aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers/request_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/request_controller.rb')
-rw-r--r--app/controllers/request_controller.rb15
1 files changed, 14 insertions, 1 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 540ed5f3d..6e983a014 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -77,7 +77,13 @@ class RequestController < ApplicationController
@info_request_events = @info_request.info_request_events
@status = @info_request.calculate_status
@collapse_quotes = params[:unfold] ? false : true
- @update_status = params[:update_status] ? true : false
+
+ # Don't allow status update on external requests, otherwise accept param
+ if @info_request.is_external?
+ @update_status = false
+ else
+ @update_status = params[:update_status] ? true : false
+ end
@old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil?
@is_owning_user = @info_request.is_owning_user?(authenticated_user)
@@ -378,6 +384,13 @@ class RequestController < ApplicationController
return
end
+ # If this is an external request, go to the request page - we don't allow
+ # state change from the front end interface.
+ if @info_request.is_external?
+ redirect_to request_url(@info_request)
+ return
+ end
+
@is_owning_user = @info_request.is_owning_user?(authenticated_user)
@last_info_request_event_id = @info_request.last_event_id_needing_description
@old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil?
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 20:41:39 +0000