aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/controllers/request_controller.rb38
-rw-r--r--app/views/request/new.html.erb126
-rw-r--r--config/routes.rb1
-rw-r--r--spec/controllers/request_controller_spec.rb66
4 files changed, 159 insertions, 72 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index feac94b92..99b47a0c7 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -11,7 +11,7 @@ require 'open-uri'
class RequestController < ApplicationController
before_filter :check_read_only, :only => [ :new, :show_response, :describe_state, :upload_response ]
protect_from_forgery :only => [ :new, :show_response, :describe_state, :upload_response ] # See ActionController::RequestForgeryProtection for details
-
+ before_filter :check_batch_requests_and_user_allowed, :only => [ :select_authorities, :new_batch ]
MAX_RESULTS = 500
PER_PAGE = 25
@@ -44,20 +44,6 @@ class RequestController < ApplicationController
end
def select_authorities
- if !AlaveteliConfiguration::allow_batch_requests
- raise RouteNotFound.new("Page not enabled")
- end
- if !authenticated?(
- :web => _("To make a batch request"),
- :email => _("Then you can make a batch request"),
- :email_subject => _("Make a batch request"),
- :user_name => "a user who has been authorised to make batch requests")
- # do nothing - as "authenticated?" has done the redirect to signin page for us
- return
- end
- if !@user.can_make_batch_requests?
- return render_hidden('request/batch_not_allowed')
- end
if !params[:public_body_query].nil?
@search_bodies = perform_search_typeahead(params[:public_body_query], PublicBody)
end
@@ -197,6 +183,12 @@ class RequestController < ApplicationController
end
end
+ def new_batch
+ @batch = true
+ @info_request = InfoRequest.new
+ render :action => 'new'
+ end
+
# Page new form posts to
def new
# All new requests are of normal_sort
@@ -988,6 +980,22 @@ class RequestController < ApplicationController
"request/similar/#{info_request.id}/#{locale}"
end
+ def check_batch_requests_and_user_allowed
+ if !AlaveteliConfiguration::allow_batch_requests
+ raise RouteNotFound.new("Page not enabled")
+ end
+ if !authenticated?(
+ :web => _("To make a batch request"),
+ :email => _("Then you can make a batch request"),
+ :email_subject => _("Make a batch request"),
+ :user_name => "a user who has been authorised to make batch requests")
+ # do nothing - as "authenticated?" has done the redirect to signin page for us
+ return
+ end
+ if !@user.can_make_batch_requests?
+ return render_hidden('request/batch_not_allowed')
+ end
+ end
end
diff --git a/app/views/request/new.html.erb b/app/views/request/new.html.erb
index 849a94216..7b7ede79f 100644
--- a/app/views/request/new.html.erb
+++ b/app/views/request/new.html.erb
@@ -1,23 +1,27 @@
-<script type="text/javascript">
- $(document).ready(function(){
- // Avoid triggering too often (on each keystroke) by using the debounce jQuery plugin:
- // http://benalman.com/projects/jquery-throttle-debounce-plugin/
- $("#typeahead_search").keypress($.debounce( 300, function() {
- $("#typeahead_response").load("<%=search_ahead_url%>?q="+encodeURI(this.value), function() {
- // When following links in typeahead results, open new tab/window
- $("#typeahead_response a").attr("target","_blank");
-
- // Update the public body site search link
- $("#body-site-search-link").attr("href", "http://www.google.com/#q="+encodeURI($("#typeahead_search").val())+
- "+site:<%= @info_request.public_body.calculated_home_page %>");
- });
- }));
-
- });
-</script>
-
-<% @title = _("Make an {{law_used_short}} request to '{{public_body_name}}'",:law_used_short=>h(@info_request.law_used_short),:public_body_name=>h(@info_request.public_body.name)) %>
-
+<% unless @batch %>
+ <script type="text/javascript">
+ $(document).ready(function(){
+ // Avoid triggering too often (on each keystroke) by using the debounce jQuery plugin:
+ // http://benalman.com/projects/jquery-throttle-debounce-plugin/
+ $("#typeahead_search").keypress($.debounce( 300, function() {
+ $("#typeahead_response").load("<%=search_ahead_url%>?q="+encodeURI(this.value), function() {
+ // When following links in typeahead results, open new tab/window
+ $("#typeahead_response a").attr("target","_blank");
+
+ // Update the public body site search link
+ $("#body-site-search-link").attr("href", "http://www.google.com/#q="+encodeURI($("#typeahead_search").val())+
+ "+site:<%= @info_request.public_body.calculated_home_page %>");
+ });
+ }));
+
+ });
+ </script>
+<% end %>
+<% if @batch %>
+ <% @title = _("Make an {{law_used_short}} request", :law_used_short=>h(@info_request.law_used_short)) %>
+<% else %>
+ <% @title = _("Make an {{law_used_short}} request to '{{public_body_name}}'",:law_used_short=>h(@info_request.law_used_short),:public_body_name=>h(@info_request.public_body.name)) %>
+<% end %>
<h1><%= _('2. Ask for Information') %></h1>
<% if @existing_request %>
@@ -37,45 +41,53 @@
<div id="request_header">
<div id="request_header_body">
<label class="form_label"><%= _('To:') %></label>
- <span id="to_public_body"><%=h(@info_request.public_body.name)%></span>
- <div class="form_item_note">
- <% if @info_request.public_body.info_requests.size > 0 %>
- <%= _("Browse <a href='{{url}}'>other requests</a> to '{{public_body_name}}' for examples of how to word your request.", :public_body_name=>h(@info_request.public_body.name), :url=>public_body_path(@info_request.public_body)) %>
- <% else %>
- <%= _("Browse <a href='{{url}}'>other requests</a> for examples of how to word your request.", :url=>request_list_url) %>
- <% end %>
- </div>
-
- <% if @info_request.public_body.has_notes? %>
- <div id="request_header_text">
- <h3><%= _('Special note for this authority!') %></h3>
- <p><%= @info_request.public_body.notes_as_html.html_safe %></p>
+ <span id="to_public_body">
+ <% if @batch %>
+ <%= _("Your selected authorities")%>
+ <% else %>
+ <%=h(@info_request.public_body.name)%>
+ <% end %>
+ </span>
+ <% unless @batch %>
+ <div class="form_item_note">
+ <% if @info_request.public_body.info_requests.size > 0 %>
+ <%= _("Browse <a href='{{url}}'>other requests</a> to '{{public_body_name}}' for examples of how to word your request.", :public_body_name=>h(@info_request.public_body.name), :url=>public_body_path(@info_request.public_body)) %>
+ <% else %>
+ <%= _("Browse <a href='{{url}}'>other requests</a> for examples of how to word your request.", :url=>request_list_url) %>
+ <% end %>
</div>
- <% end %>
- <% if @info_request.public_body.eir_only? %>
- <h3><%= _('Please ask for environmental information only') %></h3>
-
- <p><%= _('The Freedom of Information Act <strong>does not apply</strong> to') %> <%=h(@info_request.public_body.name)%>.
- <%= _('However, you have the right to request environmental
- information under a different law') %> (<a href="/help/requesting#eir">explanation</a>).
- <%= _('This covers a very wide spectrum of information about the state of
- the <strong>natural and built environment</strong>, such as:') %>
-
- <ul>
- <li><%= _('Air, water, soil, land, flora and fauna (including how these effect
- human beings)') %></li>
- <li><%= _('Information on emissions and discharges (e.g. noise, energy,
- radiation, waste materials)') %></li>
- <li><%= _('Human health and safety') %></li>
- <li><%= _('Cultural sites and built structures (as they may be affected by the
- environmental factors listed above)') %></li>
- <li><%= _('Plans and administrative measures that affect these matters') %></li>
- </ul>
-
- <p><%= _('Please only request information that comes under those categories, <strong>do not waste your
- time</strong> or the time of the public authority by requesting unrelated information.') %></p>
- <% end %>
+ <% if @info_request.public_body.has_notes? %>
+ <div id="request_header_text">
+ <h3><%= _('Special note for this authority!') %></h3>
+ <p><%= @info_request.public_body.notes_as_html.html_safe %></p>
+ </div>
+ <% end %>
+
+ <% if @info_request.public_body.eir_only? %>
+ <h3><%= _('Please ask for environmental information only') %></h3>
+
+ <p><%= _('The Freedom of Information Act <strong>does not apply</strong> to') %> <%=h(@info_request.public_body.name)%>.
+ <%= _('However, you have the right to request environmental
+ information under a different law') %> (<a href="/help/requesting#eir">explanation</a>).
+ <%= _('This covers a very wide spectrum of information about the state of
+ the <strong>natural and built environment</strong>, such as:') %>
+
+ <ul>
+ <li><%= _('Air, water, soil, land, flora and fauna (including how these effect
+ human beings)') %></li>
+ <li><%= _('Information on emissions and discharges (e.g. noise, energy,
+ radiation, waste materials)') %></li>
+ <li><%= _('Human health and safety') %></li>
+ <li><%= _('Cultural sites and built structures (as they may be affected by the
+ environmental factors listed above)') %></li>
+ <li><%= _('Plans and administrative measures that affect these matters') %></li>
+ </ul>
+
+ <p><%= _('Please only request information that comes under those categories, <strong>do not waste your
+ time</strong> or the time of the public authority by requesting unrelated information.') %></p>
+ <% end %>
+ <% end %>
</div>
<div id="request_header_subject">
diff --git a/config/routes.rb b/config/routes.rb
index 3fa66729f..2c4987db6 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -39,6 +39,7 @@ Alaveteli::Application.routes.draw do
match '/new' => 'request#new', :as => :new_request
match '/new/:url_name' => 'request#new', :as => :new_request_to_body
+ match '/new_batch' => 'request#new_batch', :as => :new_batch
match '/request/search_ahead' => 'request#search_typeahead', :as => :search_ahead
diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb
index d29552b15..2e928eb3b 100644
--- a/spec/controllers/request_controller_spec.rb
+++ b/spec/controllers/request_controller_spec.rb
@@ -2509,6 +2509,72 @@ describe RequestController, "when caching fragments" do
end
+describe RequestController, "#new_batch", :focus => true do
+
+ context "when batch requests is enabled" do
+
+ before do
+ AlaveteliConfiguration.stub!(:allow_batch_requests).and_return(true)
+ end
+
+ context "when the current user can make batch requests" do
+
+ before do
+ @user = FactoryGirl.create(:user, :can_make_batch_requests => true)
+ end
+
+ it 'should be successful' do
+ get :new_batch, {}, {:user_id => @user.id}
+ response.should be_success
+ end
+
+ it 'should render the "new" template' do
+ get :new_batch, {}, {:user_id => @user.id}
+ response.should render_template('request/new')
+ end
+
+ end
+
+ context "when the current user can't make batch requests" do
+
+ render_views
+
+ before do
+ @user = FactoryGirl.create(:user)
+ end
+
+ it 'should return a 403 with an appropriate message' do
+ get :new_batch, {}, {:user_id => @user.id}
+ response.code.should == '403'
+ response.body.should match("Users cannot usually make batch requests to multiple authorities at once")
+ end
+
+ end
+
+ context 'when there is no logged-in user' do
+
+ it 'should return a redirect to the login page' do
+ get :new_batch
+ post_redirect = PostRedirect.get_last_post_redirect
+ response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token)
+ end
+ end
+
+
+ end
+
+ context "when batch requests is not enabled" do
+
+ it 'should return a 404' do
+ Rails.application.config.stub!(:consider_all_requests_local).and_return(false)
+ get :new_batch
+ response.code.should == '404'
+ end
+
+ end
+
+end
+
describe RequestController, "#select_authorities" do
context "when batch requests is enabled" do
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 02:56:55 +0000