aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers/request_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/request_controller.rb')
-rw-r--r--app/controllers/request_controller.rb52
1 files changed, 31 insertions, 21 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index b28252ce4..6e983a014 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -64,10 +64,7 @@ class RequestController < ApplicationController
end
# Look up by new style text names
- @info_request = InfoRequest.find_by_url_title(params[:url_title])
- if @info_request.nil?
- raise ActiveRecord::RecordNotFound.new("Request not found")
- end
+ @info_request = InfoRequest.find_by_url_title!(params[:url_title])
set_last_request(@info_request)
# Test for whole request being hidden
@@ -80,7 +77,13 @@ class RequestController < ApplicationController
@info_request_events = @info_request.info_request_events
@status = @info_request.calculate_status
@collapse_quotes = params[:unfold] ? false : true
- @update_status = params[:update_status] ? true : false
+
+ # Don't allow status update on external requests, otherwise accept param
+ if @info_request.is_external?
+ @update_status = false
+ else
+ @update_status = params[:update_status] ? true : false
+ end
@old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil?
@is_owning_user = @info_request.is_owning_user?(authenticated_user)
@@ -125,14 +128,10 @@ class RequestController < ApplicationController
# Extra info about a request, such as event history
def details
long_cache
- @info_request = InfoRequest.find_by_url_title(params[:url_title])
- if @info_request.nil?
- raise ActiveRecord::RecordNotFound.new("Request not found")
- else
- if !@info_request.user_can_view?(authenticated_user)
- render :template => 'request/hidden', :status => 410 # gone
- return
- end
+ @info_request = InfoRequest.find_by_url_title!(params[:url_title])
+ if !@info_request.user_can_view?(authenticated_user)
+ render :template => 'request/hidden', :status => 410 # gone
+ return
end
@columns = ['id', 'event_type', 'created_at', 'described_state', 'last_described_at', 'calculated_state' ]
end
@@ -142,7 +141,7 @@ class RequestController < ApplicationController
short_cache
@per_page = 25
@page = (params[:page] || "1").to_i
- @info_request = InfoRequest.find_by_url_title(params[:url_title])
+ @info_request = InfoRequest.find_by_url_title!(params[:url_title])
raise ActiveRecord::RecordNotFound.new("Request not found") if @info_request.nil?
if !@info_request.user_can_view?(authenticated_user)
@@ -385,6 +384,13 @@ class RequestController < ApplicationController
return
end
+ # If this is an external request, go to the request page - we don't allow
+ # state change from the front end interface.
+ if @info_request.is_external?
+ redirect_to request_url(@info_request)
+ return
+ end
+
@is_owning_user = @info_request.is_owning_user?(authenticated_user)
@last_info_request_event_id = @info_request.last_event_id_needing_description
@old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil?
@@ -431,7 +437,7 @@ class RequestController < ApplicationController
})
# Don't give advice on what to do next, as it isn't their request
- RequestMailer.deliver_old_unclassified_updated(@info_request)
+ RequestMailer.deliver_old_unclassified_updated(@info_request) if !@info_request.is_external?
if session[:request_game]
flash[:notice] = _('Thank you for updating the status of the request \'<a href="{{url}}">{{info_request_title}}</a>\'. There are some more requests below for you to classify.',:info_request_title=>CGI.escapeHTML(@info_request.title), :url=>CGI.escapeHTML(request_url(@info_request)))
redirect_to play_url
@@ -592,6 +598,13 @@ class RequestController < ApplicationController
return
end
+ # Test for external request
+ if @info_request.is_external?
+ @reason = 'external'
+ render :action => 'followup_bad'
+ return
+ end
+
# Force login early - this is really the "send followup" form. We want
# to make sure they're the right user first, before they start writing a
# message and wasting their time if they are not the requester.
@@ -667,7 +680,7 @@ class RequestController < ApplicationController
end
def report_request
- info_request = InfoRequest.find_by_url_title(params[:url_title])
+ info_request = InfoRequest.find_by_url_title!(params[:url_title])
return if !authenticated?(
:web => _("To report this FOI request"),
:email => _("Then you can report the request '{{title}}'", :title => info_request.title),
@@ -793,7 +806,7 @@ class RequestController < ApplicationController
def upload_response
@locale = self.locale_from_params()
PublicBody.with_locale(@locale) do
- @info_request = InfoRequest.find_by_url_title(params[:url_title])
+ @info_request = InfoRequest.find_by_url_title!(params[:url_title])
@reason_params = {
:web => _("To upload a response, you must be logged in using an email address from ") + CGI.escapeHTML(@info_request.public_body.name),
@@ -850,10 +863,7 @@ class RequestController < ApplicationController
def download_entire_request
@locale = self.locale_from_params()
PublicBody.with_locale(@locale) do
- info_request = InfoRequest.find_by_url_title(params[:url_title])
- if info_request.nil?
- raise ActiveRecord::RecordNotFound.new("Request not found")
- end
+ info_request = InfoRequest.find_by_url_title!(params[:url_title])
if authenticated?(
:web => _("To download the zip file"),
:email => _("Then you can download a zip file of {{info_request_title}}.",:info_request_title=>info_request.title),
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-02 22:13:19 +0000