2 files changed, 78 insertions, 6 deletions

diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb
new file mode 100644
index 000000000..36c700cbb
--- /dev/null
+++ b/app/controllers/admin_censor_rule_controller.rb
@@ -0,0 +1,72 @@
+# app/controllers/admin_censor_rule_controller.rb:
+# For modifying requests.
+#
+# Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved.
+# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
+#
+# $Id: admin_censor_rule_controller.rb,v 1.1 2008-10-27 18:18:30 francis Exp $
+
+class AdminCensorRuleController < ApplicationController
+    layout "admin"
+    before_filter :assign_http_auth_user
+
+    def new
+        @info_request = InfoRequest.find(params[:info_request_id])
+    end
+
+    def create
+        params[:censor_rule][:last_edit_editor] = admin_http_auth_user()
+        @censor_rule = CensorRule.new(params[:censor_rule])
+        if @censor_rule.save
+            expire_for_request(@censor_rule.info_request)
+            flash[:notice] = 'CensorRule was successfully created.'
+            redirect_to admin_url('request/show/' + @censor_rule.info_request.id.to_s)
+        else
+            render :action => 'new'
+        end
+    end
+
+    def edit
+        @censor_rule = CensorRule.find(params[:id])
+    end
+
+    def update
+        params[:censor_rule][:last_edit_editor] = admin_http_auth_user()
+        @censor_rule = CensorRule.find(params[:id])
+        if @censor_rule.update_attributes(params[:censor_rule])
+            expire_for_request(@censor_rule.info_request)
+            flash[:notice] = 'CensorRule was successfully updated.'
+            redirect_to admin_url('request/show/' + @censor_rule.info_request.id.to_s)
+        else
+            render :action => 'edit'
+        end
+    end
+    
+    def destroy
+        censor_rule = CensorRule.find(params[:censor_rule_id])
+        info_request = censor_rule.info_request
+
+        censor_rule.destroy
+        expire_for_request(info_request)
+
+        flash[:notice] = "CensorRule was successfully destroyed."
+
+        redirect_to admin_url('request/show/' + info_request.id.to_s)
+    end
+
+ 
+    def expire_for_request(info_request)
+        # clear out cached entries
+        for incoming_message in info_request.incoming_messages
+            for attachment in incoming_message.get_attachments_for_display
+                expire_page :controller => 'request', :action => "get_attachment", :id => info_request.id,
+                    :incoming_message_id => incoming_message.id, 
+                    :part => attachment.url_part_number, :file_name => attachment.display_filename
+            end
+        end
+    end
+
+    private
+
+end
+
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index afb980c87..bb0d7f9bd 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -4,7 +4,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: request_controller.rb,v 1.129 2008-10-25 12:01:06 francis Exp $
+# $Id: request_controller.rb,v 1.130 2008-10-27 18:18:30 francis Exp $
 
 class RequestController < ApplicationController
     
@@ -406,6 +406,10 @@ class RequestController < ApplicationController
         get_attachment_internal
         html = @attachment.body_as_html
 
+        # Mask any more emails that have now been exposed (e.g. in PDFs - ones in
+        # .doc will have been got in get_attachment_internal below)
+        html = @incoming_message.binary_mask_stuff(html) 
+
         view_html_stylesheet = render_to_string :partial => "request/view_html_stylesheet"
         html.sub!(/<head>/i, "<head>" + view_html_stylesheet)
         html.sub!(/<body[^>]*>/i, '<body><prefix-here><div id="wrapper"><div id="view_html_content">' + view_html_stylesheet)
@@ -414,10 +418,6 @@ class RequestController < ApplicationController
         view_html_prefix = render_to_string :partial => "request/view_html_prefix"
         html.sub!("<prefix-here>", view_html_prefix)
 
-        # Mask any more emails that have now been exposed (e.g. in PDFs - ones in
-        # .doc will have been got in get_attachment_internal below)
-        html = IncomingMessage.binary_mask_all_emails(html) 
-
         response.content_type = 'text/html'
         render :text => html
     end
@@ -436,7 +436,7 @@ class RequestController < ApplicationController
 
         # Prevent spam to magic request address.
         # XXX Bit dodgy modifying a binary like this but hey. Maybe only do for some mime types?
-        @attachment.body = IncomingMessage.binary_mask_all_emails(@attachment.body) 
+        @attachment.body = @incoming_message.binary_mask_stuff(@attachment.body) 
     end
 
     # FOI officers can upload a response