diff options
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/admin_censor_rule_controller.rb | 72 | ||||
-rw-r--r-- | app/controllers/request_controller.rb | 12 |
2 files changed, 78 insertions, 6 deletions
diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb new file mode 100644 index 000000000..36c700cbb --- /dev/null +++ b/app/controllers/admin_censor_rule_controller.rb @@ -0,0 +1,72 @@ +# app/controllers/admin_censor_rule_controller.rb: +# For modifying requests. +# +# Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. +# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# +# $Id: admin_censor_rule_controller.rb,v 1.1 2008-10-27 18:18:30 francis Exp $ + +class AdminCensorRuleController < ApplicationController + layout "admin" + before_filter :assign_http_auth_user + + def new + @info_request = InfoRequest.find(params[:info_request_id]) + end + + def create + params[:censor_rule][:last_edit_editor] = admin_http_auth_user() + @censor_rule = CensorRule.new(params[:censor_rule]) + if @censor_rule.save + expire_for_request(@censor_rule.info_request) + flash[:notice] = 'CensorRule was successfully created.' + redirect_to admin_url('request/show/' + @censor_rule.info_request.id.to_s) + else + render :action => 'new' + end + end + + def edit + @censor_rule = CensorRule.find(params[:id]) + end + + def update + params[:censor_rule][:last_edit_editor] = admin_http_auth_user() + @censor_rule = CensorRule.find(params[:id]) + if @censor_rule.update_attributes(params[:censor_rule]) + expire_for_request(@censor_rule.info_request) + flash[:notice] = 'CensorRule was successfully updated.' + redirect_to admin_url('request/show/' + @censor_rule.info_request.id.to_s) + else + render :action => 'edit' + end + end + + def destroy + censor_rule = CensorRule.find(params[:censor_rule_id]) + info_request = censor_rule.info_request + + censor_rule.destroy + expire_for_request(info_request) + + flash[:notice] = "CensorRule was successfully destroyed." + + redirect_to admin_url('request/show/' + info_request.id.to_s) + end + + + def expire_for_request(info_request) + # clear out cached entries + for incoming_message in info_request.incoming_messages + for attachment in incoming_message.get_attachments_for_display + expire_page :controller => 'request', :action => "get_attachment", :id => info_request.id, + :incoming_message_id => incoming_message.id, + :part => attachment.url_part_number, :file_name => attachment.display_filename + end + end + end + + private + +end + diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index afb980c87..bb0d7f9bd 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: request_controller.rb,v 1.129 2008-10-25 12:01:06 francis Exp $ +# $Id: request_controller.rb,v 1.130 2008-10-27 18:18:30 francis Exp $ class RequestController < ApplicationController @@ -406,6 +406,10 @@ class RequestController < ApplicationController get_attachment_internal html = @attachment.body_as_html + # Mask any more emails that have now been exposed (e.g. in PDFs - ones in + # .doc will have been got in get_attachment_internal below) + html = @incoming_message.binary_mask_stuff(html) + view_html_stylesheet = render_to_string :partial => "request/view_html_stylesheet" html.sub!(/<head>/i, "<head>" + view_html_stylesheet) html.sub!(/<body[^>]*>/i, '<body><prefix-here><div id="wrapper"><div id="view_html_content">' + view_html_stylesheet) @@ -414,10 +418,6 @@ class RequestController < ApplicationController view_html_prefix = render_to_string :partial => "request/view_html_prefix" html.sub!("<prefix-here>", view_html_prefix) - # Mask any more emails that have now been exposed (e.g. in PDFs - ones in - # .doc will have been got in get_attachment_internal below) - html = IncomingMessage.binary_mask_all_emails(html) - response.content_type = 'text/html' render :text => html end @@ -436,7 +436,7 @@ class RequestController < ApplicationController # Prevent spam to magic request address. # XXX Bit dodgy modifying a binary like this but hey. Maybe only do for some mime types? - @attachment.body = IncomingMessage.binary_mask_all_emails(@attachment.body) + @attachment.body = @incoming_message.binary_mask_stuff(@attachment.body) end # FOI officers can upload a response |