diff options
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/admin_public_body_controller.rb | 115 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 29 | ||||
| -rw-r--r-- | app/controllers/general_controller.rb | 23 | ||||
| -rw-r--r-- | app/controllers/public_body_controller.rb | 111 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 156 |
5 files changed, 249 insertions, 185 deletions
diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb index 1b79642d2..4b212c24b 100644 --- a/app/controllers/admin_public_body_controller.rb +++ b/app/controllers/admin_public_body_controller.rb @@ -9,7 +9,6 @@ class AdminPublicBodyController < AdminController def index list - render :action => 'list' end def _lookup_query_internal @@ -29,24 +28,31 @@ class AdminPublicBodyController < AdminController end def list - self._lookup_query_internal + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + self._lookup_query_internal + render :action => 'list' + end end def mass_tag_add - self._lookup_query_internal - - if params[:new_tag] and params[:new_tag] != "" - if params[:table_name] == 'exact' - bodies = @public_bodies_by_tag - elsif params[:table_name] == 'substring' - bodies = @public_bodies - else - raise "Unknown table_name " + params[:table_name] - end - for body in bodies - body.add_tag_if_not_already_present(params[:new_tag]) - end - flash[:notice] = "Added tag to table of bodies." + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + self._lookup_query_internal + + if params[:new_tag] and params[:new_tag] != "" + if params[:table_name] == 'exact' + bodies = @public_bodies_by_tag + elsif params[:table_name] == 'substring' + bodies = @public_bodies + else + raise "Unknown table_name " + params[:table_name] + end + for body in bodies + body.add_tag_if_not_already_present(params[:new_tag]) + end + flash[:notice] = "Added tag to table of bodies." + end end redirect_to admin_url('body/list') + "?query=" + @query + (@page.nil? ? "" : "&page=" + @page) # XXX construct this URL properly @@ -69,53 +75,74 @@ class AdminPublicBodyController < AdminController end def show - @public_body = PublicBody.find(params[:id]) + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + @public_body = PublicBody.find(params[:id]) + render + end end def new - @public_body = PublicBody.new + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + @public_body = PublicBody.new + render + end end def create - params[:public_body][:last_edit_editor] = admin_http_auth_user() - @public_body = PublicBody.new(params[:public_body]) - if @public_body.save - flash[:notice] = 'PublicBody was successfully created.' - redirect_to admin_url('body/show/' + @public_body.id.to_s) - else - render :action => 'new' + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + params[:public_body][:last_edit_editor] = admin_http_auth_user() + @public_body = PublicBody.new(params[:public_body]) + if @public_body.save + flash[:notice] = 'PublicBody was successfully created.' + redirect_to admin_url('body/show/' + @public_body.id.to_s) + else + render :action => 'new' + end end end def edit - @public_body = PublicBody.find(params[:id]) - @public_body.last_edit_comment = "" + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + @public_body = PublicBody.find(params[:id]) + @public_body.last_edit_comment = "" + render + end end def update - params[:public_body][:last_edit_editor] = admin_http_auth_user() - @public_body = PublicBody.find(params[:id]) - if @public_body.update_attributes(params[:public_body]) - flash[:notice] = 'PublicBody was successfully updated.' - redirect_to admin_url('body/show/' + @public_body.id.to_s) - else - render :action => 'edit' + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + params[:public_body][:last_edit_editor] = admin_http_auth_user() + @public_body = PublicBody.find(params[:id]) + if @public_body.update_attributes(params[:public_body]) + flash[:notice] = 'PublicBody was successfully updated.' + redirect_to admin_url('body/show/' + @public_body.id.to_s) + else + render :action => 'edit' + end end end def destroy - public_body = PublicBody.find(params[:id]) + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + public_body = PublicBody.find(params[:id]) + + if public_body.info_requests.size > 0 + flash[:notice] = "There are requests associated with the authority, so can't destroy it" + redirect_to admin_url('body/show/' + public_body.id.to_s) + return + end - if public_body.info_requests.size > 0 - flash[:notice] = "There are requests associated with the authority, so can't destroy it" - redirect_to admin_url('body/show/' + public_body.id.to_s) - return + public_body.tag_string = "" + public_body.destroy + flash[:notice] = "PublicBody was successfully destroyed." + redirect_to admin_url('body/list') end - - public_body.tag_string = "" - public_body.destroy - flash[:notice] = "PublicBody was successfully destroyed." - redirect_to admin_url('body/list') end def import_csv diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 9382e077f..91754e2ba 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -12,11 +12,28 @@ class ApplicationController < ActionController::Base # Standard headers, footers and navigation for whole site layout "default" - # set locale + include FastGettext::Translation # make functions like _, n_, N_ etc available) before_filter :set_gettext_locale + + # scrub sensitive parameters from the logs + filter_parameter_logging :password + + + def set_gettext_locale + requested_locale = params[:locale] || session[:locale] || cookies[:locale] || request.env['HTTP_ACCEPT_LANGUAGE'] + session[:locale] = FastGettext.set_locale(requested_locale) + end + # scrub sensitive parameters from the logs filter_parameter_logging :password + helper_method :site_name, :locale_from_params + def site_name + # XXX should come from database: + site_name = "WhatDoTheyKnow" + return site_name + end + # Help work out which request causes RAM spike. # http://www.codeweblog.com/rails-to-monitor-the-process-of-memory-leaks-skills/ # This shows the memory use increase of the Ruby process due to the request. @@ -131,6 +148,16 @@ class ApplicationController < ActionController::Base f.write(content) end end + + # get the local locale + def locale_from_params(*args) + if params[:show_locale] + params[:show_locale] + else + I18n.locale.to_s + end + end + private # Check the user is logged in diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb index 21e715424..cf28208a0 100644 --- a/app/controllers/general_controller.rb +++ b/app/controllers/general_controller.rb @@ -22,22 +22,7 @@ class GeneralController < ApplicationController def frontpage behavior_cache do # This is too slow - #@popular_bodies = PublicBody.find(:all, :select => "*, (select count(*) from info_requests where info_requests.public_body_id = public_bodies.id) as c", :order => "c desc", :limit => 32) - - # Just hardcode some popular authorities for now - # ('tgq', 'atbra' is for debugging on Francis's development environment) - @popular_bodies = PublicBody.find(:all, :conditions => ["url_name in ( - 'bbc', - 'dwp', - 'dh', - 'snh', - 'royal_mail_group', - 'mod', - 'kent_county_council', - 'wirral_borough_council' - /* , 'tgq', 'atbra' */ - )"]).sort_by { |pb| pb.url_name }.reverse # just an order that looks better - + @popular_bodies = PublicBody.find(:all, :select => "*, (select count(*) from info_requests where info_requests.public_body_id = public_bodies.id) as c", :order => "c desc", :limit => 32) # Get some successful requests # begin query = 'variety:response (status:successful OR status:partially_successful)' @@ -168,5 +153,11 @@ class GeneralController < ApplicationController render :text => "awake\n" end + def custom_css + @locale = self.locale_from_params() + render(:layout => false, :content_type => 'text/css') + end + + end diff --git a/app/controllers/public_body_controller.rb b/app/controllers/public_body_controller.rb index 17eba911f..4e5bf8ad7 100644 --- a/app/controllers/public_body_controller.rb +++ b/app/controllers/public_body_controller.rb @@ -16,87 +16,92 @@ class PublicBodyController < ApplicationController return end - @public_body = PublicBody.find_by_url_name_with_historic(params[:url_name]) - raise "None found" if @public_body.nil? # XXX proper 404 + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + @public_body = PublicBody.find_by_url_name_with_historic(params[:url_name]) + raise "None found" if @public_body.nil? # XXX proper 404 - # If found by historic name, redirect to new name - redirect_to show_public_body_url(:url_name => @public_body.url_name) if - @public_body.url_name != params[:url_name] - - set_last_body(@public_body) + # If found by historic name, or alternate locale name, redirect to new name + if @public_body.url_name != params[:url_name] + redirect_to show_public_body_url(:url_name => @public_body.url_name) + return + end + + set_last_body(@public_body) - top_url = main_url("/") - @searched_to_send_request = false - referrer = request.env['HTTP_REFERER'] - if !referrer.nil? && referrer.match(%r{^#{top_url}search/.*/bodies$}) - @searched_to_send_request = true - end + top_url = main_url("/") + @searched_to_send_request = false + referrer = request.env['HTTP_REFERER'] + if !referrer.nil? && referrer.match(%r{^#{top_url}search/.*/bodies$}) + @searched_to_send_request = true + end - # Use search query for this so can collapse and paginate easily - # XXX really should just use SQL query here rather than Xapian. - begin - @xapian_requests = perform_search([InfoRequestEvent], 'requested_from:' + @public_body.url_name, 'newest', 'request_collapse') - if (@page > 1) - @page_desc = " (page " + @page.to_s + ")" - else - @page_desc = "" + # Use search query for this so can collapse and paginate easily + # XXX really should just use SQL query here rather than Xapian. + begin + @xapian_requests = perform_search([InfoRequestEvent], 'requested_from:' + @public_body.url_name, 'newest', 'request_collapse') + if (@page > 1) + @page_desc = " (page " + @page.to_s + ")" + else + @page_desc = "" + end + rescue + @xapian_requests = nil end - rescue - @xapian_requests = nil - end - @track_thing = TrackThing.create_track_for_public_body(@public_body) - @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] + @track_thing = TrackThing.create_track_for_public_body(@public_body) + @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] - respond_to do |format| - format.html { @has_json = true } - format.json { render :json => @public_body.json_for_api } + respond_to do |format| + format.html { @has_json = true; render :template => "public_body/show"} + format.json { render :json => @public_body.json_for_api } + end + end end def view_email @public_bodies = PublicBody.find(:all, :conditions => [ "url_name = ?", params[:url_name] ]) @public_body = @public_bodies[0] - - if params[:submitted_view_email] - if verify_recaptcha - flash.discard(:error) - render :template => "public_body/view_email" - return + PublicBody.with_locale(self.locale_from_params()) do + if params[:submitted_view_email] + if verify_recaptcha + flash.discard(:error) + render :template => "public_body/view_email" + return + end + flash.now[:error] = "There was an error with the words you entered, please try again." end - flash.now[:error] = "There was an error with the words you entered, please try again." + render :template => "public_body/view_email_captcha" end - render :template => "public_body/view_email_captcha" end def list # XXX move some of these tag SQL queries into has_tag_string.rb @tag = params[:tag] + @locale = self.locale_from_params() + locale_condition = 'public_body_translations.locale = ?' if @tag.nil? @tag = "all" - conditions = [] + conditions = [locale_condition, @locale] elsif @tag == 'other' category_list = PublicBodyCategories::CATEGORIES.map{|c| "'"+c+"'"}.join(",") - conditions = ['(select count(*) from has_tag_string_tags where has_tag_string_tags.model_id = public_bodies.id + conditions = [locale_condition + ' AND (select count(*) from has_tag_string_tags where has_tag_string_tags.model_id = public_bodies.id and has_tag_string_tags.model = \'PublicBody\' - and has_tag_string_tags.name in (' + category_list + ')) = 0'] + and has_tag_string_tags.name in (' + category_list + ')) = 0', @locale] elsif @tag.size == 1 @tag.upcase! - conditions = ['first_letter = ?', @tag] + conditions = [locale_condition + ' AND public_body_translations.first_letter = ?', @locale, @tag] elsif @tag.include?(":") name, value = HasTagString::HasTagStringTag.split_tag_into_name_value(@tag) - conditions = ['(select count(*) from has_tag_string_tags where has_tag_string_tags.model_id = public_bodies.id + conditions = [locale_condition + ' AND (select count(*) from has_tag_string_tags where has_tag_string_tags.model_id = public_bodies.id and has_tag_string_tags.model = \'PublicBody\' - and has_tag_string_tags.name = ? and has_tag_string_tags.value = ?) > 0', name, value] + and has_tag_string_tags.name = ? and has_tag_string_tags.value = ?) > 0', @locale, name, value] else - conditions = ['(select count(*) from has_tag_string_tags where has_tag_string_tags.model_id = public_bodies.id + conditions = [locale_condition + ' AND (select count(*) from has_tag_string_tags where has_tag_string_tags.model_id = public_bodies.id and has_tag_string_tags.model = \'PublicBody\' - and has_tag_string_tags.name = ?) > 0', @tag] + and has_tag_string_tags.name = ?) > 0', @locale, @tag] end - @public_bodies = PublicBody.paginate( - :order => "public_bodies.name", :page => params[:page], :per_page => 1000, # fit all councils on one page - :conditions => conditions - ) if @tag.size == 1 @description = "beginning with '" + @tag + "'" else @@ -105,6 +110,14 @@ class PublicBodyController < ApplicationController @description = @tag end end + PublicBody.with_locale(@locale) do + @public_bodies = PublicBody.paginate( + :order => "public_body_translations.name", :page => params[:page], :per_page => 1000, # fit all councils on one page + :conditions => conditions, + :joins => :translations + ) + render :template => "public_body/list" + end end # Used so URLs like /local/islington work, for use e.g. writing to a local paper. diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 36fbc2b11..024f87dd5 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -11,68 +11,72 @@ class RequestController < ApplicationController protect_from_forgery :only => [ :new, :show_response, :describe_state, :upload_response ] # See ActionController::RequestForgeryProtection for details def show - # Look up by old style numeric identifiers - if params[:url_title].match(/^[0-9]+$/) - @info_request = InfoRequest.find(params[:url_title].to_i) - redirect_to request_url(@info_request) - return - end + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do - # Look up by new style text names - @info_request = InfoRequest.find_by_url_title(params[:url_title]) - if @info_request.nil? - raise "Request not found" - end - set_last_request(@info_request) + # Look up by old style numeric identifiers + if params[:url_title].match(/^[0-9]+$/) + @info_request = InfoRequest.find(params[:url_title].to_i) + redirect_to request_url(@info_request) + return + end - # Test for whole request being hidden - if !@info_request.user_can_view?(authenticated_user) - render :template => 'request/hidden', :status => 410 # gone - return - end - - # Other parameters - @info_request_events = @info_request.info_request_events - @status = @info_request.calculate_status - @collapse_quotes = params[:unfold] ? false : true - @update_status = params[:update_status] ? true : false - @is_owning_user = @info_request.is_owning_user?(authenticated_user) - @old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil? - - if @update_status - return if !@is_owning_user && !authenticated_as_user?(@info_request.user, - :web => "To update the status of this FOI request", - :email => "Then you can update the status of your request to " + @info_request.public_body.name + ".", - :email_subject => "Update the status of your request to " + @info_request.public_body.name - ) - end - - @last_info_request_event_id = @info_request.last_event_id_needing_description - @new_responses_count = @info_request.events_needing_description.select {|i| i.event_type == 'response'}.size - - # Sidebar stuff - # ... requests that have similar imporant terms - behavior_cache :tag => ['similar', @info_request.id] do - begin - limit = 10 - @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, - :limit => limit, :collapse_by_prefix => 'request_collapse') - @xapian_similar_more = (@xapian_similar.matches_estimated > limit) - rescue - @xapian_similar = nil + # Look up by new style text names + @info_request = InfoRequest.find_by_url_title(params[:url_title]) + if @info_request.nil? + raise "Request not found" end - end - - # Track corresponding to this page - @track_thing = TrackThing.create_track_for_request(@info_request) - @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] + set_last_request(@info_request) - # For send followup link at bottom - @last_response = @info_request.get_last_response + # Test for whole request being hidden + if !@info_request.user_can_view?(authenticated_user) + render :template => 'request/hidden', :status => 410 # gone + return + end + + # Other parameters + @info_request_events = @info_request.info_request_events + @status = @info_request.calculate_status + @collapse_quotes = params[:unfold] ? false : true + @update_status = params[:update_status] ? true : false + @is_owning_user = @info_request.is_owning_user?(authenticated_user) + @old_unclassified = @info_request.is_old_unclassified? && !authenticated_user.nil? + + if @update_status + return if !@is_owning_user && !authenticated_as_user?(@info_request.user, + :web => "To update the status of this FOI request", + :email => "Then you can update the status of your request to " + @info_request.public_body.name + ".", + :email_subject => "Update the status of your request to " + @info_request.public_body.name + ) + end + + @last_info_request_event_id = @info_request.last_event_id_needing_description + @new_responses_count = @info_request.events_needing_description.select {|i| i.event_type == 'response'}.size +1 + # Sidebar stuff + # ... requests that have similar imporant terms + behavior_cache :tag => ['similar', @info_request.id] do + begin + limit = 10 + @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, + :limit => limit, :collapse_by_prefix => 'request_collapse') + @xapian_similar_more = (@xapian_similar.matches_estimated > limit) + rescue + @xapian_similar = nil + end + end + + # Track corresponding to this page + @track_thing = TrackThing.create_track_for_request(@info_request) + @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] - respond_to do |format| - format.html { @has_json = true } - format.json { render :json => @info_request.json_for_api(true) } + # For send followup link at bottom + @last_response = @info_request.get_last_response + + respond_to do |format| + format.html { @has_json = true; render :template => 'request/show'} + format.json { render :json => @info_request.json_for_api(true) } + end end end @@ -666,28 +670,30 @@ class RequestController < ApplicationController # FOI officers can upload a response def upload_response - @info_request = InfoRequest.find_by_url_title(params[:url_title]) - - @reason_params = { - :web => "To upload a response, you must be logged in using an email address from " + CGI.escapeHTML(@info_request.public_body.name), - :email => "Then you can upload an FOI response. ", - :email_subject => "Confirm your account on WhatDoTheyKnow.com" - } - if !authenticated?(@reason_params) - return - end + @locale = self.locale_from_params() + PublicBody.with_locale(@locale) do + @info_request = InfoRequest.find_by_url_title(params[:url_title]) + + @reason_params = { + :web => "To upload a response, you must be logged in using an email address from " + CGI.escapeHTML(@info_request.public_body.name), + :email => "Then you can upload an FOI response. ", + :email_subject => "Confirm your account on WhatDoTheyKnow.com" + } + if !authenticated?(@reason_params) + return + end - if !@info_request.public_body.is_foi_officer?(@user) - domain_required = @info_request.public_body.foi_officer_domain_required - if domain_required.nil? - render :template => 'user/wrong_user_unknown_email' + if !@info_request.public_body.is_foi_officer?(@user) + domain_required = @info_request.public_body.foi_officer_domain_required + if domain_required.nil? + render :template => 'user/wrong_user_unknown_email' + return + end + @reason_params[:user_name] = "an email @" + domain_required + render :template => 'user/wrong_user' return end - @reason_params[:user_name] = "an email @" + domain_required - render :template => 'user/wrong_user' - return end - if params[:submitted_upload_response] file_name = nil file_content = nil |