aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/admin_public_body_controller.rb6
-rw-r--r--app/controllers/admin_request_controller.rb10
-rw-r--r--app/controllers/admin_track_controller.rb8
-rw-r--r--app/controllers/admin_user_controller.rb10
-rw-r--r--app/controllers/api_controller.rb8
-rw-r--r--app/controllers/application_controller.rb34
-rw-r--r--app/controllers/general_controller.rb46
-rw-r--r--app/controllers/help_controller.rb2
-rw-r--r--app/controllers/public_body_controller.rb6
-rw-r--r--app/controllers/request_controller.rb38
-rw-r--r--app/controllers/services_controller.rb2
11 files changed, 81 insertions, 89 deletions
diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb
index c41d05c8d..079022777 100644
--- a/app/controllers/admin_public_body_controller.rb
+++ b/app/controllers/admin_public_body_controller.rb
@@ -23,12 +23,10 @@ class AdminPublicBodyController < AdminController
if @page == ""
@page = nil
end
- @public_bodies = PublicBody.paginate :order => "public_body_translations.name", :page => @page, :per_page => 100,
- :conditions => @query.nil? ? "public_body_translations.locale = '#{@locale}'" :
+ @public_bodies = PublicBody.joins(:translations).where(@query.nil? ? "public_body_translations.locale = '#{@locale}'" :
["(lower(public_body_translations.name) like lower('%'||?||'%') or
lower(public_body_translations.short_name) like lower('%'||?||'%') or
- lower(public_body_translations.request_email) like lower('%'||?||'%' )) AND (public_body_translations.locale = '#{@locale}')", @query, @query, @query],
- :joins => :translations
+ lower(public_body_translations.request_email) like lower('%'||?||'%' )) AND (public_body_translations.locale = '#{@locale}')", @query, @query, @query]).paginate :order => "public_body_translations.name", :page => @page, :per_page => 100
end
@public_bodies_by_tag = PublicBody.find_by_tag(@query)
end
diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb
index c7c8d4972..eec684b0a 100644
--- a/app/controllers/admin_request_controller.rb
+++ b/app/controllers/admin_request_controller.rb
@@ -14,10 +14,14 @@ class AdminRequestController < AdminController
def list
@query = params[:query]
- @info_requests = InfoRequest.paginate :order => "created_at desc",
+ if @query
+ info_requests = InfoRequest.where(["lower(title) like lower('%'||?||'%')", @query])
+ else
+ info_requests = InfoRequest.all
+ end
+ @info_requests = info_requests.paginate :order => "created_at desc",
:page => params[:page],
- :per_page => 100,
- :conditions => @query.nil? ? nil : ["lower(title) like lower('%'||?||'%')", @query]
+ :per_page => 100
end
def list_old_unclassified
diff --git a/app/controllers/admin_track_controller.rb b/app/controllers/admin_track_controller.rb
index 03217da45..3b75c4f7b 100644
--- a/app/controllers/admin_track_controller.rb
+++ b/app/controllers/admin_track_controller.rb
@@ -7,8 +7,12 @@
class AdminTrackController < AdminController
def list
@query = params[:query]
- @admin_tracks = TrackThing.paginate :order => "created_at desc", :page => params[:page], :per_page => 100,
- :conditions => @query.nil? ? nil : ["lower(track_query) like lower('%'||?||'%')", @query ]
+ if @query
+ track_things = TrackThing.where(["lower(track_query) like lower('%'||?||'%')", @query])
+ else
+ track_things = TrackThing.all
+ end
+ @admin_tracks = track_things.paginate :order => "created_at desc", :page => params[:page], :per_page => 100
end
private
diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb
index ed20ddcf4..3beefb9af 100644
--- a/app/controllers/admin_user_controller.rb
+++ b/app/controllers/admin_user_controller.rb
@@ -12,9 +12,13 @@ class AdminUserController < AdminController
def list
@query = params[:query]
- @admin_users = User.paginate :order => "name", :page => params[:page], :per_page => 100,
- :conditions => @query.nil? ? nil : ["lower(name) like lower('%'||?||'%') or
- lower(email) like lower('%'||?||'%')", @query, @query]
+ if @query
+ users = User.where(["lower(name) like lower('%'||?||'%') or
+ lower(email) like lower('%'||?||'%')", @query, @query])
+ else
+ users = User.all
+ end
+ @admin_users = users.paginate :order => "name", :page => params[:page], :per_page => 100
end
def list_banned
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 15fb4f5f9..903ff648d 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -83,7 +83,7 @@ class ApiController < ApplicationController
direction = json["direction"]
body = json["body"]
- sent_at_str = json["sent_at"]
+ sent_at = json["sent_at"]
errors = []
@@ -107,12 +107,6 @@ class ApiController < ApplicationController
errors << "The 'body' is empty"
end
- begin
- sent_at = Time.iso8601(sent_at_str)
- rescue ArgumentError
- errors << "Failed to parse 'sent_at' field as ISO8601 time: #{sent_at_str}"
- end
-
if direction == "request" && !attachments.nil?
errors << "You cannot attach files to messages in the 'request' direction"
end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index a946526b8..d8206fe76 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -27,9 +27,6 @@ class ApplicationController < ActionController::Base
before_filter :set_vary_header
before_filter :set_popup_banner
- # scrub sensitive parameters from the logs
- filter_parameter_logging :password
-
def set_vary_header
response.headers['Vary'] = 'Cookie'
end
@@ -74,9 +71,6 @@ class ApplicationController < ActionController::Base
end
end
- # scrub sensitive parameters from the logs
- filter_parameter_logging :password
-
helper_method :locale_from_params
# Help work out which request causes RAM spike.
@@ -154,19 +148,20 @@ class ApplicationController < ActionController::Base
render :template => "general/exception_caught.rhtml", :status => @status
end
- # For development sites.
- alias original_rescue_action_locally rescue_action_locally
- def rescue_action_locally(exception)
- # Make sure expiry time for session is set (before_filters are
- # otherwise missed by this override)
- session_remember_me
+ # FIXME: This was disabled during the Rails 3 upgrade as this is now handled by Rack
+ # # For development sites.
+ # alias original_rescue_action_locally rescue_action_locally
+ # def rescue_action_locally(exception)
+ # # Make sure expiry time for session is set (before_filters are
+ # # otherwise missed by this override)
+ # session_remember_me
- # Make sure the locale is set correctly too
- set_gettext_locale
+ # # Make sure the locale is set correctly too
+ # set_gettext_locale
- # Display default, detailed error for developers
- original_rescue_action_locally(exception)
- end
+ # # Display default, detailed error for developers
+ # original_rescue_action_locally(exception)
+ # end
def local_request?
false
@@ -175,6 +170,7 @@ class ApplicationController < ActionController::Base
# Called from test code, is a mimic of UserController.confirm, for use in following email
# links when in controller tests (though we also have full integration tests that
# can work over multiple controllers)
+ # TODO: Move this to the tests. It shouldn't be here
def test_code_redirect_by_email_token(token, controller_example_group)
post_redirect = PostRedirect.find_by_email_token(token)
if post_redirect.nil?
@@ -182,7 +178,7 @@ class ApplicationController < ActionController::Base
end
session[:user_id] = post_redirect.user.id
session[:user_circumstance] = post_redirect.circumstance
- params = controller_example_group.params_from(:get, post_redirect.local_part_uri)
+ params = Rails.application.routes.recognize_path(post_redirect.local_part_uri)
params.merge(post_redirect.post_params)
controller_example_group.get params[:action], params
end
@@ -258,7 +254,7 @@ class ApplicationController < ActionController::Base
# Check the user is logged in
def authenticated?(reason_params)
unless session[:user_id]
- post_redirect = PostRedirect.new(:uri => request.request_uri, :post_params => params,
+ post_redirect = PostRedirect.new(:uri => request.fullpath, :post_params => params,
:reason_params => reason_params)
post_redirect.save!
# 'modal' controls whether the sign-in form will be displayed in the typical full-blown
diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb
index e9d51a59d..003b815d3 100644
--- a/app/controllers/general_controller.rb
+++ b/app/controllers/general_controller.rb
@@ -42,30 +42,30 @@ class GeneralController < ApplicationController
:joins => :translations)
end
end
- # Get some successful requests
- begin
- query = 'variety:response (status:successful OR status:partially_successful)'
- sortby = "newest"
- max_count = 5
- xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count)
- @request_events = xapian_object.results.map { |r| r[:model] }
-
- # If there are not yet enough successful requests, fill out the list with
- # other requests
- if @request_events.count < max_count
- @request_events_all_successful = false
- query = 'variety:sent'
- xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count-@request_events.count)
- more_events = xapian_object.results.map { |r| r[:model] }
- @request_events += more_events
- # Overall we still want the list sorted with the newest first
- @request_events.sort!{|e1,e2| e2.created_at <=> e1.created_at}
- else
- @request_events_all_successful = true
- end
- rescue
- @request_events = []
+ end
+ # Get some successful requests
+ begin
+ query = 'variety:response (status:successful OR status:partially_successful)'
+ sortby = "newest"
+ max_count = 5
+ xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count)
+ @request_events = xapian_object.results.map { |r| r[:model] }
+
+ # If there are not yet enough successful requests, fill out the list with
+ # other requests
+ if @request_events.count < max_count
+ @request_events_all_successful = false
+ query = 'variety:sent'
+ xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count-@request_events.count)
+ more_events = xapian_object.results.map { |r| r[:model] }
+ @request_events += more_events
+ # Overall we still want the list sorted with the newest first
+ @request_events.sort!{|e1,e2| e2.created_at <=> e1.created_at}
+ else
+ @request_events_all_successful = true
end
+ rescue
+ @request_events = []
end
end
diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb
index cf90f45bb..d13b2655f 100644
--- a/app/controllers/help_controller.rb
+++ b/app/controllers/help_controller.rb
@@ -50,7 +50,7 @@ class HelpController < ApplicationController
end
@contact = ContactValidator.new(params[:contact])
if @contact.valid? && !params[:remove]
- ContactMailer.deliver_message(
+ ContactMailer.deliver_to_admin_message(
params[:contact][:name],
params[:contact][:email],
params[:contact][:subject],
diff --git a/app/controllers/public_body_controller.rb b/app/controllers/public_body_controller.rb
index 5265706bf..88ed5c246 100644
--- a/app/controllers/public_body_controller.rb
+++ b/app/controllers/public_body_controller.rb
@@ -130,10 +130,8 @@ class PublicBodyController < ApplicationController
end
end
I18n.with_locale(@locale) do
- @public_bodies = PublicBody.paginate(
- :order => "public_body_translations.name", :page => params[:page], :per_page => 100,
- :conditions => conditions,
- :joins => :translations
+ @public_bodies = PublicBody.where(conditions).joins(:translations).paginate(
+ :order => "public_body_translations.name", :page => params[:page], :per_page => 100
)
render :template => "public_body/list"
end
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index b9a57c340..c18a97443 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -99,15 +99,13 @@ class RequestController < ApplicationController
# Sidebar stuff
# ... requests that have similar imporant terms
- behavior_cache :tag => ['similar', @info_request.id] do
- begin
- limit = 10
- @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
- :limit => limit, :collapse_by_prefix => 'request_collapse')
- @xapian_similar_more = (@xapian_similar.matches_estimated > limit)
- rescue
- @xapian_similar = nil
- end
+ begin
+ limit = 10
+ @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
+ :limit => limit, :collapse_by_prefix => 'request_collapse')
+ @xapian_similar_more = (@xapian_similar.matches_estimated > limit)
+ rescue
+ @xapian_similar = nil
end
# Track corresponding to this page
@@ -180,13 +178,10 @@ class RequestController < ApplicationController
query = make_query_from_params
@title = _("View and search requests")
sortby = "newest"
- @cache_tag = Digest::MD5.hexdigest(query + @page.to_s + I18n.locale.to_s)
- behavior_cache :tag => [@cache_tag] do
- xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse')
- @list_results = xapian_object.results.map { |r| r[:model] }
- @matches_estimated = xapian_object.matches_estimated
- @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated
- end
+ xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse')
+ @list_results = xapian_object.results.map { |r| r[:model] }
+ @matches_estimated = xapian_object.matches_estimated
+ @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated
@title = @title + " (page " + @page.to_s + ")" if (@page > 1)
@track_thing = TrackThing.create_track_for_search_query(query)
@@ -327,9 +322,9 @@ class RequestController < ApplicationController
message = ""
if @outgoing_message.contains_email?
if @user.nil?
- message += _("<p>You do not need to include your email in the request in order to get a reply, as we will ask for it on the next screen (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"];
+ message += (_("<p>You do not need to include your email in the request in order to get a reply, as we will ask for it on the next screen (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]).html_safe;
else
- message += _("<p>You do not need to include your email in the request in order to get a reply (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"];
+ message += (_("<p>You do not need to include your email in the request in order to get a reply (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]).html_safe;
end
message += _("<p>We recommend that you edit your request and remove the email address.
If you leave it, the email address will be sent to the authority, but will not be displayed on the site.</p>")
@@ -630,7 +625,7 @@ class RequestController < ApplicationController
if !params[:submitted_followup].nil? && !params[:reedit]
if @info_request.allow_new_responses_from == 'nobody'
- flash[:error] = _('Your follow up has not been sent because this request has been stopped to prevent spam. Please <a href="%s">contact us</a> if you really want to send a follow up message.') % [help_contact_path]
+ flash[:error] = (_('Your follow up has not been sent because this request has been stopped to prevent spam. Please <a href="%s">contact us</a> if you really want to send a follow up message.') % [help_contact_path]).html_safe
else
if @info_request.find_existing_outgoing_message(params[:outgoing_message][:body])
flash[:error] = _('You previously submitted that exact follow up message for this request.')
@@ -715,9 +710,8 @@ class RequestController < ApplicationController
if foi_fragment_cache_exists?(key_path)
logger.info("Reading cache for #{key_path}")
raise PermissionDenied.new("Directory listing not allowed") if File.directory?(key_path)
- cached = foi_fragment_cache_read(key_path)
- response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream'
- render_for_text(cached)
+ render :text => foi_fragment_cache_read(key_path),
+ :content_type => (AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream')
return
end
diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb
index 38bf51772..1db5348c7 100644
--- a/app/controllers/services_controller.rb
+++ b/app/controllers/services_controller.rb
@@ -25,7 +25,7 @@ class ServicesController < ApplicationController
end
end
if !text.empty?
- text += ' <span class="close-button">X</span>'
+ text += ' <span class="close-button">X</span>'.html_safe
end
render :text => text, :content_type => "text/plain" # XXX workaround the HTML validation in test suite
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 07:44:44 +0000