aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/admin_public_body_controller.rb10
-rw-r--r--app/controllers/admin_request_controller.rb2
-rw-r--r--app/controllers/api_controller.rb72
-rw-r--r--app/controllers/application_controller.rb40
-rw-r--r--app/controllers/general_controller.rb88
-rw-r--r--app/controllers/public_body_controller.rb6
-rw-r--r--app/controllers/request_controller.rb33
7 files changed, 122 insertions, 129 deletions
diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb
index ac12e97b2..c41d05c8d 100644
--- a/app/controllers/admin_public_body_controller.rb
+++ b/app/controllers/admin_public_body_controller.rb
@@ -14,7 +14,7 @@ class AdminPublicBodyController < AdminController
def _lookup_query_internal
@locale = self.locale_from_params()
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
@query = params[:query]
if @query == ""
@query = nil
@@ -75,7 +75,7 @@ class AdminPublicBodyController < AdminController
def show
@locale = self.locale_from_params()
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
@public_body = PublicBody.find(params[:id])
render
end
@@ -87,7 +87,7 @@ class AdminPublicBodyController < AdminController
end
def create
- PublicBody.with_locale(I18n.default_locale) do
+ I18n.with_locale(I18n.default_locale) do
params[:public_body][:last_edit_editor] = admin_current_user()
@public_body = PublicBody.new(params[:public_body])
if @public_body.save
@@ -106,7 +106,7 @@ class AdminPublicBodyController < AdminController
end
def update
- PublicBody.with_locale(I18n.default_locale) do
+ I18n.with_locale(I18n.default_locale) do
params[:public_body][:last_edit_editor] = admin_current_user()
@public_body = PublicBody.find(params[:id])
if @public_body.update_attributes(params[:public_body])
@@ -120,7 +120,7 @@ class AdminPublicBodyController < AdminController
def destroy
@locale = self.locale_from_params()
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
public_body = PublicBody.find(params[:id])
if public_body.info_requests.size > 0
diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb
index 1de63be59..c7c8d4972 100644
--- a/app/controllers/admin_request_controller.rb
+++ b/app/controllers/admin_request_controller.rb
@@ -277,7 +277,7 @@ class AdminRequestController < AdminController
if params[:incoming_message_id]
incoming_message = IncomingMessage.find(params[:incoming_message_id])
- email = incoming_message.from_address
+ email = incoming_message.from_email
name = incoming_message.safe_mail_from || info_request.public_body.name
else
email = info_request.public_body.request_email
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index aa5e85db3..15fb4f5f9 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -1,30 +1,30 @@
class ApiController < ApplicationController
before_filter :check_api_key
-
+
def show_request
@request = InfoRequest.find(params[:id])
raise PermissionDenied if @request.public_body_id != @public_body.id
-
+
@request_data = {
:id => @request.id,
:url => make_url("request", @request.url_title),
:title => @request.title,
-
+
:created_at => @request.created_at,
:updated_at => @request.updated_at,
-
+
:status => @request.calculate_status,
-
+
:public_body_url => make_url("body", @request.public_body.url_name),
:requestor_url => make_url("user", @request.user.url_name),
:request_email => @request.incoming_email,
-
+
:request_text => @request.last_event_forming_initial_request.outgoing_message.body,
}
-
+
render :json => @request_data
end
-
+
def create_request
json = ActiveSupport::JSON.decode(params[:request_json])
request = InfoRequest.new(
@@ -34,7 +34,7 @@ class ApiController < ApplicationController
:external_user_name => json["external_user_name"],
:external_url => json["external_url"]
)
-
+
outgoing_message = OutgoingMessage.new(
:status => 'ready',
:message_type => 'initial_request',
@@ -44,7 +44,7 @@ class ApiController < ApplicationController
:info_request => request
)
request.outgoing_messages << outgoing_message
-
+
# Return an error if the request is invalid
# (Can this ever happen?)
if !request.valid?
@@ -53,7 +53,7 @@ class ApiController < ApplicationController
}
return
end
-
+
# Save the request, and add the corresponding InfoRequestEvent
request.save!
request.log_event("sent",
@@ -62,69 +62,69 @@ class ApiController < ApplicationController
:outgoing_message_id => outgoing_message.id,
:smtp_message_id => nil
)
-
+
# Return the URL and ID number.
render :json => {
'url' => make_url("request", request.url_title),
'id' => request.id
}
-
+
end
-
+
def add_correspondence
request = InfoRequest.find_by_id(params[:id])
if request.nil?
render :json => { "errors" => ["Could not find request #{params[:id]}"] }, :status => 404
return
end
-
+
json = ActiveSupport::JSON.decode(params[:correspondence_json])
attachments = params[:attachments]
-
+
direction = json["direction"]
body = json["body"]
sent_at_str = json["sent_at"]
-
+
errors = []
-
+
if !request.is_external?
render :json => { "errors" => ["Request #{params[:id]} cannot be updated using the API"] }, :status => 500
return
end
-
+
if request.public_body_id != @public_body.id
render :json => { "errors" => ["You do not own request #{params[:id]}"] }, :status => 500
return
end
-
+
if !["request", "response"].include?(direction)
errors << "The direction parameter must be 'request' or 'response'"
end
-
+
if body.nil?
errors << "The 'body' is missing"
elsif body.empty?
errors << "The 'body' is empty"
end
-
+
begin
sent_at = Time.iso8601(sent_at_str)
rescue ArgumentError
errors << "Failed to parse 'sent_at' field as ISO8601 time: #{sent_at_str}"
end
-
+
if direction == "request" && !attachments.nil?
errors << "You cannot attach files to messages in the 'request' direction"
end
-
+
if !errors.empty?
render :json => { "errors" => errors }, :status => 500
return
end
-
+
if direction == "request"
# In the 'request' direction, i.e. what we (Alaveteli) regard as outgoing
-
+
outgoing_message = OutgoingMessage.new(
:info_request => request,
:status => 'ready',
@@ -154,19 +154,19 @@ class ApiController < ApplicationController
:filename => filename
)
end
-
+
mail = RequestMailer.create_external_response(request, body, sent_at, attachment_hashes)
request.receive(mail, mail.encoded, true)
end
render :json => {
'url' => make_url("request", request.url_title),
- }
+ }
end
-
+
def body_request_events
feed_type = params[:feed_type]
raise PermissionDenied.new("#{@public_body.id} != #{params[:id]}") if @public_body.id != params[:id].to_i
-
+
since_date_str = params[:since_date]
if since_date_str.nil?
@events = InfoRequestEvent.find_by_sql([
@@ -213,7 +213,7 @@ class ApiController < ApplicationController
@event_data = []
@events.each do |event|
break if event.id == @since_event_id
-
+
request = event.info_request
this_event = {
:request_id => request.id,
@@ -224,13 +224,13 @@ class ApiController < ApplicationController
:request_email => request.incoming_email,
:title => request.title,
:body => event.outgoing_message.body,
-
+
:user_name => request.user_name,
}
if request.user
this_event[:user_url] = main_url(user_url(request.user))
end
-
+
@event_data.push(this_event)
end
render :json => @event_data
@@ -238,14 +238,14 @@ class ApiController < ApplicationController
raise ActiveRecord::RecordNotFound.new("Unrecognised feed type: #{feed_type}")
end
end
-
+
protected
def check_api_key
- raise "Missing required parameter 'k'" if params[:k].nil?
+ raise PermissionDenied.new("Missing required parameter 'k'") if params[:k].nil?
@public_body = PublicBody.find_by_api_key(params[:k].gsub(' ', '+'))
raise PermissionDenied if @public_body.nil?
end
-
+
private
def make_url(*args)
"http://" + Configuration::domain + "/" + args.join("/")
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index f9649c868..3206df1d2 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -27,9 +27,6 @@ class ApplicationController < ActionController::Base
before_filter :set_vary_header
before_filter :set_popup_banner
- # scrub sensitive parameters from the logs
- filter_parameter_logging :password
-
def set_vary_header
response.headers['Vary'] = 'Cookie'
end
@@ -54,10 +51,15 @@ class ApplicationController < ActionController::Base
end
def set_gettext_locale
+ if Configuration::include_default_locale_in_urls == false
+ params_locale = params[:locale] ? params[:locale] : I18n.default_locale
+ else
+ params_locale = params[:locale]
+ end
if Configuration::use_default_browser_language
- requested_locale = params[:locale] || session[:locale] || cookies[:locale] || request.env['HTTP_ACCEPT_LANGUAGE'] || I18n.default_locale
+ requested_locale = params_locale || session[:locale] || cookies[:locale] || request.env['HTTP_ACCEPT_LANGUAGE'] || I18n.default_locale
else
- requested_locale = params[:locale] || session[:locale] || cookies[:locale] || I18n.default_locale
+ requested_locale = params_locale || session[:locale] || cookies[:locale] || I18n.default_locale
end
requested_locale = FastGettext.best_locale_in(requested_locale)
session[:locale] = FastGettext.set_locale(requested_locale)
@@ -69,9 +71,6 @@ class ApplicationController < ActionController::Base
end
end
- # scrub sensitive parameters from the logs
- filter_parameter_logging :password
-
helper_method :locale_from_params
# Help work out which request causes RAM spike.
@@ -149,19 +148,20 @@ class ApplicationController < ActionController::Base
render :template => "general/exception_caught.rhtml", :status => @status
end
- # For development sites.
- alias original_rescue_action_locally rescue_action_locally
- def rescue_action_locally(exception)
- # Make sure expiry time for session is set (before_filters are
- # otherwise missed by this override)
- session_remember_me
+ # FIXME: This was disabled during the Rails 3 upgrade as this is now handled by Rack
+ # # For development sites.
+ # alias original_rescue_action_locally rescue_action_locally
+ # def rescue_action_locally(exception)
+ # # Make sure expiry time for session is set (before_filters are
+ # # otherwise missed by this override)
+ # session_remember_me
- # Make sure the locale is set correctly too
- set_gettext_locale
+ # # Make sure the locale is set correctly too
+ # set_gettext_locale
- # Display default, detailed error for developers
- original_rescue_action_locally(exception)
- end
+ # # Display default, detailed error for developers
+ # original_rescue_action_locally(exception)
+ # end
def local_request?
false
@@ -240,7 +240,7 @@ class ApplicationController < ActionController::Base
# Check the user is logged in
def authenticated?(reason_params)
unless session[:user_id]
- post_redirect = PostRedirect.new(:uri => request.request_uri, :post_params => params,
+ post_redirect = PostRedirect.new(:uri => request.fullpath, :post_params => params,
:reason_params => reason_params)
post_redirect.save!
# 'modal' controls whether the sign-in form will be displayed in the typical full-blown
diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb
index 3ba636e29..faf34aa04 100644
--- a/app/controllers/general_controller.rb
+++ b/app/controllers/general_controller.rb
@@ -19,53 +19,51 @@ class GeneralController < ApplicationController
# New, improved front page!
def frontpage
medium_cache
- behavior_cache :tag => [session[:user_id], request.url] do
- # get some example searches and public bodies to display
- # either from config, or based on a (slow!) query if not set
- body_short_names = Configuration::frontpage_publicbody_examples.split(/\s*;\s*/).map{|s| "'%s'" % s.gsub(/'/, "''") }.join(", ")
- @locale = self.locale_from_params()
- locale_condition = 'public_body_translations.locale = ?'
- conditions = [locale_condition, @locale]
- PublicBody.with_locale(@locale) do
- if body_short_names.empty?
- # This is too slow
- @popular_bodies = PublicBody.visible.find(:all,
- :order => "info_requests_count desc",
- :limit => 32,
- :conditions => conditions,
- :joins => :translations
- )
- else
- conditions[0] += " and public_bodies.url_name in (" + body_short_names + ")"
- @popular_bodies = PublicBody.find(:all,
- :conditions => conditions,
- :joins => :translations)
- end
+ # get some example searches and public bodies to display
+ # either from config, or based on a (slow!) query if not set
+ body_short_names = Configuration::frontpage_publicbody_examples.split(/\s*;\s*/).map{|s| "'%s'" % s.gsub(/'/, "''") }.join(", ")
+ @locale = self.locale_from_params()
+ locale_condition = 'public_body_translations.locale = ?'
+ conditions = [locale_condition, @locale]
+ I18n.with_locale(@locale) do
+ if body_short_names.empty?
+ # This is too slow
+ @popular_bodies = PublicBody.visible.find(:all,
+ :order => "info_requests_count desc",
+ :limit => 32,
+ :conditions => conditions,
+ :joins => :translations
+ )
+ else
+ conditions[0] += " and public_bodies.url_name in (" + body_short_names + ")"
+ @popular_bodies = PublicBody.find(:all,
+ :conditions => conditions,
+ :joins => :translations)
end
- # Get some successful requests
- begin
- query = 'variety:response (status:successful OR status:partially_successful)'
- sortby = "newest"
- max_count = 5
- xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count)
- @request_events = xapian_object.results.map { |r| r[:model] }
-
- # If there are not yet enough successful requests, fill out the list with
- # other requests
- if @request_events.count < max_count
- @request_events_all_successful = false
- query = 'variety:sent'
- xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count-@request_events.count)
- more_events = xapian_object.results.map { |r| r[:model] }
- @request_events += more_events
- # Overall we still want the list sorted with the newest first
- @request_events.sort!{|e1,e2| e2.created_at <=> e1.created_at}
- else
- @request_events_all_successful = true
- end
- rescue
- @request_events = []
+ end
+ # Get some successful requests
+ begin
+ query = 'variety:response (status:successful OR status:partially_successful)'
+ sortby = "newest"
+ max_count = 5
+ xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count)
+ @request_events = xapian_object.results.map { |r| r[:model] }
+
+ # If there are not yet enough successful requests, fill out the list with
+ # other requests
+ if @request_events.count < max_count
+ @request_events_all_successful = false
+ query = 'variety:sent'
+ xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count-@request_events.count)
+ more_events = xapian_object.results.map { |r| r[:model] }
+ @request_events += more_events
+ # Overall we still want the list sorted with the newest first
+ @request_events.sort!{|e1,e2| e2.created_at <=> e1.created_at}
+ else
+ @request_events_all_successful = true
end
+ rescue
+ @request_events = []
end
end
diff --git a/app/controllers/public_body_controller.rb b/app/controllers/public_body_controller.rb
index 8a4a65820..5265706bf 100644
--- a/app/controllers/public_body_controller.rb
+++ b/app/controllers/public_body_controller.rb
@@ -16,7 +16,7 @@ class PublicBodyController < ApplicationController
return
end
@locale = self.locale_from_params()
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
@public_body = PublicBody.find_by_url_name_with_historic(params[:url_name])
raise ActiveRecord::RecordNotFound.new("None found") if @public_body.nil?
if @public_body.url_name.nil?
@@ -71,7 +71,7 @@ class PublicBodyController < ApplicationController
@public_body = PublicBody.find_by_url_name_with_historic(params[:url_name])
raise ActiveRecord::RecordNotFound.new("None found") if @public_body.nil?
- PublicBody.with_locale(self.locale_from_params()) do
+ I18n.with_locale(self.locale_from_params()) do
if params[:submitted_view_email]
if verify_recaptcha
flash.discard(:error)
@@ -129,7 +129,7 @@ class PublicBodyController < ApplicationController
@description = _("in the category ‘{{category_name}}’", :category_name=>category_name)
end
end
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
@public_bodies = PublicBody.paginate(
:order => "public_body_translations.name", :page => params[:page], :per_page => 100,
:conditions => conditions,
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index e82491bbe..17d2d9428 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -52,7 +52,7 @@ class RequestController < ApplicationController
medium_cache
end
@locale = self.locale_from_params()
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
# Look up by old style numeric identifiers
if params[:url_title].match(/^[0-9]+$/)
@@ -99,15 +99,13 @@ class RequestController < ApplicationController
# Sidebar stuff
# ... requests that have similar imporant terms
- behavior_cache :tag => ['similar', @info_request.id] do
- begin
- limit = 10
- @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
- :limit => limit, :collapse_by_prefix => 'request_collapse')
- @xapian_similar_more = (@xapian_similar.matches_estimated > limit)
- rescue
- @xapian_similar = nil
- end
+ begin
+ limit = 10
+ @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
+ :limit => limit, :collapse_by_prefix => 'request_collapse')
+ @xapian_similar_more = (@xapian_similar.matches_estimated > limit)
+ rescue
+ @xapian_similar = nil
end
# Track corresponding to this page
@@ -173,13 +171,10 @@ class RequestController < ApplicationController
query = make_query_from_params
@title = _("View and search requests")
sortby = "newest"
- @cache_tag = Digest::MD5.hexdigest(query + @page.to_s + I18n.locale.to_s)
- behavior_cache :tag => [@cache_tag] do
- xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse')
- @list_results = xapian_object.results.map { |r| r[:model] }
- @matches_estimated = xapian_object.matches_estimated
- @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated
- end
+ xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse')
+ @list_results = xapian_object.results.map { |r| r[:model] }
+ @matches_estimated = xapian_object.matches_estimated
+ @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated
@title = @title + " (page " + @page.to_s + ")" if (@page > 1)
@track_thing = TrackThing.create_track_for_search_query(query)
@@ -804,7 +799,7 @@ class RequestController < ApplicationController
# FOI officers can upload a response
def upload_response
@locale = self.locale_from_params()
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
@info_request = InfoRequest.find_by_url_title!(params[:url_title])
@reason_params = {
@@ -861,7 +856,7 @@ class RequestController < ApplicationController
def download_entire_request
@locale = self.locale_from_params()
- PublicBody.with_locale(@locale) do
+ I18n.with_locale(@locale) do
info_request = InfoRequest.find_by_url_title!(params[:url_title])
if authenticated?(
:web => _("To download the zip file"),
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 16:50:36 +0000