2 files changed, 71 insertions, 53 deletions

diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb
index 5f462a2ba..1dc679b31 100644
--- a/app/controllers/admin_public_body_controller.rb
+++ b/app/controllers/admin_public_body_controller.rb
@@ -4,58 +4,64 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: admin_public_body_controller.rb,v 1.2 2007-09-03 09:39:20 francis Exp $
+# $Id: admin_public_body_controller.rb,v 1.3 2007-09-03 13:52:01 francis Exp $
 
 class AdminPublicBodyController < ApplicationController
-  layout "admin"
-
-  def index
-    list
-    render :action => 'list'
-  end
-
-  # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
-  verify :method => :post, :only => [ :destroy, :create, :update ],
-         :redirect_to => { :action => :list }
-
-  def list
-    @public_body_pages, @public_bodies = paginate :public_bodies, :per_page => 10
-  end
-
-  def show
-    @public_body = PublicBody.find(params[:id])
-  end
-
-  def new
-    @public_body = PublicBody.new
-  end
-
-  def create
-    @public_body = PublicBody.new(params[:public_body])
-    if @public_body.save
-      flash[:notice] = 'PublicBody was successfully created.'
-      redirect_to :action => 'list'
-    else
-      render :action => 'new'
-    end
-  end
-
-  def edit
-    @public_body = PublicBody.find(params[:id])
-  end
-
-  def update
-    @public_body = PublicBody.find(params[:id])
-    if @public_body.update_attributes(params[:public_body])
-      flash[:notice] = 'PublicBody was successfully updated.'
-      redirect_to :action => 'show', :id => @public_body
-    else
-      render :action => 'edit'
-    end
-  end
-
-  def destroy
-    PublicBody.find(params[:id]).destroy
-    redirect_to :action => 'list'
-  end
+    layout "admin"
+
+    def index
+        list
+        render :action => 'list'
+    end
+
+    # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
+    verify :method => :post, :only => [ :destroy, :create, :update ],
+                 :redirect_to => { :action => :list }
+
+    def list
+        @public_body_pages, @public_bodies = paginate :public_bodies, :per_page => 10
+    end
+
+    def show
+        @public_body = PublicBody.find(params[:id])
+    end
+
+    def new
+        @public_body = PublicBody.new
+    end
+
+    def create
+        params[:public_body][:last_edit_editor] = admin_http_auth_user()
+        @public_body = PublicBody.new(params[:public_body])
+        if @public_body.save
+            flash[:notice] = 'PublicBody was successfully created.'
+            redirect_to :action => 'list'
+        else
+            render :action => 'new'
+        end
+    end
+
+    def edit
+        @public_body = PublicBody.find(params[:id])
+        @public_body.last_edit_comment = ""
+    end
+
+    def update
+        params[:public_body][:last_edit_editor] = admin_http_auth_user()
+        @public_body = PublicBody.find(params[:id])
+        if @public_body.update_attributes(params[:public_body])
+            flash[:notice] = 'PublicBody was successfully updated.'
+            redirect_to :action => 'show', :id => @public_body
+        else
+            render :action => 'edit'
+        end
+    end
+
+    def destroy
+        PublicBody.find(params[:id]).destroy
+        redirect_to :action => 'list'
+    end
+
+    private
+
 end
diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index ddd6e86b4..f00479bee 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -6,7 +6,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: application.rb,v 1.4 2007-08-04 11:10:25 francis Exp $
+# $Id: application.rb,v 1.5 2007-09-03 13:52:01 francis Exp $
 
 
 class ApplicationController < ActionController::Base
@@ -16,6 +16,7 @@ class ApplicationController < ActionController::Base
     # Pick a unique cookie name to distinguish our session data from others'
     session :session_key => '_foi_session_id'
 
+    # Login form
     def signin
         if request.post?
             user = User.authenticate(params[:email], params[:password])
@@ -29,6 +30,7 @@ class ApplicationController < ActionController::Base
         end
     end
 
+    # Logout form
     def signout
         sessions[:user] = nil
         redirect_to frontpage
@@ -36,6 +38,7 @@ class ApplicationController < ActionController::Base
 
     private
 
+    # Check the user is logged in
     def check_authentication
         unless session[:user]
             session[:intended_action] = action_name
@@ -44,4 +47,13 @@ class ApplicationController < ActionController::Base
         end
     end
 
+    # For administration interface, return display name of authenticated user
+    def admin_http_auth_user
+        if not request.env["REMOTE_USER"]
+            return "*unknown*";
+        else
+            return request.env["REMOTE_USER"]
+        end
+    end
+
 end