aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers/request_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/request_controller.rb')
-rw-r--r--app/controllers/request_controller.rb15
1 files changed, 14 insertions, 1 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 0c1d9880c..6a927d327 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -683,9 +683,13 @@ class RequestController < ApplicationController
@info_request = incoming_message.info_request # used by view
return render_hidden
end
+ if !incoming_message.user_can_view?(authenticated_user)
+ @incoming_message = incoming_message # used by view
+ return render_hidden_message
+ end
# Is this a completely public request that we can cache attachments for
# to be served up without authentication?
- if incoming_message.info_request.all_can_view?
+ if incoming_message.info_request.all_can_view? && incoming_message.all_can_view?
@files_can_be_cached = true
end
end
@@ -945,5 +949,14 @@ class RequestController < ApplicationController
false
end
+ def render_hidden_message
+ respond_to do |format|
+ response_code = 410 # gone
+ format.html{ render :template => 'request/hidden_correspondence', :status => response_code }
+ format.any{ render :nothing => true, :status => response_code }
+ end
+ false
+ end
+
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-25 00:45:06 +0000