diff options
| -rw-r--r-- | app/controllers/admin_censor_rule_controller.rb | 20 | ||||
| -rw-r--r-- | app/controllers/admin_controller.rb | 23 | ||||
| -rw-r--r-- | app/controllers/admin_general_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/admin_request_controller.rb | 13 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 28 | ||||
| -rw-r--r-- | app/controllers/request_game_controller.rb | 4 | ||||
| -rw-r--r-- | app/models/info_request.rb | 10 | ||||
| -rw-r--r-- | app/models/info_request_event.rb | 4 | ||||
| -rw-r--r-- | app/views/admin_request/edit.rhtml | 4 | ||||
| -rw-r--r-- | app/views/request/hidden.rhtml | 14 | ||||
| -rw-r--r-- | todo.txt | 4 |
11 files changed, 91 insertions, 37 deletions
diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb index 3382c92fa..b51c1e01e 100644 --- a/app/controllers/admin_censor_rule_controller.rb +++ b/app/controllers/admin_censor_rule_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: admin_censor_rule_controller.rb,v 1.5 2009-01-29 12:10:10 francis Exp $ +# $Id: admin_censor_rule_controller.rb,v 1.6 2009-06-23 13:52:25 francis Exp $ class AdminCensorRuleController < AdminController def new @@ -56,24 +56,6 @@ class AdminCensorRuleController < AdminController redirect_to admin_url('request/show/' + info_request.id.to_s) end - - def expire_for_request(info_request) - # So is using latest censor rules - info_request.reload - - # clear out cached entries - for incoming_message in info_request.incoming_messages - for attachment in incoming_message.get_attachments_for_display - expire_page :controller => 'request', :action => "get_attachment", :id => info_request.id, - :incoming_message_id => incoming_message.id, - :part => attachment.url_part_number, :file_name => attachment.display_filename - expire_page :controller => 'request', :action => "get_attachment_as_html", :id => info_request.id, - :incoming_message_id => incoming_message.id, - :part => attachment.url_part_number, :file_name => attachment.display_filename - end - end - end - private end diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index b33b6a9fc..5810b4b04 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: admin_controller.rb,v 1.24 2009-01-29 12:23:25 francis Exp $ +# $Id: admin_controller.rb,v 1.25 2009-06-23 13:52:25 francis Exp $ class AdminController < ApplicationController @@ -15,4 +15,25 @@ class AdminController < ApplicationController def local_request? true end + + # Expire cached attachment files for a request + def expire_for_request(info_request) + # So is using latest censor rules + info_request.reload + + # clear out cached entries + for incoming_message in info_request.incoming_messages + for attachment in incoming_message.get_attachments_for_display + expire_page :controller => 'request', :action => "get_attachment", :id => info_request.id, + :incoming_message_id => incoming_message.id, + :part => attachment.url_part_number, :file_name => attachment.display_filename + expire_page :controller => 'request', :action => "get_attachment_as_html", :id => info_request.id, + :incoming_message_id => incoming_message.id, + :part => attachment.url_part_number, :file_name => attachment.display_filename + end + end + end + + end + diff --git a/app/controllers/admin_general_controller.rb b/app/controllers/admin_general_controller.rb index 8c035d6e4..ac7a2084f 100644 --- a/app/controllers/admin_general_controller.rb +++ b/app/controllers/admin_general_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: admin_general_controller.rb,v 1.6 2009-06-05 05:53:25 francis Exp $ +# $Id: admin_general_controller.rb,v 1.7 2009-06-23 13:52:25 francis Exp $ class AdminGeneralController < AdminController def index @@ -20,7 +20,7 @@ class AdminGeneralController < AdminController @error_message_requests = InfoRequest.find(:all, :select => '*, ' + InfoRequest.last_event_time_clause + ' as last_event_time', :conditions => ["described_state = 'error_message'"], :order => "last_event_time") @blank_contacts = PublicBody.find(:all, :conditions => ["request_email = ''"], :order => "updated_at") @old_unclassified = InfoRequest.find_old_unclassified(:limit => 50, - :conditions => ["prominence != 'backpage'"], + :conditions => ["prominence = 'normal'"], :age_in_days => 10) @holding_pen_messages = InfoRequest.holding_pen_request.incoming_messages end diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index ca00da9ab..fe7b6e8a6 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: admin_request_controller.rb,v 1.35 2009-06-15 14:42:11 francis Exp $ +# $Id: admin_request_controller.rb,v 1.36 2009-06-23 13:52:25 francis Exp $ class AdminRequestController < AdminController def index @@ -19,7 +19,7 @@ class AdminRequestController < AdminController end def list_old_unclassified - @info_requests = InfoRequest.find_old_unclassified(:conditions => ["prominence != 'backpage'"], + @info_requests = InfoRequest.find_old_unclassified(:conditions => ["prominence = 'normal'"], :age_in_days => 10) end @@ -48,6 +48,12 @@ class AdminRequestController < AdminController old_allow_new_responses_from = @info_request.allow_new_responses_from old_handle_rejected_responses = @info_request.handle_rejected_responses + expire = false + if @info_request.prominence != params[:info_request][:prominence] + # in case it has become hidden, clear cache after saving + expire = true + end + @info_request.title = params[:info_request][:title] @info_request.prominence = params[:info_request][:prominence] if @info_request.described_state != params[:info_request][:described_state] @@ -59,6 +65,9 @@ class AdminRequestController < AdminController if @info_request.valid? @info_request.save! + if expire + expire_for_request(@info_request) + end @info_request.log_event("edit", { :editor => admin_http_auth_user(), :old_title => old_title, :title => @info_request.title, diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 1d6189915..7579ee63e 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: request_controller.rb,v 1.162 2009-06-16 17:28:16 francis Exp $ +# $Id: request_controller.rb,v 1.163 2009-06-23 13:52:25 francis Exp $ class RequestController < ApplicationController @@ -19,7 +19,13 @@ class RequestController < ApplicationController # Look up by new style text names @info_request = InfoRequest.find_by_url_title(params[:url_title]) set_last_request(@info_request) - + + # Test for hidden + if !@info_request.user_can_view?(authenticated_user) + render :template => 'request/hidden' + return + end + # Other parameters @info_request_events = @info_request.info_request_events @status = @info_request.calculate_status @@ -493,7 +499,9 @@ class RequestController < ApplicationController # Download an attachment caches_page :get_attachment def get_attachment - get_attachment_internal + if !get_attachment_internal + return + end response.content_type = 'application/octet-stream' if !@attachment.content_type.nil? @@ -507,7 +515,9 @@ class RequestController < ApplicationController caches_page :get_attachment_as_html def get_attachment_as_html - get_attachment_internal + if !get_attachment_internal + return + end image_dir = File.dirname(Rails.public_path + url_for(params.merge(:only_path => true))) FileUtils.mkdir_p(image_dir) @@ -534,7 +544,13 @@ class RequestController < ApplicationController end @part_number = params[:part].to_i @filename = params[:file_name] - + + # Test for hidden + if !@info_request.user_can_view?(authenticated_user) + render :template => 'request/hidden' + return false + end + @attachment = IncomingMessage.get_attachment_by_url_part_number(@incoming_message.get_attachments_for_display, @part_number) # Prevent spam to magic request address. @@ -544,6 +560,8 @@ class RequestController < ApplicationController @attachment_url = get_attachment_url(:id => @incoming_message.info_request_id, :incoming_message_id => @incoming_message.id, :part => @part_number, :file_name => @filename ) + + return true end # FOI officers can upload a response diff --git a/app/controllers/request_game_controller.rb b/app/controllers/request_game_controller.rb index 1be26e5a1..0cedc2f94 100644 --- a/app/controllers/request_game_controller.rb +++ b/app/controllers/request_game_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: request_game_controller.rb,v 1.1 2009-05-11 13:06:34 tony Exp $ +# $Id: request_game_controller.rb,v 1.2 2009-06-23 13:52:25 francis Exp $ class RequestGameController < ApplicationController @@ -12,7 +12,7 @@ class RequestGameController < ApplicationController # XXX make sure they're logged in session[:request_game] = Time.now - old = InfoRequest.find_old_unclassified(:conditions => ["prominence != 'backpage'"], :age_in_days => 10) + old = InfoRequest.find_old_unclassified(:conditions => ["prominence = 'normal'"], :age_in_days => 10) @missing = old.size @requests = old.sort_by{ rand }.slice(0..2) end diff --git a/app/models/info_request.rb b/app/models/info_request.rb index 59eade8fd..aa0471cdb 100644 --- a/app/models/info_request.rb +++ b/app/models/info_request.rb @@ -23,7 +23,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: info_request.rb,v 1.193 2009-06-16 17:28:17 francis Exp $ +# $Id: info_request.rb,v 1.194 2009-06-23 13:52:26 francis Exp $ require 'digest/sha1' require File.join(File.dirname(__FILE__),'../../vendor/plugins/acts_as_xapian/lib/acts_as_xapian') @@ -67,6 +67,7 @@ class InfoRequest < ActiveRecord::Base validates_inclusion_of :prominence, :in => [ 'normal', 'backpage', + 'hidden' ] validates_inclusion_of :law_used, :in => [ @@ -816,6 +817,13 @@ public !user.nil? && (user.id == user_id || user.owns_every_request?) end + def user_can_view?(user) + return self.prominence != 'hidden' + # || self.is_owning_user?(user) # XXX this doesn't work, as have to + # mess with caching of HTML versions - need to change from using + # caches_pages in the request controller first. + end + # XXX to be called from a cron job later def self.stop_new_responses_on_old_requests # 6 months since last change to request, only allow new incoming messages from authority domains diff --git a/app/models/info_request_event.rb b/app/models/info_request_event.rb index ef1a71d4a..4299e0553 100644 --- a/app/models/info_request_event.rb +++ b/app/models/info_request_event.rb @@ -21,7 +21,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: info_request_event.rb,v 1.82 2009-04-23 13:32:21 tony Exp $ +# $Id: info_request_event.rb,v 1.83 2009-06-23 13:52:26 francis Exp $ class InfoRequestEvent < ActiveRecord::Base belongs_to :info_request @@ -154,7 +154,7 @@ class InfoRequestEvent < ActiveRecord::Base end def indexed_by_search if ['sent', 'followup_sent', 'response', 'comment'].include?(self.event_type) - if self.info_request.prominence == 'backpage' + if self.info_request.prominence == 'backpage' || self.info_request.prominence == 'hidden' return false end if self.event_type == 'comment' && !self.comment.visible diff --git a/app/views/admin_request/edit.rhtml b/app/views/admin_request/edit.rhtml index 8756ee0fb..c8ab2a5cf 100644 --- a/app/views/admin_request/edit.rhtml +++ b/app/views/admin_request/edit.rhtml @@ -8,8 +8,8 @@ <%= text_field 'info_request', 'title', :size => 50 %></p> <p><label for="info_request_prominence"><strong>Prominence</strong></label> - <%= select( 'info_request', "prominence", { "normal" => "normal", "backpage" => "backpage"}) %> - (whether request is shown in lists / search or not) + <%= select( 'info_request', "prominence", { "normal" => "normal", "backpage" => "backpage", "hidden" => "hidden"}) %> + (backpage means hidden from lists/search; hidden means completely hidden) </p> <p> diff --git a/app/views/request/hidden.rhtml b/app/views/request/hidden.rhtml new file mode 100644 index 000000000..e32e7fa12 --- /dev/null +++ b/app/views/request/hidden.rhtml @@ -0,0 +1,14 @@ +<% @title = "Request has been removed" %> + +<h1><%=@title%></h1> + +<p> +<%=@details%> +</p> + +<p>The request you have tried to view has been removed. There are +lots of reasons why we might have done this, sorry we can't +be more specific here. Please <a + href="/help/contact">contact us</a> if you have any questions. +</p> + @@ -1,13 +1,15 @@ Next (things that will reduce admin time mainly) ==== +Add Auto-Submitted: auto-generated/auto-replied headers in all appropriate places +Make sure done according to RFC: http://tools.ietf.org/html/rfc3834 + Private policy wiki to put administrative documentation e.g. what to do with a notification of possibly libelous material, how to handle common support email types etc. Factor out "defunct/not_apply" from request_email into own field. - Check up on how the public old request status editing is being used in practice. Think about UI a bit more to try and up rate, and UI of alerts to requester. |