diff options
26 files changed, 126 insertions, 52 deletions
diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index 49667017e..ca4dd9045 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: admin_user_controller.rb,v 1.9 2009-01-29 12:10:10 francis Exp $ +# $Id: admin_user_controller.rb,v 1.10 2009-03-09 01:17:04 francis Exp $ class AdminUserController < AdminController def index @@ -34,6 +34,7 @@ class AdminUserController < AdminController @admin_user.name = params[:admin_user][:name] @admin_user.email = params[:admin_user][:email] @admin_user.admin_level = params[:admin_user][:admin_level] + @admin_user.ban_text = params[:admin_user][:ban_text] if @admin_user.valid? @admin_user.save! diff --git a/app/controllers/comment_controller.rb b/app/controllers/comment_controller.rb index 26c475569..dfa31f9ef 100644 --- a/app/controllers/comment_controller.rb +++ b/app/controllers/comment_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: comment_controller.rb,v 1.8 2008-11-17 17:08:33 francis Exp $ +# $Id: comment_controller.rb,v 1.9 2009-03-09 01:17:04 francis Exp $ class CommentController < ApplicationController @@ -22,6 +22,13 @@ class CommentController < ApplicationController raise "Unknown type " + params[:type] end + # Banned from adding comments? + if !authenticated_user.nil? && !authenticated_user.can_make_comments? + @details = authenticated_user.can_fail_html + render :template => 'user/banned' + return + end + if params[:comment] # XXX this check should theoretically be a validation rule in the model @existing_comment = Comment.find_by_existing_comment(@info_request.id, params[:comment][:body]) diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index e2b57b90d..34e6d1aa6 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: request_controller.rb,v 1.150 2009-03-07 01:16:18 francis Exp $ +# $Id: request_controller.rb,v 1.151 2009-03-09 01:17:04 francis Exp $ class RequestController < ApplicationController @@ -124,6 +124,13 @@ class RequestController < ApplicationController end end + # Banned from making new requests? + if !authenticated_user.nil? && !authenticated_user.can_file_requests? + @details = authenticated_user.can_fail_html + render :template => 'user/banned' + return + end + # First time we get to the page, just display it if params[:submitted_new_request].nil? || params[:reedit] # Read parameters in - public body must be passed in @@ -199,25 +206,26 @@ class RequestController < ApplicationController return end - if authenticated?( + if !authenticated?( :web => "To send your FOI request", :email => "Then your FOI request to " + @info_request.public_body.name + " will be sent.", :email_subject => "Confirm your FOI request to " + @info_request.public_body.name ) - @info_request.user = authenticated_user - # This automatically saves dependent objects, such as @outgoing_message, in the same transaction - @info_request.save! - # XXX send_message needs the database id, so we send after saving, which isn't ideal if the request broke here. - @outgoing_message.send_message - flash[:notice] = "<p>Your " + @info_request.law_used_full + " request has been <strong>sent on its way</strong>!</p> - <p><strong>We will email you</strong> when there is a response, or after 20 working days if the authority still hasn't - replied by then.</p> - <p>If you write about this request (for example in a forum or a blog) please link to this page, and add an - annotation below telling people about your writing.</p>" - redirect_to request_url(@info_request) - else # do nothing - as "authenticated?" has done the redirect to signin page for us + return end + + @info_request.user = authenticated_user + # This automatically saves dependent objects, such as @outgoing_message, in the same transaction + @info_request.save! + # XXX send_message needs the database id, so we send after saving, which isn't ideal if the request broke here. + @outgoing_message.send_message + flash[:notice] = "<p>Your " + @info_request.law_used_full + " request has been <strong>sent on its way</strong>!</p> + <p><strong>We will email you</strong> when there is a response, or after 20 working days if the authority still hasn't + replied by then.</p> + <p>If you write about this request (for example in a forum or a blog) please link to this page, and add an + annotation below telling people about your writing.</p>" + redirect_to request_url(@info_request) end # Submitted to the describing state of messages form diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index a443d3e7d..38ebd076f 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: user_controller.rb,v 1.62 2009-03-05 19:09:47 francis Exp $ +# $Id: user_controller.rb,v 1.63 2009-03-09 01:17:04 francis Exp $ class UserController < ApplicationController # Show page about a user @@ -219,6 +219,13 @@ class UserController < ApplicationController def contact @recipient_user = User.find(params[:id]) + # Banned from messaging users? + if !authenticated_user.nil? && !authenticated_user.can_contact_other_users? + @details = authenticated_user.can_fail_html + render :template => 'user/banned' + return + end + # You *must* be logged into send a message to another user. (This is # partly to avoid spam, and partly to have some equanimity of openess # between the two users) diff --git a/app/models/censor_rule.rb b/app/models/censor_rule.rb index 4a21821de..1b00ea77f 100644 --- a/app/models/censor_rule.rb +++ b/app/models/censor_rule.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: censor_rules # @@ -21,7 +21,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: censor_rule.rb,v 1.7 2009-03-04 11:26:35 tony Exp $ +# $Id: censor_rule.rb,v 1.8 2009-03-09 01:17:06 francis Exp $ class CensorRule < ActiveRecord::Base belongs_to :info_request diff --git a/app/models/comment.rb b/app/models/comment.rb index 7a7e2ad60..fcafaad24 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: comments # @@ -19,7 +19,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: comment.rb,v 1.12 2009-03-04 11:26:35 tony Exp $ +# $Id: comment.rb,v 1.13 2009-03-09 01:17:06 francis Exp $ class Comment < ActiveRecord::Base strip_attributes! diff --git a/app/models/contact_validator.rb b/app/models/contact_validator.rb index 92251c246..487d0a107 100644 --- a/app/models/contact_validator.rb +++ b/app/models/contact_validator.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: contact_validators # @@ -15,7 +15,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: contact_validator.rb,v 1.27 2009-03-04 11:26:35 tony Exp $ +# $Id: contact_validator.rb,v 1.28 2009-03-09 01:17:06 francis Exp $ class ContactValidator < ActiveRecord::BaseWithoutTable strip_attributes! diff --git a/app/models/exim_log.rb b/app/models/exim_log.rb index b93eaa710..98982954d 100644 --- a/app/models/exim_log.rb +++ b/app/models/exim_log.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: exim_logs # @@ -18,7 +18,7 @@ # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: exim_log.rb,v 1.6 2009-03-04 11:26:35 tony Exp $ +# $Id: exim_log.rb,v 1.7 2009-03-09 01:17:06 francis Exp $ class EximLog < ActiveRecord::Base belongs_to :info_request diff --git a/app/models/exim_log_done.rb b/app/models/exim_log_done.rb index 40e103978..379df2a66 100644 --- a/app/models/exim_log_done.rb +++ b/app/models/exim_log_done.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: exim_log_dones # @@ -16,7 +16,7 @@ # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: exim_log_done.rb,v 1.3 2009-03-04 11:26:35 tony Exp $ +# $Id: exim_log_done.rb,v 1.4 2009-03-09 01:17:06 francis Exp $ class EximLogDone < ActiveRecord::Base has_many :exim_logs diff --git a/app/models/incoming_message.rb b/app/models/incoming_message.rb index 3b039e3b0..20c7a89e1 100644 --- a/app/models/incoming_message.rb +++ b/app/models/incoming_message.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: incoming_messages # @@ -19,7 +19,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: incoming_message.rb,v 1.190 2009-03-04 11:26:35 tony Exp $ +# $Id: incoming_message.rb,v 1.191 2009-03-09 01:17:06 francis Exp $ # TODO # Move some of the (e.g. quoting) functions here into rblib, as they feel diff --git a/app/models/info_request.rb b/app/models/info_request.rb index e553c9700..86920391a 100644 --- a/app/models/info_request.rb +++ b/app/models/info_request.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: info_requests # @@ -23,7 +23,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: info_request.rb,v 1.172 2009-03-07 01:16:18 francis Exp $ +# $Id: info_request.rb,v 1.173 2009-03-09 01:17:06 francis Exp $ require 'digest/sha1' require File.join(File.dirname(__FILE__),'../../vendor/plugins/acts_as_xapian/lib/acts_as_xapian') diff --git a/app/models/info_request_event.rb b/app/models/info_request_event.rb index bd6a565dc..7b86f13c1 100644 --- a/app/models/info_request_event.rb +++ b/app/models/info_request_event.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: info_request_events # @@ -21,7 +21,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: info_request_event.rb,v 1.75 2009-03-07 01:16:18 francis Exp $ +# $Id: info_request_event.rb,v 1.76 2009-03-09 01:17:06 francis Exp $ class InfoRequestEvent < ActiveRecord::Base belongs_to :info_request diff --git a/app/models/outgoing_message.rb b/app/models/outgoing_message.rb index 4c2a2db59..1a6f3d688 100644 --- a/app/models/outgoing_message.rb +++ b/app/models/outgoing_message.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: outgoing_messages # @@ -22,7 +22,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: outgoing_message.rb,v 1.80 2009-03-07 01:16:18 francis Exp $ +# $Id: outgoing_message.rb,v 1.81 2009-03-09 01:17:06 francis Exp $ class OutgoingMessage < ActiveRecord::Base strip_attributes! diff --git a/app/models/post_redirect.rb b/app/models/post_redirect.rb index 1bb4be83a..30ac31ce8 100644 --- a/app/models/post_redirect.rb +++ b/app/models/post_redirect.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: post_redirects # @@ -26,7 +26,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: post_redirect.rb,v 1.45 2009-03-04 11:26:35 tony Exp $ +# $Id: post_redirect.rb,v 1.46 2009-03-09 01:17:06 francis Exp $ require 'openssl' # for random bytes function diff --git a/app/models/public_body.rb b/app/models/public_body.rb index 76175a945..40d4d491a 100644 --- a/app/models/public_body.rb +++ b/app/models/public_body.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: public_bodies # @@ -25,7 +25,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: public_body.rb,v 1.131 2009-03-04 11:26:35 tony Exp $ +# $Id: public_body.rb,v 1.132 2009-03-09 01:17:06 francis Exp $ require 'csv' require 'set' diff --git a/app/models/public_body_tag.rb b/app/models/public_body_tag.rb index b25396087..658a5f594 100644 --- a/app/models/public_body_tag.rb +++ b/app/models/public_body_tag.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: public_body_tags # @@ -15,7 +15,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: public_body_tag.rb,v 1.24 2009-03-04 11:26:35 tony Exp $ +# $Id: public_body_tag.rb,v 1.25 2009-03-09 01:17:06 francis Exp $ class PublicBodyTag < ActiveRecord::Base strip_attributes! diff --git a/app/models/raw_email.rb b/app/models/raw_email.rb index 28085a6ef..489f7f3fb 100644 --- a/app/models/raw_email.rb +++ b/app/models/raw_email.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: raw_emails # @@ -13,7 +13,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: raw_email.rb,v 1.7 2009-03-04 11:26:35 tony Exp $ +# $Id: raw_email.rb,v 1.8 2009-03-09 01:17:06 francis Exp $ class RawEmail < ActiveRecord::Base # deliberately don't strip_attributes, so keeps raw email properly diff --git a/app/models/track_thing.rb b/app/models/track_thing.rb index b0b4c8d47..614a5cfe6 100644 --- a/app/models/track_thing.rb +++ b/app/models/track_thing.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: track_things # @@ -21,7 +21,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: track_thing.rb,v 1.48 2009-03-04 11:26:35 tony Exp $ +# $Id: track_thing.rb,v 1.49 2009-03-09 01:17:06 francis Exp $ class TrackThing < ActiveRecord::Base belongs_to :tracking_user, :class_name => 'User' diff --git a/app/models/track_things_sent_email.rb b/app/models/track_things_sent_email.rb index d8be03307..c26331df7 100644 --- a/app/models/track_things_sent_email.rb +++ b/app/models/track_things_sent_email.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: track_things_sent_emails # @@ -18,7 +18,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: track_things_sent_email.rb,v 1.17 2009-03-04 11:26:35 tony Exp $ +# $Id: track_things_sent_email.rb,v 1.18 2009-03-09 01:17:06 francis Exp $ class TrackThingsSentEmail < ActiveRecord::Base belongs_to :info_request_event diff --git a/app/models/user.rb b/app/models/user.rb index d77509a48..fed9de990 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: users # @@ -14,6 +14,7 @@ # url_name :text not null # last_daily_track_email :datetime default(Sat Jan 01 00:00:00 UTC 2000) # admin_level :string(255) default("none"), not null +# ban_text :text default(""), not null # # models/user.rb: @@ -22,7 +23,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: user.rb,v 1.81 2009-03-04 11:26:35 tony Exp $ +# $Id: user.rb,v 1.82 2009-03-09 01:17:06 francis Exp $ require 'digest/sha1' @@ -218,6 +219,22 @@ class User < ActiveRecord::Base def admin_page_links? self.admin_level == 'super' end + # Various ways the user can be banned, and text to describe it if failed + def can_file_requests? + self.ban_text.empty? + end + def can_make_comments? + self.ban_text.empty? + end + def can_contact_other_users? + self.ban_text.empty? + end + def can_fail_html + text = self.ban_text.strip + text = CGI.escapeHTML(text) + text = MySociety::Format.make_clickable(text, :contract => 1) + return text + end # Returns domain part of user's email address def email_domain diff --git a/app/models/user_info_request_sent_alert.rb b/app/models/user_info_request_sent_alert.rb index b472b7fa2..3c579a62d 100644 --- a/app/models/user_info_request_sent_alert.rb +++ b/app/models/user_info_request_sent_alert.rb @@ -1,5 +1,5 @@ # == Schema Information -# Schema version: 72 +# Schema version: 73 # # Table name: user_info_request_sent_alerts # @@ -17,7 +17,7 @@ # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: user_info_request_sent_alert.rb,v 1.28 2009-03-04 11:26:35 tony Exp $ +# $Id: user_info_request_sent_alert.rb,v 1.29 2009-03-09 01:17:06 francis Exp $ class UserInfoRequestSentAlert < ActiveRecord::Base belongs_to :user diff --git a/app/views/admin_user/_form.rhtml b/app/views/admin_user/_form.rhtml index f1db332f7..229b74d90 100644 --- a/app/views/admin_user/_form.rhtml +++ b/app/views/admin_user/_form.rhtml @@ -11,3 +11,6 @@ <p><label for="admin_level">Admin level</label> (<strong>none</strong> or <strong>super</strong>; this is for admin features and links which are in the site proper)<br/> <%= text_field 'admin_user', 'admin_level', :size => 60 %></p> +<p><label for="ban_text">Ban text</label> <small>(if not blank will stop the user from filing new requests, making annotations or messaging other users; the text is used in the user/banned.rhtml template, e.g. put "Unfortunately, you have repeatedly broken our moderation policy."</small>)<br/> +<%= text_area 'admin_user', 'ban_text', :cols => 60, :rows => 3 %></p> + diff --git a/app/views/user/banned.rhtml b/app/views/user/banned.rhtml new file mode 100644 index 000000000..1eea307fc --- /dev/null +++ b/app/views/user/banned.rhtml @@ -0,0 +1,18 @@ +<% @title = "Banned from this site" %> + +<h1><%=@title%></h1> + +<p> +<%=@details%> +</p> + +<p>You will be unable to make new requests, add annotations or send messages to +other users. You may finish the process of any existing requests that you have. +You may continue to view other requests, and set up email alerts.</p> + +<p> +If you would like us to lift this ban, then you may politely +<a href="/help/contact">contact us</a> giving reasons. +</p> + + diff --git a/db/migrate/073_add_ban_user.rb b/db/migrate/073_add_ban_user.rb new file mode 100644 index 000000000..15a1ea121 --- /dev/null +++ b/db/migrate/073_add_ban_user.rb @@ -0,0 +1,10 @@ +class AddBanUser < ActiveRecord::Migration + def self.up + add_column :users, :ban_text, :text, :null => false, :default => "" + end + + def self.down + remove_column :users, :ban_text + end +end + diff --git a/db/schema.rb b/db/schema.rb index 363e36a76..3096dd422 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -9,7 +9,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 72) do +ActiveRecord::Schema.define(:version => 73) do create_table "acts_as_xapian_jobs", :force => true do |t| t.string "model", :null => false @@ -221,6 +221,7 @@ ActiveRecord::Schema.define(:version => 72) do t.text "url_name", :null => false t.datetime "last_daily_track_email", :default => '2000-01-01 00:00:00' t.string "admin_level", :default => "none", :null => false + t.text "ban_text", :default => "", :null => false end add_index "users", ["url_name"], :name => "index_users_on_url_name", :unique => true diff --git a/spec/fixtures/users.yml b/spec/fixtures/users.yml index 2d20c0071..5dc4479ba 100644 --- a/spec/fixtures/users.yml +++ b/spec/fixtures/users.yml @@ -9,6 +9,7 @@ bob_smith_user: created_at: 2007-10-31 10:39:15.491593 email_confirmed: true admin_level: 'none' + ban_text: '' silly_name_user: id: "2" name: "Silly <em>Name</em>" @@ -20,4 +21,5 @@ silly_name_user: created_at: 2007-11-01 10:39:15.491593 email_confirmed: false admin_level: 'none' + ban_text: '' |