diff options
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/admin_request_controller.rb | 3 | ||||
| -rw-r--r-- | app/controllers/api_controller.rb | 59 | ||||
| -rw-r--r-- | app/controllers/public_body_change_requests_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 2 |
4 files changed, 43 insertions, 33 deletions
diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index 5c45a6e6e..21120e4ad 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -100,7 +100,8 @@ class AdminRequestController < AdminController @info_request.fully_destroy # expire cached files expire_for_request(@info_request) - flash[:notice] = "Request #{url_title} has been completely destroyed. Email of user who made request: " + user.email + email = user.try(:email) ? user.email : 'This request is external so has no associated user' + flash[:notice] = "Request #{ url_title } has been completely destroyed. Email of user who made request: #{ email }" redirect_to admin_request_list_url end diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 837364b19..6f83d89d6 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -191,19 +191,17 @@ class ApiController < ApplicationController raise PermissionDenied.new("#{@public_body.id} != #{params[:id]}") if @public_body.id != params[:id].to_i since_date_str = params[:since_date] - if since_date_str.nil? - @events = InfoRequestEvent.find_by_sql([ - %(select info_request_events.* - from info_requests - join info_request_events on info_requests.id = info_request_events.info_request_id - where info_requests.public_body_id = ? - and info_request_events.event_type in ( - 'sent', 'followup_sent', 'resent', 'followup_resent' - ) - order by info_request_events.created_at desc - ), @public_body.id - ]) - else + since_event_id = params[:since_event_id] + + event_type_clause = "event_type in ('sent', 'followup_sent', 'resent', 'followup_resent')" + + @events = InfoRequestEvent.where(event_type_clause) \ + .joins(:info_request) \ + .where("public_body_id = ?", @public_body.id) \ + .includes([{:info_request => :user}, :outgoing_message]) \ + .order('info_request_events.created_at DESC') + + if since_date_str begin since_date = Date.strptime(since_date_str, "%Y-%m-%d") rescue ArgumentError @@ -212,30 +210,29 @@ class ApiController < ApplicationController :status => 500 return end - @events = InfoRequestEvent.find_by_sql([ - %(select info_request_events.* - from info_requests - join info_request_events on info_requests.id = info_request_events.info_request_id - where info_requests.public_body_id = ? - and info_request_events.event_type in ( - 'sent', 'followup_sent', 'resent', 'followup_resent' - ) - and info_request_events.created_at >= ? - order by info_request_events.created_at desc - ), @public_body.id, since_date - ]) + @events = @events.where("info_request_events.created_at >= ?", since_date) + end + + # We take a "since" parameter that allows the client + # to restrict to events more recent than a certain other event + if since_event_id + begin + event = InfoRequestEvent.find(since_event_id) + rescue ActiveRecord::RecordNotFound + render :json => {"errors" => [ + "Event ID #{since_event_id} not found" ] }, + :status => 500 + return + end + @events = @events.where("info_request_events.created_at > ?", event.created_at) end + + if feed_type == "atom" render :template => "api/request_events", :formats => ['atom'], :layout => false elsif feed_type == "json" - # For the JSON feed, we take a "since" parameter that allows the client - # to restrict to events more recent than a certain other event - if params[:since_event_id] - @since_event_id = params[:since_event_id].to_i - end @event_data = [] @events.each do |event| - break if event.id == @since_event_id request = event.info_request this_event = { diff --git a/app/controllers/public_body_change_requests_controller.rb b/app/controllers/public_body_change_requests_controller.rb index 4a6c5f5cb..773308546 100644 --- a/app/controllers/public_body_change_requests_controller.rb +++ b/app/controllers/public_body_change_requests_controller.rb @@ -1,5 +1,7 @@ class PublicBodyChangeRequestsController < ApplicationController + before_filter :catch_spam, :only => [:create] + def create @change_request = PublicBodyChangeRequest.from_params(params[:public_body_change_request], @user) if @change_request.save @@ -23,6 +25,16 @@ class PublicBodyChangeRequestsController < ApplicationController else @title = _('Ask us to add an authority') end + end + + private + def catch_spam + if params[:public_body_change_request].key?(:comment) + unless params[:public_body_change_request][:comment].empty? + redirect_to frontpage_url + end + end end + end diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 6281959fb..3fa0ef0ce 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -181,7 +181,7 @@ class RequestController < ApplicationController end @filters = params.merge(:latest_status => @view) - @title = _("View and search requests") + @title = _('Browse and search requests') @title = @title + " (page " + @page.to_s + ")" if (@page > 1) @track_thing = TrackThing.create_track_for_search_query(InfoRequestEvent.make_query_from_params(@filters)) |