslog_protocol' gem 'vpim' gem 'will_paginate' # when 1.2.9 is released by the maintainer, we can stop using this fork: gem 'xapian-full-alaveteli', '~> 1.2.9.5' gem 'xml-simple', :require => 'xmlsimple' gem 'zip' -gem 'capistrano' -gem 'syslog_protocol' -gem 'newrelic_rpm' -# Use until this PR is merged: https://github.com/svenfuchs/globalize3/pull/191 -gem 'globalize3', :git => 'git://github.com/henare/globalize3.git', :branch => 'not-null-empty-attributes' -# New gem releases aren't being done. master is newer and supports Rails > 3.0 -gem 'acts_as_versioned', :git => 'git://github.com/technoweenie/acts_as_versioned.git' -gem 'dynamic_form' -gem 'exception_notification' # Gems related to internationalisation gem 'fast_gettext' gem 'gettext_i18n_rails' gem 'gettext' +# Use until this PR is merged: https://github.com/svenfuchs/globalize3/pull/191 +gem 'globalize3', :git => 'git://github.com/henare/globalize3.git', :branch => 'not-null-empty-attributes' gem 'locale' gem 'routing-filter' gem 'unicode' @@ -71,6 +71,7 @@ group :develop do end group :test, :development do + gem 'factory_girl_rails', '~> 1.7' gem 'rspec-rails' gem 'spork-rails' end diff --git a/Gemfile.lock b/Gemfile.lock index 15c5245ff..4494c2342 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -85,6 +85,11 @@ GEM eventmachine (1.0.3) exception_notification (3.0.1) actionmailer (>= 3.0.4) + factory_girl (2.6.4) + activesupport (>= 2.3.9) + factory_girl_rails (1.7.0) + factory_girl (~> 2.6.0) + railties (>= 3.0.0) fakeweb (1.3.0) fast_gettext (0.7.0) fastercsv (1.5.5) @@ -256,6 +261,7 @@ DEPENDENCIES debugger dynamic_form exception_notification + factory_girl_rails (~> 1.7) fakeweb fast_gettext fastercsv (>= 1.5.5) diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index f5191504e..8b606ea85 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -29,8 +29,7 @@ class AdminController < ApplicationController FileUtils.rm_rf(cache_subpath) # Remove any download zips - download_dir = request_download_zip_dir(info_request) - FileUtils.rm_rf(download_dir) + FileUtils.rm_rf(info_request.download_zip_dir) # Remove the database caches of body / attachment text (the attachment text # one is after privacy rules are applied) diff --git a/app/controllers/admin_incoming_message_controller.rb b/app/controllers/admin_incoming_message_controller.rb new file mode 100644 index 000000000..6b50d0e36 --- /dev/null +++ b/app/controllers/admin_incoming_message_controller.rb @@ -0,0 +1,80 @@ +class AdminIncomingMessageController < AdminController + + def edit + @incoming_message = IncomingMessage.find(params[:id]) + end + + def update + @incoming_message = IncomingMessage.find(params[:id]) + old_prominence = @incoming_message.prominence + old_prominence_reason = @incoming_message.prominence_reason + @incoming_message.prominence = params[:incoming_message][:prominence] + @incoming_message.prominence_reason = params[:incoming_message][:prominence_reason] + if @incoming_message.save + @incoming_message.info_request.log_event('edit_incoming', + :incoming_message_id => @incoming_message.id, + :editor => admin_current_user(), + :old_prominence => old_prominence, + :prominence => @incoming_message.prominence, + :old_prominence_reason => old_prominence_reason, + :prominence_reason => @incoming_message.prominence_reason) + expire_for_request(@incoming_message.info_request) + flash[:notice] = 'Incoming message successfully updated.' + redirect_to admin_request_show_url(@incoming_message.info_request) + else + render :action => 'edit' + end + end + + def destroy + @incoming_message = IncomingMessage.find(params[:incoming_message_id]) + @info_request = @incoming_message.info_request + incoming_message_id = @incoming_message.id + + @incoming_message.fully_destroy + @incoming_message.info_request.log_event("destroy_incoming", + { :editor => admin_current_user(), :deleted_incoming_message_id => incoming_message_id }) + # expire cached files + expire_for_request(@info_request) + flash[:notice] = 'Incoming message successfully destroyed.' + redirect_to admin_request_show_url(@info_request) + end + + def redeliver + incoming_message = IncomingMessage.find(params[:redeliver_incoming_message_id]) + message_ids = params[:url_title].split(",").each {|x| x.strip} + previous_request = incoming_message.info_request + destination_request = nil + ActiveRecord::Base.transaction do + for m in message_ids + if m.match(/^[0-9]+$/) + destination_request = InfoRequest.find_by_id(m.to_i) + else + destination_request = InfoRequest.find_by_url_title!(m) + end + if destination_request.nil? + flash[:error] = "Failed to find destination request '" + m + "'" + return redirect_to admin_request_show_url(previous_request) + end + + raw_email_data = incoming_message.raw_email.data + mail = MailHandler.mail_from_raw_email(raw_email_data) + destination_request.receive(mail, raw_email_data, true) + + incoming_message_id = incoming_message.id + incoming_message.info_request.log_event("redeliver_incoming", { + :editor => admin_current_user(), + :destination_request => destination_request.id, + :deleted_incoming_message_id => incoming_message_id + }) + + flash[:notice] = "Message has been moved to request(s). Showing the last one:" + end + # expire cached files + expire_for_request(previous_request) + incoming_message.fully_destroy + end + redirect_to admin_request_show_url(destination_request) + end + +end diff --git a/app/controllers/admin_outgoing_message_controller.rb b/app/controllers/admin_outgoing_message_controller.rb new file mode 100644 index 000000000..ec0981677 --- /dev/null +++ b/app/controllers/admin_outgoing_message_controller.rb @@ -0,0 +1,47 @@ +class AdminOutgoingMessageController < AdminController + + def edit + @outgoing_message = OutgoingMessage.find(params[:id]) + end + + def destroy + @outgoing_message = OutgoingMessage.find(params[:outgoing_message_id]) + @info_request = @outgoing_message.info_request + outgoing_message_id = @outgoing_message.id + + @outgoing_message.fully_destroy + @outgoing_message.info_request.log_event("destroy_outgoing", + { :editor => admin_current_user(), :deleted_outgoing_message_id => outgoing_message_id }) + + flash[:notice] = 'Outgoing message successfully destroyed.' + redirect_to admin_request_show_url(@info_request) + end + + def update + @outgoing_message = OutgoingMessage.find(params[:id]) + + old_body = @outgoing_message.body + old_prominence = @outgoing_message.prominence + old_prominence_reason = @outgoing_message.prominence_reason + @outgoing_message.prominence = params[:outgoing_message][:prominence] + @outgoing_message.prominence_reason = params[:outgoing_message][:prominence_reason] + @outgoing_message.body = params[:outgoing_message][:body] + if @outgoing_message.save + @outgoing_message.info_request.log_event("edit_outgoing", + { :outgoing_message_id => @outgoing_message.id, + :editor => admin_current_user(), + :old_body => old_body, + :body => @outgoing_message.body, + :old_prominence => old_prominence, + :old_prominence_reason => old_prominence_reason, + :prominence => @outgoing_message.prominence, + :prominence_reason => @outgoing_message.prominence_reason }) + flash[:notice] = 'Outgoing message successfully updated.' + expire_for_request(@outgoing_message.info_request) + redirect_to admin_request_show_url(@outgoing_message.info_request) + else + render :action => 'edit' + end + end + +end diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index 40ccfb98c..4d45ced8b 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -106,39 +106,6 @@ class AdminRequestController < AdminController redirect_to admin_request_list_url end - def edit_outgoing - @outgoing_message = OutgoingMessage.find(params[:id]) - end - - def destroy_outgoing - @outgoing_message = OutgoingMessage.find(params[:outgoing_message_id]) - @info_request = @outgoing_message.info_request - outgoing_message_id = @outgoing_message.id - - @outgoing_message.fully_destroy - @outgoing_message.info_request.log_event("destroy_outgoing", - { :editor => admin_current_user(), :deleted_outgoing_message_id => outgoing_message_id }) - - flash[:notice] = 'Outgoing message successfully destroyed.' - redirect_to admin_request_show_url(@info_request) - end - - def update_outgoing - @outgoing_message = OutgoingMessage.find(params[:id]) - - old_body = @outgoing_message.body - - if @outgoing_message.update_attributes(params[:outgoing_message]) - @outgoing_message.info_request.log_event("edit_outgoing", - { :outgoing_message_id => @outgoing_message.id, :editor => admin_current_user(), - :old_body => old_body, :body => @outgoing_message.body }) - flash[:notice] = 'Outgoing message successfully updated.' - redirect_to admin_request_show_url(@outgoing_message.info_request) - else - render :action => 'edit_outgoing' - end - end - def edit_comment @comment = Comment.find(params[:id]) end @@ -163,58 +130,6 @@ class AdminRequestController < AdminController end end - - def destroy_incoming - @incoming_message = IncomingMessage.find(params[:incoming_message_id]) - @info_request = @incoming_message.info_request - incoming_message_id = @incoming_message.id - - @incoming_message.fully_destroy - @incoming_message.info_request.log_event("destroy_incoming", - { :editor => admin_current_user(), :deleted_incoming_message_id => incoming_message_id }) - # expire cached files - expire_for_request(@info_request) - flash[:notice] = 'Incoming message successfully destroyed.' - redirect_to admin_request_show_url(@info_request) - end - - def redeliver_incoming - incoming_message = IncomingMessage.find(params[:redeliver_incoming_message_id]) - message_ids = params[:url_title].split(",").each {|x| x.strip} - previous_request = incoming_message.info_request - destination_request = nil - ActiveRecord::Base.transaction do - for m in message_ids - if m.match(/^[0-9]+$/) - destination_request = InfoRequest.find_by_id(m.to_i) - else - destination_request = InfoRequest.find_by_url_title!(m) - end - if destination_request.nil? - flash[:error] = "Failed to find destination request '" + m + "'" - return redirect_to admin_request_show_url(previous_request) - end - - raw_email_data = incoming_message.raw_email.data - mail = MailHandler.mail_from_raw_email(raw_email_data) - destination_request.receive(mail, raw_email_data, true) - - incoming_message_id = incoming_message.id - incoming_message.info_request.log_event("redeliver_incoming", { - :editor => admin_current_user(), - :destination_request => destination_request.id, - :deleted_incoming_message_id => incoming_message_id - }) - - flash[:notice] = "Message has been moved to request(s). Showing the last one:" - end - # expire cached files - expire_for_request(previous_request) - incoming_message.fully_destroy - end - redirect_to admin_request_show_url(destination_request) - end - # change user or public body of a request magically def move_request info_request = InfoRequest.find(params[:info_request_id]) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 2ce44011f..cbdffc441 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -211,19 +211,6 @@ class ApplicationController < ActionController::Base end end - def request_dirs(info_request) - first_three_digits = info_request.id.to_s()[0..2] - File.join(first_three_digits.to_s, info_request.id.to_s) - end - - def request_download_zip_dir(info_request) - File.join(download_zip_dir, "download", request_dirs(info_request)) - end - - def download_zip_dir() - File.join(Rails.root, '/cache/zips/') - end - # get the local locale def locale_from_params(*args) if params[:show_locale] diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 45d8b7de6..82697b792 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -63,26 +63,24 @@ class RequestController < ApplicationController # Look up by new style text names @info_request = InfoRequest.find_by_url_title!(params[:url_title]) - set_last_request(@info_request) # Test for whole request being hidden if !@info_request.user_can_view?(authenticated_user) return render_hidden end - # Other parameters - @info_request_events = @info_request.info_request_events - @status = @info_request.calculate_status - @collapse_quotes = params[:unfold] ? false : true + set_last_request(@info_request) + # assign variables from request parameters + @collapse_quotes = params[:unfold] ? false : true # Don't allow status update on external requests, otherwise accept param if @info_request.is_external? @update_status = false else @update_status = params[:update_status] ? true : false end - @old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil? - @is_owning_user = @info_request.is_owning_user?(authenticated_user) + + assign_variables_for_show_template(@info_request) if @update_status return if !@is_owning_user && !authenticated_as_user?(@info_request.user, @@ -92,11 +90,8 @@ class RequestController < ApplicationController ) end - - @last_info_request_event_id = @info_request.last_event_id_needing_description - @new_responses_count = @info_request.events_needing_description.select {|i| i.event_type == 'response'}.size - # Sidebar stuff + @sidebar = true # ... requests that have similar imporant terms begin limit = 10 @@ -106,13 +101,11 @@ class RequestController < ApplicationController rescue @xapian_similar = nil end - # Track corresponding to this page @track_thing = TrackThing.create_track_for_request(@info_request) @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] - # For send followup link at bottom - @last_response = @info_request.get_last_response + respond_to do |format| format.html { @has_json = true; render :template => 'request/show'} format.json { render :json => @info_request.json_for_api(true) } @@ -683,9 +676,13 @@ class RequestController < ApplicationController @info_request = incoming_message.info_request # used by view return render_hidden end + if !incoming_message.user_can_view?(authenticated_user) + @incoming_message = incoming_message # used by view + return render_hidden_message + end # Is this a completely public request that we can cache attachments for # to be served up without authentication? - if incoming_message.info_request.all_can_view? + if incoming_message.info_request.all_can_view? && incoming_message.all_can_view? @files_can_be_cached = true end end @@ -871,10 +868,6 @@ class RequestController < ApplicationController @locale = self.locale_from_params() I18n.with_locale(@locale) do @info_request = InfoRequest.find_by_url_title!(params[:url_title]) - # Test for whole request being hidden or requester-only - if !@info_request.all_can_view? - return render_hidden - end if authenticated?( :web => _("To download the zip file"), :email => _("Then you can download a zip file of {{info_request_title}}.", @@ -882,54 +875,16 @@ class RequestController < ApplicationController :email_subject => _("Log in to download a zip file of {{info_request_title}}", :info_request_title=>@info_request.title) ) - updated = Digest::SHA1.hexdigest(@info_request.info_request_events.last.created_at.to_i.to_s + @info_request.updated_at.to_i.to_s) - @url_path = File.join("/download", - request_dirs(@info_request), - updated, - "#{params[:url_title]}.zip") - file_path = File.expand_path(File.join(download_zip_dir(), @url_path)) - if !File.exists?(file_path) - FileUtils.mkdir_p(File.dirname(file_path)) - Zip::ZipFile.open(file_path, Zip::ZipFile::CREATE) { |zipfile| - convert_command = AlaveteliConfiguration::html_to_pdf_command - done = false - if !convert_command.blank? && File.exists?(convert_command) - url = "http://#{AlaveteliConfiguration::domain}#{request_path(@info_request)}?print_stylesheet=1" - tempfile = Tempfile.new('foihtml2pdf') - output = AlaveteliExternalCommand.run(convert_command, url, tempfile.path) - if !output.nil? - zipfile.get_output_stream("correspondence.pdf") { |f| - f.puts(File.open(tempfile.path).read) - } - done = true - else - logger.error("Could not convert info request #{@info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'") - end - tempfile.close - else - logger.warn("No HTML -> PDF converter found at #{convert_command}") - end - if !done - @info_request_events = @info_request.info_request_events - template = File.read(File.join(File.dirname(__FILE__), "..", "views", "request", "simple_correspondence.html.erb")) - output = ERB.new(template).result(binding) - zipfile.get_output_stream("correspondence.txt") { |f| - f.puts(output) - } - end - for message in @info_request.incoming_messages - attachments = message.get_attachments_for_display - for attachment in attachments - filename = "#{attachment.url_part_number}_#{attachment.display_filename}" - zipfile.get_output_stream(filename) { |f| - f.puts(attachment.body) - } - end - end - } - File.chmod(0644, file_path) + # Test for whole request being hidden or requester-only + if !@info_request.user_can_view?(@user) + return render_hidden + end + cache_file_path = @info_request.make_zip_cache_path(@user) + if !File.exists?(cache_file_path) + FileUtils.mkdir_p(File.dirname(cache_file_path)) + make_request_zip(@info_request, cache_file_path) end - redirect_to @url_path + send_file(cache_file_path, :filename => "#{@info_request.url_title}.zip") end end end @@ -938,12 +893,82 @@ class RequestController < ApplicationController def render_hidden respond_to do |format| - response_code = 410 # gone + response_code = 403 # forbidden format.html{ render :template => 'request/hidden', :status => response_code } format.any{ render :nothing => true, :status => response_code } end false end + def render_hidden_message + respond_to do |format| + response_code = 403 # forbidden + format.html{ render :template => 'request/hidden_correspondence', :status => response_code } + format.any{ render :nothing => true, :status => response_code } + end + false + end + + def assign_variables_for_show_template(info_request) + @info_request = info_request + @info_request_events = info_request.info_request_events + @status = info_request.calculate_status + @old_unclassified = info_request.is_old_unclassified? && !authenticated_user.nil? + @is_owning_user = info_request.is_owning_user?(authenticated_user) + @last_info_request_event_id = info_request.last_event_id_needing_description + @new_responses_count = info_request.events_needing_description.select {|i| i.event_type == 'response'}.size + # For send followup link at bottom + @last_response = info_request.get_last_public_response + end + + def make_request_zip(info_request, file_path) + Zip::ZipFile.open(file_path, Zip::ZipFile::CREATE) do |zipfile| + file_info = make_request_summary_file(info_request) + zipfile.get_output_stream(file_info[:filename]) { |f| f.puts(file_info[:data]) } + message_index = 0 + info_request.incoming_messages.each do |message| + next unless message.user_can_view?(authenticated_user) + message_index += 1 + message.get_attachments_for_display.each do |attachment| + filename = "#{message_index}_#{attachment.url_part_number}_#{attachment.display_filename}" + zipfile.get_output_stream(filename) { |f| f.puts(attachment.body) } + end + end + end + end + + def make_request_summary_file(info_request) + done = false + convert_command = AlaveteliConfiguration::html_to_pdf_command + assign_variables_for_show_template(info_request) + if !convert_command.blank? && File.exists?(convert_command) + @render_to_file = true + html_output = render_to_string(:template => 'request/show') + tmp_input = Tempfile.new(['foihtml2pdf-input', '.html']) + tmp_input.write(html_output) + tmp_input.close + tmp_output = Tempfile.new('foihtml2pdf-output') + output = AlaveteliExternalCommand.run(convert_command, tmp_input.path, tmp_output.path) + if !output.nil? + file_info = { :filename => 'correspondence.pdf', + :data => File.open(tmp_output.path).read } + done = true + else + logger.error("Could not convert info request #{info_request.id} to PDF with command '#{convert_command} #{tmp_input.path} #{tmp_output.path}'") + end + tmp_output.close + tmp_input.delete + tmp_output.delete + else + logger.warn("No HTML -> PDF converter found at #{convert_command}") + end + if !done + file_info = { :filename => 'correspondence.txt', + :data => render_to_string(:template => 'request/show.text', + :layout => false) } + end + file_info + end + end diff --git a/app/helpers/link_to_helper.rb b/app/helpers/link_to_helper.rb index 5533402c5..8df28f350 100755 --- a/app/helpers/link_to_helper.rb +++ b/app/helpers/link_to_helper.rb @@ -53,7 +53,7 @@ module LinkToHelper # Respond to request def respond_to_last_url(info_request, options = {}) - last_response = info_request.get_last_response + last_response = info_request.get_last_public_response if last_response.nil? show_response_no_followup_url(options.merge(:id => info_request.id)) else diff --git a/app/mailers/request_mailer.rb b/app/mailers/request_mailer.rb index 4dbce6738..13b3bc4a1 100644 --- a/app/mailers/request_mailer.rb +++ b/app/mailers/request_mailer.rb @@ -347,8 +347,8 @@ class RequestMailer < ApplicationMailer :age_in_days => days_since) for info_request in info_requests - alert_event_id = info_request.get_last_response_event_id - last_response_message = info_request.get_last_response + alert_event_id = info_request.get_last_public_response_event_id + last_response_message = info_request.get_last_public_response if alert_event_id.nil? raise "internal error, no last response while making alert new response reminder, request id " + info_request.id.to_s end @@ -373,8 +373,8 @@ class RequestMailer < ApplicationMailer def self.alert_not_clarified_request() info_requests = InfoRequest.find(:all, :conditions => [ "awaiting_description = ? and described_state = 'waiting_clarification' and info_requests.updated_at < ?", false, Time.now() - 3.days ], :include => [ :user ], :order => "info_requests.id" ) for info_request in info_requests - alert_event_id = info_request.get_last_response_event_id - last_response_message = info_request.get_last_response + alert_event_id = info_request.get_last_public_response_event_id + last_response_message = info_request.get_last_public_response if alert_event_id.nil? raise "internal error, no last response while making alert not clarified reminder, request id " + info_request.id.to_s end diff --git a/app/models/censor_rule.rb b/app/models/censor_rule.rb index f0d06e088..3c5c77563 100644 --- a/app/models/censor_rule.rb +++ b/app/models/censor_rule.rb @@ -1,18 +1,17 @@ # == Schema Information -# Schema version: 20120919140404 # # Table name: censor_rules # -# id :integer not null, primary key +# id :integer not null, primary key # info_request_id :integer # user_id :integer # public_body_id :integer -# text :text not null -# replacement :text not null -# last_edit_editor :string(255) not null -# last_edit_comment :text not null -# created_at :datetime not null -# updated_at :datetime not null +# text :text not null +# replacement :text not null +# last_edit_editor :string(255) not null +# last_edit_comment :text not null +# created_at :datetime not null +# updated_at :datetime not null # regexp :boolean # diff --git a/app/models/comment.rb b/app/models/comment.rb index 9527030a9..75d37e04f 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -1,17 +1,16 @@ # == Schema Information -# Schema version: 114 # # Table name: comments # -# id :integer not null, primary key -# user_id :integer not null -# comment_type :string(255) default("internal_error"), not null +# id :integer not null, primary key +# user_id :integer not null +# comment_type :string(255) default("internal_error"), not null # info_request_id :integer -# body :text not null -# visible :boolean default(TRUE), not null -# created_at :datetime not null -# updated_at :datetime not null -# locale :text default(""), not null +# body :text not null +# visible :boolean default(TRUE), not null +# created_at :datetime not null +# updated_at :datetime not null +# locale :text default(""), not null # # models/comments.rb: diff --git a/app/models/foi_attachment.rb b/app/models/foi_attachment.rb index 0340f2b83..914420a2b 100644 --- a/app/models/foi_attachment.rb +++ b/app/models/foi_attachment.rb @@ -1,11 +1,9 @@ # encoding: UTF-8 - # == Schema Information -# Schema version: 114 # # Table name: foi_attachments # -# id :integer not null, primary key +# id :integer not null, primary key # content_type :text # filename :text # charset :text diff --git a/app/models/holiday.rb b/app/models/holiday.rb index 98f73e963..3076cc0fd 100644 --- a/app/models/holiday.rb +++ b/app/models/holiday.rb @@ -1,9 +1,8 @@ # == Schema Information -# Schema version: 114 # # Table name: holidays # -# id :integer not null, primary key +# id :integer not null, primary key # day :date # description :text # diff --git a/app/models/incoming_message.rb b/app/models/incoming_message.rb index ae3c3b407..8b2aa87e7 100644 --- a/app/models/incoming_message.rb +++ b/app/models/incoming_message.rb @@ -1,15 +1,13 @@ # coding: utf-8 - # == Schema Information -# Schema version: 114 # # Table name: incoming_messages # -# id :integer not null, primary key -# info_request_id :integer not null -# created_at :datetime not null -# updated_at :datetime not null -# raw_email_id :integer not null +# id :integer not null, primary key +# info_request_id :integer not null +# created_at :datetime not null +# updated_at :datetime not null +# raw_email_id :integer not null # cached_attachment_text_clipped :text # cached_main_body_text_folded :text # cached_main_body_text_unfolded :text @@ -19,6 +17,9 @@ # last_parsed :datetime # mail_from :text # sent_at :datetime +# prominence :string(255) default("normal"), not null +# prominence_reason :text +# # models/incoming_message.rb: # An (email) message from really anybody to be logged with a request. e.g. A @@ -37,6 +38,7 @@ require 'zip/zip' require 'iconv' unless RUBY_VERSION >= '1.9' class IncomingMessage < ActiveRecord::Base + extend MessageProminence belongs_to :info_request validates_presence_of :info_request @@ -48,6 +50,8 @@ class IncomingMessage < ActiveRecord::Base belongs_to :raw_email + has_prominence + # See binary_mask_stuff function below. It just test for inclusion # in this hash, not the value of the right hand side. DoNotBinaryMask = { @@ -59,6 +63,12 @@ class IncomingMessage < ActiveRecord::Base 'application/zip' => 1, } + # Given that there are in theory many info request events, a convenience method for + # getting the response event + def response_event + self.info_request_events.detect{ |e| e.event_type == 'response' } + end + # Return a cached structured mail object def mail(force = nil) if (!force.nil? || @mail.nil?) && !self.raw_email.nil? @@ -151,14 +161,17 @@ class IncomingMessage < ActiveRecord::Base parse_raw_email! super end + def subject parse_raw_email! super end + def mail_from parse_raw_email! super end + def safe_mail_from if !self.mail_from.nil? mail_from = self.mail_from.dup @@ -166,6 +179,15 @@ class IncomingMessage < ActiveRecord::Base return mail_from end end + + def specific_from_name? + !safe_mail_from.nil? && safe_mail_from.strip != info_request.public_body.name.strip + end + + def from_public_body? + safe_mail_from.nil? || (mail_from_domain == info_request.public_body.request_email_domain) + end + def mail_from_domain parse_raw_email! super diff --git a/app/models/info_request.rb b/app/models/info_request.rb index d9a1a65fe..86cc98371 100644 --- a/app/models/info_request.rb +++ b/app/models/info_request.rb @@ -1,27 +1,26 @@ # encoding: utf-8 # == Schema Information -# Schema version: 20120919140404 # # Table name: info_requests # -# id :integer not null, primary key -# title :text not null +# id :integer not null, primary key +# title :text not null # user_id :integer -# public_body_id :integer not null -# created_at :datetime not null -# updated_at :datetime not null -# described_state :string(255) not null -# awaiting_description :boolean default(FALSE), not null -# prominence :string(255) default("normal"), not null -# url_title :text not null -# law_used :string(255) default("foi"), not null -# allow_new_responses_from :string(255) default("anybody"), not null -# handle_rejected_responses :string(255) default("bounce"), not null -# idhash :string(255) not null +# public_body_id :integer not null +# created_at :datetime not null +# updated_at :datetime not null +# described_state :string(255) not null +# awaiting_description :boolean default(FALSE), not null +# prominence :string(255) default("normal"), not null +# url_title :text not null +# law_used :string(255) default("foi"), not null +# allow_new_responses_from :string(255) default("anybody"), not null +# handle_rejected_responses :string(255) default("bounce"), not null +# idhash :string(255) not null # external_user_name :string(255) # external_url :string(255) -# attention_requested :boolean default(FALSE) -# comments_allowed :boolean default(TRUE), not null +# attention_requested :boolean default(FALSE) +# comments_allowed :boolean default(TRUE), not null # require 'digest/sha1' @@ -768,28 +767,30 @@ public self.info_request_events.create!(:event_type => type, :params => params) end - def response_events - self.info_request_events.select{|e| e.response?} + def public_response_events + self.info_request_events.select{|e| e.response? && e.incoming_message.all_can_view? } end - # The last response is the default one people might want to reply to - def get_last_response_event_id - get_last_response_event.id if get_last_response_event + # The last public response is the default one people might want to reply to + def get_last_public_response_event_id + get_last_public_response_event.id if get_last_public_response_event end - def get_last_response_event - response_events.last + + def get_last_public_response_event + public_response_events.last end - def get_last_response - get_last_response_event.incoming_message if get_last_response_event + + def get_last_public_response + get_last_public_response_event.incoming_message if get_last_public_response_event end - def outgoing_events - info_request_events.select{|e| e.outgoing? } + def public_outgoing_events + info_request_events.select{|e| e.outgoing? && e.outgoing_message.all_can_view? } end - # The last outgoing message - def get_last_outgoing_event - outgoing_events.last + # The last public outgoing message + def get_last_public_outgoing_event + public_outgoing_events.last end # Text from the the initial request, for use in summary display @@ -840,6 +841,10 @@ public end end + def last_update_hash + Digest::SHA1.hexdigest(info_request_events.last.created_at.to_i.to_s + updated_at.to_i.to_s) + end + # Get previous email sent to def get_previous_email_sent_to(info_request_event) last_email = nil @@ -934,19 +939,29 @@ public end # Used to find when event last changed - def InfoRequest.last_event_time_clause(event_type=nil) + def InfoRequest.last_event_time_clause(event_type=nil, join_table=nil, join_clause=nil) event_type_clause = '' event_type_clause = " AND info_request_events.event_type = '#{event_type}'" if event_type - "(SELECT created_at - FROM info_request_events + tables = ['info_request_events'] + tables << join_table if join_table + join_clause = "AND #{join_clause}" if join_clause + "(SELECT info_request_events.created_at + FROM #{tables.join(', ')} WHERE info_request_events.info_request_id = info_requests.id #{event_type_clause} + #{join_clause} ORDER BY created_at desc LIMIT 1)" end + def InfoRequest.last_public_response_clause() + join_clause = "incoming_messages.id = info_request_events.incoming_message_id + AND incoming_messages.prominence = 'normal'" + last_event_time_clause('response', 'incoming_messages', join_clause) + end + def InfoRequest.old_unclassified_params(extra_params, include_last_response_time=false) - last_response_created_at = last_event_time_clause('response') + last_response_created_at = last_public_response_clause() age = extra_params[:age_in_days] ? extra_params[:age_in_days].days : OLD_AGE_IN_DAYS params = { :conditions => ["awaiting_description = ? AND #{last_response_created_at} < ? @@ -989,9 +1004,39 @@ public find(:all, params) end + def InfoRequest.download_zip_dir() + File.join(Rails.root, "cache", "zips", "#{Rails.env}") + end + + def request_dirs + first_three_digits = id.to_s()[0..2] + File.join(first_three_digits.to_s, id.to_s) + end + + def download_zip_dir + File.join(InfoRequest.download_zip_dir, "download", request_dirs) + end + + def make_zip_cache_path(user) + cache_file_dir = File.join(InfoRequest.download_zip_dir(), + "download", + request_dirs, + last_update_hash) + cache_file_suffix = if all_can_view_all_correspondence? + "" + elsif Ability.can_view_with_prominence?('hidden', self, user) + "_hidden" + elsif Ability.can_view_with_prominence?('requester_only', self, user) + "_requester_only" + else + "" + end + File.join(cache_file_dir, "#{url_title}#{cache_file_suffix}.zip") + end + def is_old_unclassified? - !is_external? && awaiting_description && url_title != 'holding_pen' && get_last_response_event && - Time.now > get_last_response_event.created_at + OLD_AGE_IN_DAYS + !is_external? && awaiting_description && url_title != 'holding_pen' && get_last_public_response_event && + Time.now > get_last_public_response_event.created_at + OLD_AGE_IN_DAYS end # List of incoming messages to followup, by unique email @@ -1004,6 +1049,8 @@ public end incoming_message.safe_mail_from + next if ! incoming_message.all_can_view? + email = OutgoingMailer.email_for_followup(self, incoming_message) name = OutgoingMailer.name_for_followup(self, incoming_message) @@ -1053,13 +1100,7 @@ public end def user_can_view?(user) - if self.prominence == 'hidden' - return User.view_hidden_requests?(user) - end - if self.prominence == 'requester_only' - return self.is_owning_user?(user) - end - return true + Ability.can_view_with_prominence?(self.prominence, self, user) end # Is this request visible to everyone? @@ -1068,6 +1109,12 @@ public return false end + def all_can_view_all_correspondence? + all_can_view? && + incoming_messages.all?{ |message| message.all_can_view? } && + outgoing_messages.all?{ |message| message.all_can_view? } + end + def indexed_by_search? if self.prominence == 'backpage' || self.prominence == 'hidden' || self.prominence == 'requester_only' return false diff --git a/app/models/info_request_event.rb b/app/models/info_request_event.rb index 0967e3940..67cdda1b4 100644 --- a/app/models/info_request_event.rb +++ b/app/models/info_request_event.rb @@ -1,20 +1,18 @@ # == Schema Information -# Schema version: 114 # # Table name: info_request_events # -# id :integer not null, primary key -# info_request_id :integer not null -# event_type :text not null -# params_yaml :text not null -# created_at :datetime not null +# id :integer not null, primary key +# info_request_id :integer not null +# event_type :text not null +# params_yaml :text not null +# created_at :datetime not null # described_state :string(255) # calculated_state :string(255) # last_described_at :datetime # incoming_message_id :integer # outgoing_message_id :integer # comment_id :integer -# prominence :string(255) default("normal"), not null # # models/info_request_event.rb: @@ -48,10 +46,10 @@ class InfoRequestEvent < ActiveRecord::Base 'destroy_incoming', # deleted an incoming message (in admin interface) 'destroy_outgoing', # deleted an outgoing message (in admin interface) 'redeliver_incoming', # redelivered an incoming message elsewhere (in admin interface) + 'edit_incoming', # incoming message edited (in admin interface) 'move_request', # changed user or public body (in admin interface) 'hide', # hid a request (in admin interface) 'manual', # you did something in the db by hand - 'response', 'comment', 'status_update' @@ -63,35 +61,12 @@ class InfoRequestEvent < ActiveRecord::Base # user described state (also update in info_request) validate :must_be_valid_state - # whether event is publicly visible - validates_inclusion_of :prominence, :in => [ - 'normal', - 'hidden', - 'requester_only' - ] - def must_be_valid_state if !described_state.nil? and !InfoRequest.enumerate_states.include?(described_state) errors.add(described_state, "is not a valid state") end end - def user_can_view?(user) - unless info_request.user_can_view?(user) - raise "internal error, called user_can_view? on event when there is not permission to view entire request" - end - - case prominence - when 'hidden' - User.view_hidden_requests?(user) - when 'requester_only' - info_request.is_owning_user?(user) - else - true - end - end - - # Full text search indexing acts_as_xapian :texts => [ :search_text_main, :title ], :values => [ @@ -260,6 +235,12 @@ class InfoRequestEvent < ActiveRecord::Base if !self.info_request.indexed_by_search? return false end + if self.event_type == 'response' && !self.incoming_message.indexed_by_search? + return false + end + if ['sent', 'followup_sent'].include?(self.event_type) && !self.outgoing_message.indexed_by_search? + return false + end if self.event_type == 'comment' && !self.comment.visible return false end @@ -268,6 +249,7 @@ class InfoRequestEvent < ActiveRecord::Base return false end end + def variety self.event_type end diff --git a/app/models/mail_server_log.rb b/app/models/mail_server_log.rb index 7f61377ce..0e5b60ff1 100644 --- a/app/models/mail_server_log.rb +++ b/app/models/mail_server_log.rb @@ -1,15 +1,14 @@ # == Schema Information -# Schema version: 20121010214348 # # Table name: mail_server_logs # -# id :integer not null, primary key +# id :integer not null, primary key # mail_server_log_done_id :integer # info_request_id :integer -# order :integer not null -# line :text not null -# created_at :datetime not null -# updated_at :datetime not null +# order :integer not null +# line :text not null +# created_at :datetime not null +# updated_at :datetime not null # # We load log file lines for requests in here, for display in the admin interface. diff --git a/app/models/mail_server_log_done.rb b/app/models/mail_server_log_done.rb index 0e7e9eec3..222b072c5 100644 --- a/app/models/mail_server_log_done.rb +++ b/app/models/mail_server_log_done.rb @@ -1,13 +1,12 @@ # == Schema Information -# Schema version: 20121010214348 # # Table name: mail_server_log_dones # -# id :integer not null, primary key -# filename :text not null -# last_stat :datetime not null -# created_at :datetime not null -# updated_at :datetime not null +# id :integer not null, primary key +# filename :text not null +# last_stat :datetime not null +# created_at :datetime not null +# updated_at :datetime not null # # Stores that a particular mail server log file has been loaded in, see mail_server_log.rb diff --git a/app/models/outgoing_message.rb b/app/models/outgoing_message.rb index aedfb9cad..e89c11141 100644 --- a/app/models/outgoing_message.rb +++ b/app/models/outgoing_message.rb @@ -1,18 +1,17 @@ # == Schema Information -# Schema version: 114 # # Table name: outgoing_messages # -# id :integer not null, primary key -# info_request_id :integer not null -# body :text not null -# status :string(255) not null -# message_type :string(255) not null -# created_at :datetime not null -# updated_at :datetime not null +# id :integer not null, primary key +# info_request_id :integer not null +# body :text not null +# status :string(255) not null +# message_type :string(255) not null +# created_at :datetime not null +# updated_at :datetime not null # last_sent_at :datetime # incoming_message_followup_id :integer -# what_doing :string(255) not null +# what_doing :string(255) not null # # models/outgoing_message.rb: @@ -23,6 +22,7 @@ # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class OutgoingMessage < ActiveRecord::Base + extend MessageProminence include Rails.application.routes.url_helpers include LinkToHelper self.default_url_options[:host] = AlaveteliConfiguration::domain @@ -33,6 +33,8 @@ class OutgoingMessage < ActiveRecord::Base strip_attributes! + has_prominence + belongs_to :info_request validates_presence_of :info_request @@ -209,11 +211,11 @@ class OutgoingMessage < ActiveRecord::Base end # Returns text for indexing / text display - def get_text_for_indexing + def get_text_for_indexing(strip_salutation=true) text = self.body.strip # Remove salutation - text.sub!(/Dear .+,/, "") + text.sub!(/Dear .+,/, "") if strip_salutation # Remove email addresses from display/index etc. self.remove_privacy_sensitive_things!(text) @@ -233,6 +235,12 @@ class OutgoingMessage < ActiveRecord::Base return text.html_safe end + # Return body for display as text + def get_body_for_text_display + get_text_for_indexing(strip_salutation=false) + end + + def fully_destroy ActiveRecord::Base.transaction do info_request_event = InfoRequestEvent.find_by_outgoing_message_id(self.id) diff --git a/app/models/post_redirect.rb b/app/models/post_redirect.rb index 409069cb6..5da3d2742 100644 --- a/app/models/post_redirect.rb +++ b/app/models/post_redirect.rb @@ -1,18 +1,17 @@ # == Schema Information -# Schema version: 114 # # Table name: post_redirects # -# id :integer not null, primary key -# token :text not null -# uri :text not null +# id :integer not null, primary key +# token :text not null +# uri :text not null # post_params_yaml :text -# created_at :datetime not null -# updated_at :datetime not null -# email_token :text not null +# created_at :datetime not null +# updated_at :datetime not null +# email_token :text not null # reason_params_yaml :text # user_id :integer -# circumstance :text default("normal"), not null +# circumstance :text default("normal"), not null # # models/post_redirect.rb: diff --git a/app/models/profile_photo.rb b/app/models/profile_photo.rb index 5d542daf1..322ebe53c 100644 --- a/app/models/profile_photo.rb +++ b/app/models/profile_photo.rb @@ -1,12 +1,11 @@ # == Schema Information -# Schema version: 114 # # Table name: profile_photos # -# id :integer not null, primary key -# data :binary not null +# id :integer not null, primary key +# data :binary not null # user_id :integer -# draft :boolean default(FALSE), not null +# draft :boolean default(FALSE), not null # # models/profile_photo.rb: diff --git a/app/models/public_body.rb b/app/models/public_body.rb index 3154be632..828e8c94a 100644 --- a/app/models/public_body.rb +++ b/app/models/public_body.rb @@ -1,27 +1,27 @@ +# -*- coding: utf-8 -*- # == Schema Information -# Schema version: 20120919140404 # # Table name: public_bodies # -# id :integer not null, primary key -# name :text not null -# short_name :text not null -# request_email :text not null -# version :integer not null -# last_edit_editor :string(255) not null -# last_edit_comment :text not null -# created_at :datetime not null -# updated_at :datetime not null -# url_name :text not null -# home_page :text default(""), not null -# notes :text default(""), not null -# first_letter :string(255) not null -# publication_scheme :text default(""), not null -# api_key :string(255) not null -# info_requests_count :integer default(0), not null +# id :integer not null, primary key +# name :text not null +# short_name :text not null +# request_email :text not null +# version :integer not null +# last_edit_editor :string(255) not null +# last_edit_comment :text not null +# created_at :datetime not null +# updated_at :datetime not null +# url_name :text not null +# home_page :text default(""), not null +# notes :text default(""), not null +# first_letter :string(255) not null +# publication_scheme :text default(""), not null +# api_key :string(255) not null +# info_requests_count :integer default(0), not null +# disclosure_log :text default(""), not null # -# -*- coding: utf-8 -*- require 'csv' require 'securerandom' require 'set' diff --git a/app/models/purge_request.rb b/app/models/purge_request.rb index e48f3cc6f..4e6267bd2 100644 --- a/app/models/purge_request.rb +++ b/app/models/purge_request.rb @@ -1,13 +1,12 @@ # == Schema Information -# Schema version: 114 # # Table name: purge_requests # -# id :integer not null, primary key +# id :integer not null, primary key # url :string(255) -# created_at :datetime not null -# model :string(255) not null -# model_id :integer not null +# created_at :datetime not null +# model :string(255) not null +# model_id :integer not null # # models/purge_request.rb: diff --git a/app/models/raw_email.rb b/app/models/raw_email.rb index 6bf01bc74..21a53f493 100644 --- a/app/models/raw_email.rb +++ b/app/models/raw_email.rb @@ -1,9 +1,8 @@ # == Schema Information -# Schema version: 114 # # Table name: raw_emails # -# id :integer not null, primary key +# id :integer not null, primary key # # models/raw_email.rb: diff --git a/app/models/request_classification.rb b/app/models/request_classification.rb index f5a1b4bee..6873d468b 100644 --- a/app/models/request_classification.rb +++ b/app/models/request_classification.rb @@ -1,9 +1,8 @@ # == Schema Information -# Schema version: 20120919140404 # # Table name: request_classifications # -# id :integer not null, primary key +# id :integer not null, primary key # user_id :integer # info_request_event_id :integer # created_at :datetime diff --git a/app/models/track_thing.rb b/app/models/track_thing.rb index 66b8a5c47..d5e1cdb75 100644 --- a/app/models/track_thing.rb +++ b/app/models/track_thing.rb @@ -1,16 +1,15 @@ # == Schema Information -# Schema version: 114 # # Table name: track_things # -# id :integer not null, primary key -# tracking_user_id :integer not null -# track_query :string(255) not null +# id :integer not null, primary key +# tracking_user_id :integer not null +# track_query :string(255) not null # info_request_id :integer # tracked_user_id :integer # public_body_id :integer -# track_medium :string(255) not null -# track_type :string(255) default("internal_error"), not null +# track_medium :string(255) not null +# track_type :string(255) default("internal_error"), not null # created_at :datetime # updated_at :datetime # diff --git a/app/models/track_things_sent_email.rb b/app/models/track_things_sent_email.rb index a9ea2520e..072d3bdea 100644 --- a/app/models/track_things_sent_email.rb +++ b/app/models/track_things_sent_email.rb @@ -1,10 +1,9 @@ # == Schema Information -# Schema version: 114 # # Table name: track_things_sent_emails # -# id :integer not null, primary key -# track_thing_id :integer not null +# id :integer not null, primary key +# track_thing_id :integer not null # info_request_event_id :integer # user_id :integer # public_body_id :integer diff --git a/app/models/user.rb b/app/models/user.rb index 9da4ad743..d7c1c854e 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,26 +1,27 @@ # == Schema Information -# Schema version: 20120919140404 # # Table name: users # -# id :integer not null, primary key -# email :string(255) not null -# name :string(255) not null -# hashed_password :string(255) not null -# salt :string(255) not null -# created_at :datetime not null -# updated_at :datetime not null -# email_confirmed :boolean default(FALSE), not null -# url_name :text not null -# last_daily_track_email :datetime default(Sat Jan 01 00:00:00 UTC 2000) -# admin_level :string(255) default("none"), not null -# ban_text :text default(""), not null -# about_me :text default(""), not null +# id :integer not null, primary key +# email :string(255) not null +# name :string(255) not null +# hashed_password :string(255) not null +# salt :string(255) not null +# created_at :datetime not null +# updated_at :datetime not null +# email_confirmed :boolean default(FALSE), not null +# url_name :text not null +# last_daily_track_email :datetime default(2000-01-01 00:00:00 UTC) +# admin_level :string(255) default("none"), not null +# ban_text :text default(""), not null +# about_me :text default(""), not null # locale :string(255) # email_bounced_at :datetime -# email_bounce_message :text default(""), not null -# no_limit :boolean default(FALSE), not null -# receive_email_alerts :boolean default(TRUE), not null +# email_bounce_message :text default(""), not null +# no_limit :boolean default(FALSE), not null +# receive_email_alerts :boolean default(TRUE), not null +# address :string(255) +# dob :date # require 'digest/sha1' @@ -243,8 +244,8 @@ class User < ActiveRecord::Base !user.nil? && user.owns_every_request? end - # Can the user see every request, even hidden ones? - def User.view_hidden_requests?(user) + # Can the user see every request, response, and outgoing message, even hidden ones? + def User.view_hidden?(user) !user.nil? && user.super? end diff --git a/app/models/user_info_request_sent_alert.rb b/app/models/user_info_request_sent_alert.rb index 449a4c237..098b773f8 100644 --- a/app/models/user_info_request_sent_alert.rb +++ b/app/models/user_info_request_sent_alert.rb @@ -1,12 +1,11 @@ # == Schema Information -# Schema version: 114 # # Table name: user_info_request_sent_alerts # -# id :integer not null, primary key -# user_id :integer not null -# info_request_id :integer not null -# alert_type :string(255) not null +# id :integer not null, primary key +# user_id :integer not null +# info_request_id :integer not null +# alert_type :string(255) not null # info_request_event_id :integer # diff --git a/app/views/admin_general/index.html.erb b/app/views/admin_general/index.html.erb index b239a2b3f..976860fa7 100644 --- a/app/views/admin_general/index.html.erb +++ b/app/views/admin_general/index.html.erb @@ -164,7 +164,7 @@ <%= request_both_links(@request) %> </td> <td class="span2"> - <%=simple_date(@request.get_last_response_event.created_at)%> + <%=simple_date(@request.get_last_public_response_event.created_at)%> </td> </tr> <% end %> diff --git a/app/views/admin_general/timeline.html.erb b/app/views/admin_general/timeline.html.erb index 439ae1e68..c4ea4849b 100644 --- a/app/views/admin_general/timeline.html.erb +++ b/app/views/admin_general/timeline.html.erb @@ -34,7 +34,7 @@ <%= request_both_links(event.info_request) %> <% if event.event_type == 'edit' %> was edited by administrator <strong><%=h event.params[:editor] %></strong>. - <% for p in ['title', 'prominence', 'described_state', 'awaiting_description'] + <% for p in ['title', 'described_state', 'awaiting_description'] if event.params[p.to_sym] != event.params[('old_'+p).to_sym] %> Changed <%=p%> from '<%=h event.params[('old_'+p).to_sym]%>' to '<%=h event.params[p.to_sym] %>'. <% end diff --git a/app/views/admin_incoming_message/_intro.html.erb b/app/views/admin_incoming_message/_intro.html.erb new file mode 100644 index 000000000..1d5585f11 --- /dev/null +++ b/app/views/admin_incoming_message/_intro.html.erb @@ -0,0 +1,3 @@ +<% @title = "Incoming message #{incoming_message.id} of FOI request '#{incoming_message.info_request.title}'" %> +<h1>Incoming message <%= incoming_message.id %></h1> +<p>FOI request: <%= request_both_links(incoming_message.info_request) %></p> diff --git a/app/views/admin_incoming_message/edit.html.erb b/app/views/admin_incoming_message/edit.html.erb new file mode 100644 index 000000000..1088edcab --- /dev/null +++ b/app/views/admin_incoming_message/edit.html.erb @@ -0,0 +1,26 @@ +<%= render :partial => 'intro', :locals => {:incoming_message => @incoming_message } %> +<%= render :partial => 'admin_request/incoming_message_actions', :locals => { :incoming_message => @incoming_message } %> +<fieldset class="form-horizontal"> + <legend>Prominence</legend> + <%= form_tag admin_incoming_update_path(@incoming_message), :class => "form form-inline" do %> + + <div class="control-group"> + <label class="control-label" for="incoming_message_prominence"> Prominence</label> + <div class="controls"> + <%= select('incoming_message', "prominence", IncomingMessage.prominence_states) %> + </div> + </div> + + <div class="control-group"> + <label class="control-label" for="incoming_message_prominence_reason">Reason for prominence</label> + <div class="controls"> + <%= text_area "incoming_message", "prominence_reason", :rows => 5, :class => "span6" %> + </div> + </div> + + <div class="form-actions" > + <%= submit_tag 'Save', :class => "btn" %> + </div> + + <% end %> +</fieldset> diff --git a/app/views/admin_outgoing_message/edit.html.erb b/app/views/admin_outgoing_message/edit.html.erb new file mode 100644 index 000000000..d5f5f43bf --- /dev/null +++ b/app/views/admin_outgoing_message/edit.html.erb @@ -0,0 +1,50 @@ +<h1>Edit outgoing message</h1> + +<%= error_messages_for 'outgoing_message' %> + +<%= form_tag admin_outgoing_update_path(@outgoing_message) do %> + <div class="control-group"> + <label class="control-label" for="outgoing_message_prominence"> Prominence</label> + <div class="controls"> + <%= select('outgoing_message', "prominence", OutgoingMessage.prominence_states) %> + </div> + </div> + + <div class="control-group"> + <label class="control-label" for="outgoing_message_prominence_reason">Reason for prominence</label> + <div class="controls"> + <%= text_area "outgoing_message", "prominence_reason", :rows => 5, :class => "span6" %> + </div> + </div> + + <div class="control-group"> + <label class="control-label" for="outgoing_message_body">Body of message</label> + <div class="controls"> + <%= text_area 'outgoing_message', 'body', :rows => 10, :cols => 60 %> + </div> + + <p><strong>Note:</strong> This is mainly to be used to excise information + that users inadvertently put in their messages, not realising it would be + public. It will already have been sent to the public authority, and their + reply may also include that information and be automatically published on + this site. You could also use this to edit a message before resending it, but + only the edited version will be shown on the public page if you do that.</p> + +<div class="form-actions" > +<%= submit_tag 'Save', :accesskey => 's', :class => 'btn' %> +</div> +<% end %> + +<p> +<%= link_to 'Show', admin_request_show_path(@outgoing_message.info_request) %> | +<%= link_to 'List all', admin_request_list_path %> +</p> + +<%= form_tag admin_outgoing_destroy_path do %> + <div> + <%= hidden_field_tag 'outgoing_message_id', @outgoing_message.id %> + <%= submit_tag "Destroy outgoing message", :class => "btn btn-danger", :confirm => "This is permanent! Are you sure?" %> + </div> +<% end %> + + diff --git a/app/views/admin_request/_incoming_message_actions.html.erb b/app/views/admin_request/_incoming_message_actions.html.erb index 653e73337..4cf099b53 100644 --- a/app/views/admin_request/_incoming_message_actions.html.erb +++ b/app/views/admin_request/_incoming_message_actions.html.erb @@ -1,6 +1,6 @@ <fieldset class="form-horizontal"> <legend>Actions</legend> - <%= form_tag admin_request_redeliver_incoming_path, :class => "form form-inline" do %> + <%= form_tag admin_incoming_redeliver_path, :class => "form form-inline" do %> <div class="control-group"> <label class="control-label" for="url_title_<%= incoming_message.id %>">Redeliver message to one or more other requests</label> <div class="controls"> @@ -22,7 +22,7 @@ </div> </div> - <%= form_tag admin_request_destroy_incoming_path, :class => "form form-inline" do %> + <%= form_tag admin_incoming_destroy_path, :class => "form form-inline" do %> <div class="control-group"> <label class="control-label" for="destroy_message_<%= incoming_message.id %>">Destroy message</label> <div class="controls"> diff --git a/app/views/admin_request/edit_outgoing.html.erb b/app/views/admin_request/edit_outgoing.html.erb deleted file mode 100644 index 9fe8a4497..000000000 --- a/app/views/admin_request/edit_outgoing.html.erb +++ /dev/null @@ -1,32 +0,0 @@ -<h1>Edit outgoing message</h1> - -<%= error_messages_for 'outgoing_message' %> - -<%= form_tag admin_request_update_outgoing_path(@outgoing_message) do %> - - <p><label for="outgoing_message_body">Body of message</label><br/> - <%= text_area 'outgoing_message', 'body', :rows => 10, :cols => 60 %></p> - - <p><strong>Note:</strong> This is mainly to be used to excise information - that users inadvertently put in their messages, not realising it would be - public. It will already have been sent to the public authority, and their - reply may also include that information and be automatically published on - this site. You could also use this to edit a message before resending it, but - only the edited version will be shown on the public page if you do that.</p> - - <p><%= submit_tag 'Save', :accesskey => 's' %></p> -<% end %> - -<p> -<%= link_to 'Show', admin_request_show_path(@outgoing_message.info_request) %> | -<%= link_to 'List all', admin_request_list_path %> -</p> - -<%= form_tag admin_request_destroy_outgoing_path do %> - <div> - <%= hidden_field_tag 'outgoing_message_id', @outgoing_message.id %> - <%= submit_tag "Destroy outgoing message", :class => "btn btn-danger", :confirm => "This is permanent! Are you sure?" %> - </div> -<% end %> - - diff --git a/app/views/admin_request/show.html.erb b/app/views/admin_request/show.html.erb index e18e319be..83d9c3764 100644 --- a/app/views/admin_request/show.html.erb +++ b/app/views/admin_request/show.html.erb @@ -233,7 +233,7 @@ <div class="accordion-group"> <div class="accordion-heading"> <a href="#outgoing_<%=outgoing_message.id%>" data-toggle="collapse" data-parent="#outgoing_messages"><%= chevron_right %></a> - <%= link_to admin_request_edit_outgoing_path(outgoing_message) do %> + <%= link_to admin_outgoing_edit_path(outgoing_message) do %> #<%= outgoing_message.id %> -- <%= outgoing_message.status.humanize %> <%= outgoing_message.message_type.humanize %> <% end %> <blockquote> @@ -275,11 +275,16 @@ <hr> <h2>Incoming messages</h2> <div class="accordion" id="incoming_messages"> - <% for incoming_message in @info_request.incoming_messages.find(:all, :order => 'created_at') %> + <% for incoming_message in @info_request.incoming_messages %> <div class="accordion-group"> <div class="accordion-heading"> <a href="#incoming_<%=incoming_message.id%>" data-toggle="collapse" data-parent="#incoming_messages"><%= chevron_right %></a> - <%=incoming_message.id%> -- <%= h(incoming_message.mail_from) %> <%=_("at")%> <%=admin_value(incoming_message.sent_at)%> + <%= link_to admin_incoming_edit_path(incoming_message) do %> + <%=incoming_message.id%> + -- + <%= h(incoming_message.mail_from) %> + <%=_("at")%> <%=admin_value(incoming_message.sent_at)%> + <% end %> <blockquote class="incoming-message"> <% if !incoming_message.cached_main_body_text_folded.nil? %> <%= truncate(incoming_message.cached_main_body_text_folded.gsub('FOLDED_QUOTED_SECTION', ''), :length => 400) %> diff --git a/app/views/admin_request/show_raw_email.html.erb b/app/views/admin_request/show_raw_email.html.erb index 72c782ad6..da22b6069 100644 --- a/app/views/admin_request/show_raw_email.html.erb +++ b/app/views/admin_request/show_raw_email.html.erb @@ -1,9 +1,5 @@ -<% @title = "Incoming message #{@raw_email.incoming_message.id} of FOI request '#{@raw_email.incoming_message.info_request.title}'" %> +<%= render :partial => 'admin_incoming_message/intro', :locals => { :incoming_message => @raw_email.incoming_message } %> -<h1>Incoming message <%=@raw_email.incoming_message.id %></h1> - -<p> - FOI request: <%= request_both_links(@raw_email.incoming_message.info_request) %> <% if @holding_pen %> <br>This is in the holding pen because: <strong><%= @rejected_reason %></strong> <% if @public_bodies.size > 0 %> diff --git a/app/views/comment/_single_comment.html.erb b/app/views/comment/_single_comment.html.erb index 421a9d4ba..af1de0649 100644 --- a/app/views/comment/_single_comment.html.erb +++ b/app/views/comment/_single_comment.html.erb @@ -1,5 +1,5 @@ <div class="comment_in_request" id="comment-<%=comment.id.to_s%>"> - <% if comment.user && comment.user.profile_photo %> + <% if comment.user && comment.user.profile_photo && !@render_to_file %> <div class="user_photo_on_comment"> <img src="<%= get_profile_photo_url(:url_name => comment.user.url_name) %>" alt=""> </div> diff --git a/app/views/comment/_single_comment.text.erb b/app/views/comment/_single_comment.text.erb new file mode 100644 index 000000000..925e8b688 --- /dev/null +++ b/app/views/comment/_single_comment.text.erb @@ -0,0 +1,2 @@ +<%= _("{{username}} left an annotation:", :username =>comment.user.name) %> (<%= simple_date(comment.created_at || Time.now) %>) +<%= comment.body.strip %> diff --git a/app/views/general/_stylesheet_includes.html.erb b/app/views/general/_stylesheet_includes.html.erb index 9dd1f357d..416ddb825 100644 --- a/app/views/general/_stylesheet_includes.html.erb +++ b/app/views/general/_stylesheet_includes.html.erb @@ -1,16 +1,23 @@ - <%= stylesheet_link_tag 'main', :title => "Main", :rel => "stylesheet", :media => "all" %> - <%= stylesheet_link_tag 'fonts', :rel => "stylesheet", :media => "all" %> - <%= stylesheet_link_tag 'print', :rel => "stylesheet", :media => "print" %> - <% if !params[:print_stylesheet].nil? %> - <%= stylesheet_link_tag 'print', :rel => "stylesheet", :media => "all" %> - <% end %> - <%= stylesheet_link_tag 'admin-theme/jquery-ui-1.8.15.custom.css', :rel => 'stylesheet'%> - <!--[if LT IE 7]> - <style type="text/css">@import url("/stylesheets/ie6.css");</style> - <![endif]--> - <!--[if LT IE 8]> - <style type="text/css">@import url("/stylesheets/ie7.css");</style> - <![endif]--> - <% if AlaveteliConfiguration::force_registration_on_new_request %> - <%= stylesheet_link_tag 'jquery.fancybox-1.3.4', :rel => "stylesheet" %> - <% end %> +<%- if @render_to_file %> + <style> + <%= raw File.read(Rails.root.join('public', 'stylesheets', 'main.css')) %> + <%= raw File.read(Rails.root.join('public', 'stylesheets', 'print.css')) %> + </style> +<%- else %> + <%= stylesheet_link_tag 'main', :title => "Main", :rel => "stylesheet", :media => "all" %> + <%= stylesheet_link_tag 'fonts', :rel => "stylesheet", :media => "all" %> + <%= stylesheet_link_tag 'print', :rel => "stylesheet", :media => "print" %> + <% if !params[:print_stylesheet].nil? %> + <%= stylesheet_link_tag 'print', :rel => "stylesheet", :media => "all" %> + <% end %> + <%= stylesheet_link_tag 'admin-theme/jquery-ui-1.8.15.custom.css', :rel => 'stylesheet'%> + <!--[if LT IE 7]> + <style type="text/css">@import url("/stylesheets/ie6.css");</style> + <![endif]--> + <!--[if LT IE 8]> + <style type="text/css">@import url("/stylesheets/ie7.css");</style> + <![endif]--> + <% if AlaveteliConfiguration::force_registration_on_new_request %> + <%= stylesheet_link_tag 'jquery.fancybox-1.3.4', :rel => "stylesheet" %> + <% end %> +<% end %> diff --git a/app/views/request/_after_actions.html.erb b/app/views/request/_after_actions.html.erb index b54a8f5fb..f780e3a37 100644 --- a/app/views/request/_after_actions.html.erb +++ b/app/views/request/_after_actions.html.erb @@ -15,11 +15,9 @@ <%= link_to _('Update the status of this request'), '#describe_state_form_1' %> </li> <% end %> - <% if @info_request.all_can_view? %> <li> <%= link_to _("Download a zip file of all correspondence"), download_entire_request_path(:url_title => @info_request.url_title) %> </li> - <% end %> </ul> </div> <% if ! @info_request.is_external? %> diff --git a/app/views/request/_correspondence.html.erb b/app/views/request/_correspondence.html.erb index 68711b259..872761749 100644 --- a/app/views/request/_correspondence.html.erb +++ b/app/views/request/_correspondence.html.erb @@ -1,80 +1,12 @@ <div class="ff-print-fix"></div> -<% -if !info_request_event.nil? && info_request_event.event_type == 'response' - incoming_message = info_request_event.incoming_message -end - -if not incoming_message.nil? -%> - <div class="incoming correspondence" id="incoming-<%=incoming_message.id.to_s%>"> - <h2> - <% if !incoming_message.safe_mail_from.nil? && incoming_message.safe_mail_from.strip != @info_request.public_body.name.strip %> - <%= _("From:") %> <%=h incoming_message.safe_mail_from %><br> - <% end %> - <% if incoming_message.safe_mail_from.nil? || (incoming_message.mail_from_domain == @info_request.public_body.request_email_domain) %> - <%=h @info_request.public_body.name %><br> - <% end %> - <br><%= simple_date(incoming_message.sent_at) %> - </h2> - - <%= render :partial => 'bubble', :locals => { :incoming_message => incoming_message, :body => incoming_message.get_body_for_html_display(@collapse_quotes), :attachments => incoming_message.get_attachments_for_display } %> - - <p class="event_actions"> - <% if !@user.nil? && @user.admin_page_links? %> - <%= link_to "Admin", admin_request_show_raw_email_path(incoming_message.raw_email_id) %> | - <% end %> - <%= link_to _("Link to this"), incoming_message_path(incoming_message), :class => "link_to_this" %> - </p> - </div> -<% -elsif [ 'sent', 'followup_sent' ].include?(info_request_event.event_type) - outgoing_message = info_request_event.outgoing_message - %> - <div class="outgoing correspondence" id="outgoing-<%=outgoing_message.id.to_s%>"> - - <h2> - <%= _("From:") %> <%=h @info_request.user_name %><br> - <br><%= simple_date(info_request_event.created_at) %> - </h2> - - <%= render :partial => 'bubble', :locals => { :body => outgoing_message.get_body_for_html_display(), :attachments => nil } %> - - <p class="event_actions"> - <% if outgoing_message.status == 'ready' && !@info_request.is_external? %> - <strong>Warning:</strong> This message has <strong>not yet been sent</strong> for an unknown reason. - <% end %> - - <!-- Can use this to get name of who followup was too, if say you - play with proper from display, but not sure needed - <% if outgoing_message.message_type == 'followup' && !outgoing_message.incoming_message_followup.nil? && !outgoing_message.incoming_message_followup.safe_mail_from.nil? %> - Follow up sent to: <%=h outgoing_message.incoming_message_followup.safe_mail_from %> - <% end %> - --> - - <%= link_to _("Link to this"), outgoing_message_path(outgoing_message), :class => "link_to_this" %> - </p> - </div> -<% elsif [ 'resent', 'followup_resent' ].include?(info_request_event.event_type) %> - <div class="outgoing correspondence" id="outgoing-<%=info_request_event.outgoing_message.id.to_s%>"> - <h2> - <%= simple_date(info_request_event.created_at) %> - </h2> - <p class="event_plain"> - Sent - <% if info_request_event.outgoing_message.message_type == 'initial_request' %> - request - <% elsif info_request_event.outgoing_message.message_type == 'followup' %> - a follow up - <% else %> - <% raise "unknown message_type" %> - <% end %> - - to <%= public_body_link(@info_request.public_body) %> again<% if not info_request_event.same_email_as_previous_send? %>, using a new contact address<% end %>. - </p> - </div> -<% elsif info_request_event.event_type == 'comment' - comment = info_request_event.comment -%> - <%= render :partial => 'comment/single_comment', :locals => { :comment => comment } %> +<% case info_request_event.event_type %> +<% when 'response' %> + <%= render :partial => 'request/incoming_correspondence', :locals => { :incoming_message => info_request_event.incoming_message } %> +<% when 'sent', 'followup_sent' %> + <%= render :partial => 'request/outgoing_correspondence', :locals => { :outgoing_message => info_request_event.outgoing_message, :info_request_event => info_request_event }%> +<% when 'resent', 'followup_resent' %> + <%= render :partial => 'request/resent_outgoing_correspondence', :locals => { outgoing_message => info_request_event.outgoing_message, :info_request_event => info_request_event }%> +<% when 'comment' %> + <%= render :partial => 'comment/single_comment', :locals => { :comment => info_request_event.comment } %> <% end %> diff --git a/app/views/request/_hidden_correspondence.html.erb b/app/views/request/_hidden_correspondence.html.erb index 4c06f1f48..153164278 100644 --- a/app/views/request/_hidden_correspondence.html.erb +++ b/app/views/request/_hidden_correspondence.html.erb @@ -1,33 +1,13 @@ -<% if info_request_event.prominence == 'requester_only' %> - <% - if !info_request_event.nil? && info_request_event.event_type == 'response' - incoming_message = info_request_event.incoming_message - end - if not incoming_message.nil? - %> - <div class="correspondence" id="incoming-<%=incoming_message.id.to_s%>"> - <p> - <%= _('This response has been hidden. See annotations to find out why. - If you are the requester, then you may <a href="{{url}}">sign in</a> to view the response.', :url => signin_url(:r => request.fullpath).html_safe) %> - </p> - </div> - <% elsif [ 'sent', 'followup_sent', 'resent', 'followup_resent' ].include?(info_request_event.event_type) %> - <div class="correspondence" id="outgoing-<%=outgoing_message.id.to_s%>"> - <p> - <%= _('This outgoing message has been hidden. See annotations to - find out why. If you are the requester, then you may <a href="{{url}}">sign in</a> to view the response.', :url => signin_url(:r => request.fullpath).html_safe) %> - </p> - </div> - <% elsif info_request_event.event_type == 'comment' %> - <div class="comment_in_request" id="comment-<%=comment.id.to_s%>"> - <p><%= _('This comment has been hidden. See annotations to - find out why. If you are the requester, then you may <a href="{{url}}">sign in</a> to view the response.', :url => signin_url(:r => request.fullpath).html_safe) %> - </p> - </div> - <% end %> - -<% elsif info_request_event.prominence == 'hidden' %> - <% # show nothing when hidden %> -<% else %> - <% raise _("unexpected prominence on request event") %> -<% end %> +<p id="hidden_message"> + <%- if !message.prominence_reason.blank? %> + <%= _('This message has been hidden.') %> + <%= message.prominence_reason %> + <%= _('Please <a href="{{url}}">contact us</a> if you have any questions.', :url => help_contact_path.html_safe) %> + <%- else %> + <%= _("This message has been hidden. There are various reasons why we might have done this, sorry we can't be more specific here.") %> + <%= _('Please <a href="{{url}}">contact us</a> if you have any questions.', :url => help_contact_path.html_safe) %> + <%- end %> + <% if message.prominence == 'requester_only' %> + <%= _('If you are the requester, then you may <a href="{{url}}">sign in</a> to view the message.', :url => signin_url(:r => request.fullpath).html_safe) %> + <% end %> +</p> diff --git a/app/views/request/_hidden_correspondence.text.erb b/app/views/request/_hidden_correspondence.text.erb new file mode 100644 index 000000000..010b6b66d --- /dev/null +++ b/app/views/request/_hidden_correspondence.text.erb @@ -0,0 +1,5 @@ +<%- if !message.prominence_reason.blank? %> + <%= _('This message has been hidden.') %> <%= message.prominence_reason %> +<%- else %> + <%= _("This message has been hidden. There are various reasons why we might have done this, sorry we can't be more specific here.") %> +<%- end %> diff --git a/app/views/request/_incoming_correspondence.html.erb b/app/views/request/_incoming_correspondence.html.erb new file mode 100644 index 000000000..f39d650d8 --- /dev/null +++ b/app/views/request/_incoming_correspondence.html.erb @@ -0,0 +1,26 @@ +<div class="incoming correspondence <%= incoming_message.prominence %>" id="incoming-<%=incoming_message.id.to_s%>"> + <%- if not incoming_message.user_can_view?(@user) %> + <%= render :partial => 'request/hidden_correspondence', :locals => { :message => incoming_message }%> + <%- else %> + <%= render :partial => 'request/restricted_correspondence', :locals => {:message => incoming_message } %> + <h2> + <% if incoming_message.specific_from_name? %> + <%= _("From:") %> <%= incoming_message.safe_mail_from %><br> + <% end %> + <% if incoming_message.from_public_body? %> + <%= @info_request.public_body.name %><br> + <% end %> + <br><%= simple_date(incoming_message.sent_at) %> + </h2> + + <%= render :partial => 'bubble', :locals => { :incoming_message => incoming_message, :body => incoming_message.get_body_for_html_display(@collapse_quotes), :attachments => incoming_message.get_attachments_for_display } %> + + <p class="event_actions"> + <% if !@user.nil? && @user.admin_page_links? %> + <%= link_to "Admin", admin_incoming_edit_path(incoming_message.id) %> | + <% end %> + <%= link_to _("Link to this"), incoming_message_path(incoming_message), :class => "link_to_this" %> + </p> + <%- end %> +</div> + diff --git a/app/views/request/_incoming_correspondence.text.erb b/app/views/request/_incoming_correspondence.text.erb new file mode 100644 index 000000000..33ddad926 --- /dev/null +++ b/app/views/request/_incoming_correspondence.text.erb @@ -0,0 +1,12 @@ +<%- if not incoming_message.user_can_view?(@user) %> + <%= render :partial => 'request/hidden_correspondence.text', :locals => { :message => incoming_message }%> +<%- else %> +<%= _('From:') %><% if incoming_message.specific_from_name? %> <%= incoming_message.safe_mail_from %><% end %><% if incoming_message.from_public_body? %>, <%= @info_request.public_body.name %><% end %> +<%= _('To:') %> <% if @info_request.user_name %><%= @info_request.user_name %><% else %><%= "[#{_('An anonymous user')}]"%><% end %> +<%= _('Date:') %> <%= simple_date(incoming_message.sent_at) %> + + <%= incoming_message.get_body_for_quoting %> + <% incoming_message.get_attachments_for_display.each do |a| %> +<%= _('Attachment:') %> <%= a.display_filename %> (<%= a.display_size %>) + <% end %> +<% end %> diff --git a/app/views/request/_outgoing_correspondence.html.erb b/app/views/request/_outgoing_correspondence.html.erb new file mode 100644 index 000000000..dced5c94c --- /dev/null +++ b/app/views/request/_outgoing_correspondence.html.erb @@ -0,0 +1,18 @@ +<div class="outgoing correspondence" id="outgoing-<%=outgoing_message.id.to_s%>"> + <%- if not outgoing_message.user_can_view?(@user) %> + <%= render :partial => 'request/hidden_correspondence', :locals => { :message => outgoing_message }%> + <%- else %> + <%= render :partial => 'request/restricted_correspondence', :locals => {:message => outgoing_message } %> + <h2> + <%= _("From:") %> <%= @info_request.user_name %><br> + <br><%= simple_date(info_request_event.created_at) %> + </h2> + <%= render :partial => 'bubble', :locals => { :body => outgoing_message.get_body_for_html_display(), :attachments => nil } %> + <p class="event_actions"> + <% if outgoing_message.status == 'ready' && !@info_request.is_external? %> + <strong>Warning:</strong> This message has <strong>not yet been sent</strong> for an unknown reason. + <% end %> + <%= link_to _("Link to this"), outgoing_message_path(outgoing_message), :class => "link_to_this" %> + </p> + <%- end %> +</div> diff --git a/app/views/request/_outgoing_correspondence.text.erb b/app/views/request/_outgoing_correspondence.text.erb new file mode 100644 index 000000000..80c71cc01 --- /dev/null +++ b/app/views/request/_outgoing_correspondence.text.erb @@ -0,0 +1,8 @@ +<%- if not outgoing_message.user_can_view?(@user) %> + <%= render :partial => 'request/hidden_correspondence.text', :locals => { :message => outgoing_message }%> +<%- else %> + <%= _('From:') %> <% if @info_request.user_name %><%= @info_request.user_name %><% else %><%= "[#{_('An anonymous user')}]"%><% end %> + <%= _('To:') %> <%= @info_request.public_body.name %> + <%= _('Date:') %> <%= simple_date(info_request_event.created_at) %> + <%= outgoing_message.get_body_for_text_display %> +<%- end %> diff --git a/app/views/request/_resent_outgoing_correspondence.html.erb b/app/views/request/_resent_outgoing_correspondence.html.erb new file mode 100644 index 000000000..17b6b635b --- /dev/null +++ b/app/views/request/_resent_outgoing_correspondence.html.erb @@ -0,0 +1,16 @@ +<div class="outgoing correspondence" id="outgoing-<%=outgoing_message.id.to_s%>"> + <h2> + <%= simple_date(info_request_event.created_at) %> + </h2> + <p class="event_plain"> + Sent + <% if outgoing_message.message_type == 'initial_request' %> + request + <% elsif outgoing_message.message_type == 'followup' %> + a follow up + <% else %> + <% raise "unknown message_type" %> + <% end %> + to <%= public_body_link(@info_request.public_body) %> again<% if not info_request_event.same_email_as_previous_send? %>, using a new contact address<% end %>. + </p> +</div> diff --git a/app/views/request/_resent_outgoing_correspondence.text.erb b/app/views/request/_resent_outgoing_correspondence.text.erb new file mode 100644 index 000000000..d645e9488 --- /dev/null +++ b/app/views/request/_resent_outgoing_correspondence.text.erb @@ -0,0 +1,2 @@ +<%= _('Date:') %> <%= simple_date(info_request_event.created_at) %> +Sent <% if outgoing_message.message_type == 'initial_request' %> request <% elsif outgoing_message.message_type == 'followup' %> a follow up <% else %> <% raise "unknown message_type" %><% end %> to <%= public_body_link(@info_request.public_body) %> again<% if not info_request_event.same_email_as_previous_send? %>, using a new contact address<% end %>. diff --git a/app/views/request/_restricted_correspondence.html.erb b/app/views/request/_restricted_correspondence.html.erb new file mode 100644 index 000000000..745c4ff0e --- /dev/null +++ b/app/views/request/_restricted_correspondence.html.erb @@ -0,0 +1,18 @@ +<% if message.prominence == 'hidden' %> + <p id="hidden_message"> + <%- if !message.prominence_reason.blank? %> + <%= _('This message has prominence \'hidden\'. {{reason}} You can only see it because you are logged in as a super user.', :reason => message.prominence_reason) %> + <%- else %> + <%= _('This message has prominence \'hidden\'. You can only see it because you are logged in as a super user.') %> + <%- end %> + </p> +<% end %> +<% if message.prominence == 'requester_only' %> + <p id="hidden_message"> + <%- if !message.prominence_reason.blank? %> + <%= _('This message is hidden, so that only you, the requester, can see it. {{reason}}', :reason => message.prominence_reason) %> + <%- else %> + <%= _('This message is hidden, so that only you, the requester, can see it. Please <a href="{{url}}">contact us</a> if you are not sure why.', :url => help_requesting_path.html_safe) %> + <%- end %> + </p> +<% end %> diff --git a/app/views/request/hidden_correspondence.html.erb b/app/views/request/hidden_correspondence.html.erb new file mode 100644 index 000000000..46bf3ee37 --- /dev/null +++ b/app/views/request/hidden_correspondence.html.erb @@ -0,0 +1,4 @@ +<% @title = _("Message has been removed") %> + +<h1><%=@title%></h1> +<%= render :partial => 'request/hidden_correspondence', :locals => { :message => @incoming_message } %> diff --git a/app/views/request/show.html.erb b/app/views/request/show.html.erb index 4b0663f76..c520ce40c 100644 --- a/app/views/request/show.html.erb +++ b/app/views/request/show.html.erb @@ -25,7 +25,7 @@ <div id="left_column"> <h1><%=h(@info_request.title)%></h1> - <% if !@info_request.is_external? && @info_request.user.profile_photo %> + <% if !@info_request.is_external? && @info_request.user.profile_photo && !@render_to_file %> <p class="user_photo_on_request"> <img src="<%= get_profile_photo_url(:url_name => @info_request.user.url_name) %>" alt=""> </p> @@ -48,7 +48,7 @@ <p id="request_status" class="request_icon_line icon_<%= @info_request.calculate_status %>"> <% if @info_request.awaiting_description %> - <% if @is_owning_user && !@info_request.is_external? %> + <% if @is_owning_user && !@info_request.is_external? && !@render_to_file %> <%= _('Please <strong>answer the question above</strong> so we know whether the ')%> <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'recent response contains', 'recent responses contain') %> <%= _('useful information.') %> <% else %> @@ -146,4 +146,4 @@ <%= render :partial => 'after_actions' %> </div> -<%= render :partial => 'sidebar' %> +<%- if @sidebar %><%= render :partial => 'sidebar' %><% end %> diff --git a/app/views/request/show.text.erb b/app/views/request/show.text.erb new file mode 100644 index 000000000..29ac2987f --- /dev/null +++ b/app/views/request/show.text.erb @@ -0,0 +1,17 @@ +<%= _('This is a plain-text version of the Freedom of Information request "{{request_title}}". The latest, full version is available online at {{full_url}}', :request_title => @info_request.title, :full_url => "http://#{AlaveteliConfiguration::domain}#{show_request_path(:url_title=>@info_request.url_title)}") %>. + +<% @info_request_events.each do |info_request_event| %> + <% if info_request_event.visible %> + <% case info_request_event.event_type %> + <% when 'response' %> + <%= render :partial => 'request/incoming_correspondence.text', :locals => { :incoming_message => info_request_event.incoming_message } %> + <% when 'sent', 'followup_sent' %> + <%= render :partial => 'request/outgoing_correspondence.text', :locals => { :outgoing_message => info_request_event.outgoing_message, :info_request_event => info_request_event }%> + <% when 'resent', 'followup_resent' %> + <%= render :partial => 'request/resent_outgoing_correspondence.text', :locals => { outgoing_message => info_request_event.outgoing_message, :info_request_event => info_request_event }%> + <% when 'comment' %> + <%= render :partial => 'comment/single_comment.text', :locals => { :comment => info_request_event.comment } %> + <% end %> +------------------------------- + <% end %> +<% end %> diff --git a/app/views/request/show_response.html.erb b/app/views/request/show_response.html.erb index a61359679..ace86cf4c 100644 --- a/app/views/request/show_response.html.erb +++ b/app/views/request/show_response.html.erb @@ -36,7 +36,7 @@ <dd> <%= _('To do that please send a private email to ') %><%=h(@postal_email_name)%> <<%=link_to h(@postal_email), "mailto:" + @postal_email%>> - <%= _('containing your postal address, and asking them to reply to this request. + <%= _('containing your postal address, and asking them to reply to this request. Or you could phone them.') %> <%= _('When you receive the paper response, please help @@ -63,16 +63,16 @@ <% end %> <% else %> <% if @incoming_message.recently_arrived %> - <h2><%= _('New response to {{law_used_short}} request',:law_used_short => h(@info_request.law_used_short))%> '<%= request_link @info_request %>'</h2> + <h2><%= _('New response to {{law_used_short}} request',:law_used_short => h(@info_request.law_used_short))%> '<%= request_link @info_request %>'</h2> <% else %> <h2>Response to <%=h(@info_request.law_used_short)%> request '<%= request_link @info_request %>'</h2> <% end %> <% end %> <% if @incoming_message.nil? %> - <%= render :partial => 'correspondence', :locals => { :info_request_event => @info_request.get_last_outgoing_event, :incoming_message => nil } %> + <%= render :partial => 'correspondence', :locals => { :info_request_event => @info_request.get_last_outgoing_event } %> <% else %> - <%= render :partial => 'correspondence', :locals => { :info_request_event => nil, :incoming_message => @incoming_message } %> + <%= render :partial => 'correspondence', :locals => { :info_request_event => @incoming_message.response_event } %> <% end %> <% end %> diff --git a/app/views/request/simple_correspondence.html.erb b/app/views/request/simple_correspondence.html.erb deleted file mode 100644 index 461fa3912..000000000 --- a/app/views/request/simple_correspondence.html.erb +++ /dev/null @@ -1,45 +0,0 @@ -<%= _('This is a plain-text version of the Freedom of Information request "{{request_title}}". The latest, full version is available online at {{full_url}}', :request_title => @info_request.title, :full_url => "http://#{AlaveteliConfiguration::domain}#{show_request_path(:url_title=>@info_request.url_title)}") %>. - -<% for info_request_event in @info_request_events %> -<% - incoming_message = nil - if info_request_event.visible - if !info_request_event.nil? && info_request_event.event_type == 'response' - incoming_message = info_request_event.incoming_message - end - - - if not incoming_message.nil? - if !incoming_message.safe_mail_from.nil? && incoming_message.safe_mail_from.strip != @info_request.public_body.name.strip %> -<%= _('From:') %> <%= incoming_message.safe_mail_from %><% end - if incoming_message.safe_mail_from.nil? || (incoming_message.mail_from_domain == @info_request.public_body.request_email_domain) %>, <%= @info_request.public_body.name %><% end %> -<%= _('To:') %> <% if @info_request.user_name %><%= @info_request.user_name %><% else %><%= "[#{_('An anonymous user')}]"%><% end %> -<%= _('Date:') %> <%= simple_date(incoming_message.sent_at) %> - -<%= incoming_message.get_body_for_quoting %> -<% incoming_message.get_attachments_for_display.each do |a| %> - <%= _('Attachment:') %> <%= a.display_filename %> (<%= a.display_size %>) - <% end %> -<% -elsif [ 'sent', 'followup_sent' ].include?(info_request_event.event_type) - outgoing_message = info_request_event.outgoing_message - %> -<%= _('From:') %> <% if @info_request.user_name %><%= @info_request.user_name %><% else %><%= "[#{_('An anonymous user')}]"%><% end %> -<%= _('To:') %> <%= @info_request.public_body.name %> -<%= _('Date:') %> <%= simple_date(info_request_event.created_at) %> -<% - text = outgoing_message.body.strip - outgoing_message.remove_privacy_sensitive_things!(text) %> - -<%= text %> -<% elsif [ 'resent', 'followup_resent' ].include?(info_request_event.event_type) %> -<%= _('Date:') %> <%= simple_date(info_request_event.created_at) %> -Sent <% if info_request_event.outgoing_message.message_type == 'initial_request' %> request <% elsif info_request_event.outgoing_message.message_type == 'followup' %> a follow up <% else %> <% raise "unknown message_type" %><% end %> to <%= public_body_link(@info_request.public_body) %> again<% if not info_request_event.same_email_as_previous_send? %>, using a new contact address<% end %>. - -<% elsif info_request_event.event_type == 'comment' - comment = info_request_event.comment -%> -<%= _("{{username}} left an annotation:", :username =>comment.user.name) %> (<%= simple_date(comment.created_at || Time.now) %>) -<%= comment.body.strip %> -<% end %> --------------------------------<% end %><% end %> diff --git a/config/deploy.rb b/config/deploy.rb index 3ce1a1969..d26a199c8 100644 --- a/config/deploy.rb +++ b/config/deploy.rb @@ -58,7 +58,6 @@ namespace :deploy do "#{release_path}/files" => "#{shared_path}/files", "#{release_path}/cache" => "#{shared_path}/cache", "#{release_path}/vendor/plugins/acts_as_xapian/xapiandbs" => "#{shared_path}/xapiandbs", - "#{release_path}/public/download" => "#{release_path}/cache/zips/download" } # "ln -sf <a> <b>" creates a symbolic link but deletes <b> if it already exists diff --git a/config/general.yml-example b/config/general.yml-example index 5f3697a36..8e749d9d6 100644 --- a/config/general.yml-example +++ b/config/general.yml-example @@ -147,9 +147,9 @@ GAZE_URL: http://gaze.mysociety.org # The email address to which non-bounce responses should be forwarded FORWARD_NONBOUNCE_RESPONSES_TO: user-support@localhost -# Path to a program that converts a page at a URL to HTML. It should -# take two arguments: the URL, and a path to an output file. A static -# binary of wkhtmltopdf is recommended: +# Path to a program that converts an HTML page in a file to PDF. It +#should take two arguments: the URL, and a path to an output file. +# A static binary of wkhtmltopdf is recommended: # http://code.google.com/p/wkhtmltopdf/downloads/list # If the command is not present, a text-only version will be rendered # instead. diff --git a/config/httpd.conf-example b/config/httpd.conf-example index 1326252f5..dc2e4966e 100644 --- a/config/httpd.conf-example +++ b/config/httpd.conf-example @@ -69,3 +69,13 @@ RewriteRule ^/request/((\d{1,3})\d*)/(response/\d+/attach/(html/)?\d+/.+) /views AddOutputFilterByType DEFLATE font/opentype font/truetype font/eot AddOutputFilterByType DEFLATE image/svg+xml </IFModule> + +# Set the Sendfile header and switch sendfile on - Apache will +# now handle send_file calls from Alaveteli +<Location /> + <IfModule mod_xsendfile.c> + RequestHeader Set X-Sendfile-Type X-Sendfile + XSendFile On + XSendFileAllowAbove On + </IfModule> +</Location> diff --git a/config/initializers/alaveteli.rb b/config/initializers/alaveteli.rb index 6e0cf076c..cebf3a6eb 100644 --- a/config/initializers/alaveteli.rb +++ b/config/initializers/alaveteli.rb @@ -49,6 +49,7 @@ require 'ability' require 'normalize_string' require 'alaveteli_file_types' require 'alaveteli_localization' +require 'message_prominence' AlaveteliLocalization.set_locales(AlaveteliConfiguration::available_locales, AlaveteliConfiguration::default_locale) diff --git a/config/packages b/config/packages index e89ede177..8bb00a849 100644 --- a/config/packages +++ b/config/packages @@ -3,7 +3,6 @@ # alavateli mailing list if you want to change it ruby1.8 ruby -libopenssl-ruby1.8 # needed for Ubuntu 10.04 TLS; included in libruby1.8 in Squeeze rdoc | rdoc1.8 irb | irb1.8 wv @@ -32,7 +31,7 @@ libxml2-dev libxslt-dev uuid-dev ruby1.8-dev -rubygems +rubygems (>= 1.8.15) rake (>= 0.9.2.2) build-essential bundler diff --git a/config/routes.rb b/config/routes.rb index 1df74b669..cadb7ec54 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -187,13 +187,8 @@ Alaveteli::Application.routes.draw do match '/admin/request/edit/:id' => 'admin_request#edit', :as => :admin_request_edit match '/admin/request/update/:id' => 'admin_request#update', :as => :admin_request_update match '/admin/request/destroy/:id' => 'admin_request#fully_destroy', :as => :admin_request_destroy - match '/admin/request/edit_outgoing/:id' => 'admin_request#edit_outgoing', :as => :admin_request_edit_outgoing - match '/admin/request/destroy_outgoing/:id' => 'admin_request#destroy_outgoing', :as => :admin_request_destroy_outgoing - match '/admin/request/update_outgoing/:id' => 'admin_request#update_outgoing', :as => :admin_request_update_outgoing match '/admin/request/edit_comment/:id' => 'admin_request#edit_comment', :as => :admin_request_edit_comment match '/admin/request/update_comment/:id' => 'admin_request#update_comment', :as => :admin_request_update_comment - match '/admin/request/destroy_incoming' => 'admin_request#destroy_incoming', :as => :admin_request_destroy_incoming - match '/admin/request/redeliver_incoming' => 'admin_request#redeliver_incoming', :as => :admin_request_redeliver_incoming match '/admin/request/move_request' => 'admin_request#move_request', :as => :admin_request_move_request match '/admin/request/generate_upload_url/:id' => 'admin_request#generate_upload_url', :as => :admin_request_generate_upload_url match '/admin/request/show_raw_email/:id' => 'admin_request#show_raw_email', :as => :admin_request_show_raw_email @@ -202,6 +197,19 @@ Alaveteli::Application.routes.draw do match '/admin/request/hide/:id' => 'admin_request#hide_request', :as => :admin_request_hide #### + #### AdminIncomingMessage controller + match '/admin/incoming/destroy' => 'admin_incoming_message#destroy', :as => :admin_incoming_destroy + match '/admin/incoming/redeliver' => 'admin_incoming_message#redeliver', :as => :admin_incoming_redeliver + match '/admin/incoming/edit/:id' => 'admin_incoming_message#edit', :as => :admin_incoming_edit + match '/admin/incoming/update/:id' => 'admin_incoming_message#update', :as => :admin_incoming_update + #### + + #### AdminOutgoingMessage controller + match '/admin/outgoing/edit/:id' => 'admin_outgoing_message#edit', :as => :admin_outgoing_edit + match '/admin/outgoing/destroy/:id' => 'admin_outgoing_message#destroy', :as => :admin_outgoing_destroy + match '/admin/outgoing/update/:id' => 'admin_outgoing_message#update', :as => :admin_outgoing_update + #### + #### AdminUser controller match '/admin/user' => 'admin_user#index', :as => :admin_user_index match '/admin/user/list' => 'admin_user#list', :as => :admin_user_list diff --git a/config/test.yml b/config/test.yml index 5c08e928b..b26ca99d4 100644 --- a/config/test.yml +++ b/config/test.yml @@ -108,7 +108,7 @@ ACCELERATOR_PORT: '6081' # mySociety's gazeteer service. Shouldn't change. GAZE_URL: http://gaze.mysociety.org -# Path to a program that converts a page at a URL to HTML. It should +# Path to a program that converts a page in a file to PDF. It should # take two arguments: the URL, and a path to an output file. A static # binary of wkhtmltopdf is recommended: # http://code.google.com/p/wkhtmltopdf/downloads/list diff --git a/db/migrate/20130731142632_remove_prominence_from_info_request_event.rb b/db/migrate/20130731142632_remove_prominence_from_info_request_event.rb new file mode 100644 index 000000000..df0278c20 --- /dev/null +++ b/db/migrate/20130731142632_remove_prominence_from_info_request_event.rb @@ -0,0 +1,9 @@ +class RemoveProminenceFromInfoRequestEvent < ActiveRecord::Migration + def up + remove_column :info_request_events, :prominence + end + + def down + add_column :info_request_events, :prominence, :string, :null => false, :default => 'normal' + end +end diff --git a/db/migrate/20130731145325_add_prominence_to_incoming_message.rb b/db/migrate/20130731145325_add_prominence_to_incoming_message.rb new file mode 100644 index 000000000..01c4906a7 --- /dev/null +++ b/db/migrate/20130731145325_add_prominence_to_incoming_message.rb @@ -0,0 +1,5 @@ +class AddProminenceToIncomingMessage < ActiveRecord::Migration + def change + add_column :incoming_messages, :prominence, :string, :null => false, :default => 'normal' + end +end diff --git a/db/migrate/20130801154033_add_prominence_reason_to_incoming_message.rb b/db/migrate/20130801154033_add_prominence_reason_to_incoming_message.rb new file mode 100644 index 000000000..2d189f658 --- /dev/null +++ b/db/migrate/20130801154033_add_prominence_reason_to_incoming_message.rb @@ -0,0 +1,5 @@ +class AddProminenceReasonToIncomingMessage < ActiveRecord::Migration + def change + add_column :incoming_messages, :prominence_reason, :text + end +end diff --git a/db/migrate/20130822161803_add_prominence_fields_to_outgoing_message.rb b/db/migrate/20130822161803_add_prominence_fields_to_outgoing_message.rb new file mode 100644 index 000000000..a75e0d426 --- /dev/null +++ b/db/migrate/20130822161803_add_prominence_fields_to_outgoing_message.rb @@ -0,0 +1,6 @@ +class AddProminenceFieldsToOutgoingMessage < ActiveRecord::Migration + def change + add_column :outgoing_messages, :prominence, :string, :null => false, :default => 'normal' + add_column :outgoing_messages, :prominence_reason, :text + end +end diff --git a/doc/CHANGES.md b/doc/CHANGES.md index e9a53ddee..1ba87e76c 100644 --- a/doc/CHANGES.md +++ b/doc/CHANGES.md @@ -1,3 +1,18 @@ +#rails-3-develop + +## Highlighted features +* Individual incoming and outgoing messages can be made hidden, or requester_only from the admin interface. +* Zip downloads now can be run in single-threaded instances, and use send_file rather than a redirect to serve up cached zip files. + +## Upgrade notes +* By default, Alaveteli will now serve up request zip files itself, which will occupy a Rails process until the file has been received. To pass these files off to Apache, and free up the Rails process, install the libapache2-mod-xsendfile package, and update your httpd.conf file with the new Sendfile clause at the end of config/httpd.conf-example). +* In your production install, from the Alaveteli directory (as the Alaveteli deploy user), run the following commands to remove the zip download directory from direct access by your webserver, and preserve any cached zip files: +`mkdir cache/zips/production/` +`mv cache/zips/download cache/zips/production/download` +`rm public/download` +* This release upgrades the assumed version of Ubuntu from lucid (10.04) to precise (12.04) +* This release upgrades rubygems in config/packages - version 1.8.15 is available from squeeze-backports on Debian or by default in Ubuntu precise. This upgrade may result in "invalid date format in specification:" errors - these should be fixable by manually deleting the gems specs that are being referenced in the error and re-running rails-post-deploy + # Version 0.13 ## Highlighted features diff --git a/doc/INSTALL.md b/doc/INSTALL.md index ea8871888..e99cb491d 100644 --- a/doc/INSTALL.md +++ b/doc/INSTALL.md @@ -1,4 +1,4 @@ -These instructions assume Debian Squeeze (64-bit) or Ubuntu 10.04 LTS. +These instructions assume Debian Squeeze (64-bit) or Ubuntu 12.04 LTS (precise). [Install instructions for OS X](https://github.com/mysociety/alaveteli/wiki/OS-X-Quickstart) are under development. Debian Squeeze is the best supported deployment platform. @@ -32,6 +32,10 @@ You need to configure [apt-pinning](http://wiki.debian.org/AptPreferences#Pinnin In order to configure apt-pinning and to keep most packages coming from the Debian stable repository while installing the ones required from testing and the mySociety repository you need to run the following commands: echo "Package: *" >> /tmp/preferences + echo "Pin: release a=squeeze-backports">> /tmp/preferences + echo "Pin-Priority: 200" >> /tmp/preferences + echo "" >> /tmp/preferences + echo "Package: *" >> /tmp/preferences echo "Pin: release a=testing">> /tmp/preferences echo "Pin-Priority: 50" >> /tmp/preferences sudo cp /tmp/preferences /etc/apt/ @@ -49,6 +53,7 @@ If you are running Debian, add the following repositories to deb http://debian.mysociety.org squeeze main deb http://ftp.debian.org/debian/ testing main non-free contrib + deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free The repositories above allow us to install the packages `wkhtmltopdf-static` and `bundler` using `apt`; so if you're running diff --git a/lib/ability.rb b/lib/ability.rb index 2865ccb1c..f63845e84 100644 --- a/lib/ability.rb +++ b/lib/ability.rb @@ -2,4 +2,15 @@ module Ability def self.can_update_request_state?(user, request) (user && request.is_old_unclassified?) || request.is_owning_user?(user) end -end
\ No newline at end of file + + def self.can_view_with_prominence?(prominence, info_request, user) + if prominence == 'hidden' + return User.view_hidden?(user) + end + if prominence == 'requester_only' + return info_request.is_owning_user?(user) + end + return true + end + +end diff --git a/lib/message_prominence.rb b/lib/message_prominence.rb new file mode 100644 index 000000000..8f54fcc95 --- /dev/null +++ b/lib/message_prominence.rb @@ -0,0 +1,26 @@ +module MessageProminence + + def has_prominence + send :include, InstanceMethods + cattr_accessor :prominence_states + self.prominence_states = ['normal', 'hidden','requester_only'] + validates_inclusion_of :prominence, :in => self.prominence_states + end + + module InstanceMethods + + def user_can_view?(user) + Ability.can_view_with_prominence?(self.prominence, self.info_request, user) + end + + def indexed_by_search? + self.prominence == 'normal' + end + + def all_can_view? + self.prominence == 'normal' + end + + end +end + diff --git a/public/stylesheets/print.css b/public/stylesheets/print.css index 89be21019..6f29c18da 100644 --- a/public/stylesheets/print.css +++ b/public/stylesheets/print.css @@ -18,9 +18,11 @@ p.event_actions, div#after_actions, #right_column, #banner, +.admin .navbar, #header_right, #describe_state_form_1, -#describe_state_form_2 input[type=submit], +#describe_state_form_2, +.attachment_image, #footer { display: none; } diff --git a/script/rails-post-deploy b/script/rails-post-deploy index 6eca2f68f..de950311c 100755 --- a/script/rails-post-deploy +++ b/script/rails-post-deploy @@ -46,12 +46,6 @@ else fi mkdir -p log fi -# link the "downloads" directory in the cache to somewhere it can be served -if [ ! -e "$TOP_DIR/public/download" ] -then - mkdir -p "$TOP_DIR/cache/zips/download" - ln -s "../cache/zips/download" "$TOP_DIR/public/" -fi cd log touch development.log fastcgi.crash.log production.log test.log diff --git a/spec/controllers/admin_incoming_message_controller_spec.rb b/spec/controllers/admin_incoming_message_controller_spec.rb new file mode 100644 index 000000000..b969a8a3f --- /dev/null +++ b/spec/controllers/admin_incoming_message_controller_spec.rb @@ -0,0 +1,144 @@ +require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') + +describe AdminIncomingMessageController, "when administering incoming messages" do + + describe 'when destroying an incoming message' do + + before(:each) do + basic_auth_login @request + load_raw_emails_data + end + + before do + @im = incoming_messages(:useless_incoming_message) + @controller.stub!(:expire_for_request) + end + + it "destroys the raw email file" do + raw_email = @im.raw_email.filepath + assert_equal File.exists?(raw_email), true + post :destroy, :incoming_message_id => @im.id + assert_equal File.exists?(raw_email), false + end + + it 'asks the incoming message to fully destroy itself' do + IncomingMessage.stub!(:find).and_return(@im) + @im.should_receive(:fully_destroy) + post :destroy, :incoming_message_id => @im.id + end + + it 'expires the file cache for the associated info_request' do + @controller.should_receive(:expire_for_request).with(@im.info_request) + post :destroy, :incoming_message_id => @im.id + end + + end + + describe 'when redelivering an incoming message' do + + before(:each) do + basic_auth_login @request + load_raw_emails_data + end + + it 'expires the file cache for the previous request' do + current_info_request = info_requests(:fancy_dog_request) + destination_info_request = info_requests(:naughty_chicken_request) + incoming_message = incoming_messages(:useless_incoming_message) + @controller.should_receive(:expire_for_request).with(current_info_request) + post :redeliver, :redeliver_incoming_message_id => incoming_message.id, + :url_title => destination_info_request.url_title + end + + + end + + describe 'when editing an incoming message' do + + before do + @incoming = FactoryGirl.create(:incoming_message) + end + + it 'should be successful' do + get :edit, :id => @incoming.id + response.should be_success + end + + it 'should assign the incoming message to the view' do + get :edit, :id => @incoming.id + assigns[:incoming_message].should == @incoming + end + + end + + describe 'when updating an incoming message' do + + before do + @incoming = FactoryGirl.create(:incoming_message, :prominence => 'normal') + @default_params = {:id => @incoming.id, + :incoming_message => {:prominence => 'hidden', + :prominence_reason => 'dull'} } + end + + def make_request(params=@default_params) + post :update, params + end + + it 'should save the prominence of the message' do + make_request + @incoming.reload + @incoming.prominence.should == 'hidden' + end + + it 'should save a prominence reason for the message' do + make_request + @incoming.reload + @incoming.prominence_reason.should == 'dull' + end + + it 'should log an "edit_incoming" event on the info_request' do + @controller.stub!(:admin_current_user).and_return("Admin user") + make_request + @incoming.reload + last_event = @incoming.info_request_events.last + last_event.event_type.should == 'edit_incoming' + last_event.params.should == { :incoming_message_id => @incoming.id, + :editor => "Admin user", + :old_prominence => "normal", + :prominence => "hidden", + :old_prominence_reason => nil, + :prominence_reason => "dull" } + end + + it 'should expire the file cache for the info request' do + @controller.should_receive(:expire_for_request).with(@incoming.info_request) + make_request + end + + context 'if the incoming message saves correctly' do + + it 'should redirect to the admin info request view' do + make_request + response.should redirect_to admin_request_show_url(@incoming.info_request) + end + + it 'should show a message that the incoming message has been updated' do + make_request + flash[:notice].should == 'Incoming message successfully updated.' + end + + end + + context 'if the incoming message is not valid' do + + it 'should render the edit template' do + make_request({:id => @incoming.id, + :incoming_message => {:prominence => 'fantastic', + :prominence_reason => 'dull'}}) + response.should render_template("edit") + end + + end + end + +end diff --git a/spec/controllers/admin_outgoing_message_controller_spec.rb b/spec/controllers/admin_outgoing_message_controller_spec.rb new file mode 100644 index 000000000..0dde53b86 --- /dev/null +++ b/spec/controllers/admin_outgoing_message_controller_spec.rb @@ -0,0 +1,105 @@ +require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') + +describe AdminOutgoingMessageController do + + describe 'when editing an outgoing message' do + + before do + @info_request = FactoryGirl.create(:info_request) + @outgoing = @info_request.outgoing_messages.first + end + + it 'should be successful' do + get :edit, :id => @outgoing.id + response.should be_success + end + + it 'should assign the incoming message to the view' do + get :edit, :id => @outgoing.id + assigns[:outgoing_message].should == @outgoing + end + + end + + describe 'when updating an outgoing message' do + + before do + @info_request = FactoryGirl.create(:info_request) + @outgoing = @info_request.outgoing_messages.first + @default_params = {:id => @outgoing.id, + :outgoing_message => {:prominence => 'hidden', + :prominence_reason => 'dull', + :body => 'changed body'} } + end + + def make_request(params=@default_params) + post :update, params + end + + it 'should save a change to the body of the message' do + make_request + @outgoing.reload + @outgoing.body.should == 'changed body' + end + + it 'should save the prominence of the message' do + make_request + @outgoing.reload + @outgoing.prominence.should == 'hidden' + end + + it 'should save a prominence reason for the message' do + make_request + @outgoing.reload + @outgoing.prominence_reason.should == 'dull' + end + + it 'should log an "edit_outgoing" event on the info_request' do + @controller.stub!(:admin_current_user).and_return("Admin user") + make_request + @info_request.reload + last_event = @info_request.info_request_events.last + last_event.event_type.should == 'edit_outgoing' + last_event.params.should == { :outgoing_message_id => @outgoing.id, + :editor => "Admin user", + :old_prominence => "normal", + :prominence => "hidden", + :old_prominence_reason => nil, + :old_body => 'Some information please', + :body => 'changed body', + :prominence_reason => "dull" } + end + + it 'should expire the file cache for the info request' do + @controller.should_receive(:expire_for_request).with(@info_request) + make_request + end + + context 'if the outgoing message saves correctly' do + + it 'should redirect to the admin info request view' do + make_request + response.should redirect_to admin_request_show_url(@info_request) + end + + it 'should show a message that the incoming message has been updated' do + make_request + flash[:notice].should == 'Outgoing message successfully updated.' + end + + end + + context 'if the incoming message is not valid' do + + it 'should render the edit template' do + make_request({:id => @outgoing.id, + :outgoing_message => {:prominence => 'fantastic', + :prominence_reason => 'dull', + :body => 'Some information please'}}) + response.should render_template("edit") + end + + end + end + +end diff --git a/spec/controllers/admin_request_controller_spec.rb b/spec/controllers/admin_request_controller_spec.rb index b7b726507..c374ff90d 100644 --- a/spec/controllers/admin_request_controller_spec.rb +++ b/spec/controllers/admin_request_controller_spec.rb @@ -52,18 +52,6 @@ describe AdminRequestController, "when administering requests" do end - it "edits an outgoing message" do - get :edit_outgoing, :id => outgoing_messages(:useless_outgoing_message) - end - - it "saves edits to an outgoing_message" do - outgoing_messages(:useless_outgoing_message).body.should include("fancy dog") - post :update_outgoing, { :id => outgoing_messages(:useless_outgoing_message), :outgoing_message => { :body => "Why do you have such a delicious cat?" } } - request.flash[:notice].should include('successful') - ir = OutgoingMessage.find(outgoing_messages(:useless_outgoing_message).id) - ir.body.should include("delicious cat") - end - describe 'when fully destroying a request' do it 'expires the file cache for that request' do @@ -89,59 +77,10 @@ describe AdminRequestController, "when administering the holding pen" do ir.handle_rejected_responses = 'holding_pen' ir.save! receive_incoming_mail('incoming-request-plain.email', ir.incoming_email, "frob@nowhere.com") - get :show_raw_email, :id => InfoRequest.holding_pen_request.get_last_response.raw_email.id + get :show_raw_email, :id => InfoRequest.holding_pen_request.get_last_public_response.raw_email.id response.should contain "Only the authority can reply to this request" end - it "allows redelivery even to a closed request" do - ir = info_requests(:fancy_dog_request) - ir.allow_new_responses_from = 'nobody' - ir.handle_rejected_responses = 'holding_pen' - ir.save! - InfoRequest.holding_pen_request.incoming_messages.length.should == 0 - ir.incoming_messages.length.should == 1 - receive_incoming_mail('incoming-request-plain.email', ir.incoming_email, "frob@nowhere.com") - InfoRequest.holding_pen_request.incoming_messages.length.should == 1 - new_im = InfoRequest.holding_pen_request.incoming_messages[0] - ir.incoming_messages.length.should == 1 - post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => ir.url_title - ir = InfoRequest.find_by_url_title(ir.url_title) - ir.incoming_messages.length.should == 2 - response.should redirect_to(:controller=>'admin_request', :action=>'show', :id=>101) - InfoRequest.holding_pen_request.incoming_messages.length.should == 0 - end - - it "allows redelivery to more than one request" do - ir1 = info_requests(:fancy_dog_request) - ir1.allow_new_responses_from = 'nobody' - ir1.handle_rejected_responses = 'holding_pen' - ir1.save! - ir1.incoming_messages.length.should == 1 - ir2 = info_requests(:another_boring_request) - ir2.incoming_messages.length.should == 1 - - receive_incoming_mail('incoming-request-plain.email', ir1.incoming_email, "frob@nowhere.com") - InfoRequest.holding_pen_request.incoming_messages.length.should == 1 - - new_im = InfoRequest.holding_pen_request.incoming_messages[0] - post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => "#{ir1.url_title},#{ir2.url_title}" - ir1.reload - ir1.incoming_messages.length.should == 2 - ir2.reload - ir2.incoming_messages.length.should == 2 - response.should redirect_to(:controller=>'admin_request', :action=>'show', :id=>ir2.id) - InfoRequest.holding_pen_request.incoming_messages.length.should == 0 - end - - it 'expires the file cache for the previous request' do - current_info_request = info_requests(:fancy_dog_request) - destination_info_request = info_requests(:naughty_chicken_request) - incoming_message = incoming_messages(:useless_incoming_message) - @controller.should_receive(:expire_for_request).with(current_info_request) - post :redeliver_incoming, :redeliver_incoming_message_id => incoming_message.id, - :url_title => destination_info_request.url_title - end - it "guesses a misdirected request" do ir = info_requests(:fancy_dog_request) ir.handle_rejected_responses = 'holding_pen' @@ -149,7 +88,8 @@ describe AdminRequestController, "when administering the holding pen" do ir.save! mail_to = "request-#{ir.id}-asdfg@example.com" receive_incoming_mail('incoming-request-plain.email', mail_to) - interesting_email = InfoRequest.holding_pen_request.get_last_response.raw_email.id + interesting_email = InfoRequest.holding_pen_request.get_last_public_response +.raw_email.id # now we add another message to the queue, which we're not interested in receive_incoming_mail('incoming-request-plain.email', ir.incoming_email, "") InfoRequest.holding_pen_request.incoming_messages.length.should == 2 @@ -158,32 +98,7 @@ describe AdminRequestController, "when administering the holding pen" do assigns[:info_requests][0].should == ir end - describe 'when destroying an incoming message' do - - before do - @im = incoming_messages(:useless_incoming_message) - @controller.stub!(:expire_for_request) - end - - it "destroys the raw email file" do - raw_email = @im.raw_email.filepath - assert_equal File.exists?(raw_email), true - post :destroy_incoming, :incoming_message_id => @im.id - assert_equal File.exists?(raw_email), false - end - - it 'asks the incoming message to fully destroy itself' do - IncomingMessage.stub!(:find).and_return(@im) - @im.should_receive(:fully_destroy) - post :destroy_incoming, :incoming_message_id => @im.id - end - it 'expires the file cache for the associated info_request' do - @controller.should_receive(:expire_for_request).with(@im.info_request) - post :destroy_incoming, :incoming_message_id => @im.id - end - - end it "shows a suitable default 'your email has been hidden' message" do ir = info_requests(:fancy_dog_request) diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index 9c4e16c67..d190b0db7 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -191,7 +191,6 @@ describe RequestController, "when showing one request" do before(:each) do load_raw_emails_data - FileUtils.rm_rf File.join(File.dirname(__FILE__), "../../cache/zips") end it "should be successful" do @@ -768,194 +767,221 @@ describe RequestController, "when showing one request" do end end - describe 'when making a zipfile available' do - it 'should return a 410 for a request that is hidden' do - title = 'why_do_you_have_such_a_fancy_dog' - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! - get :download_entire_request, {:url_title => title}, { :user_id => ir.user.id } - response.should render_template('request/hidden') - response.code.should == '410' - end - - it "should have a different zipfile URL when the request changes" do - title = 'why_do_you_have_such_a_fancy_dog' - ir = info_requests(:fancy_dog_request) - session[:user_id] = ir.user.id # bob_smith_user - get :download_entire_request, :url_title => title - assigns[:url_path].should contain /#{title}.zip$/ - old_path = assigns[:url_path] - response.location.should contain /#{assigns[:url_path]}$/ - zipfile = Zip::ZipFile.open(File.join(File.dirname(__FILE__), "../../cache/zips", old_path)) { |zipfile| - zipfile.count.should == 1 # just the message - } - receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) - get :download_entire_request, :url_title => title - assigns[:url_path].should contain /#{title}.zip$/ - old_path = assigns[:url_path] - response.location.should contain /#{assigns[:url_path]}$/ - zipfile = Zip::ZipFile.open(File.join(File.dirname(__FILE__), "../../cache/zips", old_path)) { |zipfile| - zipfile.count.should == 3 # the message plus two "hello-world.txt" files - } - - # The path of the zip file is based on the hash of the timestamp of the last request - # in the thread, so we wait for a second to make sure this one will have a different - # timestamp than the previous. - sleep 1 - receive_incoming_mail('incoming-request-attachment-unknown-extension.email', ir.incoming_email) - get :download_entire_request, :url_title => title - assigns[:url_path].should contain /#{title}.zip$/ - assigns[:url_path].should_not == old_path - response.location.should contain assigns[:url_path] - zipfile = Zip::ZipFile.open(File.join(File.dirname(__FILE__), "../../cache/zips", assigns[:url_path])) { |zipfile| - zipfile.count.should == 4 # the message, two hello-world.txt plus the unknown attachment - } - end - - it 'should successfully make a zipfile for an external request' do - info_request = info_requests(:external_request) - get :download_entire_request, { :url_title => info_request.url_title }, - { :user_id => users(:bob_smith_user) } - response.location.should contain /#{assigns[:url_path]}$/ - end - end end end -describe RequestController, "when changing prominence of a request" do - before(:each) do - load_raw_emails_data +describe RequestController, "when handling prominence" do + + def expect_hidden(hidden_template) + response.content_type.should == "text/html" + response.should render_template(hidden_template) + response.code.should == '403' end - it "should not show hidden requests" do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! + context 'when the request is hidden' do - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.should render_template('hidden') - end + before(:each) do + @info_request = FactoryGirl.create(:info_request_with_incoming_attachments, + :prominence => 'hidden') + end - it "should not show hidden requests even if logged in as their owner" do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! + it "should not show request if you're not logged in" do + get :show, :url_title => @info_request.url_title + expect_hidden('hidden') + end - session[:user_id] = ir.user.id # bob_smith_user - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.should render_template('hidden') - end + it "should not show request even if logged in as their owner" do + session[:user_id] = @info_request.user.id + get :show, :url_title => @info_request.url_title + expect_hidden('hidden') + end - it 'should not show hidden requests if requested using json' do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! + it 'should not show request if requested using json' do + session[:user_id] = @info_request.user.id + get :show, :url_title => @info_request.url_title, :format => 'json' + response.code.should == '403' + end - session[:user_id] = ir.user.id # bob_smith_user - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog', :format => 'json' - response.code.should == '410' - end + it "should show request if logged in as super user" do + session[:user_id] = FactoryGirl.create(:admin_user) + get :show, :url_title => @info_request.url_title + response.should render_template('show') + end - it "should show hidden requests if logged in as super user" do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! + it "should not download attachments" do + incoming_message = @info_request.incoming_messages.first + get :get_attachment, :incoming_message_id => incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + expect_hidden('request/hidden') + end + + it 'should not generate an HTML version of an attachment for a request whose prominence + is hidden even for an admin but should return a 404' do + session[:user_id] = FactoryGirl.create(:admin_user) + incoming_message = @info_request.incoming_messages.first + lambda do + get :get_attachment_as_html, :incoming_message_id => incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf' + end.should raise_error(ActiveRecord::RecordNotFound) + end - session[:user_id] = users(:admin_user) - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.should render_template('show') end - it "should not show requester_only requests if you're not logged in" do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'requester_only' - ir.save! + context 'when the request is requester_only' do - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.should render_template('hidden') - end + before(:each) do + @info_request = FactoryGirl.create(:info_request_with_incoming_attachments, + :prominence => 'requester_only') + end - it "should show requester_only requests to requester and admin if logged in" do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'requester_only' - ir.save! + it "should not show request if you're not logged in" do + get :show, :url_title => @info_request.url_title + expect_hidden('hidden') + end - session[:user_id] = users(:silly_name_user).id - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.should render_template('hidden') + it "should show request to requester and admin if logged in" do + session[:user_id] = FactoryGirl.create(:user).id + get :show, :url_title => @info_request.url_title + expect_hidden('hidden') - session[:user_id] = ir.user.id # bob_smith_user - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.should render_template('show') + session[:user_id] = @info_request.user.id + get :show, :url_title => @info_request.url_title + response.should render_template('show') - session[:user_id] = users(:admin_user).id - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.should render_template('show') - end + session[:user_id] = FactoryGirl.create(:admin_user).id + get :show, :url_title => @info_request.url_title + response.should render_template('show') + end - it 'should not cache an attachment on a request whose prominence is requester_only when showing - the request to the requester or admin' do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'requester_only' - ir.save! - session[:user_id] = ir.user.id # bob_smith_user - @controller.should_not_receive(:foi_fragment_cache_write) - get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' + it 'should not cache an attachment when showing an attachment to the requester or admin' do + session[:user_id] = @info_request.user.id + incoming_message = @info_request.incoming_messages.first + @controller.should_not_receive(:foi_fragment_cache_write) + get :get_attachment, :incoming_message_id => incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf' + end end - it "should not download attachments if hidden" do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! - receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) + context 'when the incoming message has prominence hidden' do + + before(:each) do + @incoming_message = FactoryGirl.create(:incoming_message_with_attachments, + :prominence => 'hidden') + @info_request = @incoming_message.info_request + end + + it "should not download attachments for a non-logged in user" do + get :get_attachment, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + expect_hidden('request/hidden_correspondence') + end + + it 'should not download attachments for the request owner' do + session[:user_id] = @info_request.user.id + get :get_attachment, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + expect_hidden('request/hidden_correspondence') + end + + it 'should download attachments for an admin user', :focus => true do + session[:user_id] = FactoryGirl.create(:admin_user).id + get :get_attachment, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + response.content_type.should == 'application/pdf' + response.should be_success + end + + it 'should not generate an HTML version of an attachment for a request whose prominence + is hidden even for an admin but should return a 404' do + session[:user_id] = FactoryGirl.create(:admin_user).id + lambda do + get :get_attachment_as_html, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + end.should raise_error(ActiveRecord::RecordNotFound) + end + + it 'should not cache an attachment when showing an attachment to the requester or admin' do + session[:user_id] = @info_request.user.id + @controller.should_not_receive(:foi_fragment_cache_write) + get :get_attachment, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf' + end - get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, - :id => ir.id, - :part => 2, - :skip_cache => 1 - response.content_type.should == "text/html" - response.should_not contain "Second hello" - response.should render_template('request/hidden') - get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, - :id => ir.id, - :part => 3, - :skip_cache => 1 - response.content_type.should == "text/html" - response.should_not contain "First hello" - response.should render_template('request/hidden') - response.code.should == '410' end - it 'should not generate an HTML version of an attachment whose prominence is hidden/requester - only even for the requester or an admin but should return a 404' do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! - receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) - session[:user_id] = users(:admin_user).id - lambda do - get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id, - :id => ir.id, - :part => 2, - :file_name => 'hello world.txt' - end.should raise_error(ActiveRecord::RecordNotFound) - end - - it 'should not generate an HTML version of an attachment whose prominence is hidden/requester - only even for the requester or an admin but should return a 404' do - ir = info_requests(:fancy_dog_request) - ir.prominence = 'hidden' - ir.save! - receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) - session[:user_id] = users(:admin_user).id - lambda do - get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id, - :id => ir.id, - :part => 2, - :file_name => 'hello world.txt' - end.should raise_error(ActiveRecord::RecordNotFound) + context 'when the incoming message has prominence requester_only' do + + before(:each) do + @incoming_message = FactoryGirl.create(:incoming_message_with_attachments, + :prominence => 'requester_only') + @info_request = @incoming_message.info_request + end + + it "should not download attachments for a non-logged in user" do + get :get_attachment, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + expect_hidden('request/hidden_correspondence') + end + + it 'should download attachments for the request owner' do + session[:user_id] = @info_request.user.id + get :get_attachment, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + response.content_type.should == 'application/pdf' + response.should be_success + end + + it 'should download attachments for an admin user', :focus => true do + session[:user_id] = FactoryGirl.create(:admin_user).id + get :get_attachment, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + response.content_type.should == 'application/pdf' + response.should be_success + end + + it 'should not generate an HTML version of an attachment for a request whose prominence + is hidden even for an admin but should return a 404' do + session[:user_id] = FactoryGirl.create(:admin_user) + lambda do + get :get_attachment_as_html, :incoming_message_id => @incoming_message.id, + :id => @info_request.id, + :part => 2, + :file_name => 'interesting.pdf', + :skip_cache => 1 + end.should raise_error(ActiveRecord::RecordNotFound) + end + end end @@ -1293,12 +1319,12 @@ describe RequestController, "when viewing an individual response for reply/follo response.should render_template('request/hidden') end - it 'should respond to a json request for a hidden request with a 410 code and no body' do + it 'should respond to a json request for a hidden request with a 403 code and no body' do get :show_response, :id => info_requests(:fancy_dog_request).id, :incoming_message_id => incoming_messages(:useless_incoming_message), :format => 'json' - response.code.should == '410' + response.code.should == '403' end end @@ -1572,7 +1598,7 @@ describe RequestController, "when classifying an information request" do @dog_request.reload @dog_request.awaiting_description.should == false @dog_request.described_state.should == 'rejected' - @dog_request.get_last_response_event.should == info_request_events(:useless_incoming_message_event) + @dog_request.get_last_public_response_event.should == info_request_events(:useless_incoming_message_event) @dog_request.info_request_events.last.event_type.should == "status_update" @dog_request.info_request_events.last.calculated_state.should == 'rejected' end @@ -1725,13 +1751,13 @@ describe RequestController, "when classifying an information request" do it 'should redirect to the "response url" when there is a last response' do incoming_message = mock_model(IncomingMessage) - @dog_request.stub!(:get_last_response).and_return(incoming_message) + @dog_request.stub!(:get_last_public_response).and_return(incoming_message) expect_redirect('waiting_clarification', "request/#{@dog_request.id}/response/#{incoming_message.id}") end it 'should redirect to the "response no followup url" when there are no events needing description' do - @dog_request.stub!(:get_last_response).and_return(nil) + @dog_request.stub!(:get_last_public_response).and_return(nil) expect_redirect('waiting_clarification', "request/#{@dog_request.id}/response") end @@ -1770,7 +1796,7 @@ describe RequestController, "when classifying an information request" do context 'when status is updated to "gone postal"' do it 'should redirect to the "respond to last url"' do - expect_redirect('gone_postal', "request/#{@dog_request.id}/response/#{@dog_request.get_last_response.id}?gone_postal=1") + expect_redirect('gone_postal', "request/#{@dog_request.id}/response/#{@dog_request.get_last_public_response.id}?gone_postal=1") end end @@ -1812,7 +1838,7 @@ describe RequestController, "when classifying an information request" do context 'when status is updated to "user_withdrawn"' do it 'should redirect to the "respond to last url url" ' do - expect_redirect('user_withdrawn', "request/#{@dog_request.id}/response/#{@dog_request.get_last_response.id}") + expect_redirect('user_withdrawn', "request/#{@dog_request.id}/response/#{@dog_request.get_last_public_response.id}") end end @@ -1865,7 +1891,7 @@ describe RequestController, "when sending a followup message" do # fake that this is a clarification info_requests(:fancy_dog_request).set_described_state('waiting_clarification') info_requests(:fancy_dog_request).described_state.should == 'waiting_clarification' - info_requests(:fancy_dog_request).get_last_response_event.calculated_state.should == 'waiting_clarification' + info_requests(:fancy_dog_request).get_last_public_response_event.calculated_state.should == 'waiting_clarification' # make the followup session[:user_id] = users(:bob_smith_user).id @@ -1883,7 +1909,7 @@ describe RequestController, "when sending a followup message" do # and that the status changed info_requests(:fancy_dog_request).reload info_requests(:fancy_dog_request).described_state.should == 'waiting_response' - info_requests(:fancy_dog_request).get_last_response_event.calculated_state.should == 'waiting_clarification' + info_requests(:fancy_dog_request).get_last_public_response_event.calculated_state.should == 'waiting_clarification' end it "should give an error if the same followup is submitted twice" do @@ -2456,7 +2482,9 @@ describe RequestController, "when caching fragments" do :info_request_id => 132, :id => 44, :get_attachments_for_display => nil, - :html_mask_stuff! => nil) + :html_mask_stuff! => nil, + :user_can_view? => true, + :all_can_view? => true) attachment = mock(FoiAttachment, :display_filename => long_name, :body_as_html => ['some text', 'wrapper']) IncomingMessage.stub!(:find).with("44").and_return(incoming_message) diff --git a/spec/factories.rb b/spec/factories.rb new file mode 100644 index 000000000..653525920 --- /dev/null +++ b/spec/factories.rb @@ -0,0 +1,140 @@ +FactoryGirl.define do + + sequence(:email) { |n| "person#{n}@example.com" } + sequence(:name) { |n| "Example Public Body #{n}" } + sequence(:short_name) { |n| "Example Body #{n}" } + + factory :foi_attachment do + factory :body_text do + content_type 'text/plain' + body { 'hereisthetext' } + end + factory :pdf_attachment do + content_type 'application/pdf' + filename 'interesting.pdf' + body { load_file_fixture('interesting.pdf') } + end + end + + factory :incoming_message do + info_request + raw_email + last_parsed { 1.week.ago } + sent_at { 1.week.ago } + + after_create do |incoming_message, evaluator| + FactoryGirl.create(:body_text, + :incoming_message => incoming_message, + :url_part_number => 1) + end + + factory :plain_incoming_message do + last_parsed { nil } + sent_at { nil } + after_create do |incoming_message, evaluator| + data = load_file_fixture('incoming-request-plain.email') + data.gsub!('EMAIL_FROM', 'Bob Responder <bob@example.com>') + incoming_message.raw_email.data = data + incoming_message.raw_email.save! + end + end + + factory :incoming_message_with_attachments do + # foi_attachments_count is declared as an ignored attribute and available in + # attributes on the factory, as well as the callback via the evaluator + ignore do + foi_attachments_count 2 + end + + # the after(:create) yields two values; the incoming_message instance itself and the + # evaluator, which stores all values from the factory, including ignored + # attributes; + after_create do |incoming_message, evaluator| + evaluator.foi_attachments_count.times do |count| + FactoryGirl.create(:pdf_attachment, + :incoming_message => incoming_message, + :url_part_number => count+2) + end + end + end + end + + factory :raw_email + + factory :outgoing_message do + factory :initial_request do + ignore do + status 'ready' + message_type 'initial_request' + body 'Some information please' + what_doing 'normal_sort' + end + initialize_with { OutgoingMessage.new({ :status => status, + :message_type => message_type, + :body => body, + :what_doing => what_doing }) } + after_create do |outgoing_message| + outgoing_message.send_message + end + end + end + + factory :info_request do + title "Example Title" + public_body + user + + after_create do |info_request, evaluator| + FactoryGirl.create(:initial_request, :info_request => info_request) + end + + factory :info_request_with_incoming do + after_create do |info_request, evaluator| + incoming_message = FactoryGirl.create(:incoming_message, :info_request => info_request) + info_request.log_event("response", {:incoming_message_id => incoming_message.id}) + end + end + + factory :info_request_with_plain_incoming do + after_create do |info_request, evaluator| + incoming_message = FactoryGirl.create(:plain_incoming_message, :info_request => info_request) + info_request.log_event("response", {:incoming_message_id => incoming_message.id}) + end + end + + factory :info_request_with_incoming_attachments do + after_create do |info_request, evaluator| + incoming_message = FactoryGirl.create(:incoming_message_with_attachments, :info_request => info_request) + info_request.log_event("response", {:incoming_message_id => incoming_message.id}) + end + end + + factory :external_request do + user nil + external_user_name 'External User' + external_url 'http://www.example.org/request/external' + end + + end + + factory :user do + name 'Example User' + email + salt "-6116981980.392287733335677" + hashed_password '6b7cd45a5f35fd83febc0452a799530398bfb6e8' # jonespassword + email_confirmed true + factory :admin_user do + name 'Admin User' + admin_level 'super' + end + end + + factory :public_body do + name + short_name + request_email 'request@example.com' + last_edit_editor "admin user" + last_edit_comment "Making an edit" + end + +end diff --git a/spec/fixtures/comments.yml b/spec/fixtures/comments.yml index b73385a55..44db44d54 100644 --- a/spec/fixtures/comments.yml +++ b/spec/fixtures/comments.yml @@ -1,3 +1,18 @@ +# == Schema Information +# +# Table name: comments +# +# id :integer not null, primary key +# user_id :integer not null +# comment_type :string(255) default("internal_error"), not null +# info_request_id :integer +# body :text not null +# visible :boolean default(TRUE), not null +# created_at :datetime not null +# updated_at :datetime not null +# locale :text default(""), not null +# + silly_comment: visible: t updated_at: 2008-08-13 01:25:17.486939 diff --git a/spec/fixtures/files/interesting.pdf b/spec/fixtures/files/interesting.pdf Binary files differnew file mode 100644 index 000000000..17f543455 --- /dev/null +++ b/spec/fixtures/files/interesting.pdf diff --git a/spec/fixtures/holidays.yml b/spec/fixtures/holidays.yml index 5a3d018bc..e6b8889c3 100644 --- a/spec/fixtures/holidays.yml +++ b/spec/fixtures/holidays.yml @@ -1,3 +1,12 @@ +# == Schema Information +# +# Table name: holidays +# +# id :integer not null, primary key +# day :date +# description :text +# + date20071130: id: '1' day: '2007-11-30' diff --git a/spec/fixtures/incoming_messages.yml b/spec/fixtures/incoming_messages.yml index fca5c716c..0bf392be1 100644 --- a/spec/fixtures/incoming_messages.yml +++ b/spec/fixtures/incoming_messages.yml @@ -1,3 +1,25 @@ +# == Schema Information +# +# Table name: incoming_messages +# +# id :integer not null, primary key +# info_request_id :integer not null +# created_at :datetime not null +# updated_at :datetime not null +# raw_email_id :integer not null +# cached_attachment_text_clipped :text +# cached_main_body_text_folded :text +# cached_main_body_text_unfolded :text +# subject :text +# mail_from_domain :text +# valid_to_reply_to :boolean +# last_parsed :datetime +# mail_from :text +# sent_at :datetime +# prominence :string(255) default("normal"), not null +# prominence_reason :text +# + useless_incoming_message: id: 1 info_request_id: 101 diff --git a/spec/fixtures/info_request_events.yml b/spec/fixtures/info_request_events.yml index 3907703d8..b2f40cc37 100644 --- a/spec/fixtures/info_request_events.yml +++ b/spec/fixtures/info_request_events.yml @@ -1,3 +1,20 @@ +# == Schema Information +# +# Table name: info_request_events +# +# id :integer not null, primary key +# info_request_id :integer not null +# event_type :text not null +# params_yaml :text not null +# created_at :datetime not null +# described_state :string(255) +# calculated_state :string(255) +# last_described_at :datetime +# incoming_message_id :integer +# outgoing_message_id :integer +# comment_id :integer +# + useless_outgoing_message_event: id: 900 params_yaml: "--- \n\ diff --git a/spec/fixtures/info_requests.yml b/spec/fixtures/info_requests.yml index 97effd036..d64807a49 100644 --- a/spec/fixtures/info_requests.yml +++ b/spec/fixtures/info_requests.yml @@ -1,3 +1,27 @@ +# == Schema Information +# +# Table name: info_requests +# +# id :integer not null, primary key +# title :text not null +# user_id :integer +# public_body_id :integer not null +# created_at :datetime not null +# updated_at :datetime not null +# described_state :string(255) not null +# awaiting_description :boolean default(FALSE), not null +# prominence :string(255) default("normal"), not null +# url_title :text not null +# law_used :string(255) default("foi"), not null +# allow_new_responses_from :string(255) default("anybody"), not null +# handle_rejected_responses :string(255) default("bounce"), not null +# idhash :string(255) not null +# external_user_name :string(255) +# external_url :string(255) +# attention_requested :boolean default(FALSE) +# comments_allowed :boolean default(TRUE), not null +# + fancy_dog_request: id: 101 title: Why do you have & such a fancy dog? diff --git a/spec/fixtures/locale/en/app.po b/spec/fixtures/locale/en/app.po index ee5c8d9c8..6d5bca1f9 100644 --- a/spec/fixtures/locale/en/app.po +++ b/spec/fixtures/locale/en/app.po @@ -1417,10 +1417,6 @@ msgstr "" msgid "InfoRequestEvent|Params yaml" msgstr "" -#: locale/model_attributes.rb:41 -msgid "InfoRequestEvent|Prominence" -msgstr "" - #: locale/model_attributes.rb:102 msgid "InfoRequest|Allow new responses from" msgstr "" diff --git a/spec/fixtures/locale/en_GB/app.po b/spec/fixtures/locale/en_GB/app.po index 84997a319..f106273a0 100644 --- a/spec/fixtures/locale/en_GB/app.po +++ b/spec/fixtures/locale/en_GB/app.po @@ -1417,10 +1417,6 @@ msgstr "" msgid "InfoRequestEvent|Params yaml" msgstr "" -#: locale/model_attributes.rb:41 -msgid "InfoRequestEvent|Prominence" -msgstr "" - #: locale/model_attributes.rb:102 msgid "InfoRequest|Allow new responses from" msgstr "" diff --git a/spec/fixtures/locale/es/app.po b/spec/fixtures/locale/es/app.po index d45d9b3b1..2e0f4302a 100644 --- a/spec/fixtures/locale/es/app.po +++ b/spec/fixtures/locale/es/app.po @@ -1553,10 +1553,6 @@ msgstr "InfoRequestEvent|Last described at" msgid "InfoRequestEvent|Params yaml" msgstr "InfoRequestEvent|Params yaml" -#: locale/model_attributes.rb:41 -msgid "InfoRequestEvent|Prominence" -msgstr "InfoRequestEvent|Prominence" - #: locale/model_attributes.rb:102 msgid "InfoRequest|Allow new responses from" msgstr "InfoRequest|Allow new responses from" diff --git a/spec/fixtures/outgoing_messages.yml b/spec/fixtures/outgoing_messages.yml index c71ee08bf..971ce0cc5 100644 --- a/spec/fixtures/outgoing_messages.yml +++ b/spec/fixtures/outgoing_messages.yml @@ -1,3 +1,19 @@ +# == Schema Information +# +# Table name: outgoing_messages +# +# id :integer not null, primary key +# info_request_id :integer not null +# body :text not null +# status :string(255) not null +# message_type :string(255) not null +# created_at :datetime not null +# updated_at :datetime not null +# last_sent_at :datetime +# incoming_message_followup_id :integer +# what_doing :string(255) not null +# + useless_outgoing_message: id: 1 info_request_id: 101 diff --git a/spec/fixtures/public_bodies.yml b/spec/fixtures/public_bodies.yml index 6eae53db8..1fa016d3a 100644 --- a/spec/fixtures/public_bodies.yml +++ b/spec/fixtures/public_bodies.yml @@ -1,3 +1,26 @@ +# == Schema Information +# +# Table name: public_bodies +# +# id :integer not null, primary key +# name :text not null +# short_name :text not null +# request_email :text not null +# version :integer not null +# last_edit_editor :string(255) not null +# last_edit_comment :text not null +# created_at :datetime not null +# updated_at :datetime not null +# url_name :text not null +# home_page :text default(""), not null +# notes :text default(""), not null +# first_letter :string(255) not null +# publication_scheme :text default(""), not null +# api_key :string(255) not null +# info_requests_count :integer default(0), not null +# disclosure_log :text default(""), not null +# + geraldine_public_body: name: The Geraldine Quango first_letter: T diff --git a/spec/fixtures/raw_emails.yml b/spec/fixtures/raw_emails.yml index ad2bc0a63..efdadde7b 100644 --- a/spec/fixtures/raw_emails.yml +++ b/spec/fixtures/raw_emails.yml @@ -1,3 +1,10 @@ +# == Schema Information +# +# Table name: raw_emails +# +# id :integer not null, primary key +# + # The actual email messages are in fixtures/files/raw_emails # # Note that the words "money" and "bob" are used in some tests diff --git a/spec/fixtures/track_things.yml b/spec/fixtures/track_things.yml index 1c4b323fd..61f1ed532 100644 --- a/spec/fixtures/track_things.yml +++ b/spec/fixtures/track_things.yml @@ -1,3 +1,19 @@ +# == Schema Information +# +# Table name: track_things +# +# id :integer not null, primary key +# tracking_user_id :integer not null +# track_query :string(255) not null +# info_request_id :integer +# tracked_user_id :integer +# public_body_id :integer +# track_medium :string(255) not null +# track_type :string(255) default("internal_error"), not null +# created_at :datetime +# updated_at :datetime +# + track_fancy_dog_request: id: "10" track_query: request:why_do_you_have_such_a_fancy_dog diff --git a/spec/fixtures/users.yml b/spec/fixtures/users.yml index c9730d855..d996fd31e 100644 --- a/spec/fixtures/users.yml +++ b/spec/fixtures/users.yml @@ -1,3 +1,29 @@ +# == Schema Information +# +# Table name: users +# +# id :integer not null, primary key +# email :string(255) not null +# name :string(255) not null +# hashed_password :string(255) not null +# salt :string(255) not null +# created_at :datetime not null +# updated_at :datetime not null +# email_confirmed :boolean default(FALSE), not null +# url_name :text not null +# last_daily_track_email :datetime default(2000-01-01 00:00:00 UTC) +# admin_level :string(255) default("none"), not null +# ban_text :text default(""), not null +# about_me :text default(""), not null +# locale :string(255) +# email_bounced_at :datetime +# email_bounce_message :text default(""), not null +# no_limit :boolean default(FALSE), not null +# receive_email_alerts :boolean default(TRUE), not null +# address :string(255) +# dob :date +# + bob_smith_user: id: "1" name: Bob Smith diff --git a/spec/integration/admin_spec.rb b/spec/integration/admin_spec.rb index 8a5e59ba2..8e6351d2c 100644 --- a/spec/integration/admin_spec.rb +++ b/spec/integration/admin_spec.rb @@ -1,21 +1,74 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') - -require "base64" +require File.expand_path(File.dirname(__FILE__) + '/alaveteli_dsl') describe "When administering the site" do + + before do + AlaveteliConfiguration.stub!(:skip_admin_auth).and_return(false) + end + it "allows an admin to log in as another user" do # First log in as Joe Admin - admin_user = users(:admin_user) - admin_user.email_confirmed = true - admin_user.save! - post_via_redirect "/profile/sign_in", :user_signin => {:email => admin_user.email, :password => "jonespassword"} - response.should be_success - + confirm(:admin_user) + admin = login(:admin_user) + # Now fetch the "log in as" link to log in as Bob - get_via_redirect "/admin/user/login_as/#{users(:bob_smith_user).id}", nil, { - "Authorization" => "Basic " + Base64.encode64("#{AlaveteliConfiguration::admin_username}:#{AlaveteliConfiguration::admin_password}").strip - } - response.should be_success - session[:user_id].should == users(:bob_smith_user).id + admin.get_via_redirect "/en/admin/user/login_as/#{users(:bob_smith_user).id}" + admin.response.should be_success + admin.session[:user_id].should == users(:bob_smith_user).id + end + + it 'does not allow a non-admin user to login as another user' do + robin = login(:robin_user) + robin.get_via_redirect "/en/admin/user/login_as/#{users(:bob_smith_user).id}" + robin.response.should be_success + robin.session[:user_id].should_not == users(:bob_smith_user).id + end + + it "allows redelivery of an incoming message to a closed request" do + confirm(:admin_user) + admin = login(:admin_user) + ir = info_requests(:fancy_dog_request) + close_request(ir) + InfoRequest.holding_pen_request.incoming_messages.length.should == 0 + ir.incoming_messages.length.should == 1 + receive_incoming_mail('incoming-request-plain.email', ir.incoming_email, "frob@nowhere.com") + InfoRequest.holding_pen_request.incoming_messages.length.should == 1 + new_im = InfoRequest.holding_pen_request.incoming_messages[0] + ir.incoming_messages.length.should == 1 + post_params = {'redeliver_incoming_message_id' => new_im.id, + 'url_title' => ir.url_title} + admin.post '/en/admin/incoming/redeliver', post_params + admin.response.location.should == 'http://www.example.com/en/admin/request/show/101' + ir = InfoRequest.find_by_url_title(ir.url_title) + ir.incoming_messages.length.should == 2 + + InfoRequest.holding_pen_request.incoming_messages.length.should == 0 + end + + it "allows redelivery of an incoming message to more than one request" do + confirm(:admin_user) + admin = login(:admin_user) + + ir1 = info_requests(:fancy_dog_request) + close_request(ir1) + ir1.incoming_messages.length.should == 1 + ir2 = info_requests(:another_boring_request) + ir2.incoming_messages.length.should == 1 + + receive_incoming_mail('incoming-request-plain.email', ir1.incoming_email, "frob@nowhere.com") + InfoRequest.holding_pen_request.incoming_messages.length.should == 1 + + new_im = InfoRequest.holding_pen_request.incoming_messages[0] + post_params = {'redeliver_incoming_message_id' => new_im.id, + 'url_title' => "#{ir1.url_title},#{ir2.url_title}"} + admin.post '/en/admin/incoming/redeliver', post_params + ir1.reload + ir1.incoming_messages.length.should == 2 + ir2.reload + ir2.incoming_messages.length.should == 2 + admin.response.location.should == 'http://www.example.com/en/admin/request/show/106' + InfoRequest.holding_pen_request.incoming_messages.length.should == 0 end + end diff --git a/spec/integration/alaveteli_dsl.rb b/spec/integration/alaveteli_dsl.rb new file mode 100644 index 000000000..119bb05a0 --- /dev/null +++ b/spec/integration/alaveteli_dsl.rb @@ -0,0 +1,68 @@ +module AlaveteliDsl + + def browses_request(url_title) + get "/request/#{url_title}" + assert_response :success + end + + def creates_request_unregistered + params = { :info_request => { :public_body_id => public_bodies(:geraldine_public_body).id, + :title => "Why is your quango called Geraldine?", + :tag_string => "" }, + :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." }, + :submitted_new_request => 1, + :preview => 0 + } + + # Initially we are not logged in. Try to create a new request. + post "/new", params + # We expect to be redirected to the login page + post_redirect = PostRedirect.get_last_post_redirect + response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) + follow_redirect! + response.should render_template("user/sign") + response.body.should match(/To send your FOI request, please sign in or make a new account./) + end + +end + +def login(user) + open_session do |sess| + # Make sure we get a fresh empty session - there seems to be some + # problem with session leakage otherwise + sess.reset! + sess.extend(AlaveteliDsl) + + if user.is_a? User + u = user + else + u = users(user) + end + sess.visit signin_path + sess.fill_in "Your e-mail:", :with => u.email + sess.fill_in "Password:", :with => "jonespassword" + sess.click_button "Sign in" + assert sess.session[:user_id] == u.id + end +end + +def without_login + open_session do |sess| + sess.extend(AlaveteliDsl) + end +end + +def confirm(user) + u = users(user) + u.email_confirmed = true + u.save! +end + +def close_request(request) + request.allow_new_responses_from = 'nobody' + request.handle_rejected_responses = 'holding_pen' + request.save! +end + + + diff --git a/spec/integration/create_request_spec.rb b/spec/integration/create_request_spec.rb index 4efbf94ee..84fad12f9 100644 --- a/spec/integration/create_request_spec.rb +++ b/spec/integration/create_request_spec.rb @@ -1,51 +1,36 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') +require File.expand_path(File.dirname(__FILE__) + '/alaveteli_dsl') describe "When creating requests" do - def create_request_unregistered - params = { :info_request => { :public_body_id => public_bodies(:geraldine_public_body).id, - :title => "Why is your quango called Geraldine?", - :tag_string => "" }, - :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." }, - :submitted_new_request => 1, - :preview => 0 - } - - # Initially we are not logged in. Try to create a new request. - post "/new", params - # We expect to be redirected to the login page - post_redirect = PostRedirect.get_last_post_redirect - response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) - follow_redirect! - response.should render_template("user/sign") - response.body.should match(/To send your FOI request, please sign in or make a new account./) - end + it "should associate the request with the requestor, even if it is approved by an admin" do + + unregistered = without_login # This is a test for https://github.com/mysociety/alaveteli/issues/446 - create_request_unregistered + unregistered.creates_request_unregistered post_redirect = PostRedirect.get_last_post_redirect # Now log in as an unconfirmed user. - post "/profile/sign_in", :user_signin => {:email => users(:unconfirmed_user).email, :password => "jonespassword"}, :token => post_redirect.token + unregistered.post "/profile/sign_in", :user_signin => {:email => users(:unconfirmed_user).email, :password => "jonespassword"}, :token => post_redirect.token # This will trigger a confirmation mail. Get the PostRedirect for later. - response.should render_template("user/confirm") + unregistered.response.body.should match('Now check your email!') post_redirect = PostRedirect.get_last_post_redirect + # Now log in as an admin user, then follow the confirmation link in the email that was sent to the unconfirmed user - admin_user = users(:admin_user) - admin_user.email_confirmed = true - admin_user.save! - post_via_redirect "/profile/sign_in", :user_signin => {:email => admin_user.email, :password => "jonespassword"} - response.should be_success - get "/c/" + post_redirect.email_token - follow_redirect! - response.location.should =~ %r(/request/(.+)/new) - response.location =~ %r(/request/(.+)/new) + confirm(:admin_user) + admin = login(:admin_user) + admin.get "/c/" + post_redirect.email_token + admin.follow_redirect! + admin.response.location.should =~ %r(/request/(.+)/new) + admin.response.location =~ %r(/request/(.+)/new) url_title = $1 info_request = InfoRequest.find_by_url_title(url_title) info_request.should_not be_nil # Make sure the request is still owned by the user who made it, not the admin who confirmed it info_request.user_id.should == users(:unconfirmed_user).id + end end diff --git a/spec/integration/download_request_spec.rb b/spec/integration/download_request_spec.rb new file mode 100644 index 000000000..638198cde --- /dev/null +++ b/spec/integration/download_request_spec.rb @@ -0,0 +1,324 @@ +require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') +require File.expand_path(File.dirname(__FILE__) + '/alaveteli_dsl') + +describe 'when making a zipfile available' do + + after do + FileUtils.rm_rf(InfoRequest.download_zip_dir) + end + + def inspect_zip_download(session, info_request) + session.get_via_redirect "request/#{info_request.url_title}/download" + session.response.should be_success + Tempfile.open('download') do |f| + f.binmode + f.write(session.response.body) + f.flush + Zip::ZipFile::open(f.path) do |zip| + yield zip + end + end + end + + def sleep_and_receive_mail(name, info_request) + # The path of the zip file is based on the hash of the timestamp of the last request + # in the thread, so we wait for a second to make sure this one will have a different + # timestamp than the previous. + sleep 1 + receive_incoming_mail(name, info_request.incoming_email) + end + + context 'when an html to pdf converter is supplied' do + + before do + # We want to test the contents of the pdf, and we don't know whether a particular + # instance will have a working html_to_pdf tool, so just copy the HTML rendered + # to the PDF file for the purposes of checking it doesn't contain anything that + # shouldn't be there. + AlaveteliConfiguration.stub!(:html_to_pdf_command).and_return('/bin/cp') + end + + context 'when an incoming message is made "requester_only"' do + + it 'should not include the incoming message or attachments in a download of the entire request + by a non-request owner but should retain them for owner and admin' do + + # Non-owner can download zip with incoming and attachments + non_owner = login(FactoryGirl.create(:user)) + info_request = FactoryGirl.create(:info_request_with_incoming_attachments) + + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 3 + zip.read('correspondence.pdf').should match('hereisthetext') + end + + # Admin makes the incoming message requester only + admin = login(FactoryGirl.create(:admin_user)) + post_data = {:incoming_message => {:prominence => 'requester_only', + :prominence_reason => 'boring'}} + admin.post_via_redirect "/en/admin/incoming/update/#{info_request.incoming_messages.first.id}", post_data + admin.response.should be_success + + # Admin retains the requester only things + inspect_zip_download(admin, info_request) do |zip| + zip.count.should == 3 + zip.read('correspondence.pdf').should match('hereisthetext') + end + + # Zip for non owner is now without requester_only things + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 1 + correspondence_text = zip.read('correspondence.pdf') + correspondence_text.should_not match('hereisthetext') + expected_text = "This message has been hidden.\n boring" + correspondence_text.should match(expected_text) + end + + # Requester retains the requester only things + owner = login(info_request.user) + inspect_zip_download(owner, info_request) do |zip| + zip.count.should == 3 + zip.read('correspondence.pdf').should match('hereisthetext') + end + + end + + end + + context 'when an outgoing message is made "requester_only"' do + + it 'should not include the outgoing message in a download of the entire request + by a non-request owner but should retain them for owner and admin' do + + # Non-owner can download zip with outgoing + non_owner = login(FactoryGirl.create(:user)) + info_request = FactoryGirl.create(:info_request) + + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.pdf').should match('Some information please') + end + + # Admin makes the incoming message requester only + admin = login(FactoryGirl.create(:admin_user)) + post_data = {:outgoing_message => {:prominence => 'requester_only', + :prominence_reason => 'boring', + :body => 'Some information please'}} + admin.post_via_redirect "/en/admin/outgoing/update/#{info_request.outgoing_messages.first.id}", post_data + admin.response.should be_success + + # Admin retains the requester only things + inspect_zip_download(admin, info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.pdf').should match('Some information please') + end + + # Zip for non owner is now without requester_only things + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 1 + correspondence_text = zip.read('correspondence.pdf') + correspondence_text.should_not match('Some information please') + expected_text = "This message has been hidden.\n boring" + correspondence_text.should match(expected_text) + end + + # Requester retains the requester only things + owner = login(info_request.user) + inspect_zip_download(owner, info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.pdf').should match('Some information please') + end + + end + + end + + end + + context 'when no html to pdf converter is supplied' do + + before do + AlaveteliConfiguration.stub!(:html_to_pdf_command).and_return('') + end + + it "should update the contents of the zipfile when the request changes" do + + info_request = FactoryGirl.create(:info_request_with_incoming) + request_owner = login(info_request.user) + inspect_zip_download(request_owner, info_request) do |zip| + zip.count.should == 1 # just the message + expected = 'This is a plain-text version of the Freedom of Information request "Example Title"' + zip.read('correspondence.txt').should match expected + end + + sleep_and_receive_mail('incoming-request-two-same-name.email', info_request) + + inspect_zip_download(request_owner, info_request) do |zip| + zip.count.should == 3 # the message plus two "hello-world.txt" files + zip.read('2_2_hello world.txt').should match('Second hello') + zip.read('2_3_hello world.txt').should match('First hello') + end + + sleep_and_receive_mail('incoming-request-attachment-unknown-extension.email', info_request) + + inspect_zip_download(request_owner, info_request) do |zip| + zip.count.should == 4 # the message plus two "hello-world.txt" files, and the new attachment + zip.read('3_2_hello.qwglhm').should match('This is an unusual') + end + end + + context 'when a request is "requester_only"' do + + before do + @non_owner = login(FactoryGirl.create(:user)) + @info_request = FactoryGirl.create(:info_request_with_incoming, + :prominence => 'requester_only') + @request_owner = login(@info_request.user) + @admin = login(FactoryGirl.create(:admin_user)) + end + + + it 'should allow a download of the request by the request owner and admin only' do + # Requester can access the zip + inspect_zip_download(@request_owner, @info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.txt').should match('hereisthetext') + end + # Non-owner can't + @non_owner.get_via_redirect "request/#{@info_request.url_title}/download" + @non_owner.response.code.should == '403' + # Admin can + inspect_zip_download(@admin, @info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.txt').should match('hereisthetext') + end + end + end + + context 'when a request is "hidden"' do + + it 'should not allow a download of the request by an admin only' do + @non_owner = login(FactoryGirl.create(:user)) + @info_request = FactoryGirl.create(:info_request_with_incoming, + :prominence => 'hidden') + @request_owner = login(@info_request.user) + @admin = login(FactoryGirl.create(:admin_user)) + + # Requester can't access the zip + @request_owner.get_via_redirect "request/#{@info_request.url_title}/download" + @request_owner.response.code.should == '403' + # Non-owner can't + @non_owner.get_via_redirect "request/#{@info_request.url_title}/download" + @non_owner.response.code.should == '403' + # Admin can + inspect_zip_download(@admin, @info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.txt').should match('hereisthetext') + end + end + + end + + context 'when an incoming message is made "requester_only"' do + + it 'should not include the incoming message or attachments in a download of the entire request + by a non-request owner but should retain them for owner and admin' do + + # Non-owner can download zip with outgoing + non_owner = login(FactoryGirl.create(:user)) + info_request = FactoryGirl.create(:info_request_with_incoming_attachments) + + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 3 + zip.read('correspondence.txt').should match('hereisthetext') + end + + # Admin makes the incoming message requester only + admin = login(FactoryGirl.create(:admin_user)) + post_data = {:incoming_message => {:prominence => 'requester_only', + :prominence_reason => 'boring'}} + admin.post_via_redirect "/en/admin/incoming/update/#{info_request.incoming_messages.first.id}", post_data + admin.response.should be_success + + # Admin retains the requester only things + inspect_zip_download(admin, info_request) do |zip| + zip.count.should == 3 + zip.read('correspondence.txt').should match('hereisthetext') + end + + # Zip for non owner is now without requester_only things + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 1 + correspondence_text = zip.read('correspondence.txt') + correspondence_text.should_not match('hereisthetext') + expected_text = 'This message has been hidden. boring' + correspondence_text.should match(expected_text) + end + + # Requester retains the requester only things + owner = login(info_request.user) + inspect_zip_download(owner, info_request) do |zip| + zip.count.should == 3 + zip.read('correspondence.txt').should match('hereisthetext') + end + + end + + end + + context 'when an outgoing message is made "requester_only"' do + + it 'should not include the outgoing message in a download of the entire request + by a non-request owner but should retain them for owner and admin' do + + # Non-owner can download zip with incoming and attachments + non_owner = login(FactoryGirl.create(:user)) + info_request = FactoryGirl.create(:info_request) + + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.txt').should match('Some information please') + end + + # Admin makes the incoming message requester only + admin = login(FactoryGirl.create(:admin_user)) + post_data = {:outgoing_message => {:prominence => 'requester_only', + :prominence_reason => 'boring', + :body => 'Some information please'}} + admin.post_via_redirect "/en/admin/outgoing/update/#{info_request.outgoing_messages.first.id}", post_data + admin.response.should be_success + + # Admin retains the requester only things + inspect_zip_download(admin, info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.txt').should match('Some information please') + end + + # Zip for non owner is now without requester_only things + inspect_zip_download(non_owner, info_request) do |zip| + zip.count.should == 1 + correspondence_text = zip.read('correspondence.txt') + correspondence_text.should_not match('Some information please') + expected_text = 'This message has been hidden. boring' + correspondence_text.should match(expected_text) + end + + # Requester retains the requester only things + owner = login(info_request.user) + inspect_zip_download(owner, info_request) do |zip| + zip.count.should == 1 + zip.read('correspondence.txt').should match('Some information please') + end + + end + + end + + it 'should successfully make a zipfile for an external request' do + external_request = FactoryGirl.create(:external_request) + user = login(FactoryGirl.create(:user)) + inspect_zip_download(user, external_request){ |zip| zip.count.should == 1 } + end + end + +end diff --git a/spec/integration/request_controller_spec.rb b/spec/integration/request_controller_spec.rb index 9e585448b..f5de692b8 100644 --- a/spec/integration/request_controller_spec.rb +++ b/spec/integration/request_controller_spec.rb @@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') +require File.expand_path(File.dirname(__FILE__) + '/alaveteli_dsl') describe RequestController, "when classifying an information request" do @@ -16,26 +17,22 @@ describe RequestController, "when classifying an information request" do describe 'when logged in as the requestor' do before :each do - @request_owner = @dog_request.user - visit signin_path - fill_in "Your e-mail:", :with => @request_owner.email - fill_in "Password:", :with => "jonespassword" - click_button "Sign in" + @bob = login(:bob_smith_user) end it "should send an email including the message" do - visit describe_state_message_path(:url_title => @dog_request.url_title, + @bob.visit describe_state_message_path(:url_title => @dog_request.url_title, :described_state => "requires_admin") - fill_in "Please tell us more:", :with => "Okay. I don't quite understand." - click_button "Submit status and send message" + @bob.fill_in "Please tell us more:", :with => "Okay. I don't quite understand." + @bob.click_button "Submit status and send message" - response.should contain "Thank you! We'll look into what happened and try and fix it up." + @bob.response.should contain "Thank you! We'll look into what happened and try and fix it up." deliveries = ActionMailer::Base.deliveries deliveries.size.should == 1 mail = deliveries[0] mail.body.should =~ /as needing admin/ - mail.body.should =~ /Okay. I don't quite understand./ + mail.body.should =~ /Okay. I don't quite understand./ end end end diff --git a/spec/integration/view_request_spec.rb b/spec/integration/view_request_spec.rb index 3d646cfe7..814e20fb3 100644 --- a/spec/integration/view_request_spec.rb +++ b/spec/integration/view_request_spec.rb @@ -1,23 +1,169 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') +require File.expand_path(File.dirname(__FILE__) + '/alaveteli_dsl') describe "When viewing requests" do - before(:each) do - load_raw_emails_data + before do + @info_request = FactoryGirl.create(:info_request) + @unregistered = without_login end it "should not make endlessly recursive JSON <link>s" do - @dog_request = info_requests(:fancy_dog_request) - get "request/#{@dog_request.url_title}?unfold=1" - response.body.should_not include("dog?unfold=1.json") - response.body.should include("dog.json?unfold=1") + @unregistered.browses_request("#{@info_request.url_title}?unfold=1") + @unregistered.response.body.should_not include("#{@info_request.url_title}?unfold=1.json") + @unregistered.response.body.should include("#{@info_request.url_title}.json?unfold=1") end it 'should not raise a routing error when making a json link for a request with an "action" querystring param' do - @dog_request = info_requests(:fancy_dog_request) - get "request/#{@dog_request.url_title}?action=add" - response.should be_success + @unregistered.browses_request("#{@info_request.url_title}?action=add") + end + + context 'when a response has prominence "normal"' do + + before do + @info_request = FactoryGirl.create(:info_request_with_incoming) + end + + it 'should show the message itself to any user' do + + # unregistered + unregistered = without_login + unregistered.browses_request(@info_request.url_title) + unregistered.response.body.should include("hereisthetext") + unregistered.response.body.should_not include("This message has been hidden.") + unregistered.response.body.should_not include("sign in</a> to view the message.") + + # requester + owner = login(@info_request.user) + owner.browses_request(@info_request.url_title) + owner.response.body.should include("hereisthetext") + owner.response.body.should_not include("This message has been hidden.") + + # admin + admin_user = login(FactoryGirl.create(:admin_user)) + admin_user.browses_request(@info_request.url_title) + admin_user.response.body.should include("hereisthetext") + admin_user.response.body.should_not include("This message has prominence \'hidden\'.") + + end + + end + + context 'when a response has prominence "hidden"' do + + before do + @info_request = FactoryGirl.create(:info_request_with_incoming) + message = @info_request.incoming_messages.first + message.prominence = 'hidden' + message.prominence_reason = 'It is too irritating.' + message.save! + end + + it 'should show a hidden notice, not the message, to an unregistered user or the requester and + the message itself to an admin ' do + + # unregistered + unregistered = without_login + unregistered.browses_request(@info_request.url_title) + unregistered.response.body.should include("This message has been hidden.") + unregistered.response.body.should include("It is too irritating.") + unregistered.response.body.should_not include("sign in</a> to view the message.") + unregistered.response.body.should_not include("hereisthetext") + + # requester + owner = login(@info_request.user) + owner.browses_request(@info_request.url_title) + owner.response.body.should include("This message has been hidden.") + owner.response.body.should include("It is too irritating") + owner.response.body.should_not include("hereisthetext") + + # admin + admin_user = login(FactoryGirl.create(:admin_user)) + admin_user.browses_request(@info_request.url_title) + admin_user.response.body.should include('hereisthetext') + admin_user.response.body.should include("This message has prominence \'hidden\'.") + admin_user.response.body.should include("It is too irritating.") + admin_user.response.body.should include("You can only see it because you are logged in as a super user.") + + end + + end + + context 'when a response has prominence "requester_only"' do + + before do + @info_request = FactoryGirl.create(:info_request_with_incoming) + message = @info_request.incoming_messages.first + message.prominence = 'requester_only' + message.prominence_reason = 'It is too irritating.' + message.save! + end + + it 'should show a hidden notice with login link to an unregistered user, and the message itself + with a hidden note to the requester or an admin' do + + # unregistered + unregistered = without_login + unregistered.browses_request(@info_request.url_title) + unregistered.response.body.should include("This message has been hidden.") + unregistered.response.body.should include("It is too irritating") + unregistered.response.body.should include("sign in</a> to view the message.") + unregistered.response.body.should_not include("hereisthetext") + + # requester + owner = login(@info_request.user) + owner.browses_request(@info_request.url_title) + owner.response.body.should include("hereisthetext") + owner.response.body.should include("This message is hidden, so that only you, the requester, can see it.") + owner.response.body.should include("It is too irritating.") + + # admin + admin_user = login(FactoryGirl.create(:admin_user)) + admin_user.browses_request(@info_request.url_title) + admin_user.response.body.should include('hereisthetext') + admin_user.response.body.should_not include("This message has been hidden.") + admin_user.response.body.should include("This message is hidden, so that only you, the requester, can see it.") + end + + end + + context 'when an outgoing message has prominence "requester_only"' do + + before do + @info_request = FactoryGirl.create(:info_request) + message = @info_request.outgoing_messages.first + message.prominence = 'requester_only' + message.prominence_reason = 'It is too irritating.' + message.save! + end + + it 'should show a hidden notice with login link to an unregistered user, and the message itself + with a hidden note to the requester or an admin' do + + # unregistered + unregistered = without_login + unregistered.browses_request(@info_request.url_title) + unregistered.response.body.should include("This message has been hidden.") + unregistered.response.body.should include("It is too irritating") + unregistered.response.body.should include("sign in</a> to view the message.") + unregistered.response.body.should_not include("Some information please") + + # requester + owner = login(@info_request.user) + owner.browses_request(@info_request.url_title) + owner.response.body.should include("Some information please") + owner.response.body.should include("This message is hidden, so that only you, the requester, can see it.") + owner.response.body.should include("It is too irritating.") + + # admin + admin_user = login(FactoryGirl.create(:admin_user)) + admin_user.browses_request(@info_request.url_title) + admin_user.response.body.should include('Some information please') + admin_user.response.body.should_not include("This message has been hidden.") + admin_user.response.body.should include("This message is hidden, so that only you, the requester, can see it.") + end + end end diff --git a/spec/mailers/request_mailer_spec.rb b/spec/mailers/request_mailer_spec.rb index 23806b35b..4e0765921 100644 --- a/spec/mailers/request_mailer_spec.rb +++ b/spec/mailers/request_mailer_spec.rb @@ -204,10 +204,10 @@ describe RequestMailer, "when sending reminders to requesters to classify a resp before do Time.stub!(:now).and_return(Time.utc(2007, 11, 12, 23, 59)) @mock_event = mock_model(InfoRequestEvent) - @mock_response = mock_model(IncomingMessage) + @mock_response = mock_model(IncomingMessage, :user_can_view? => true) @mock_user = mock_model(User) - @mock_request = mock_model(InfoRequest, :get_last_response_event_id => @mock_event.id, - :get_last_response => @mock_response, + @mock_request = mock_model(InfoRequest, :get_last_public_response_event_id => @mock_event.id, + :get_last_public_response => @mock_response, :user_id => 2, :url_title => 'test_title', :user => @mock_user) @@ -230,10 +230,12 @@ describe RequestMailer, "when sending reminders to requesters to classify a resp it 'should ask for all requests that are awaiting description and whose latest response is older than the number of days given and that are not the holding pen' do expected_conditions = [ "awaiting_description = ? - AND (SELECT created_at - FROM info_request_events - WHERE info_request_events.info_request_id = info_requests.id - AND info_request_events.event_type = 'response' + AND (SELECT info_request_events.created_at + FROM info_request_events, incoming_messages + WHERE info_request_events.info_request_id = info_requests.id + AND info_request_events.event_type = 'response' + AND incoming_messages.id = info_request_events.incoming_message_id + AND incoming_messages.prominence = 'normal' ORDER BY created_at desc LIMIT 1) < ? AND url_title != 'holding_pen' AND user_id IS NOT NULL".split(' ').join(' '), @@ -252,7 +254,7 @@ describe RequestMailer, "when sending reminders to requesters to classify a resp end it 'should raise an error if a request does not have a last response event id' do - @mock_request.stub!(:get_last_response_event_id).and_return(nil) + @mock_request.stub!(:get_last_public_response_event_id).and_return(nil) expected_message = "internal error, no last response while making alert new response reminder, request id #{@mock_request.id}" lambda{ send_alerts }.should raise_error(expected_message) end @@ -289,7 +291,7 @@ describe RequestMailer, "when sending reminders to requesters to classify a resp mock_sent_alert.should_receive(:info_request=).with(@mock_request) mock_sent_alert.should_receive(:user=).with(@mock_user) mock_sent_alert.should_receive(:alert_type=).with('new_response_reminder_1') - mock_sent_alert.should_receive(:info_request_event_id=).with(@mock_request.get_last_response_event_id) + mock_sent_alert.should_receive(:info_request_event_id=).with(@mock_request.get_last_public_response_event_id) mock_sent_alert.should_receive(:save!) send_alerts end diff --git a/spec/models/censor_rule_spec.rb b/spec/models/censor_rule_spec.rb index 3782cc630..5b41cc0d4 100644 --- a/spec/models/censor_rule_spec.rb +++ b/spec/models/censor_rule_spec.rb @@ -1,3 +1,20 @@ +# == Schema Information +# +# Table name: censor_rules +# +# id :integer not null, primary key +# info_request_id :integer +# user_id :integer +# public_body_id :integer +# text :text not null +# replacement :text not null +# last_edit_editor :string(255) not null +# last_edit_comment :text not null +# created_at :datetime not null +# updated_at :datetime not null +# regexp :boolean +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe CensorRule, "substituting things" do diff --git a/spec/models/foi_attachment_spec.rb b/spec/models/foi_attachment_spec.rb index 9b0115c44..882723d1e 100644 --- a/spec/models/foi_attachment_spec.rb +++ b/spec/models/foi_attachment_spec.rb @@ -1,3 +1,18 @@ +# == Schema Information +# +# Table name: foi_attachments +# +# id :integer not null, primary key +# content_type :text +# filename :text +# charset :text +# display_size :text +# url_part_number :integer +# within_rfc822_subject :text +# incoming_message_id :integer +# hexdigest :string(32) +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe FoiAttachment do diff --git a/spec/models/holiday_spec.rb b/spec/models/holiday_spec.rb index 5d3f76d24..89849abb7 100644 --- a/spec/models/holiday_spec.rb +++ b/spec/models/holiday_spec.rb @@ -1,3 +1,12 @@ +# == Schema Information +# +# Table name: holidays +# +# id :integer not null, primary key +# day :date +# description :text +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe Holiday, " when calculating due date" do diff --git a/spec/models/incoming_message_spec.rb b/spec/models/incoming_message_spec.rb index ff6a8e34e..c0a7e5340 100644 --- a/spec/models/incoming_message_spec.rb +++ b/spec/models/incoming_message_spec.rb @@ -1,6 +1,140 @@ # coding: utf-8 +# == Schema Information +# +# Table name: incoming_messages +# +# id :integer not null, primary key +# info_request_id :integer not null +# created_at :datetime not null +# updated_at :datetime not null +# raw_email_id :integer not null +# cached_attachment_text_clipped :text +# cached_main_body_text_folded :text +# cached_main_body_text_unfolded :text +# subject :text +# mail_from_domain :text +# valid_to_reply_to :boolean +# last_parsed :datetime +# mail_from :text +# sent_at :datetime +# prominence :string(255) default("normal"), not null +# prominence_reason :text +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') +describe IncomingMessage, 'when validating' do + + it 'should be valid with valid prominence values' do + ['hidden', 'requester_only', 'normal'].each do |prominence| + incoming_message = IncomingMessage.new(:raw_email => RawEmail.new, + :info_request => InfoRequest.new, + :prominence => prominence) + incoming_message.valid?.should be_true + end + end + + it 'should not be valid with an invalid prominence value' do + incoming_message = IncomingMessage.new(:raw_email => RawEmail.new, + :info_request => InfoRequest.new, + :prominence => 'norman') + incoming_message.valid?.should be_false + end + +end + +describe IncomingMessage, 'when getting a response event' do + + it 'should return an event with event_type "response"' do + incoming_message = IncomingMessage.new + ['comment', 'response'].each do |event_type| + incoming_message.info_request_events << InfoRequestEvent.new(:event_type => event_type) + end + incoming_message.response_event.event_type.should == 'response' + end + +end + +describe IncomingMessage, 'when asked if a user can view it' do + + before do + @user = mock_model(User) + @info_request = mock_model(InfoRequest) + @incoming_message = IncomingMessage.new(:info_request => @info_request) + end + + context 'if the prominence is hidden' do + + before do + @incoming_message.prominence = 'hidden' + end + + it 'should return true if the user can view hidden things' do + User.stub!(:view_hidden?).with(@user).and_return(true) + @incoming_message.user_can_view?(@user).should be_true + end + + it 'should return false if the user cannot view hidden things' do + User.stub!(:view_hidden?).with(@user).and_return(false) + @incoming_message.user_can_view?(@user).should be_false + end + + end + + context 'if the prominence is requester_only' do + + before do + @incoming_message.prominence = 'requester_only' + end + + it 'should return true if the user owns the associated request' do + @info_request.stub!(:is_owning_user?).with(@user).and_return(true) + @incoming_message.user_can_view?(@user).should be_true + end + + it 'should return false if the user does not own the associated request' do + @info_request.stub!(:is_owning_user?).with(@user).and_return(false) + @incoming_message.user_can_view?(@user).should be_false + end + end + + context 'if the prominence is normal' do + + before do + @incoming_message.prominence = 'normal' + end + + it 'should return true' do + @incoming_message.user_can_view?(@user).should be_true + end + + end + +end + +describe 'when asked if it is indexed by search' do + + before do + @incoming_message = IncomingMessage.new + end + + it 'should return false if it has prominence "hidden"' do + @incoming_message.prominence = 'hidden' + @incoming_message.indexed_by_search?.should be_false + end + + it 'should return false if it has prominence "requester_only"' do + @incoming_message.prominence = 'requester_only' + @incoming_message.indexed_by_search?.should be_false + end + + it 'should return true if it has prominence "normal"' do + @incoming_message.prominence = 'normal' + @incoming_message.indexed_by_search?.should be_true + end + +end + describe IncomingMessage, " when dealing with incoming mail" do before(:each) do diff --git a/spec/models/info_request_event_spec.rb b/spec/models/info_request_event_spec.rb index eb0de8c86..53c83bd46 100644 --- a/spec/models/info_request_event_spec.rb +++ b/spec/models/info_request_event_spec.rb @@ -1,4 +1,21 @@ # coding: utf-8 +# == Schema Information +# +# Table name: info_request_events +# +# id :integer not null, primary key +# info_request_id :integer not null +# event_type :text not null +# params_yaml :text not null +# created_at :datetime not null +# described_state :string(255) +# calculated_state :string(255) +# last_described_at :datetime +# incoming_message_id :integer +# outgoing_message_id :integer +# comment_id :integer +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe InfoRequestEvent do @@ -15,6 +32,64 @@ describe InfoRequestEvent do end + describe 'when deciding if it is indexed by search' do + + before do + @comment = mock_model(Comment) + @incoming_message = mock_model(IncomingMessage) + @outgoing_message = mock_model(OutgoingMessage) + @info_request = mock_model(InfoRequest, :indexed_by_search? => true) + end + + it 'should return false for a comment that is not visible' do + @comment.stub!(:visible).and_return(false) + @info_request_event = InfoRequestEvent.new(:event_type => 'comment', + :comment => @comment, + :info_request => @info_request) + @info_request_event.indexed_by_search?.should be_false + end + + it 'should return true for a comment that is visible' do + @comment.stub!(:visible).and_return(true) + @info_request_event = InfoRequestEvent.new(:event_type => 'comment', + :comment => @comment, + :info_request => @info_request) + @info_request_event.indexed_by_search?.should be_true + end + + it 'should return false for an incoming message that is not indexed by search' do + @incoming_message.stub!(:indexed_by_search?).and_return false + @info_request_event = InfoRequestEvent.new(:event_type => 'response', + :incoming_message => @incoming_message, + :info_request => @info_request) + @info_request_event.indexed_by_search?.should be_false + end + + it 'should return true for an incoming message that is indexed by search' do + @incoming_message.stub!(:indexed_by_search?).and_return true + @info_request_event = InfoRequestEvent.new(:event_type => 'response', + :incoming_message => @incoming_message, + :info_request => @info_request) + @info_request_event.indexed_by_search?.should be_true + end + + it 'should return false for an outgoing message that is not indexed by search' do + @outgoing_message.stub!(:indexed_by_search?).and_return false + @info_request_event = InfoRequestEvent.new(:event_type => 'followup_sent', + :outgoing_message => @outgoing_message, + :info_request => @info_request) + @info_request_event.indexed_by_search?.should be_false + end + + it 'should return true for an outgoing message that is indexed by search' do + @outgoing_message.stub!(:indexed_by_search?).and_return true + @info_request_event = InfoRequestEvent.new(:event_type => 'followup_sent', + :outgoing_message => @outgoing_message, + :info_request => @info_request) + @info_request_event.indexed_by_search?.should be_true + end + end + describe 'after saving' do it 'should mark the model for reindexing in xapian if there is no no_xapian_reindex flag on the object' do diff --git a/spec/models/info_request_spec.rb b/spec/models/info_request_spec.rb index 6d026e286..fac89109c 100644 --- a/spec/models/info_request_spec.rb +++ b/spec/models/info_request_spec.rb @@ -1,4 +1,28 @@ # encoding: utf-8 +# == Schema Information +# +# Table name: info_requests +# +# id :integer not null, primary key +# title :text not null +# user_id :integer +# public_body_id :integer not null +# created_at :datetime not null +# updated_at :datetime not null +# described_state :string(255) not null +# awaiting_description :boolean default(FALSE), not null +# prominence :string(255) default("normal"), not null +# url_title :text not null +# law_used :string(255) default("foi"), not null +# allow_new_responses_from :string(255) default("anybody"), not null +# handle_rejected_responses :string(255) default("bounce"), not null +# idhash :string(255) not null +# external_user_name :string(255) +# external_url :string(255) +# attention_requested :boolean default(FALSE) +# comments_allowed :boolean default(TRUE), not null +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe InfoRequest do @@ -398,10 +422,12 @@ describe InfoRequest do it 'should add extra conditions if supplied' do expected_conditions = ["awaiting_description = ? - AND (SELECT created_at - FROM info_request_events + AND (SELECT info_request_events.created_at + FROM info_request_events, incoming_messages WHERE info_request_events.info_request_id = info_requests.id AND info_request_events.event_type = 'response' + AND incoming_messages.id = info_request_events.incoming_message_id + AND incoming_messages.prominence = 'normal' ORDER BY created_at desc LIMIT 1) < ? AND url_title != 'holding_pen' AND user_id IS NOT NULL @@ -416,21 +442,25 @@ describe InfoRequest do InfoRequest.find_old_unclassified({:conditions => ["prominence != 'backpage'"]}) end - it 'should ask the database for requests that are awaiting description, have a last response older + it 'should ask the database for requests that are awaiting description, have a last public response older than 21 days old, have a user, are not the holding pen and are not backpaged' do expected_conditions = ["awaiting_description = ? - AND (SELECT created_at - FROM info_request_events + AND (SELECT info_request_events.created_at + FROM info_request_events, incoming_messages WHERE info_request_events.info_request_id = info_requests.id AND info_request_events.event_type = 'response' + AND incoming_messages.id = info_request_events.incoming_message_id + AND incoming_messages.prominence = 'normal' ORDER BY created_at desc LIMIT 1) < ? AND url_title != 'holding_pen' AND user_id IS NOT NULL".split(' ').join(' '), true, Time.now - 21.days] - expected_select = "*, (SELECT created_at - FROM info_request_events + expected_select = "*, (SELECT info_request_events.created_at + FROM info_request_events, incoming_messages WHERE info_request_events.info_request_id = info_requests.id AND info_request_events.event_type = 'response' + AND incoming_messages.id = info_request_events.incoming_message_id + AND incoming_messages.prominence = 'normal' ORDER BY created_at desc LIMIT 1) AS last_response_time".split(' ').join(' ') InfoRequest.should_receive(:find) do |all, query_params| @@ -449,8 +479,14 @@ describe InfoRequest do before do Time.stub!(:now).and_return(Time.utc(2007, 11, 9, 23, 59)) - @mock_comment_event = mock_model(InfoRequestEvent, :created_at => Time.now - 23.days, :event_type => 'comment', :response? => false) - @mock_response_event = mock_model(InfoRequestEvent, :created_at => Time.now - 22.days, :event_type => 'response', :response? => true) + @mock_comment_event = mock_model(InfoRequestEvent, :created_at => Time.now - 23.days, + :event_type => 'comment', + :response? => false) + mock_incoming_message = mock_model(IncomingMessage, :all_can_view? => true) + @mock_response_event = mock_model(InfoRequestEvent, :created_at => Time.now - 22.days, + :event_type => 'response', + :response? => true, + :incoming_message => mock_incoming_message) @info_request = InfoRequest.new(:prominence => 'normal', :awaiting_description => true, :info_request_events => [@mock_response_event, @mock_comment_event]) @@ -587,6 +623,96 @@ describe InfoRequest do end end + describe 'when asked for the last public response event' do + + before do + @info_request = FactoryGirl.create(:info_request_with_incoming) + @incoming_message = @info_request.incoming_messages.first + end + + it 'should not return an event with a hidden prominence message' do + @incoming_message.prominence = 'hidden' + @incoming_message.save! + @info_request.get_last_public_response_event.should == nil + end + + it 'should not return an event with a requester_only prominence message' do + @incoming_message.prominence = 'requester_only' + @incoming_message.save! + @info_request.get_last_public_response_event.should == nil + end + + it 'should return an event with a normal prominence message' do + @incoming_message.prominence = 'normal' + @incoming_message.save! + @info_request.get_last_public_response_event.should == @incoming_message.response_event + end + end + + describe 'when asked for the last public outgoing event' do + + before do + @info_request = FactoryGirl.create(:info_request) + @outgoing_message = @info_request.outgoing_messages.first + end + + it 'should not return an event with a hidden prominence message' do + @outgoing_message.prominence = 'hidden' + @outgoing_message.save! + @info_request.get_last_public_outgoing_event.should == nil + end + + it 'should not return an event with a requester_only prominence message' do + @outgoing_message.prominence = 'requester_only' + @outgoing_message.save! + @info_request.get_last_public_outgoing_event.should == nil + end + + it 'should return an event with a normal prominence message' do + @outgoing_message.prominence = 'normal' + @outgoing_message.save! + @info_request.get_last_public_outgoing_event.should == @outgoing_message.info_request_events.first + end + + end + + describe 'when asked who can be sent a followup' do + + before do + @info_request = FactoryGirl.create(:info_request_with_plain_incoming) + @incoming_message = @info_request.incoming_messages.first + @public_body = @info_request.public_body + end + + it 'should not include details from a hidden prominence response' do + @incoming_message.prominence = 'hidden' + @incoming_message.save! + @info_request.who_can_followup_to.should == [[@public_body.name, + @public_body.request_email, + nil]] + end + + it 'should not include details from a requester_only prominence response' do + @incoming_message.prominence = 'requester_only' + @incoming_message.save! + @info_request.who_can_followup_to.should == [[@public_body.name, + @public_body.request_email, + nil]] + end + + it 'should include details from a normal prominence response' do + @incoming_message.prominence = 'normal' + @incoming_message.save! + @info_request.who_can_followup_to.should == [[@public_body.name, + @public_body.request_email, + nil], + ['Bob Responder', + "bob@example.com", + @incoming_message.id]] + end + + end + describe 'when generating json for the api' do before do diff --git a/spec/models/mail_server_log_spec.rb b/spec/models/mail_server_log_spec.rb index 2b44a4559..67709b130 100644 --- a/spec/models/mail_server_log_spec.rb +++ b/spec/models/mail_server_log_spec.rb @@ -1,3 +1,16 @@ +# == Schema Information +# +# Table name: mail_server_logs +# +# id :integer not null, primary key +# mail_server_log_done_id :integer +# info_request_id :integer +# order :integer not null +# line :text not null +# created_at :datetime not null +# updated_at :datetime not null +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe MailServerLog do diff --git a/spec/models/outgoing_message_spec.rb b/spec/models/outgoing_message_spec.rb index 60164fb31..1e05e09f1 100644 --- a/spec/models/outgoing_message_spec.rb +++ b/spec/models/outgoing_message_spec.rb @@ -1,3 +1,19 @@ +# == Schema Information +# +# Table name: outgoing_messages +# +# id :integer not null, primary key +# info_request_id :integer not null +# body :text not null +# status :string(255) not null +# message_type :string(255) not null +# created_at :datetime not null +# updated_at :datetime not null +# last_sent_at :datetime +# incoming_message_followup_id :integer +# what_doing :string(255) not null +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe OutgoingMessage, " when making an outgoing message" do @@ -50,6 +66,81 @@ describe OutgoingMessage, " when making an outgoing message" do outgoing_message.body.should include(expected_text) end + describe 'when asked if a user can view it' do + + before do + @info_request = FactoryGirl.create(:info_request) + @outgoing_message = @info_request.outgoing_messages.first + end + + context 'if the prominence is hidden' do + + before do + @outgoing_message.prominence = 'hidden' + end + + it 'should return true for an admin user' do + @outgoing_message.user_can_view?(FactoryGirl.create(:admin_user)).should be_true + end + + it 'should return false for a non-admin user' do + @outgoing_message.user_can_view?(FactoryGirl.create(:user)).should be_false + end + + end + + context 'if the prominence is requester_only' do + + before do + @outgoing_message.prominence = 'requester_only' + end + + it 'should return true if the user owns the associated request' do + @outgoing_message.user_can_view?(@info_request.user).should be_true + end + + it 'should return false if the user does not own the associated request' do + @outgoing_message.user_can_view?(FactoryGirl.create(:user)).should be_false + end + end + + context 'if the prominence is normal' do + + before do + @outgoing_message.prominence = 'normal' + end + + it 'should return true for a non-admin user' do + @outgoing_message.user_can_view?(FactoryGirl.create(:user)).should be_true + end + + end + + end + + describe 'when asked if it is indexed by search' do + + before do + @info_request = FactoryGirl.create(:info_request) + @outgoing_message = @info_request.outgoing_messages.first + end + + it 'should return false if it has prominence "hidden"' do + @outgoing_message.prominence = 'hidden' + @outgoing_message.indexed_by_search?.should be_false + end + + it 'should return false if it has prominence "requester_only"' do + @outgoing_message.prominence = 'requester_only' + @outgoing_message.indexed_by_search?.should be_false + end + + it 'should return true if it has prominence "normal"' do + @outgoing_message.prominence = 'normal' + @outgoing_message.indexed_by_search?.should be_true + end + + end end @@ -72,5 +163,3 @@ describe IncomingMessage, " when censoring data" do @om.body.should match(/fancy cat/) end end - - diff --git a/spec/models/post_redirect_spec.rb b/spec/models/post_redirect_spec.rb index 5f51b6de5..73740e914 100644 --- a/spec/models/post_redirect_spec.rb +++ b/spec/models/post_redirect_spec.rb @@ -1,3 +1,19 @@ +# == Schema Information +# +# Table name: post_redirects +# +# id :integer not null, primary key +# token :text not null +# uri :text not null +# post_params_yaml :text +# created_at :datetime not null +# updated_at :datetime not null +# email_token :text not null +# reason_params_yaml :text +# user_id :integer +# circumstance :text default("normal"), not null +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe PostRedirect, " when constructing" do diff --git a/spec/models/profile_photo_spec.rb b/spec/models/profile_photo_spec.rb index 892cccd08..0e157e2c5 100644 --- a/spec/models/profile_photo_spec.rb +++ b/spec/models/profile_photo_spec.rb @@ -1,3 +1,13 @@ +# == Schema Information +# +# Table name: profile_photos +# +# id :integer not null, primary key +# data :binary not null +# user_id :integer +# draft :boolean default(FALSE), not null +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe ProfilePhoto, "when constructing a new photo" do diff --git a/spec/models/public_body_spec.rb b/spec/models/public_body_spec.rb index 3578c0e9c..582f1430e 100644 --- a/spec/models/public_body_spec.rb +++ b/spec/models/public_body_spec.rb @@ -1,4 +1,27 @@ # encoding: UTF-8 +# == Schema Information +# +# Table name: public_bodies +# +# id :integer not null, primary key +# name :text not null +# short_name :text not null +# request_email :text not null +# version :integer not null +# last_edit_editor :string(255) not null +# last_edit_comment :text not null +# created_at :datetime not null +# updated_at :datetime not null +# url_name :text not null +# home_page :text default(""), not null +# notes :text default(""), not null +# first_letter :string(255) not null +# publication_scheme :text default(""), not null +# api_key :string(255) not null +# info_requests_count :integer default(0), not null +# disclosure_log :text default(""), not null +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe PublicBody, " using tags" do diff --git a/spec/models/purge_request_spec.rb b/spec/models/purge_request_spec.rb index 7b67fca52..02b3d685d 100644 --- a/spec/models/purge_request_spec.rb +++ b/spec/models/purge_request_spec.rb @@ -1,3 +1,14 @@ +# == Schema Information +# +# Table name: purge_requests +# +# id :integer not null, primary key +# url :string(255) +# created_at :datetime not null +# model :string(255) not null +# model_id :integer not null +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') require 'fakeweb' diff --git a/spec/models/raw_email_spec.rb b/spec/models/raw_email_spec.rb index ff2830a62..f86b35e99 100644 --- a/spec/models/raw_email_spec.rb +++ b/spec/models/raw_email_spec.rb @@ -1,3 +1,10 @@ +# == Schema Information +# +# Table name: raw_emails +# +# id :integer not null, primary key +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe User, "manipulating a raw email" do diff --git a/spec/models/track_thing_spec.rb b/spec/models/track_thing_spec.rb index c42eb5e8b..86d3c0cda 100644 --- a/spec/models/track_thing_spec.rb +++ b/spec/models/track_thing_spec.rb @@ -1,3 +1,19 @@ +# == Schema Information +# +# Table name: track_things +# +# id :integer not null, primary key +# tracking_user_id :integer not null +# track_query :string(255) not null +# info_request_id :integer +# tracked_user_id :integer +# public_body_id :integer +# track_medium :string(255) not null +# track_type :string(255) default("internal_error"), not null +# created_at :datetime +# updated_at :datetime +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe TrackThing, "when tracking changes" do diff --git a/spec/models/track_things_sent_email_spec.rb b/spec/models/track_things_sent_email_spec.rb index 6166f42ab..4675d0847 100644 --- a/spec/models/track_things_sent_email_spec.rb +++ b/spec/models/track_things_sent_email_spec.rb @@ -1,3 +1,16 @@ +# == Schema Information +# +# Table name: track_things_sent_emails +# +# id :integer not null, primary key +# track_thing_id :integer not null +# info_request_event_id :integer +# user_id :integer +# public_body_id :integer +# created_at :datetime +# updated_at :datetime +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe TrackThingsSentEmail, "when tracking things sent email" do diff --git a/spec/models/user_info_request_sent_alert_spec.rb b/spec/models/user_info_request_sent_alert_spec.rb index 971c5b8c1..69be1092b 100644 --- a/spec/models/user_info_request_sent_alert_spec.rb +++ b/spec/models/user_info_request_sent_alert_spec.rb @@ -1,3 +1,14 @@ +# == Schema Information +# +# Table name: user_info_request_sent_alerts +# +# id :integer not null, primary key +# user_id :integer not null +# info_request_id :integer not null +# alert_type :string(255) not null +# info_request_event_id :integer +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe UserInfoRequestSentAlert, " when blah" do diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 96c169604..f380f6f13 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -1,3 +1,29 @@ +# == Schema Information +# +# Table name: users +# +# id :integer not null, primary key +# email :string(255) not null +# name :string(255) not null +# hashed_password :string(255) not null +# salt :string(255) not null +# created_at :datetime not null +# updated_at :datetime not null +# email_confirmed :boolean default(FALSE), not null +# url_name :text not null +# last_daily_track_email :datetime default(2000-01-01 00:00:00 UTC) +# admin_level :string(255) default("none"), not null +# ban_text :text default(""), not null +# about_me :text default(""), not null +# locale :string(255) +# email_bounced_at :datetime +# email_bounce_message :text default(""), not null +# no_limit :boolean default(FALSE), not null +# receive_email_alerts :boolean default(TRUE), not null +# address :string(255) +# dob :date +# + require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe User, "making up the URL name" do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 86ca5150a..0d8f8fac5 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -155,5 +155,7 @@ Spork.prefork do end Spork.each_run do + FactoryGirl.definition_file_paths = [ Rails.root.join('spec', 'factories') ] + FactoryGirl.reload # This code will be run each time you run your specs. end diff --git a/spec/views/request/_after_actions.html.erb_spec.rb b/spec/views/request/_after_actions.html.erb_spec.rb index ae398f4ce..833323d68 100644 --- a/spec/views/request/_after_actions.html.erb_spec.rb +++ b/spec/views/request/_after_actions.html.erb_spec.rb @@ -69,24 +69,11 @@ describe 'when displaying actions that can be taken with regard to a request' do end end - describe 'if the request is viewable by all' do - it 'should display the link to download the entire request' do - render :partial => 'request/after_actions' - response.should have_selector('div#anyone_actions') do |div| - div.should have_selector('a', :content => 'Download a zip file of all correspondence') - end - end - end - - describe 'if the request is not viewable by all' do - - it 'should not display the link to download the entire request' do - @mock_request.stub!(:all_can_view?).and_return(false) - render :partial => 'request/after_actions' - response.should have_selector('div#anyone_actions') do |div| - div.should_not have_selector('a', :content => 'Download a zip file of all correspondence') - end + it 'should display the link to download the entire request' do + render :partial => 'request/after_actions' + response.should have_selector('div#anyone_actions') do |div| + div.should have_selector('a', :content => 'Download a zip file of all correspondence') end end diff --git a/spec/views/request/show.html.erb_spec.rb b/spec/views/request/show.html.erb_spec.rb index 4578268b2..6e63b9b43 100644 --- a/spec/views/request/show.html.erb_spec.rb +++ b/spec/views/request/show.html.erb_spec.rb @@ -1,8 +1,8 @@ require File.expand_path(File.join('..', '..', '..', 'spec_helper'), __FILE__) describe 'request/show' do - - before do + + before do @mock_body = mock_model(PublicBody, :name => 'test body', :url_name => 'test_body', :is_school? => false) @@ -10,101 +10,101 @@ describe 'request/show' do :url_name => 'test_user', :profile_photo => nil) @mock_request = mock_model(InfoRequest, :title => 'test request', - :awaiting_description => false, + :awaiting_description => false, :law_used_with_a => 'A Freedom of Information request', :law_used_full => 'Freedom of Information', :public_body => @mock_body, - :user => @mock_user, - :user_name => @mock_user.name, + :user => @mock_user, + :user_name => @mock_user.name, :is_external? => false, - :calculate_status => 'waiting_response', + :calculate_status => 'waiting_response', :date_response_required_by => Date.today, :prominence => 'normal', :comments_allowed? => true, :all_can_view? => true, :url_title => 'test_request') end - + def request_page assign :info_request, @mock_request assign :info_request_events, [] assign :status, @mock_request.calculate_status render end - - describe 'when a status update has been requested' do - - before do + + describe 'when a status update has been requested' do + + before do assign :update_status, true end - + it 'should show the first form for describing the state of the request' do request_page response.should have_selector("div.describe_state_form#describe_state_form_1") - end - + end + end - - describe 'when it is awaiting a description' do - - before do + + describe 'when it is awaiting a description' do + + before do @mock_request.stub!(:awaiting_description).and_return(true) end - + it 'should show the first form for describing the state of the request' do request_page response.should have_selector("div.describe_state_form#describe_state_form_1") end - - it 'should show the second form for describing the state of the request' do + + it 'should show the second form for describing the state of the request' do request_page response.should have_selector("div.describe_state_form#describe_state_form_2") end - + end - - describe 'when the user is the request owner' do - - before do + + describe 'when the user is the request owner' do + + before do assign :is_owning_user, true end - - describe 'when the request status is "waiting clarification"' do - - before do + + describe 'when the request status is "waiting clarification"' do + + before do @mock_request.stub!(:calculate_status).and_return('waiting_clarification') end - - describe 'when there is a last response' do - + + describe 'when there is a last response' do + before do @mock_response = mock_model(IncomingMessage) - @mock_request.stub!(:get_last_response).and_return(@mock_response) + @mock_request.stub!(:get_last_public_response).and_return(@mock_response) end - - it 'should show a link to follow up the last response with clarification' do + + it 'should show a link to follow up the last response with clarification' do request_page expected_url = "/en/request/#{@mock_request.id}/response/#{@mock_response.id}#followup" response.should have_selector("a", :href => expected_url, :content => 'send a follow up message') end - + end - + describe 'when there is no last response' do - - before do - @mock_request.stub!(:get_last_response).and_return(nil) + + before do + @mock_request.stub!(:get_last_public_response).and_return(nil) end - - it 'should show a link to follow up the request without reference to a specific response' do + + it 'should show a link to follow up the request without reference to a specific response' do request_page expected_url = "/en/request/#{@mock_request.id}/response#followup" response.should have_selector("a", :href => expected_url, :content => 'send a follow up message') end end end - + end end |