diff options
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/admin_censor_rule_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/admin_controller.rb | 47 | ||||
| -rw-r--r-- | app/controllers/admin_general_controller.rb | 6 | ||||
| -rw-r--r-- | app/controllers/admin_public_body_controller.rb | 32 | ||||
| -rw-r--r-- | app/controllers/admin_request_controller.rb | 139 | ||||
| -rw-r--r-- | app/controllers/admin_user_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 57 | ||||
| -rw-r--r-- | app/controllers/comment_controller.rb | 6 | ||||
| -rw-r--r-- | app/controllers/general_controller.rb | 16 | ||||
| -rw-r--r-- | app/controllers/help_controller.rb | 6 | ||||
| -rw-r--r-- | app/controllers/holiday_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/public_body_controller.rb | 34 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 120 | ||||
| -rw-r--r-- | app/controllers/request_game_controller.rb | 6 | ||||
| -rw-r--r-- | app/controllers/services_controller.rb | 14 | ||||
| -rw-r--r-- | app/controllers/track_controller.rb | 29 | ||||
| -rw-r--r-- | app/controllers/user_controller.rb | 72 |
17 files changed, 381 insertions, 217 deletions
diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb index 2c0c7ca4e..52df8dfc1 100644 --- a/app/controllers/admin_censor_rule_controller.rb +++ b/app/controllers/admin_censor_rule_controller.rb @@ -65,7 +65,7 @@ class AdminCensorRuleController < AdminController render :action => 'edit' end end - + def destroy censor_rule = CensorRule.find(params[:censor_rule_id]) info_request = censor_rule.info_request diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index adb506b91..884d7e540 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -36,6 +36,8 @@ class AdminController < ApplicationController # also force a search reindexing (so changed text reflected in search) info_request.reindex_request_events + # and remove from varnsi + info_request.purge_in_cache end # Expire cached attachment files for a user @@ -44,23 +46,40 @@ class AdminController < ApplicationController expire_for_request(info_request) end end - private - def authenticate - config_username = MySociety::Config.get('ADMIN_USERNAME', '') - config_password = MySociety::Config.get('ADMIN_PASSWORD', '') - if !config_username.empty? && !config_password.empty? - authenticate_or_request_with_http_basic do |user_name, password| - if user_name == config_username && password == config_password - session[:using_admin] = 1 - request.env['REMOTE_USER'] = user_name - else - request_http_basic_authentication + private + + def authenticate + if MySociety::Config.get('SKIP_ADMIN_AUTH', false) + session[:using_admin] = 1 + return + else + if session[:using_admin].nil? + if params[:emergency].nil? + if authenticated?( + :web => _("To log into the administrative interface"), + :email => _("Then you can log into the administrative interface"), + :email_subject => _("Log into the admin interface"), + :user_name => "a superuser") + if !@user.nil? && @user.admin_level == "super" + session[:using_admin] = 1 + request.env['REMOTE_USER'] = @user.url_name + end + end + else + config_username = MySociety::Config.get('ADMIN_USERNAME', '') + config_password = MySociety::Config.get('ADMIN_PASSWORD', '') + authenticate_or_request_with_http_basic do |user_name, password| + if user_name == config_username && password == config_password + session[:using_admin] = 1 + request.env['REMOTE_USER'] = user_name + else + request_http_basic_authentication + end end end - else - session[:using_admin] = 1 end - end + end + end end diff --git a/app/controllers/admin_general_controller.rb b/app/controllers/admin_general_controller.rb index 0b7e9bec0..c83ae0f37 100644 --- a/app/controllers/admin_general_controller.rb +++ b/app/controllers/admin_general_controller.rb @@ -30,8 +30,9 @@ class AdminGeneralController < AdminController # Tasks to do @requires_admin_requests = InfoRequest.find(:all, :select => '*, ' + InfoRequest.last_event_time_clause + ' as last_event_time', :conditions => ["described_state = 'requires_admin'"], :order => "last_event_time") @error_message_requests = InfoRequest.find(:all, :select => '*, ' + InfoRequest.last_event_time_clause + ' as last_event_time', :conditions => ["described_state = 'error_message'"], :order => "last_event_time") + @attention_requests = InfoRequest.find(:all, :select => '*, ' + InfoRequest.last_event_time_clause + ' as last_event_time', :conditions => ["described_state = 'attention_requested'"], :order => "last_event_time") @blank_contacts = PublicBody.find(:all, :conditions => ["request_email = ''"], :order => "updated_at") - @old_unclassified = InfoRequest.find_old_unclassified(:limit => 20, + @old_unclassified = InfoRequest.find_old_unclassified(:limit => 20, :conditions => ["prominence = 'normal'"]) @holding_pen_messages = InfoRequest.holding_pen_request.incoming_messages end @@ -80,9 +81,10 @@ class AdminGeneralController < AdminController def debug @current_commit = `git log -1 --format="%H"` @current_branch = `git branch | grep "\*" | awk '{print $2}'` + @current_version = `git describe --always --tags` repo = `git remote show origin -n | grep Fetch | awk '{print $3}' | sed -re 's/.*:(.*).git/\\1/'` @github_origin = "https://github.com/#{repo.strip}/tree/" - @request_env = request.env + @request_env = request.env end end diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb index bf7c07905..be733ab7d 100644 --- a/app/controllers/admin_public_body_controller.rb +++ b/app/controllers/admin_public_body_controller.rb @@ -16,7 +16,7 @@ class AdminPublicBodyController < AdminController def _lookup_query_internal @locale = self.locale_from_params() - PublicBody.with_locale(@locale) do + PublicBody.with_locale(@locale) do @query = params[:query] if @query == "" @query = nil @@ -26,13 +26,13 @@ class AdminPublicBodyController < AdminController @page = nil end @public_bodies = PublicBody.paginate :order => "public_body_translations.name", :page => @page, :per_page => 100, - :conditions => @query.nil? ? "public_body_translations.locale = '#{@locale}'" : - ["(lower(public_body_translations.name) like lower('%'||?||'%') or - lower(public_body_translations.short_name) like lower('%'||?||'%') or + :conditions => @query.nil? ? "public_body_translations.locale = '#{@locale}'" : + ["(lower(public_body_translations.name) like lower('%'||?||'%') or + lower(public_body_translations.short_name) like lower('%'||?||'%') or lower(public_body_translations.request_email) like lower('%'||?||'%' )) AND (public_body_translations.locale = '#{@locale}')", @query, @query, @query], :joins => :translations end - @public_bodies_by_tag = PublicBody.find_by_tag(@query) + @public_bodies_by_tag = PublicBody.find_by_tag(@query) end def list @@ -62,11 +62,11 @@ class AdminPublicBodyController < AdminController def missing_scheme # There might be a way to do this in ActiveRecord, but I can't find it @public_bodies = PublicBody.find_by_sql(" - SELECT a.id, a.name, a.url_name, COUNT(*) AS howmany - FROM public_bodies a JOIN info_requests r ON a.id = r.public_body_id - WHERE a.publication_scheme = '' - GROUP BY a.id, a.name, a.url_name - ORDER BY howmany DESC + SELECT a.id, a.name, a.url_name, COUNT(*) AS howmany + FROM public_bodies a JOIN info_requests r ON a.id = r.public_body_id + WHERE a.publication_scheme = '' + GROUP BY a.id, a.name, a.url_name + ORDER BY howmany DESC LIMIT 20 ") @stats = { @@ -77,7 +77,7 @@ class AdminPublicBodyController < AdminController def show @locale = self.locale_from_params() - PublicBody.with_locale(@locale) do + PublicBody.with_locale(@locale) do @public_body = PublicBody.find(params[:id]) render end @@ -87,7 +87,7 @@ class AdminPublicBodyController < AdminController @public_body = PublicBody.new render end - + def create PublicBody.with_locale(I18n.default_locale) do params[:public_body][:last_edit_editor] = admin_http_auth_user() @@ -103,7 +103,7 @@ class AdminPublicBodyController < AdminController def edit @public_body = PublicBody.find(params[:id]) - @public_body.last_edit_comment = "" + @public_body.last_edit_comment = "" render end @@ -122,7 +122,7 @@ class AdminPublicBodyController < AdminController def destroy @locale = self.locale_from_params() - PublicBody.with_locale(@locale) do + PublicBody.with_locale(@locale) do public_body = PublicBody.find(params[:id]) if public_body.info_requests.size > 0 @@ -147,7 +147,7 @@ class AdminPublicBodyController < AdminController else raise "internal error, unknown button label" end - + # Try with dry run first csv_contents = params[:csv_file].read en = PublicBody.import_csv(csv_contents, params[:tag], params[:tag_behaviour], true, admin_http_auth_user(), I18n.available_locales) @@ -174,7 +174,7 @@ class AdminPublicBodyController < AdminController @errors = "" @notes = "" end - + end private diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index e5de4f8b7..522e1cd39 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -6,6 +6,8 @@ # # $Id: admin_request_controller.rb,v 1.42 2009-10-03 01:28:33 francis Exp $ +require 'ostruct' + class AdminRequestController < AdminController def index list @@ -24,6 +26,15 @@ class AdminRequestController < AdminController def show @info_request = InfoRequest.find(params[:id]) + # XXX is this *really* the only way to render a template to a + # variable, rather than to the response? + vars = OpenStruct.new(:name_to => @info_request.user.name, + :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'), + :info_request => @info_request, :reason => params[:reason], + :info_request_url => 'http://' + MySociety::Config.get('DOMAIN') + request_url(@info_request), + :site_name => site_name) + template = File.read(File.join(File.dirname(__FILE__), "..", "views", "admin_request", "hidden_user_explanation.rhtml")) + @request_hidden_user_explanation = ERB.new(template).result(vars.instance_eval { binding }) end def resend @@ -60,10 +71,10 @@ class AdminRequestController < AdminController if @info_request.valid? @info_request.save! - @info_request.log_event("edit", - { :editor => admin_http_auth_user(), - :old_title => old_title, :title => @info_request.title, - :old_prominence => old_prominence, :prominence => @info_request.prominence, + @info_request.log_event("edit", + { :editor => admin_http_auth_user(), + :old_title => old_title, :title => @info_request.title, + :old_prominence => old_prominence, :prominence => @info_request.prominence, :old_described_state => old_described_state, :described_state => @info_request.described_state, :old_awaiting_description => old_awaiting_description, :awaiting_description => @info_request.awaiting_description, :old_allow_new_responses_from => old_allow_new_responses_from, :allow_new_responses_from => @info_request.allow_new_responses_from, @@ -75,7 +86,7 @@ class AdminRequestController < AdminController else render :action => 'edit' end - end + end def fully_destroy @info_request = InfoRequest.find(params[:id]) @@ -99,28 +110,28 @@ class AdminRequestController < AdminController outgoing_message_id = @outgoing_message.id @outgoing_message.fully_destroy - @outgoing_message.info_request.log_event("destroy_outgoing", + @outgoing_message.info_request.log_event("destroy_outgoing", { :editor => admin_http_auth_user(), :deleted_outgoing_message_id => outgoing_message_id }) flash[:notice] = 'Outgoing message successfully destroyed.' redirect_to request_admin_url(@info_request) - end + end def update_outgoing @outgoing_message = OutgoingMessage.find(params[:id]) old_body = @outgoing_message.body - if @outgoing_message.update_attributes(params[:outgoing_message]) - @outgoing_message.info_request.log_event("edit_outgoing", - { :outgoing_message_id => @outgoing_message.id, :editor => admin_http_auth_user(), + if @outgoing_message.update_attributes(params[:outgoing_message]) + @outgoing_message.info_request.log_event("edit_outgoing", + { :outgoing_message_id => @outgoing_message.id, :editor => admin_http_auth_user(), :old_body => old_body, :body => @outgoing_message.body }) flash[:notice] = 'Outgoing message successfully updated.' redirect_to request_admin_url(@outgoing_message.info_request) else render :action => 'edit_outgoing' end - end + end def edit_comment @comment = Comment.find(params[:id]) @@ -133,9 +144,9 @@ class AdminRequestController < AdminController old_visible = @comment.visible @comment.visible = params[:comment][:visible] == "true" ? true : false - if @comment.update_attributes(params[:comment]) - @comment.info_request.log_event("edit_comment", - { :comment_id => @comment.id, :editor => admin_http_auth_user(), + if @comment.update_attributes(params[:comment]) + @comment.info_request.log_event("edit_comment", + { :comment_id => @comment.id, :editor => admin_http_auth_user(), :old_body => old_body, :body => @comment.body, :old_visible => old_visible, :visible => @comment.visible, }) @@ -144,7 +155,7 @@ class AdminRequestController < AdminController else render :action => 'edit_comment' end - end + end def destroy_incoming @@ -153,41 +164,45 @@ class AdminRequestController < AdminController incoming_message_id = @incoming_message.id @incoming_message.fully_destroy - @incoming_message.info_request.log_event("destroy_incoming", + @incoming_message.info_request.log_event("destroy_incoming", { :editor => admin_http_auth_user(), :deleted_incoming_message_id => incoming_message_id }) flash[:notice] = 'Incoming message successfully destroyed.' redirect_to request_admin_url(@info_request) - end + end def redeliver_incoming incoming_message = IncomingMessage.find(params[:redeliver_incoming_message_id]) - - if params[:url_title].match(/^[0-9]+$/) - destination_request = InfoRequest.find(params[:url_title].to_i) - else - destination_request = InfoRequest.find_by_url_title(params[:url_title]) - end - - if destination_request.nil? - flash[:error] = "Failed to find destination request '" + params[:url_title] + "'" - redirect_to request_admin_url(incoming_message.info_request) + message_ids = params[:url_title].split(",").each {|x| x.strip} + destination_request = nil + ActiveRecord::Base.transaction do + for m in message_ids + if m.match(/^[0-9]+$/) + destination_request = InfoRequest.find_by_id(m.to_i) + else + destination_request = InfoRequest.find_by_url_title(m) + end + if destination_request.nil? + flash[:error] = "Failed to find destination request '" + m + "'" + return redirect_to request_admin_url(incoming_message.info_request) + end + + raw_email_data = incoming_message.raw_email.data + mail = TMail::Mail.parse(raw_email_data) + mail.base64_decode + destination_request.receive(mail, raw_email_data, true) + + incoming_message_id = incoming_message.id + incoming_message.info_request.log_event("redeliver_incoming", { + :editor => admin_http_auth_user(), + :destination_request => destination_request.id, + :deleted_incoming_message_id => incoming_message_id + }) + + flash[:notice] = "Message has been moved to request(s). Showing the last one:" + end + incoming_message.fully_destroy end - - raw_email_data = incoming_message.raw_email.data - mail = TMail::Mail.parse(raw_email_data) - mail.base64_decode - destination_request.receive(mail, raw_email_data, true) - - incoming_message_id = incoming_message.id - incoming_message.fully_destroy - incoming_message.info_request.log_event("redeliver_incoming", { - :editor => admin_http_auth_user(), - :destination_request => destination_request.id, - :deleted_incoming_message_id => incoming_message_id - }) - - flash[:notice] = "Message has been moved to this request" redirect_to request_admin_url(destination_request) end @@ -202,10 +217,10 @@ class AdminRequestController < AdminController else info_request.user = destination_user info_request.save! - info_request.log_event("move_request", { - :editor => admin_http_auth_user(), - :old_user_url_name => old_user.url_name, - :user_url_name => destination_user.url_name + info_request.log_event("move_request", { + :editor => admin_http_auth_user(), + :old_user_url_name => old_user.url_name, + :user_url_name => destination_user.url_name }) info_request.reindex_request_events @@ -220,10 +235,10 @@ class AdminRequestController < AdminController else info_request.public_body = destination_public_body info_request.save! - info_request.log_event("move_request", { - :editor => admin_http_auth_user(), - :old_public_body_url_name => old_public_body.url_name, - :public_body_url_name => destination_public_body.url_name + info_request.log_event("move_request", { + :editor => admin_http_auth_user(), + :old_public_body_url_name => old_public_body.url_name, + :public_body_url_name => destination_public_body.url_name }) info_request.reindex_request_events @@ -288,16 +303,16 @@ class AdminRequestController < AdminController if domain.nil? @public_bodies = [] else - @public_bodies = PublicBody.find(:all, :order => "name", + @public_bodies = PublicBody.find(:all, :order => "name", :conditions => [ "lower(request_email) like lower('%'||?||'%')", domain ]) end - + # 2. Match the email address in the message without matching the hash @info_requests = InfoRequest.guess_by_incoming_email(@raw_email.incoming_message) # 3. Give a reason why it's in the holding pen last_event = InfoRequestEvent.find_by_incoming_message_id(@raw_email.incoming_message.id) - @rejected_reason = last_event.params[:rejected_reason] + @rejected_reason = last_event.params[:rejected_reason] || "unknown reason" end end @@ -323,6 +338,24 @@ class AdminRequestController < AdminController redirect_to request_admin_url(info_request_event.info_request) end + def hide_request + ActiveRecord::Base.transaction do + explanation = params[:explanation] + info_request = InfoRequest.find(params[:id]) + info_request.set_described_state(params[:reason]) + info_request.prominence = "requester_only" + info_request.save! + + ContactMailer.deliver_from_admin_message( + info_request.user, + "hello", + params[:explanation] + ) + flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name)) + redirect_to request_admin_url(info_request) + end + end + private end diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index 249030537..4059ac0bb 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -15,7 +15,7 @@ class AdminUserController < AdminController def list @query = params[:query] @admin_users = User.paginate :order => "name", :page => params[:page], :per_page => 100, - :conditions => @query.nil? ? nil : ["lower(name) like lower('%'||?||'%') or + :conditions => @query.nil? ? nil : ["lower(name) like lower('%'||?||'%') or lower(email) like lower('%'||?||'%')", @query, @query] end @@ -28,7 +28,7 @@ class AdminUserController < AdminController # Don't use @user as that is any logged in user @admin_user = User.find(params[:id]) end - + def show_bounce_message @admin_user = User.find(params[:id]) end @@ -54,7 +54,7 @@ class AdminUserController < AdminController else render :action => 'edit' end - end + end def destroy_track track_thing = TrackThing.find(params[:track_id].to_i) @@ -62,7 +62,7 @@ class AdminUserController < AdminController flash[:notice] = 'Track destroyed' redirect_to user_admin_url(track_thing.tracking_user) end - + def clear_bounce user = User.find(params[:id]) user.email_bounced_at = nil diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0508abe76..e305e90f4 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,3 +1,4 @@ +# -*- coding: utf-8 -*- # controllers/application.rb: # Parent class of all controllers in FOI site. Filters added to this controller # apply to all controllers in the application. Likewise, all the methods added @@ -19,7 +20,7 @@ class ApplicationController < ActionController::Base # Send notification email on exceptions include ExceptionNotification::Notifiable - + # Note: a filter stops the chain if it redirects or renders something before_filter :authentication_check before_filter :set_gettext_locale @@ -33,7 +34,7 @@ class ApplicationController < ActionController::Base def set_vary_header response.headers['Vary'] = 'Cookie' end - + helper_method :anonymous_cache, :short_cache, :medium_cache, :long_cache def anonymous_cache(time) if session[:user_id].nil? @@ -117,8 +118,20 @@ class ApplicationController < ActionController::Base # Override default error handler, for production sites. def rescue_action_in_public(exception) + # Call `set_view_paths` from the theme, if it exists. + # Normally, this is called by the theme itself in a + # :before_filter, but when there's an error, this doesn't + # happen. By calling it here, we can ensure error pages are + # still styled according to the theme. + begin + set_view_paths + rescue NameError => e + if !(e.message =~ /undefined local variable or method `set_view_paths'/) + raise + end + end # Make sure expiry time for session is set (before_filters are - # otherwise missed by this override) + # otherwise missed by this override) session_remember_me case exception when ActiveRecord::RecordNotFound, ActionController::UnknownAction, ActionController::RoutingError @@ -140,13 +153,13 @@ class ApplicationController < ActionController::Base alias original_rescue_action_locally rescue_action_locally def rescue_action_locally(exception) # Make sure expiry time for session is set (before_filters are - # otherwise missed by this override) + # otherwise missed by this override) session_remember_me # Display default, detailed error for developers original_rescue_action_locally(exception) end - + def local_request? false end @@ -178,7 +191,7 @@ class ApplicationController < ActionController::Base end def foi_fragment_cache_path(param) - path = File.join(RAILS_ROOT, 'cache', 'views', foi_fragment_cache_part_path(param)) + path = File.join(Rails.root, 'cache', 'views', foi_fragment_cache_part_path(param)) max_file_length = 255 - 35 # we subtract 35 because tempfile # adds on a variable number of # characters @@ -207,7 +220,7 @@ class ApplicationController < ActionController::Base end end - # get the local locale + # get the local locale def locale_from_params(*args) if params[:show_locale] params[:show_locale] @@ -307,7 +320,7 @@ class ApplicationController < ActionController::Base end end - # + # def check_read_only read_only = MySociety::Config.get('READ_ONLY', '') if !read_only.empty? @@ -336,7 +349,7 @@ class ApplicationController < ActionController::Base @http_auth_user = admin_http_auth_user end - # Convert URL name for sort by order, to Xapian query + # Convert URL name for sort by order, to Xapian query def order_to_sort_by(sortby) if sortby.nil? return [nil, nil] @@ -352,7 +365,7 @@ class ApplicationController < ActionController::Base end # Function for search - def perform_search(models, query, sortby, collapse, per_page = 25, this_page = nil) + def perform_search(models, query, sortby, collapse, per_page = 25, this_page = nil) @query = query @sortby = sortby @@ -388,7 +401,7 @@ class ApplicationController < ActionController::Base collapse = 'request_collapse' end options = { - :offset => (@page - 1) * @per_page, + :offset => (@page - 1) * @per_page, :limit => @per_page, :sort_by_prefix => nil, :sort_by_ascending => true, @@ -407,7 +420,7 @@ class ApplicationController < ActionController::Base if e.message =~ /^QueryParserError: Wildcard/ # Wildcard expands to too many terms logger.info "Wildcard query '#{query.strip + '*'}' caused: #{e.message}" - + user_query = ActsAsXapian.query_parser.parse_query( query, Xapian::QueryParser::FLAG_LOVEHATE | @@ -436,8 +449,8 @@ class ApplicationController < ActionController::Base def param_exists(item) return params[item] && !params[item].empty? - end - + end + def get_request_variety_from_params query = "" sortby = "newest" @@ -462,7 +475,7 @@ class ApplicationController < ActionController::Base def get_status_from_params query = "" - if params[:latest_status] + if params[:latest_status] statuses = [] if params[:latest_status].class == String params[:latest_status] = [params[:latest_status]] @@ -513,7 +526,7 @@ class ApplicationController < ActionController::Base query = "" tags = [] if param_exists(:tags) - params[:tags].split().each do |tag| + params[:tags].split().each do |tag| tags << "tag:#{tag}" end end @@ -522,7 +535,7 @@ class ApplicationController < ActionController::Base end return query end - + def make_query_from_params query = params[:query] || "" if query.nil? query += get_date_range_from_params @@ -543,16 +556,6 @@ class ApplicationController < ActionController::Base return country end - def quietly_try_to_open(url) - begin - result = open(url).read.strip - rescue OpenURI::HTTPError, SocketError, Errno::ETIMEDOUT, Errno::ECONNREFUSED, Errno::EHOSTUNREACH - logger.warn("Unable to open third-party URL #{url}") - result = "" - end - return result - end - # URL generating functions are needed by all controllers (for redirects), # views (for links) and mailers (for use in emails), so include them into # all of all. diff --git a/app/controllers/comment_controller.rb b/app/controllers/comment_controller.rb index 86d5b0a06..d9cd002dd 100644 --- a/app/controllers/comment_controller.rb +++ b/app/controllers/comment_controller.rb @@ -9,14 +9,14 @@ class CommentController < ApplicationController before_filter :check_read_only, :only => [ :new ] protect_from_forgery :only => [ :new ] - + def new if params[:type] == 'request' @info_request = InfoRequest.find_by_url_title(params[:url_title]) @track_thing = TrackThing.create_track_for_request(@info_request) if params[:comment] @comment = Comment.new(params[:comment].merge({ - :comment_type => 'request', + :comment_type => 'request', :user => @user })) end @@ -38,7 +38,7 @@ class CommentController < ApplicationController # Default to subscribing to request when first viewing form params[:subscribe_to_request] = true end - + # See if values were valid or not if !params[:comment] || !@existing_comment.nil? || !@comment.valid? || params[:reedit] render :action => 'new' diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb index 82b1b8629..6e89a2832 100644 --- a/app/controllers/general_controller.rb +++ b/app/controllers/general_controller.rb @@ -28,19 +28,19 @@ class GeneralController < ApplicationController @locale = self.locale_from_params() locale_condition = 'public_body_translations.locale = ?' conditions = [locale_condition, @locale] - PublicBody.with_locale(@locale) do + PublicBody.with_locale(@locale) do if body_short_names.empty? # This is too slow - @popular_bodies = PublicBody.find(:all, - :select => "public_bodies.*, (select count(*) from info_requests where info_requests.public_body_id = public_bodies.id) as c", - :order => "c desc", + @popular_bodies = PublicBody.find(:all, + :select => "public_bodies.*, (select count(*) from info_requests where info_requests.public_body_id = public_bodies.id) as c", + :order => "c desc", :limit => 32, :conditions => conditions, :joins => :translations ) else conditions[0] += " and public_bodies.url_name in (" + body_short_names + ")" - @popular_bodies = PublicBody.find(:all, + @popular_bodies = PublicBody.find(:all, :conditions => conditions, :joins => :translations) end @@ -52,7 +52,7 @@ class GeneralController < ApplicationController max_count = 5 xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count) @request_events = xapian_object.results.map { |r| r[:model] } - + # If there are not yet enough successful requests, fill out the list with # other requests if @request_events.count < max_count @@ -97,7 +97,7 @@ class GeneralController < ApplicationController query_parts = @query.split("/") if !['bodies', 'requests', 'users', 'all'].include?(query_parts[-1]) redirect_to search_url([@query, "all"], params) - else + else redirect_to search_url(@query, params) end end @@ -236,4 +236,4 @@ class GeneralController < ApplicationController end - + diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb index b08438b52..e3b77271e 100644 --- a/app/controllers/help_controller.rb +++ b/app/controllers/help_controller.rb @@ -9,7 +9,7 @@ class HelpController < ApplicationController # we don't even have a control subroutine for most help pages, just see their templates - + before_filter :long_cache def unhappy @@ -61,7 +61,7 @@ class HelpController < ApplicationController @last_request, @last_body ) flash[:notice] = _("Your message has been sent. Thank you for getting in touch! We'll get back to you soon.") - redirect_to frontpage_url + redirect_to frontpage_url return end @@ -69,7 +69,7 @@ class HelpController < ApplicationController @contact.errors.clear end end - + end end diff --git a/app/controllers/holiday_controller.rb b/app/controllers/holiday_controller.rb index 916ff54c8..7f62aa26d 100644 --- a/app/controllers/holiday_controller.rb +++ b/app/controllers/holiday_controller.rb @@ -1,5 +1,5 @@ # app/controllers/holiday_controller.rb: -# Calculate dates +# Calculate dates # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ @@ -16,7 +16,7 @@ class HolidayController < ApplicationController @request_date = Date.strptime(params[:holiday]) or raise "Invalid date" @due_date = Holiday.due_date_from(@request_date, 20) @skipped = Holiday.all( - :conditions => [ 'day >= ? AND day <= ?', + :conditions => [ 'day >= ? AND day <= ?', @request_date.strftime("%F"), @due_date.strftime("%F") ] ).collect { |h| h.day }.sort diff --git a/app/controllers/public_body_controller.rb b/app/controllers/public_body_controller.rb index 00d1cc1e0..95d936e54 100644 --- a/app/controllers/public_body_controller.rb +++ b/app/controllers/public_body_controller.rb @@ -14,23 +14,23 @@ class PublicBodyController < ApplicationController def show long_cache if MySociety::Format.simplify_url_part(params[:url_name], 'body') != params[:url_name] - redirect_to :url_name => MySociety::Format.simplify_url_part(params[:url_name], 'body'), :status => :moved_permanently + redirect_to :url_name => MySociety::Format.simplify_url_part(params[:url_name], 'body'), :status => :moved_permanently return end @locale = self.locale_from_params() - PublicBody.with_locale(@locale) do + PublicBody.with_locale(@locale) do @public_body = PublicBody.find_by_url_name_with_historic(params[:url_name]) raise ActiveRecord::RecordNotFound.new("None found") if @public_body.nil? if @public_body.url_name.nil? redirect_to :back return - end + end # If found by historic name, or alternate locale name, redirect to new name if @public_body.url_name != params[:url_name] - redirect_to show_public_body_url(:url_name => @public_body.url_name) + redirect_to show_public_body_url(:url_name => @public_body.url_name) return end - + set_last_body(@public_body) top_url = main_url("/") @@ -50,8 +50,8 @@ class PublicBodyController < ApplicationController begin @xapian_requests = perform_search([InfoRequestEvent], query, sortby, 'request_collapse') if (@page > 1) - @page_desc = " (page " + @page.to_s + ")" - else + @page_desc = " (page " + @page.to_s + ")" + else @page_desc = "" end rescue @@ -65,7 +65,7 @@ class PublicBodyController < ApplicationController format.html { @has_json = true; render :template => "public_body/show"} format.json { render :json => @public_body.json_for_api } end - + end end @@ -93,8 +93,8 @@ class PublicBodyController < ApplicationController @tag = params[:tag] @locale = self.locale_from_params() default_locale = I18n.default_locale.to_s - locale_condition = "(upper(public_body_translations.name) LIKE upper(?) - OR upper(public_body_translations.notes) LIKE upper (?)) + locale_condition = "(upper(public_body_translations.name) LIKE upper(?) + OR upper(public_body_translations.notes) LIKE upper (?)) AND public_body_translations.locale = ? AND public_bodies.id <> #{PublicBody.internal_admin_body.id}" if @tag.nil? or @tag == "all" @@ -152,10 +152,10 @@ class PublicBodyController < ApplicationController report = StringIO.new CSV::Writer.generate(report, ',') do |title| title << [ - 'Name', + 'Name', 'Short name', # deliberately not including 'Request email' - 'URL name', + 'URL name', 'Tags', 'Home page', 'Publication scheme', @@ -164,12 +164,12 @@ class PublicBodyController < ApplicationController 'Version', ] public_bodies.each do |public_body| - title << [ - public_body.name, - public_body.short_name, + title << [ + public_body.name, + public_body.short_name, # DO NOT include request_email (we don't want to make it # easy to spam all authorities with requests) - public_body.url_name, + public_body.url_name, public_body.tag_string, public_body.calculated_home_page, public_body.publication_scheme, @@ -181,7 +181,7 @@ class PublicBodyController < ApplicationController end report.rewind send_data(report.read, :type=> 'text/csv; charset=utf-8; header=present', - :filename => 'all-authorities.csv', + :filename => 'all-authorities.csv', :disposition =>'attachment', :encoding => 'utf8') end diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 96c501755..94fbcde29 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -1,3 +1,4 @@ +# -*- coding: utf-8 -*- # app/controllers/request_controller.rb: # Show information about one particular request. # @@ -16,7 +17,7 @@ class RequestController < ApplicationController MAX_RESULTS = 500 PER_PAGE = 25 - + @@custom_states_loaded = false begin if ENV["RAILS_ENV"] != "test" @@ -44,11 +45,11 @@ class RequestController < ApplicationController end medium_cache end - + def show medium_cache @locale = self.locale_from_params() - PublicBody.with_locale(@locale) do + PublicBody.with_locale(@locale) do # Look up by old style numeric identifiers if params[:url_title].match(/^[0-9]+$/) @@ -57,7 +58,7 @@ class RequestController < ApplicationController return end - # Look up by new style text names + # Look up by new style text names @info_request = InfoRequest.find_by_url_title(params[:url_title]) if @info_request.nil? raise ActiveRecord::RecordNotFound.new("Request not found") @@ -69,7 +70,7 @@ class RequestController < ApplicationController render :template => 'request/hidden', :status => 410 # gone return end - + # Other parameters @info_request_events = @info_request.info_request_events @status = @info_request.calculate_status @@ -77,7 +78,7 @@ class RequestController < ApplicationController @update_status = params[:update_status] ? true : false @old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil? @is_owning_user = @info_request.is_owning_user?(authenticated_user) - + if @update_status return if !@is_owning_user && !authenticated_as_user?(@info_request.user, :web => _("To update the status of this FOI request"), @@ -85,7 +86,7 @@ class RequestController < ApplicationController :email_subject => _("Update the status of your request to ") + @info_request.public_body.name ) end - + @last_info_request_event_id = @info_request.last_event_id_needing_description @new_responses_count = @info_request.events_needing_description.select {|i| i.event_type == 'response'}.size @@ -95,14 +96,14 @@ class RequestController < ApplicationController behavior_cache :tag => ['similar', @info_request.id] do begin limit = 10 - @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, + @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, :limit => limit, :collapse_by_prefix => 'request_collapse') @xapian_similar_more = (@xapian_similar.matches_estimated > limit) rescue @xapian_similar = nil end end - + # Track corresponding to this page @track_thing = TrackThing.create_track_for_request(@info_request) @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] @@ -122,7 +123,7 @@ class RequestController < ApplicationController @info_request = InfoRequest.find_by_url_title(params[:url_title]) if @info_request.nil? raise ActiveRecord::RecordNotFound.new("Request not found") - else + else if !@info_request.user_can_view?(authenticated_user) render :template => 'request/hidden', :status => 410 # gone return @@ -137,16 +138,18 @@ class RequestController < ApplicationController @per_page = 25 @page = (params[:page] || "1").to_i @info_request = InfoRequest.find_by_url_title(params[:url_title]) + raise ActiveRecord::RecordNotFound.new("Request not found") if @info_request.nil? + if !@info_request.user_can_view?(authenticated_user) render :template => 'request/hidden', :status => 410 # gone return end - @xapian_object = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, + @xapian_object = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, :offset => (@page - 1) * @per_page, :limit => @per_page, :collapse_by_prefix => 'request_collapse') - + if (@page > 1) - @page_desc = " (page " + @page.to_s + ")" - else + @page_desc = " (page " + @page.to_s + ")" + else @page_desc = "" end end @@ -158,7 +161,7 @@ class RequestController < ApplicationController if @view == "recent" return redirect_to request_list_all_path(:action => "list", :view => "all", :page => @page), :status => :moved_permanently end - + # Later pages are very expensive to load if @page > MAX_RESULTS / PER_PAGE raise ActiveRecord::RecordNotFound.new("Sorry. No pages after #{MAX_RESULTS / PER_PAGE}.") @@ -168,14 +171,14 @@ class RequestController < ApplicationController query = make_query_from_params @title = _("View and search requests") sortby = "newest" - @cache_tag = Digest::MD5.hexdigest(query + @page.to_s) + @cache_tag = Digest::MD5.hexdigest(query + @page.to_s + I18n.locale.to_s) behavior_cache :tag => [@cache_tag] do xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse') @list_results = xapian_object.results.map { |r| r[:model] } @matches_estimated = xapian_object.matches_estimated @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated end - + @title = @title + " (page " + @page.to_s + ")" if (@page > 1) @track_thing = TrackThing.create_track_for_search_query(query) @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] @@ -199,7 +202,7 @@ class RequestController < ApplicationController # get_undescribed_requests also allows one day since the response # arrived. if !@user.nil? && params[:submitted_new_request].nil? && !@user.can_leave_requests_undescribed? - @undescribed_requests = @user.get_undescribed_requests + @undescribed_requests = @user.get_undescribed_requests if @undescribed_requests.size > 1 render :action => 'new_please_describe' return @@ -245,7 +248,7 @@ class RequestController < ApplicationController elsif params[:public_body_id] params[:info_request][:public_body_id] = params[:public_body_id] end - if !params[:info_request][:public_body_id] + if !params[:info_request][:public_body_id] # compulsory to have a body by here, or go to front page which is start of process redirect_to frontpage_url return @@ -263,7 +266,7 @@ class RequestController < ApplicationController params[:outgoing_message][:info_request] = @info_request @outgoing_message = OutgoingMessage.new(params[:outgoing_message]) @outgoing_message.set_signature_name(@user.name) if !@user.nil? - + if @info_request.public_body.is_requestable? render :action => 'new' else @@ -286,8 +289,8 @@ class RequestController < ApplicationController # Create both FOI request and the first request message @info_request = InfoRequest.new(params[:info_request]) - @outgoing_message = OutgoingMessage.new(params[:outgoing_message].merge({ - :status => 'ready', + @outgoing_message = OutgoingMessage.new(params[:outgoing_message].merge({ + :status => 'ready', :message_type => 'initial_request' })) @info_request.outgoing_messages << @outgoing_message @@ -312,7 +315,7 @@ class RequestController < ApplicationController if params[:preview].to_i == 1 message = "" if @outgoing_message.contains_email? - if @user.nil? + if @user.nil? message += _("<p>You do not need to include your email in the request in order to get a reply, as we will ask for it on the next screen (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]; else message += _("<p>You do not need to include your email in the request in order to get a reply (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]; @@ -358,7 +361,7 @@ class RequestController < ApplicationController flash[:notice] = _("<p>Your {{law_used_full}} request has been <strong>sent on its way</strong>!</p> <p><strong>We will email you</strong> when there is a response, or after {{late_number_of_days}} working days if the authority still hasn't replied by then.</p> - <p>If you write about this request (for example in a forum or a blog) please link to this page, and add an + <p>If you write about this request (for example in a forum or a blog) please link to this page, and add an annotation below telling people about your writing.</p>",:law_used_full=>@info_request.law_used_full, :late_number_of_days => MySociety::Config.get('REPLY_LATE_AFTER_DAYS', 20)) redirect_to show_new_request_path(:url_title => @info_request.url_title) @@ -375,10 +378,10 @@ class RequestController < ApplicationController return end - @is_owning_user = @info_request.is_owning_user?(authenticated_user) + @is_owning_user = @info_request.is_owning_user?(authenticated_user) @last_info_request_event_id = @info_request.last_event_id_needing_description @old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil? - + # Check authenticated, and parameters set. We check is_owning_user # to get admin overrides (see is_owning_user? above) if !@old_unclassified && !@is_owning_user && !authenticated_as_user?(@info_request.user, @@ -405,7 +408,7 @@ class RequestController < ApplicationController # Make the state change old_described_state = @info_request.described_state @info_request.set_described_state(params[:incoming_message][:described_state]) - + # If you're not the *actual* requester owner. e.g. you are playing the # classification game, or you're doing this just because you are an # admin user (not because you also own the request). @@ -414,24 +417,24 @@ class RequestController < ApplicationController # don't log if you were the requester XXX This is presumably so you # don't score for classifying your own requests. Could instead # always log and filter at display time. - @info_request.log_event("status_update", - { :user_id => authenticated_user.id, - :old_described_state => old_described_state, + @info_request.log_event("status_update", + { :user_id => authenticated_user.id, + :old_described_state => old_described_state, :described_state => @info_request.described_state, }) - + # Don't give advice on what to do next, as it isn't their request RequestMailer.deliver_old_unclassified_updated(@info_request) - if session[:request_game] + if session[:request_game] flash[:notice] = _('Thank you for updating the status of the request \'<a href="{{url}}">{{info_request_title}}</a>\'. There are some more requests below for you to classify.',:info_request_title=>CGI.escapeHTML(@info_request.title), :url=>CGI.escapeHTML(request_url(@info_request))) - redirect_to play_url + redirect_to play_url else flash[:notice] = _('Thank you for updating this request!') redirect_to request_url(@info_request) end return end - + # Display advice for requester on what to do next, as appropriate if @info_request.calculate_status == 'waiting_response' flash[:notice] = _("<p>Thank you! Hopefully your wait isn't too long.</p> <p>By law, you should get a response promptly, and normally before the end of <strong> @@ -447,14 +450,14 @@ class RequestController < ApplicationController flash[:notice] = _("<p>Thank you! Here are some ideas on what to do next:</p> <ul> <li>To send your request to another authority, first copy the text of your request below, then <a href=\"{{find_authority_url}}\">find the other authority</a>.</li> - <li>If you would like to contest the authority's claim that they do not hold the information, here is + <li>If you would like to contest the authority's claim that they do not hold the information, here is <a href=\"{{complain_url}}\">how to complain</a>. </li> <li>We have <a href=\"{{other_means_url}}\">suggestions</a> on other means to answer your question. </li> - </ul>", - :find_authority_url => "/new", + </ul>", + :find_authority_url => "/new", :complain_url => CGI.escapeHTML(unhappy_url(@info_request)), :other_means_url => CGI.escapeHTML(unhappy_url(@info_request)) + "#other_means") redirect_to request_url(@info_request) @@ -493,7 +496,7 @@ class RequestController < ApplicationController end end - # Used for links from polymorphic URLs e.g. in Atom feeds - just redirect to + # Used for links from polymorphic URLs e.g. in Atom feeds - just redirect to # proper URL for the message the event refers to def show_request_event @info_request_event = InfoRequestEvent.find(params[:info_request_event_id]) @@ -503,8 +506,8 @@ class RequestController < ApplicationController redirect_to outgoing_message_url(@info_request_event.outgoing_message), :status => :moved_permanently else # XXX maybe there are better URLs for some events than this - redirect_to request_url(@info_request_event.info_request), :status => :moved_permanently - end + redirect_to request_url(@info_request_event.info_request), :status => :moved_permanently + end end # Show an individual incoming message, and allow followup @@ -548,8 +551,8 @@ class RequestController < ApplicationController if params_outgoing_message.nil? params_outgoing_message = {} end - params_outgoing_message.merge!({ - :status => 'ready', + params_outgoing_message.merge!({ + :status => 'ready', :message_type => 'followup', :incoming_message_followup => @incoming_message, :info_request_id => @info_request.id @@ -573,7 +576,7 @@ class RequestController < ApplicationController render :template => 'request/hidden', :status => 410 # gone return end - + # Check address is good if !OutgoingMailer.is_followupable?(@info_request, @incoming_message) raise "unexpected followupable inconsistency" if @info_request.public_body.is_requestable? @@ -586,7 +589,7 @@ class RequestController < ApplicationController # to make sure they're the right user first, before they start writing a # message and wasting their time if they are not the requester. if !authenticated_as_user?(@info_request.user, - :web => @incoming_message.nil? ? + :web => @incoming_message.nil? ? _("To send a follow up message to ") + @info_request.public_body.name : _("To reply to ") + @info_request.public_body.name, :email => @incoming_message.nil? ? @@ -651,6 +654,19 @@ class RequestController < ApplicationController end end + def report_request + info_request = InfoRequest.find_by_url_title(params[:url_title]) + if !info_request.attention_requested + info_request.set_described_state('attention_requested') + info_request.attention_requested = true # tells us if attention has ever been requested + info_request.save! + flash[:notice] = _("This request has been reported for administrator attention") + else + flash[:notice] = _("This request has already been reported for administrator attention") + end + redirect_to request_url(info_request) + end + # special caching code so mime types are handled right around_filter :cache_attachments, :only => [ :get_attachment, :get_attachment_as_html ] def cache_attachments @@ -684,11 +700,11 @@ class RequestController < ApplicationController # Prevent spam to magic request address. Note that the binary # subsitution method used depends on the content type - @incoming_message.binary_mask_stuff!(@attachment.body, @attachment.content_type) + @incoming_message.binary_mask_stuff!(@attachment.body, @attachment.content_type) # we don't use @attachment.content_type here, as we want same mime type when cached in cache_attachments above response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream' - + headers["Content-Disposition"] = "attachment; filename=#{params[:file_name]}" render :text => @attachment.body end @@ -712,7 +728,7 @@ class RequestController < ApplicationController html.sub!("<prefix-here>", view_html_prefix) html.sub!("<attachment-url-here>", CGI.escape(@attachment_url)) - @incoming_message.html_mask_stuff!(html) + @incoming_message.html_mask_stuff!(html) response.content_type = 'text/html' render :text => html end @@ -737,7 +753,7 @@ class RequestController < ApplicationController else @original_filename = @filename end - + # check permissions raise "internal error, pre-auth filter should have caught this" if !@info_request.user_can_view?(authenticated_user) @attachment = IncomingMessage.get_attachment_by_url_part_number(@incoming_message.get_attachments_for_display, @part_number) @@ -754,7 +770,7 @@ class RequestController < ApplicationController # FOI officers can upload a response def upload_response @locale = self.locale_from_params() - PublicBody.with_locale(@locale) do + PublicBody.with_locale(@locale) do @info_request = InfoRequest.find_by_url_title(params[:url_title]) @reason_params = { @@ -824,7 +840,7 @@ class RequestController < ApplicationController updated = Digest::SHA1.hexdigest(info_request.get_last_event.created_at.to_i.to_s + info_request.updated_at.to_i.to_s) @url_path = "/download/#{updated[0..1]}/#{updated}/#{params[:url_title]}.zip" file_path = File.join(File.dirname(__FILE__), '../../cache/zips', @url_path) - if !File.exists?(file_path) + if !File.exists?(file_path) FileUtils.mkdir_p(File.dirname(file_path)) Zip::ZipFile.open(file_path, Zip::ZipFile::CREATE) { |zipfile| convert_command = MySociety::Config.get("HTML_TO_PDF_COMMAND") @@ -843,7 +859,7 @@ class RequestController < ApplicationController logger.error("Could not convert info request #{info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'") end tempfile.close - else + else logger.warn("No HTML -> PDF converter found at #{convert_command}") end if !done @@ -855,7 +871,7 @@ class RequestController < ApplicationController f.puts(output) } end - for message in info_request.incoming_messages + for message in info_request.incoming_messages attachments = message.get_attachments_for_display for attachment in attachments filename = "#{attachment.url_part_number}_#{attachment.display_filename}" diff --git a/app/controllers/request_game_controller.rb b/app/controllers/request_game_controller.rb index 8a84575bb..904c44759 100644 --- a/app/controllers/request_game_controller.rb +++ b/app/controllers/request_game_controller.rb @@ -7,7 +7,7 @@ # $Id: request_game_controller.rb,v 1.9 2009-10-19 22:06:54 francis Exp $ class RequestGameController < ApplicationController - + def play session[:request_game] = Time.now @@ -20,7 +20,7 @@ class RequestGameController < ApplicationController @requests = old.sort_by{ rand }.slice(0..2) if @missing == 0 - flash[:notice] = _('<p>All done! Thank you very much for your help.</p><p>There are <a href="{{helpus_url}}">more things you can do</a> to help {{site_name}}.</p>', + flash[:notice] = _('<p>All done! Thank you very much for your help.</p><p>There are <a href="{{helpus_url}}">more things you can do</a> to help {{site_name}}.</p>', :helpus_url => help_credits_path+"#helpus", :site_name => site_name) end @@ -38,7 +38,7 @@ class RequestGameController < ApplicationController url_title = params[:url_title] if !authenticated?( :web => _("To play the request categorisation game"), - :email => _("Then you can play the request categorisation game."), + :email => _("Then you can play the request categorisation game."), :email_subject => _("Play the request categorisation game") ) # do nothing - as "authenticated?" has done the redirect to signin page for us diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb index 225790d71..00c0e61bd 100644 --- a/app/controllers/services_controller.rb +++ b/app/controllers/services_controller.rb @@ -9,16 +9,30 @@ class ServicesController < ApplicationController if country_from_ip.downcase != iso_country_code found_country = WorldFOIWebsites.by_code(country_from_ip) found_country_name = !found_country.nil? && found_country[:country_name] + old_locale = FastGettext.locale + FastGettext.locale = FastGettext.best_locale_in(request.env['HTTP_ACCEPT_LANGUAGE']) if found_country_name text = _("Hello! You can make Freedom of Information requests within {{country_name}} at {{link_to_website}}", :country_name => found_country_name, :link_to_website => "<a href=\"#{found_country[:url]}\">#{found_country[:name]}</a>") else current_country = WorldFOIWebsites.by_code(iso_country_code)[:country_name] text = _("Hello! We have an <a href=\"/help/alaveteli?country_name=#{CGI.escape(current_country)}\">important message</a> for visitors outside {{country_name}}", :country_name => current_country) end + FastGettext.locale = old_locale end if !text.empty? text += ' <span class="close-button">X</span>' end render :text => text, :content_type => "text/plain" # XXX workaround the HTML validation in test suite end + def hidden_user_explanation + info_request = InfoRequest.find(params[:info_request_id]) + render :template => "admin_request/hidden_user_explanation", + :content_type => "text/plain", + :layout => false, + :locals => {:name_to => info_request.user.name, + :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'), + :info_request => info_request, :reason => params[:reason], + :info_request_url => 'http://' + MySociety::Config.get('DOMAIN') + request_url(info_request), + :site_name => site_name} + end end diff --git a/app/controllers/track_controller.rb b/app/controllers/track_controller.rb index 95b573cdc..07e807451 100644 --- a/app/controllers/track_controller.rb +++ b/app/controllers/track_controller.rb @@ -98,7 +98,23 @@ class TrackController < ApplicationController return atom_feed_internal if params[:feed] == 'feed' if self.track_set - redirect_to search_url(@query) + if @query.scan("variety").length == 1 + # we're making a track for a simple filter, for which + # there's an expression in the UI (rather than relying + # on index:value strings in the query) + if @query =~ /variety:user/ + postfix = "users" + @query.sub!("variety:user", "") + elsif @query =~ /variety:authority/ + postfix = "bodies" + @query.sub!("variety:authority", "") + elsif @query =~ /variety:sent/ + postfix = "requests" + @query.sub!("variety:sent", "") + end + @query.strip! + end + redirect_to search_url([@query, postfix]) end end @@ -107,7 +123,7 @@ class TrackController < ApplicationController if @user @existing_track = TrackThing.find_by_existing_track(@user, @track_thing) if @existing_track - flash[:notice] = _("You are already being emailed updates about ") + @track_thing.params[:list_description] + flash[:notice] = _("You are already following updates about {{track_description}}", :track_description => @track_thing.params[:list_description]) return true end end @@ -119,8 +135,11 @@ class TrackController < ApplicationController @track_thing.track_medium = 'email_daily' @track_thing.tracking_user_id = @user.id @track_thing.save! - - flash[:notice] = _("You will now be emailed updates about ") + @track_thing.params[:list_description] + if @user.receive_email_alerts + flash[:notice] = _('You will now be emailed updates about {{track_description}}. <a href="{{change_email_alerts_url}}">Prefer not to receive emails?</a>', :track_description => @track_thing.params[:list_description], :change_email_alerts_url => url_for(:controller => "user", :action => "wall", :url_name => @user.url_name)) + else + flash[:notice] = _('You are now <a href="{{wall_url_user}}">following</a> updates about {{track_description}}', :track_description => @track_thing.params[:list_description], :wall_url_user => url_for(:controller => "user", :action => "wall", :url_name => @user.url_name)) + end return true end @@ -163,7 +182,7 @@ class TrackController < ApplicationController new_medium = params[:track_medium] if new_medium == 'delete' track_thing.destroy - flash[:notice] = _("You will no longer be emailed updates about ") + track_thing.params[:list_description] + flash[:notice] = _("You are no longer following {{track_description}}", :track_description => track_thing.params[:list_description]) redirect_to params[:r] # Reuse code like this if we let medium change again. #elsif new_medium == 'email_daily' diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 08726183e..e56c4dd33 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -6,10 +6,12 @@ # # $Id: user_controller.rb,v 1.71 2009-09-17 07:51:47 francis Exp $ +require 'set' + class UserController < ApplicationController layout :select_layout - + protect_from_forgery :only => [ :contact, :set_profile_photo, :signchangeemail, @@ -33,7 +35,7 @@ class UserController < ApplicationController @show_profile = false @show_requests = true end - + @display_user = User.find(:first, :conditions => [ "url_name = ? and email_confirmed = ?", params[:url_name], true ]) if not @display_user raise ActiveRecord::RecordNotFound.new("user not found, url_name=" + params[:url_name]) @@ -55,7 +57,7 @@ class UserController < ApplicationController end @xapian_requests = perform_search([InfoRequestEvent], requests_query, 'newest', 'request_collapse') @xapian_comments = perform_search([InfoRequestEvent], comments_query, 'newest', nil) - + if (@page > 1) @page_desc = " (page " + @page.to_s + ")" else @@ -89,6 +91,50 @@ class UserController < ApplicationController end + # Show the user's wall + def wall + long_cache + @display_user = User.find(:first, :conditions => [ "url_name = ? and email_confirmed = ?", params[:url_name], true ]) + if not @display_user + raise ActiveRecord::RecordNotFound.new("user not found, url_name=" + params[:url_name]) + end + @is_you = !@user.nil? && @user.id == @display_user.id + feed_results = Set.new + # Use search query for this so can collapse and paginate easily + # XXX really should just use SQL query here rather than Xapian. + begin + requests_query = 'requested_by:' + @display_user.url_name + comments_query = 'commented_by:' + @display_user.url_name + # XXX combine these as OR query + @xapian_requests = perform_search([InfoRequestEvent], requests_query, 'newest', 'request_collapse') + @xapian_comments = perform_search([InfoRequestEvent], comments_query, 'newest', nil) + rescue + @xapian_requests = nil + @xapian_comments = nil + end + + feed_results += @xapian_requests.results.map {|x| x[:model]} if !@xapian_requests.nil? + feed_results += @xapian_comments.results.map {|x| x[:model]} if !@xapian_comments.nil? + + # All tracks for the user + if @is_you + @track_things = TrackThing.find(:all, :conditions => ["tracking_user_id = ? and track_medium = ?", @display_user.id, 'email_daily'], :order => 'created_at desc') + for track_thing in @track_things + # XXX factor out of track_mailer.rb + xapian_object = InfoRequest.full_search([InfoRequestEvent], track_thing.track_query, 'described_at', true, nil, 20, 1) + feed_results += xapian_object.results.map {|x| x[:model]} + end + end + + @feed_results = Array(feed_results).sort {|x,y| y.created_at <=> x.created_at}.first(20) + + respond_to do |format| + format.html { @has_json = true } + format.json { render :json => @display_user.json_for_api } + end + + end + # Login form def signin work_out_post_redirect @@ -129,7 +175,7 @@ class UserController < ApplicationController session[:user_id] = @user_signin.id session[:user_circumstance] = nil session[:remember_me] = params[:remember_me] ? true : false - + if is_modal_dialog render :action => 'signin_successful' else @@ -319,7 +365,7 @@ class UserController < ApplicationController if (not session[:user_circumstance]) or (session[:user_circumstance] != "change_email") # don't store the password in the db params[:signchangeemail].delete(:password) - post_redirect = PostRedirect.new(:uri => signchangeemail_url(), + post_redirect = PostRedirect.new(:uri => signchangeemail_url(), :post_params => params, :circumstance => "change_email" # special login that lets you change your email ) @@ -533,17 +579,29 @@ class UserController < ApplicationController end end + # Change about me text on your profile page + def set_receive_email_alerts + if authenticated_user.nil? + flash[:error] = _("You need to be logged in to edit your profile.") + redirect_to frontpage_url + return + end + @user.receive_email_alerts = params[:receive_email_alerts] + @user.save! + redirect_to params[:came_from] + end + private def is_modal_dialog (params[:modal].to_i != 0) end - + # when logging in through a modal iframe, don't display chrome around the content def select_layout is_modal_dialog ? 'no_chrome' : 'default' end - + # Decide where we are going to redirect back to after signin/signup, and record that def work_out_post_redirect # Redirect to front page later if nothing else specified |