8 files changed, 75 insertions, 50 deletions

diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb
index 7bd794d23..30a43bb81 100644
--- a/app/controllers/admin_public_body_controller.rb
+++ b/app/controllers/admin_public_body_controller.rb
@@ -142,13 +142,7 @@ class AdminPublicBodyController < AdminController
         @notes = ""
         @errors = ""
         if request.post?
-            if params['commit'] == 'Dry run'
-                dry_run_only = true
-            elsif params['commit'] == 'Upload'
-                dry_run_only = false
-            else
-                raise "internal error, unknown button label"
-            end
+            dry_run_only = (params['commit'] == 'Upload' ? false : true)
             # Read file from params
             if params[:csv_file]
                 csv_contents = params[:csv_file].read
diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb
index 0b58a95e5..c5abf8769 100644
--- a/app/controllers/admin_request_controller.rb
+++ b/app/controllers/admin_request_controller.rb
@@ -185,7 +185,7 @@ class AdminRequestController < AdminController
                 if m.match(/^[0-9]+$/)
                     destination_request = InfoRequest.find_by_id(m.to_i)
                 else
-                    destination_request = InfoRequest.find_by_url_title(m)
+                    destination_request = InfoRequest.find_by_url_title!(m)
                 end
                 if destination_request.nil?
                     flash[:error] = "Failed to find destination request '" + m + "'"
@@ -362,14 +362,18 @@ class AdminRequestController < AdminController
             info_request.set_described_state(params[:reason])
             info_request.save!
 
-            ContactMailer.deliver_from_admin_message(
-                    info_request.user,
-                    subject,
-                    params[:explanation]
-                )
+            if ! info_request.is_external?
+                ContactMailer.deliver_from_admin_message(
+                        info_request.user,
+                        subject,
+                        params[:explanation]
+                    )
+                flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name))
+            else
+                flash[:notice] = _("This external request has been hidden")
+            end
             # expire cached files
             expire_for_request(info_request)
-            flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name))
             redirect_to request_admin_url(info_request)
         end
     end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 40fa018aa..ce18e6ef5 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -134,6 +134,10 @@ class ApplicationController < ActionController::Base
         # Make sure expiry time for session is set (before_filters are
         # otherwise missed by this override)
         session_remember_me
+
+        # Make sure the locale is set correctly too
+        set_gettext_locale
+
         case exception
         when ActiveRecord::RecordNotFound, ActionController::UnknownAction, ActionController::RoutingError
             @status = 404
@@ -157,6 +161,9 @@ class ApplicationController < ActionController::Base
         # otherwise missed by this override)
         session_remember_me
 
+        # Make sure the locale is set correctly too
+        set_gettext_locale
+
         # Display default, detailed error for developers
         original_rescue_action_locally(exception)
     end
@@ -385,8 +392,11 @@ class ApplicationController < ActionController::Base
                        # might fail later if the database has subsequently been reopened.
         return result
     end
+
     def get_search_page_from_params
-        return (params[:page] || "1").to_i
+        page = (params[:page] || "1").to_i
+        page = 1 if page < 1
+        return page
     end
 
     def perform_search_typeahead(query, model)
diff --git a/app/controllers/comment_controller.rb b/app/controllers/comment_controller.rb
index d9cd002dd..1552017c2 100644
--- a/app/controllers/comment_controller.rb
+++ b/app/controllers/comment_controller.rb
@@ -12,7 +12,7 @@ class CommentController < ApplicationController
 
     def new
         if params[:type] == 'request'
-            @info_request = InfoRequest.find_by_url_title(params[:url_title])
+            @info_request = InfoRequest.find_by_url_title!(params[:url_title])
             @track_thing = TrackThing.create_track_for_request(@info_request)
             if params[:comment]
                 @comment = Comment.new(params[:comment].merge({
diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb
index e3b77271e..c7affd57c 100644
--- a/app/controllers/help_controller.rb
+++ b/app/controllers/help_controller.rb
@@ -15,7 +15,7 @@ class HelpController < ApplicationController
     def unhappy
         @info_request = nil
         if params[:url_title]
-            @info_request = InfoRequest.find_by_url_title(params[:url_title])
+            @info_request = InfoRequest.find_by_url_title!(params[:url_title])
         end
     end
 
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index b28252ce4..6e983a014 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -64,10 +64,7 @@ class RequestController < ApplicationController
             end
 
             # Look up by new style text names
-            @info_request = InfoRequest.find_by_url_title(params[:url_title])
-            if @info_request.nil?
-                raise ActiveRecord::RecordNotFound.new("Request not found")
-            end
+            @info_request = InfoRequest.find_by_url_title!(params[:url_title])
             set_last_request(@info_request)
 
             # Test for whole request being hidden
@@ -80,7 +77,13 @@ class RequestController < ApplicationController
             @info_request_events = @info_request.info_request_events
             @status = @info_request.calculate_status
             @collapse_quotes = params[:unfold] ? false : true
-            @update_status = params[:update_status] ? true : false
+
+            # Don't allow status update on external requests, otherwise accept param
+            if @info_request.is_external?
+                @update_status = false
+            else
+                @update_status = params[:update_status] ? true : false
+            end
             @old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil?
             @is_owning_user = @info_request.is_owning_user?(authenticated_user)
 
@@ -125,14 +128,10 @@ class RequestController < ApplicationController
     # Extra info about a request, such as event history
     def details
         long_cache
-        @info_request = InfoRequest.find_by_url_title(params[:url_title])
-        if @info_request.nil?
-            raise ActiveRecord::RecordNotFound.new("Request not found")
-        else
-            if !@info_request.user_can_view?(authenticated_user)
-                render :template => 'request/hidden', :status => 410 # gone
-                return
-            end
+        @info_request = InfoRequest.find_by_url_title!(params[:url_title])
+        if !@info_request.user_can_view?(authenticated_user)
+            render :template => 'request/hidden', :status => 410 # gone
+            return
         end
         @columns = ['id', 'event_type', 'created_at', 'described_state', 'last_described_at', 'calculated_state' ]
     end
@@ -142,7 +141,7 @@ class RequestController < ApplicationController
         short_cache
         @per_page = 25
         @page = (params[:page] || "1").to_i
-        @info_request = InfoRequest.find_by_url_title(params[:url_title])
+        @info_request = InfoRequest.find_by_url_title!(params[:url_title])
         raise ActiveRecord::RecordNotFound.new("Request not found") if @info_request.nil?
 
         if !@info_request.user_can_view?(authenticated_user)
@@ -385,6 +384,13 @@ class RequestController < ApplicationController
             return
         end
 
+        # If this is an external request, go to the request page - we don't allow
+        # state change from the front end interface.
+        if @info_request.is_external?
+            redirect_to request_url(@info_request)
+            return
+        end
+
         @is_owning_user = @info_request.is_owning_user?(authenticated_user)
         @last_info_request_event_id = @info_request.last_event_id_needing_description
         @old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil?
@@ -431,7 +437,7 @@ class RequestController < ApplicationController
                 })
 
             # Don't give advice on what to do next, as it isn't their request
-            RequestMailer.deliver_old_unclassified_updated(@info_request)
+            RequestMailer.deliver_old_unclassified_updated(@info_request) if !@info_request.is_external?
             if session[:request_game]
                 flash[:notice] = _('Thank you for updating the status of the request \'<a href="{{url}}">{{info_request_title}}</a>\'. There are some more requests below for you to classify.',:info_request_title=>CGI.escapeHTML(@info_request.title), :url=>CGI.escapeHTML(request_url(@info_request)))
                 redirect_to play_url
@@ -592,6 +598,13 @@ class RequestController < ApplicationController
             return
         end
 
+        # Test for external request
+        if @info_request.is_external?
+            @reason = 'external'
+            render :action => 'followup_bad'
+            return
+        end
+
         # Force login early - this is really the "send followup" form. We want
         # to make sure they're the right user first, before they start writing a
         # message and wasting their time if they are not the requester.
@@ -667,7 +680,7 @@ class RequestController < ApplicationController
     end
 
     def report_request
-        info_request = InfoRequest.find_by_url_title(params[:url_title])
+        info_request = InfoRequest.find_by_url_title!(params[:url_title])
         return if !authenticated?(
                 :web => _("To report this FOI request"),
                 :email => _("Then you can report the request '{{title}}'", :title => info_request.title),
@@ -793,7 +806,7 @@ class RequestController < ApplicationController
     def upload_response
         @locale = self.locale_from_params()
         PublicBody.with_locale(@locale) do
-            @info_request = InfoRequest.find_by_url_title(params[:url_title])
+            @info_request = InfoRequest.find_by_url_title!(params[:url_title])
 
             @reason_params = {
                     :web => _("To upload a response, you must be logged in using an email address from ") +  CGI.escapeHTML(@info_request.public_body.name),
@@ -850,10 +863,7 @@ class RequestController < ApplicationController
     def download_entire_request
         @locale = self.locale_from_params()
         PublicBody.with_locale(@locale) do
-            info_request = InfoRequest.find_by_url_title(params[:url_title])
-            if info_request.nil?
-                raise ActiveRecord::RecordNotFound.new("Request not found")
-            end
+            info_request = InfoRequest.find_by_url_title!(params[:url_title])
             if authenticated?(
                               :web => _("To download the zip file"),
                               :email => _("Then you can download a zip file of {{info_request_title}}.",:info_request_title=>info_request.title),
diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb
index 00c0e61bd..40e0faaf7 100644
--- a/app/controllers/services_controller.rb
+++ b/app/controllers/services_controller.rb
@@ -3,36 +3,43 @@
 require 'open-uri'
 
 class ServicesController < ApplicationController
+
     def other_country_message
         text = ""
         iso_country_code = MySociety::Config.get('ISO_COUNTRY_CODE').downcase
         if country_from_ip.downcase != iso_country_code
             found_country = WorldFOIWebsites.by_code(country_from_ip)
             found_country_name = !found_country.nil? && found_country[:country_name]
-            old_locale = FastGettext.locale
-            FastGettext.locale = FastGettext.best_locale_in(request.env['HTTP_ACCEPT_LANGUAGE'])
-            if found_country_name
-                text = _("Hello! You can make Freedom of Information requests within {{country_name}} at {{link_to_website}}", :country_name => found_country_name, :link_to_website => "<a href=\"#{found_country[:url]}\">#{found_country[:name]}</a>")
-            else
-                current_country = WorldFOIWebsites.by_code(iso_country_code)[:country_name]
-                text = _("Hello! We have an  <a href=\"/help/alaveteli?country_name=#{CGI.escape(current_country)}\">important message</a> for visitors outside {{country_name}}", :country_name => current_country)
+
+            old_fgt_locale = FastGettext.locale
+            begin
+              FastGettext.locale = FastGettext.best_locale_in(request.env['HTTP_ACCEPT_LANGUAGE'])
+              if found_country_name
+                  text = _("Hello! You can make Freedom of Information requests within {{country_name}} at {{link_to_website}}", :country_name => found_country_name, :link_to_website => "<a href=\"#{found_country[:url]}\">#{found_country[:name]}</a>")
+              else
+                  current_country = WorldFOIWebsites.by_code(iso_country_code)[:country_name]
+                  text = _("Hello! We have an  <a href=\"/help/alaveteli?country_name=#{CGI.escape(current_country)}\">important message</a> for visitors outside {{country_name}}", :country_name => current_country)
+              end
+            ensure
+              FastGettext.locale = old_fgt_locale
             end
-            FastGettext.locale = old_locale            
         end
         if !text.empty?
             text += ' <span class="close-button">X</span>'
         end
         render :text => text, :content_type => "text/plain"  # XXX workaround the HTML validation in test suite
     end
+
     def hidden_user_explanation
         info_request = InfoRequest.find(params[:info_request_id])
-        render :template => "admin_request/hidden_user_explanation", 
+        render :template => "admin_request/hidden_user_explanation",
                :content_type => "text/plain",
                :layout => false,
-               :locals => {:name_to => info_request.user.name, 
-                          :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'), 
+               :locals => {:name_to => info_request.user_name,
+                          :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'),
                           :info_request => info_request, :reason => params[:reason],
                           :info_request_url => 'http://' + MySociety::Config.get('DOMAIN') + request_url(info_request),
                           :site_name => site_name}
     end
+
 end
diff --git a/app/controllers/track_controller.rb b/app/controllers/track_controller.rb
index 07e807451..1a21491b1 100644
--- a/app/controllers/track_controller.rb
+++ b/app/controllers/track_controller.rb
@@ -15,7 +15,7 @@ class TrackController < ApplicationController
 
     # Track all updates to a particular request
     def track_request
-        @info_request = InfoRequest.find_by_url_title(params[:url_title])
+        @info_request = InfoRequest.find_by_url_title!(params[:url_title])
         @track_thing = TrackThing.create_track_for_request(@info_request)
 
         return atom_feed_internal if params[:feed] == 'feed'