aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/application_controller.rb20
-rw-r--r--app/controllers/general_controller.rb20
-rw-r--r--app/controllers/reports_controller.rb31
-rw-r--r--app/controllers/request_controller.rb66
-rw-r--r--app/controllers/track_controller.rb2
-rw-r--r--app/controllers/user_controller.rb10
6 files changed, 84 insertions, 65 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 2615b61f2..dffc16b63 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -142,7 +142,10 @@ class ApplicationController < ActionController::Base
ExceptionNotifier::Notifier.exception_notification(request.env, exception).deliver
@status = 500
end
- render :template => "general/exception_caught", :status => @status
+ respond_to do |format|
+ format.html{ render :template => "general/exception_caught", :status => @status }
+ format.any{ render :nothing => true, :status => @status }
+ end
end
def local_request?
@@ -358,12 +361,15 @@ class ApplicationController < ActionController::Base
# Peform the search
@per_page = per_page
- if this_page.nil?
- @page = get_search_page_from_params
- else
- @page = this_page
- end
- result = InfoRequest.full_search(models, @query, order, ascending, collapse, @per_page, @page)
+ @page = this_page || get_search_page_from_params
+
+ result = ActsAsXapian::Search.new(models, @query,
+ :offset => (@page - 1) * @per_page,
+ :limit => @per_page,
+ :sort_by_prefix => order,
+ :sort_by_ascending => ascending,
+ :collapse_by_prefix => collapse
+ )
result.results # Touch the results to load them, otherwise accessing them from the view
# might fail later if the database has subsequently been reopened.
return result
diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb
index 9d0f91dda..15f5df840 100644
--- a/app/controllers/general_controller.rb
+++ b/app/controllers/general_controller.rb
@@ -153,7 +153,7 @@ class GeneralController < ApplicationController
# structured query which should show newest first, rather than a free text search
# where we want most relevant as default.
begin
- dummy_query = ::ActsAsXapian::Search.new([InfoRequestEvent], @query, :limit => 1)
+ dummy_query = ActsAsXapian::Search.new([InfoRequestEvent], @query, :limit => 1)
rescue => e
flash[:error] = "Your query was not quite right. " + CGI.escapeHTML(e.to_str)
redirect_to search_url("")
@@ -169,10 +169,8 @@ class GeneralController < ApplicationController
# Query each type separately for separate display (XXX we are calling
# perform_search multiple times and it clobbers per_page for each one,
# so set as separate var)
- requests_per_page = 25
- if params[:requests_per_page]
- requests_per_page = params[:requests_per_page].to_i
- end
+ requests_per_page = params[:requests_per_page] ? params[:requests_per_page].to_i : 25
+
@this_page_hits = @total_hits = @xapian_requests_hits = @xapian_bodies_hits = @xapian_users_hits = 0
if @requests
@xapian_requests = perform_search([InfoRequestEvent], @query, @sortby, 'request_collapse', requests_per_page)
@@ -211,18 +209,6 @@ class GeneralController < ApplicationController
@feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ]
end
- # Jump to a random request
- def random_request
- info_request = InfoRequest.random
- redirect_to request_url(info_request)
- end
-
- def custom_css
- long_cache
- @locale = self.locale_from_params()
- render(:layout => false, :content_type => 'text/css')
- end
-
# Handle requests for non-existent URLs - will be handled by ApplicationController::render_exception
def not_found
raise RouteNotFound
diff --git a/app/controllers/reports_controller.rb b/app/controllers/reports_controller.rb
new file mode 100644
index 000000000..a1dd53125
--- /dev/null
+++ b/app/controllers/reports_controller.rb
@@ -0,0 +1,31 @@
+class ReportsController < ApplicationController
+ def create
+ @info_request = InfoRequest.find_by_url_title!(params[:request_id])
+ @reason = params[:reason]
+ @message = params[:message]
+ if @reason.empty?
+ flash[:error] = _("Please choose a reason")
+ render "new"
+ return
+ end
+
+ if !authenticated_user
+ flash[:notice] = _("You need to be logged in to report a request for administrator attention")
+ elsif @info_request.attention_requested
+ flash[:notice] = _("This request has already been reported for administrator attention")
+ else
+ @info_request.report!(@reason, @message, @user)
+ flash[:notice] = _("This request has been reported for administrator attention")
+ end
+ redirect_to request_url(@info_request)
+ end
+
+ def new
+ @info_request = InfoRequest.find_by_url_title!(params[:request_id])
+ if authenticated?(
+ :web => _("To report this request"),
+ :email => _("Then you can report the request '{{title}}'", :title => @info_request.title),
+ :email_subject => _("Report an offensive or unsuitable request"))
+ end
+ end
+end
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index a0f88096e..880a7b4b4 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -5,7 +5,6 @@
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: hello@mysociety.org; WWW: http://www.mysociety.org/
-require 'alaveteli_file_types'
require 'zip/zip'
require 'open-uri'
@@ -68,8 +67,7 @@ class RequestController < ApplicationController
# Test for whole request being hidden
if !@info_request.user_can_view?(authenticated_user)
- render :template => 'request/hidden', :status => 410 # gone
- return
+ return render_hidden
end
# Other parameters
@@ -102,7 +100,7 @@ class RequestController < ApplicationController
# ... requests that have similar imporant terms
begin
limit = 10
- @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
+ @xapian_similar = ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
:limit => limit, :collapse_by_prefix => 'request_collapse')
@xapian_similar_more = (@xapian_similar.matches_estimated > limit)
rescue
@@ -127,8 +125,7 @@ class RequestController < ApplicationController
long_cache
@info_request = InfoRequest.find_by_url_title!(params[:url_title])
if !@info_request.user_can_view?(authenticated_user)
- render :template => 'request/hidden', :status => 410 # gone
- return
+ return render_hidden
end
@columns = ['id', 'event_type', 'created_at', 'described_state', 'last_described_at', 'calculated_state' ]
end
@@ -147,10 +144,9 @@ class RequestController < ApplicationController
raise ActiveRecord::RecordNotFound.new("Request not found") if @info_request.nil?
if !@info_request.user_can_view?(authenticated_user)
- render :template => 'request/hidden', :status => 410 # gone
- return
+ return render_hidden
end
- @xapian_object = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
+ @xapian_object = ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events,
:offset => (@page - 1) * @per_page, :limit => @per_page, :collapse_by_prefix => 'request_collapse')
@matches_estimated = @xapian_object.matches_estimated
@show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated
@@ -588,8 +584,7 @@ class RequestController < ApplicationController
# Test for hidden requests
if !authenticated_user.nil? && !@info_request.user_can_view?(authenticated_user)
- render :template => 'request/hidden', :status => 410 # gone
- return
+ return render_hidden
end
# Check address is good
@@ -672,7 +667,7 @@ class RequestController < ApplicationController
raise ActiveRecord::RecordNotFound.new("Message not found") if incoming_message.nil?
if !incoming_message.info_request.user_can_view?(authenticated_user)
@info_request = incoming_message.info_request # used by view
- render :template => 'request/hidden', :status => 410 # gone
+ return render_hidden
end
# Is this a completely public request that we can cache attachments for
# to be served up without authentication?
@@ -681,25 +676,6 @@ class RequestController < ApplicationController
end
end
- def report_request
- info_request = InfoRequest.find_by_url_title!(params[:url_title])
- return if !authenticated?(
- :web => _("To report this FOI request"),
- :email => _("Then you can report the request '{{title}}'", :title => info_request.title),
- :email_subject => _("Report an offensive or unsuitable request")
- )
-
- if !info_request.attention_requested
- info_request.set_described_state('attention_requested', @user)
- info_request.attention_requested = true # tells us if attention has ever been requested
- info_request.save!
- flash[:notice] = _("This request has been reported for administrator attention")
- else
- flash[:notice] = _("This request has already been reported for administrator attention")
- end
- redirect_to request_url(info_request)
- end
-
# special caching code so mime types are handled right
around_filter :cache_attachments, :only => [ :get_attachment, :get_attachment_as_html ]
def cache_attachments
@@ -712,7 +688,7 @@ class RequestController < ApplicationController
logger.info("Reading cache for #{key_path}")
if File.directory?(key_path)
- render :text => "Directory listing not allowed", :status => 403
+ render :text => "Directory listing not allowed", :status => 403
else
render :text => foi_fragment_cache_read(key_path),
:content_type => (AlaveteliFileTypes.filename_to_mimetype(params[:file_name]) || 'application/octet-stream')
@@ -722,7 +698,7 @@ class RequestController < ApplicationController
yield
- if params[:skip_cache].nil?
+ if params[:skip_cache].nil? && response.status == 200
# write it to the fileystem ourselves, so is just a plain file. (The
# various fragment cache functions using Ruby Marshall to write the file
# which adds a header, so isnt compatible with images that have been
@@ -737,6 +713,7 @@ class RequestController < ApplicationController
def get_attachment
get_attachment_internal(false)
+ return unless @attachment
# Prevent spam to magic request address. Note that the binary
# subsitution method used depends on the content type
@@ -756,6 +733,7 @@ class RequestController < ApplicationController
raise ActiveRecord::RecordNotFound.new("Attachment HTML not found.")
end
get_attachment_internal(true)
+ return unless @attachment
# images made during conversion (e.g. images in PDF files) are put in the cache directory, so
# the same cache code in cache_attachments above will display them.
@@ -802,8 +780,11 @@ class RequestController < ApplicationController
# check permissions
raise "internal error, pre-auth filter should have caught this" if !@info_request.user_can_view?(authenticated_user)
- @attachment = IncomingMessage.get_attachment_by_url_part_number(@incoming_message.get_attachments_for_display, @part_number)
- raise ActiveRecord::RecordNotFound.new("attachment not found part number " + @part_number.to_s + " incoming_message " + @incoming_message.id.to_s) if @attachment.nil?
+ @attachment = IncomingMessage.get_attachment_by_url_part_number_and_filename(@incoming_message.get_attachments_for_display, @part_number, @original_filename)
+ # If we can't find the right attachment, redirect to the incoming message:
+ unless @attachment
+ return redirect_to incoming_message_url(@incoming_message), :status => 303
+ end
# check filename in URL matches that in database (use a censor rule if you want to change a filename)
raise ActiveRecord::RecordNotFound.new("please use same filename as original file has, display: '" + @attachment.display_filename + "' old_display: '" + @attachment.old_display_filename + "' original: '" + @original_filename + "'") if @attachment.display_filename != @original_filename && @attachment.old_display_filename != @original_filename
@@ -878,8 +859,7 @@ class RequestController < ApplicationController
@info_request = InfoRequest.find_by_url_title!(params[:url_title])
# Test for whole request being hidden or requester-only
if !@info_request.all_can_view?
- render :template => 'request/hidden', :status => 410 # gone
- return
+ return render_hidden
end
if authenticated?(
:web => _("To download the zip file"),
@@ -939,5 +919,17 @@ class RequestController < ApplicationController
end
end
end
+
+ private
+
+ def render_hidden
+ respond_to do |format|
+ response_code = 410 # gone
+ format.html{ render :template => 'request/hidden', :status => response_code }
+ format.any{ render :nothing => true, :status => response_code }
+ end
+ false
+ end
+
end
diff --git a/app/controllers/track_controller.rb b/app/controllers/track_controller.rb
index 9076148c4..40e82e7a4 100644
--- a/app/controllers/track_controller.rb
+++ b/app/controllers/track_controller.rb
@@ -157,7 +157,7 @@ class TrackController < ApplicationController
format.json { render :json => @xapian_object.results.map { |r| r[:model].json_for_api(true,
lambda { |t| view_context.highlight_and_excerpt(t, @xapian_object.words_to_highlight, 150) }
) } }
- format.any { render :template => 'track/atom_feed.atom', :layout => false, :content_type => :atom }
+ format.any { render :template => 'track/atom_feed.atom', :layout => false, :content_type => 'application/atom+xml' }
end
end
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index dca3cda17..1ccab3003 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -119,7 +119,11 @@ class UserController < ApplicationController
@track_things = TrackThing.find(:all, :conditions => ["tracking_user_id = ? and track_medium = ?", @display_user.id, 'email_daily'], :order => 'created_at desc')
for track_thing in @track_things
# XXX factor out of track_mailer.rb
- xapian_object = InfoRequest.full_search([InfoRequestEvent], track_thing.track_query, 'described_at', true, nil, 20, 1)
+ xapian_object = ActsAsXapian::Search.new([InfoRequestEvent], track_thing.track_query,
+ :sort_by_prefix => 'described_at',
+ :sort_by_ascending => true,
+ :collapse_by_prefix => nil,
+ :limit => 20)
feed_results += xapian_object.results.map {|x| x[:model]}
end
end
@@ -527,7 +531,7 @@ class UserController < ApplicationController
def get_draft_profile_photo
profile_photo = ProfilePhoto.find(params[:id])
response.content_type = "image/png"
- render_for_text(profile_photo.data)
+ render :text => profile_photo.data
end
# actual profile photo of a user
@@ -542,7 +546,7 @@ class UserController < ApplicationController
end
response.content_type = "image/png"
- render_for_text(@display_user.profile_photo.data)
+ render :text => @display_user.profile_photo.data
end
# Change about me text on your profile page
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 01:59:54 +0000