diff options
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/admin_censor_rule_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/admin_controller.rb | 10 | ||||
| -rw-r--r-- | app/controllers/admin_general_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/admin_public_body_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/admin_request_controller.rb | 22 | ||||
| -rw-r--r-- | app/controllers/admin_track_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/admin_user_controller.rb | 12 | ||||
| -rw-r--r-- | app/controllers/api_controller.rb | 13 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 57 | ||||
| -rw-r--r-- | app/controllers/comment_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/general_controller.rb | 10 | ||||
| -rw-r--r-- | app/controllers/help_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/holiday_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/public_body_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 61 | ||||
| -rw-r--r-- | app/controllers/request_game_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/services_controller.rb | 6 | ||||
| -rw-r--r-- | app/controllers/track_controller.rb | 11 | ||||
| -rw-r--r-- | app/controllers/user_controller.rb | 28 |
19 files changed, 138 insertions, 140 deletions
diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb index d3e9e47d2..6f79b5ba1 100644 --- a/app/controllers/admin_censor_rule_controller.rb +++ b/app/controllers/admin_censor_rule_controller.rb @@ -2,7 +2,7 @@ # For modifying requests. # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminCensorRuleController < AdminController def new diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index e90f03187..0bccd3358 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -2,7 +2,7 @@ # All admin controllers are dervied from this. # # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ require 'fileutils' @@ -51,7 +51,7 @@ class AdminController < ApplicationController # For administration interface, return display name of authenticated user def admin_current_user - if Configuration::skip_admin_auth + if AlaveteliConfiguration::skip_admin_auth admin_http_auth_user else session[:admin_name] @@ -74,12 +74,12 @@ class AdminController < ApplicationController end def authenticate - if Configuration::skip_admin_auth + if AlaveteliConfiguration::skip_admin_auth session[:using_admin] = 1 return else if session[:using_admin].nil? || session[:admin_name].nil? - if params[:emergency].nil? || Configuration::disable_emergency_user + if params[:emergency].nil? || AlaveteliConfiguration::disable_emergency_user if authenticated?( :web => _("To log into the administrative interface"), :email => _("Then you can log into the administrative interface"), @@ -97,7 +97,7 @@ class AdminController < ApplicationController end else authenticate_or_request_with_http_basic do |user_name, password| - if user_name == Configuration::admin_username && password == Configuration::admin_password + if user_name == AlaveteliConfiguration::admin_username && password == AlaveteliConfiguration::admin_password session[:using_admin] = 1 session[:admin_name] = user_name else diff --git a/app/controllers/admin_general_controller.rb b/app/controllers/admin_general_controller.rb index 800678787..b64fcac3e 100644 --- a/app/controllers/admin_general_controller.rb +++ b/app/controllers/admin_general_controller.rb @@ -2,7 +2,7 @@ # Controller for main admin pages. # # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminGeneralController < AdminController skip_before_filter :authenticate, :only => :admin_js diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb index 93715d364..52b56eda2 100644 --- a/app/controllers/admin_public_body_controller.rb +++ b/app/controllers/admin_public_body_controller.rb @@ -2,7 +2,7 @@ # Controller for editing public bodies from the admin interface. # # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ require "public_body_categories" @@ -23,12 +23,10 @@ class AdminPublicBodyController < AdminController if @page == "" @page = nil end - @public_bodies = PublicBody.paginate :order => "public_body_translations.name", :page => @page, :per_page => 100, - :conditions => @query.nil? ? "public_body_translations.locale = '#{@locale}'" : + @public_bodies = PublicBody.joins(:translations).where(@query.nil? ? "public_body_translations.locale = '#{@locale}'" : ["(lower(public_body_translations.name) like lower('%'||?||'%') or lower(public_body_translations.short_name) like lower('%'||?||'%') or - lower(public_body_translations.request_email) like lower('%'||?||'%' )) AND (public_body_translations.locale = '#{@locale}')", @query, @query, @query], - :joins => :translations + lower(public_body_translations.request_email) like lower('%'||?||'%' )) AND (public_body_translations.locale = '#{@locale}')", @query, @query, @query]).paginate :order => "public_body_translations.name", :page => @page, :per_page => 100 end @public_bodies_by_tag = PublicBody.find_by_tag(@query) end diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index 53055ae32..66989ea93 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -2,7 +2,7 @@ # Controller for viewing FOI requests from the admin interface. # # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ require 'ostruct' @@ -14,10 +14,14 @@ class AdminRequestController < AdminController def list @query = params[:query] - @info_requests = InfoRequest.paginate :order => "created_at desc", + if @query + info_requests = InfoRequest.where(["lower(title) like lower('%'||?||'%')", @query]) + else + info_requests = InfoRequest + end + @info_requests = info_requests.paginate :order => "created_at desc", :page => params[:page], - :per_page => 100, - :conditions => @query.nil? ? nil : ["lower(title) like lower('%'||?||'%')", @query] + :per_page => 100 end def show @@ -25,11 +29,11 @@ class AdminRequestController < AdminController # XXX is this *really* the only way to render a template to a # variable, rather than to the response? vars = OpenStruct.new(:name_to => @info_request.user_name, - :name_from => Configuration::contact_name, + :name_from => AlaveteliConfiguration::contact_name, :info_request => @info_request, :reason => params[:reason], - :info_request_url => 'http://' + Configuration::domain + request_path(@info_request), + :info_request_url => 'http://' + AlaveteliConfiguration::domain + request_url(@info_request), :site_name => site_name) - template = File.read(File.join(File.dirname(__FILE__), "..", "views", "admin_request", "hidden_user_explanation.rhtml")) + template = File.read(File.join(File.dirname(__FILE__), "..", "views", "admin_request", "hidden_user_explanation.html.erb")) @request_hidden_user_explanation = ERB.new(template).result(vars.instance_eval { binding }) end @@ -361,11 +365,11 @@ class AdminRequestController < AdminController info_request.save! if ! info_request.is_external? - ContactMailer.deliver_from_admin_message( + ContactMailer.from_admin_message( info_request.user, subject, params[:explanation].strip.html_safe - ) + ).deliver flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name)) else flash[:notice] = _("This external request has been hidden") diff --git a/app/controllers/admin_track_controller.rb b/app/controllers/admin_track_controller.rb index 525c96782..085c9c6cc 100644 --- a/app/controllers/admin_track_controller.rb +++ b/app/controllers/admin_track_controller.rb @@ -2,14 +2,18 @@ # Show email alerts / RSS feeds from admin interface. # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminTrackController < AdminController def list @query = params[:query] - @admin_tracks = TrackThing.paginate :order => "created_at desc", :page => params[:page], :per_page => 100, - :conditions => @query.nil? ? nil : ["lower(track_query) like lower('%'||?||'%')", @query ] - @popular = ActiveRecord::Base.connection.select_all("select count(*) as count, title, info_request_id from track_things join info_requests on info_request_id = info_requests.id where info_request_id is not null group by info_request_id, title order by count desc limit 10;") + if @query + track_things = TrackThing.where(["lower(track_query) like lower('%'||?||'%')", @query]) + else + track_things = TrackThing + end + @admin_tracks = track_things.paginate :order => "created_at desc", :page => params[:page], :per_page => 100 + @popular = ActiveRecord::Base.connection.select_all("select count(*) as count, title, info_request_id from track_things join info_requests on info_request_id = info_requests.id where info_request_id is not null group by info_request_id, title order by count desc limit 10;") end private diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index feffa208e..929b93e0e 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -2,7 +2,7 @@ # Controller for viewing user accounts from the admin interface. # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminUserController < AdminController def index @@ -12,9 +12,13 @@ class AdminUserController < AdminController def list @query = params[:query] - @admin_users = User.paginate :order => "name", :page => params[:page], :per_page => 100, - :conditions => @query.nil? ? nil : ["lower(name) like lower('%'||?||'%') or - lower(email) like lower('%'||?||'%')", @query, @query] + if @query + users = User.where(["lower(name) like lower('%'||?||'%') or + lower(email) like lower('%'||?||'%')", @query, @query]) + else + users = User + end + @admin_users = users.paginate :order => "name", :page => params[:page], :per_page => 100 end def list_banned diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 5d8ceb888..49b226e4b 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -83,7 +83,7 @@ class ApiController < ApplicationController direction = json["direction"] body = json["body"] - sent_at_str = json["sent_at"] + sent_at = json["sent_at"] errors = [] @@ -107,12 +107,6 @@ class ApiController < ApplicationController errors << "The 'body' is empty" end - begin - sent_at = Time.iso8601(sent_at_str) - rescue ArgumentError - errors << "Failed to parse 'sent_at' field as ISO8601 time: #{sent_at_str}" - end - if direction == "request" && !attachments.nil? errors << "You cannot attach files to messages in the 'request' direction" end @@ -155,7 +149,8 @@ class ApiController < ApplicationController ) end - mail = RequestMailer.create_external_response(request, body, sent_at, attachment_hashes) + mail = RequestMailer.external_response(request, body, sent_at, attachment_hashes) + request.receive(mail, mail.encoded, true) end render :json => { @@ -248,6 +243,6 @@ class ApiController < ApplicationController private def make_url(*args) - "http://" + Configuration::domain + "/" + args.join("/") + "http://" + AlaveteliConfiguration::domain + "/" + args.join("/") end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f3deeb64a..029b536ec 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -5,7 +5,7 @@ # will be available for all controllers. # # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ require 'open-uri' @@ -16,9 +16,6 @@ class ApplicationController < ActionController::Base layout "default" include FastGettext::Translation # make functions like _, n_, N_ etc available) - # Send notification email on exceptions - include ExceptionNotification::Notifiable - # Note: a filter stops the chain if it redirects or renders something before_filter :authentication_check before_filter :set_gettext_locale @@ -27,9 +24,6 @@ class ApplicationController < ActionController::Base before_filter :set_vary_header before_filter :set_popup_banner - # scrub sensitive parameters from the logs - filter_parameter_logging :password - def set_vary_header response.headers['Vary'] = 'Cookie' end @@ -54,12 +48,12 @@ class ApplicationController < ActionController::Base end def set_gettext_locale - if Configuration::include_default_locale_in_urls == false + if AlaveteliConfiguration::include_default_locale_in_urls == false params_locale = params[:locale] ? params[:locale] : I18n.default_locale else params_locale = params[:locale] end - if Configuration::use_default_browser_language + if AlaveteliConfiguration::use_default_browser_language requested_locale = params_locale || session[:locale] || cookies[:locale] || request.env['HTTP_ACCEPT_LANGUAGE'] || I18n.default_locale else requested_locale = params_locale || session[:locale] || cookies[:locale] || I18n.default_locale @@ -74,9 +68,6 @@ class ApplicationController < ActionController::Base end end - # scrub sensitive parameters from the logs - filter_parameter_logging :password - helper_method :locale_from_params # Help work out which request causes RAM spike. @@ -92,7 +83,7 @@ class ApplicationController < ActionController::Base # egrep "CONSUME MEMORY: [0-9]{7} KB" production.log around_filter :record_memory def record_memory - record_memory = Configuration::debug_record_memory + record_memory = AlaveteliConfiguration::debug_record_memory if record_memory logger.info "Processing request for #{request.url} with Rails process #{Process.pid}" File.read("/proc/#{Process.pid}/status").match(/VmRSS:\s+(\d+)/) @@ -151,22 +142,23 @@ class ApplicationController < ActionController::Base @exception_backtrace = exception.backtrace.join("\n") @exception_class = exception.class.to_s @exception_message = exception.message - render :template => "general/exception_caught.rhtml", :status => @status + render :template => "general/exception_caught", :status => @status end - # For development sites. - alias original_rescue_action_locally rescue_action_locally - def rescue_action_locally(exception) - # Make sure expiry time for session is set (before_filters are - # otherwise missed by this override) - session_remember_me + # FIXME: This was disabled during the Rails 3 upgrade as this is now handled by Rack + # # For development sites. + # alias original_rescue_action_locally rescue_action_locally + # def rescue_action_locally(exception) + # # Make sure expiry time for session is set (before_filters are + # # otherwise missed by this override) + # session_remember_me - # Make sure the locale is set correctly too - set_gettext_locale + # # Make sure the locale is set correctly too + # set_gettext_locale - # Display default, detailed error for developers - original_rescue_action_locally(exception) - end + # # Display default, detailed error for developers + # original_rescue_action_locally(exception) + # end def local_request? false @@ -175,6 +167,7 @@ class ApplicationController < ActionController::Base # Called from test code, is a mimic of UserController.confirm, for use in following email # links when in controller tests (though we also have full integration tests that # can work over multiple controllers) + # TODO: Move this to the tests. It shouldn't be here def test_code_redirect_by_email_token(token, controller_example_group) post_redirect = PostRedirect.find_by_email_token(token) if post_redirect.nil? @@ -182,7 +175,7 @@ class ApplicationController < ActionController::Base end session[:user_id] = post_redirect.user.id session[:user_circumstance] = post_redirect.circumstance - params = controller_example_group.params_from(:get, post_redirect.local_part_uri) + params = Rails.application.routes.recognize_path(post_redirect.local_part_uri) params.merge(post_redirect.post_params) controller_example_group.get params[:action], params end @@ -258,7 +251,7 @@ class ApplicationController < ActionController::Base # Check the user is logged in def authenticated?(reason_params) unless session[:user_id] - post_redirect = PostRedirect.new(:uri => request.request_uri, :post_params => params, + post_redirect = PostRedirect.new(:uri => request.fullpath, :post_params => params, :reason_params => reason_params) post_redirect.save! # 'modal' controls whether the sign-in form will be displayed in the typical full-blown @@ -346,10 +339,10 @@ class ApplicationController < ActionController::Base # def check_read_only - if !Configuration::read_only.empty? + if !AlaveteliConfiguration::read_only.empty? flash[:notice] = _("<p>{{site_name}} is currently in maintenance. You can only view existing requests. You cannot make new ones, add followups or annotations, or otherwise change the database.</p> <p>{{read_only}}</p>", :site_name => site_name, - :read_only => Configuration::read_only) + :read_only => AlaveteliConfiguration::read_only) redirect_to frontpage_url end @@ -552,10 +545,10 @@ class ApplicationController < ActionController::Base def country_from_ip country = "" - if !Configuration::gaze_url.empty? - country = quietly_try_to_open("#{Configuration::gaze_url}/gaze-rest?f=get_country_from_ip;ip=#{request.remote_ip}") + if !AlaveteliConfiguration::gaze_url.empty? + country = quietly_try_to_open("#{AlaveteliConfiguration::gaze_url}/gaze-rest?f=get_country_from_ip;ip=#{request.remote_ip}") end - country = Configuration::iso_country_code if country.empty? + country = AlaveteliConfiguration::iso_country_code if country.empty? return country end diff --git a/app/controllers/comment_controller.rb b/app/controllers/comment_controller.rb index ed249d6cc..d4b17e9d2 100644 --- a/app/controllers/comment_controller.rb +++ b/app/controllers/comment_controller.rb @@ -2,7 +2,7 @@ # Show annotations upon a request or other object. # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class CommentController < ApplicationController before_filter :check_read_only, :only => [ :new ] diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb index 0783fc579..075d35ba0 100644 --- a/app/controllers/general_controller.rb +++ b/app/controllers/general_controller.rb @@ -3,7 +3,7 @@ # particular model. # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ begin require 'xmlsimple' @@ -21,7 +21,7 @@ class GeneralController < ApplicationController medium_cache # get some example searches and public bodies to display # either from config, or based on a (slow!) query if not set - body_short_names = Configuration::frontpage_publicbody_examples.split(/\s*;\s*/).map{|s| "'%s'" % s.gsub(/'/, "''") }.join(", ") + body_short_names = AlaveteliConfiguration::frontpage_publicbody_examples.split(/\s*;\s*/).map{|s| "'%s'" % s.gsub(/'/, "''") }.join(", ") @locale = self.locale_from_params() locale_condition = 'public_body_translations.locale = ?' conditions = [locale_condition, @locale] @@ -71,7 +71,7 @@ class GeneralController < ApplicationController def blog medium_cache @feed_autodetect = [] - @feed_url = Configuration::blog_feed + @feed_url = AlaveteliConfiguration::blog_feed separator = @feed_url.include?('?') ? '&' : '?' @feed_url = "#{@feed_url}#{separator}lang=#{self.locale_from_params()}" @blog_items = [] @@ -84,7 +84,7 @@ class GeneralController < ApplicationController @feed_autodetect = [{:url => @feed_url, :title => "#{site_name} blog"}] end end - @twitter_user = Configuration::twitter_username + @twitter_user = AlaveteliConfiguration::twitter_username end # Just does a redirect from ?query= search to /query @@ -109,7 +109,7 @@ class GeneralController < ApplicationController def search # XXX Why is this so complicated with arrays and stuff? Look at the route # in config/routes.rb for comments. - combined = params[:combined] + combined = params[:combined].split("/") @sortby = nil @bodies = @requests = @users = true if combined.size > 0 && (['advanced'].include?(combined[-1])) diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb index 573abac63..9959df6d8 100644 --- a/app/controllers/help_controller.rb +++ b/app/controllers/help_controller.rb @@ -2,7 +2,7 @@ # Show information about one particular request. # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class HelpController < ApplicationController @@ -18,7 +18,7 @@ class HelpController < ApplicationController end def contact - @contact_email = Configuration::contact_email + @contact_email = AlaveteliConfiguration::contact_email # if they clicked remove for link to request/body, remove it if params[:remove] @@ -49,14 +49,14 @@ class HelpController < ApplicationController end @contact = ContactValidator.new(params[:contact]) if @contact.valid? && !params[:remove] - ContactMailer.deliver_to_admin_message( + ContactMailer.to_admin_message( params[:contact][:name], params[:contact][:email], params[:contact][:subject], params[:contact][:message], @user, @last_request, @last_body - ) + ).deliver flash[:notice] = _("Your message has been sent. Thank you for getting in touch! We'll get back to you soon.") redirect_to frontpage_url return diff --git a/app/controllers/holiday_controller.rb b/app/controllers/holiday_controller.rb index 3101c07e3..efc20701d 100644 --- a/app/controllers/holiday_controller.rb +++ b/app/controllers/holiday_controller.rb @@ -2,7 +2,7 @@ # Calculate dates # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class HolidayController < ApplicationController @@ -12,7 +12,7 @@ class HolidayController < ApplicationController def due_date if params[:holiday] @request_date = Date.strptime(params[:holiday]) or raise "Invalid date" - @due_date = Holiday.due_date_from(@request_date, Configuration::reply_late_after_days, Configuration::working_or_calendar_days) + @due_date = Holiday.due_date_from(@request_date, AlaveteliConfiguration::reply_late_after_days, AlaveteliConfiguration::working_or_calendar_days) @skipped = Holiday.all( :conditions => [ 'day >= ? AND day <= ?', @request_date.strftime("%F"), @due_date.strftime("%F") diff --git a/app/controllers/public_body_controller.rb b/app/controllers/public_body_controller.rb index 1821e6725..74ea043bb 100644 --- a/app/controllers/public_body_controller.rb +++ b/app/controllers/public_body_controller.rb @@ -3,7 +3,7 @@ # Show information about a public body. # # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ require 'fastercsv' @@ -128,10 +128,8 @@ class PublicBodyController < ApplicationController end end I18n.with_locale(@locale) do - @public_bodies = PublicBody.paginate( - :order => "public_body_translations.name", :page => params[:page], :per_page => 100, - :conditions => conditions, - :joins => :translations + @public_bodies = PublicBody.where(conditions).joins(:translations).order("public_body_translations.name").paginate( + :page => params[:page], :per_page => 100 ) render :template => "public_body/list" end diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index e82871d7b..4ef36b6d8 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -2,7 +2,7 @@ # Show information about one particular request. # # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ require 'alaveteli_file_types' require 'zip/zip' @@ -17,7 +17,7 @@ class RequestController < ApplicationController @@custom_states_loaded = false begin - if ENV["RAILS_ENV"] != "test" + if !Rails.env.test? require 'customstates' include RequestControllerCustomStates @@custom_states_loaded = true @@ -28,7 +28,7 @@ class RequestController < ApplicationController def select_authority # Check whether we force the user to sign in right at the start, or we allow her # to start filling the request anonymously - if Configuration::force_registration_on_new_request && !authenticated?( + if AlaveteliConfiguration::force_registration_on_new_request && !authenticated?( :web => _("To send your FOI request"), :email => _("Then you'll be allowed to send FOI requests."), :email_subject => _("Confirm your email address") @@ -44,7 +44,7 @@ class RequestController < ApplicationController end def show - if !Configuration::varnish_host.blank? + if !AlaveteliConfiguration::varnish_host.blank? # If varnish is set up to accept PURGEs, then cache for a # long time long_cache @@ -242,16 +242,19 @@ class RequestController < ApplicationController # Read parameters in - first the public body (by URL name or id) if params[:url_name] if params[:url_name].match(/^[0-9]+$/) - params[:info_request][:public_body_id] = params[:url_name] + params[:info_request][:public_body] = PublicBody.find(params[:url_name]) else public_body = PublicBody.find_by_url_name_with_historic(params[:url_name]) raise ActiveRecord::RecordNotFound.new("None found") if public_body.nil? # XXX proper 404 - params[:info_request][:public_body_id] = public_body.id + params[:info_request][:public_body] = public_body end elsif params[:public_body_id] - params[:info_request][:public_body_id] = params[:public_body_id] + params[:info_request][:public_body] = PublicBody.find(params[:public_body_id]) + # Explicitly load the association as this isn't done automatically in newer Rails versions + elsif params[:info_request][:public_body_id] + params[:info_request][:public_body] = PublicBody.find(params[:info_request][:public_body_id]) end - if !params[:info_request][:public_body_id] + if !params[:info_request][:public_body] # compulsory to have a body by here, or go to front page which is start of process redirect_to frontpage_url return @@ -344,7 +347,7 @@ class RequestController < ApplicationController end if !authenticated?( - :web => _("To send your FOI request"), + :web => _("To send your FOI request").to_str, :email => _("Then your FOI request to {{public_body_name}} will be sent.",:public_body_name=>@info_request.public_body.name), :email_subject => _("Confirm your FOI request to ") + @info_request.public_body.name ) @@ -368,8 +371,8 @@ class RequestController < ApplicationController replied by then.</p> <p>If you write about this request (for example in a forum or a blog) please link to this page, and add an annotation below telling people about your writing.</p>",:law_used_full=>@info_request.law_used_full, - :late_number_of_days => Configuration::reply_late_after_days) - redirect_to show_new_request_url(:url_title => @info_request.url_title) + :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) + redirect_to show_new_request_path(:url_title => @info_request.url_title) end # Submitted to the describing state of messages form @@ -434,6 +437,7 @@ class RequestController < ApplicationController return end + calculated_status = info_request.calculate_status # Display advice for requester on what to do next, as appropriate flash[:notice] = case info_request.calculate_status when 'waiting_response' @@ -442,7 +446,7 @@ class RequestController < ApplicationController when 'waiting_response_overdue' _("<p>Thank you! Hope you don't have to wait much longer.</p> <p>By law, you should have got a response promptly, and normally before the end of <strong>{{date_response_required_by}}</strong>.</p>",:date_response_required_by=>simple_date(info_request.date_response_required_by)) when 'waiting_response_very_overdue' - _("<p>Thank you! Your request is long overdue, by more than {{very_late_number_of_days}} working days. Most requests should be answered within {{late_number_of_days}} working days. You might like to complain about this, see below.</p>", :very_late_number_of_days => Configuration::reply_very_late_after_days, :late_number_of_days => Configuration::reply_late_after_days) + _("<p>Thank you! Your request is long overdue, by more than {{very_late_number_of_days}} working days. Most requests should be answered within {{late_number_of_days}} working days. You might like to complain about this, see below.</p>", :very_late_number_of_days => AlaveteliConfiguration::reply_very_late_after_days, :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) when 'not_held' _("<p>Thank you! Here are some ideas on what to do next:</p> <ul> @@ -468,7 +472,7 @@ class RequestController < ApplicationController when 'gone_postal' nil when 'internal_review' - _("<p>Thank you! Hopefully your wait isn't too long.</p><p>You should get a response within {{late_number_of_days}} days, or be told if it will take longer (<a href=\"{{review_url}}\">details</a>).</p>",:late_number_of_days => Configuration.reply_late_after_days, :review_url => unhappy_url(info_request) + "#internal_review") + _("<p>Thank you! Hopefully your wait isn't too long.</p><p>You should get a response within {{late_number_of_days}} days, or be told if it will take longer (<a href=\"{{review_url}}\">details</a>).</p>",:late_number_of_days => AlaveteliConfiguration.reply_late_after_days, :review_url => unhappy_url(info_request) + "#internal_review") when 'error_message', 'requires_admin' _("Thank you! We'll look into what happened and try and fix it up.") when 'user_withdrawn' @@ -560,10 +564,7 @@ class RequestController < ApplicationController end - params_outgoing_message = params[:outgoing_message] - if params_outgoing_message.nil? - params_outgoing_message = {} - end + params_outgoing_message = params[:outgoing_message] ? params[:outgoing_message].clone : {} params_outgoing_message.merge!({ :status => 'ready', :message_type => 'followup', @@ -708,10 +709,13 @@ class RequestController < ApplicationController key_path = foi_fragment_cache_path(key) if foi_fragment_cache_exists?(key_path) logger.info("Reading cache for #{key_path}") - raise PermissionDenied.new("Directory listing not allowed") if File.directory?(key_path) - cached = foi_fragment_cache_read(key_path) - response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream' - render_for_text(cached) + + if File.directory?(key_path) + render :text => "Directory listing not allowed", :status => 403 + else + render :text => foi_fragment_cache_read(key_path), + :content_type => (AlaveteliFileTypes.filename_to_mimetype(params[:file_name]) || 'application/octet-stream') + end return end @@ -738,7 +742,7 @@ class RequestController < ApplicationController @incoming_message.binary_mask_stuff!(@attachment.body, @attachment.content_type) # we don't use @attachment.content_type here, as we want same mime type when cached in cache_attachments above - response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream' + response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name]) || 'application/octet-stream' render :text => @attachment.body end @@ -788,7 +792,7 @@ class RequestController < ApplicationController raise ActiveRecord::RecordNotFound.new(message) end @part_number = params[:part].to_i - @filename = params[:file_name].join("/") + @filename = params[:file_name] if html_conversion @original_filename = @filename.gsub(/\.html$/, "") else @@ -849,7 +853,8 @@ class RequestController < ApplicationController return end - mail = RequestMailer.create_fake_response(@info_request, @user, body, file_name, file_content) + mail = RequestMailer.fake_response(@info_request, @user, body, file_name, file_content) + @info_request.receive(mail, mail.encoded, true) flash[:notice] = _("Thank you for responding to this FOI request! Your response has been published below, and a link to your response has been emailed to ") + CGI.escapeHTML(@info_request.user.name) + "." redirect_to request_url(@info_request) @@ -863,7 +868,7 @@ class RequestController < ApplicationController # by making the last work a wildcard, which is quite the same query = params[:q] @xapian_requests = perform_search_typeahead(query, InfoRequestEvent) - render :partial => "request/search_ahead.rhtml" + render :partial => "request/search_ahead" end def download_entire_request @@ -891,10 +896,10 @@ class RequestController < ApplicationController if !File.exists?(file_path) FileUtils.mkdir_p(File.dirname(file_path)) Zip::ZipFile.open(file_path, Zip::ZipFile::CREATE) { |zipfile| - convert_command = Configuration::html_to_pdf_command + convert_command = AlaveteliConfiguration::html_to_pdf_command done = false if !convert_command.blank? && File.exists?(convert_command) - url = "http://#{Configuration::domain}#{request_path(@info_request)}?print_stylesheet=1" + url = "http://#{AlaveteliConfiguration::domain}#{request_path(@info_request)}?print_stylesheet=1" tempfile = Tempfile.new('foihtml2pdf') output = AlaveteliExternalCommand.run(convert_command, url, tempfile.path) if !output.nil? @@ -911,7 +916,7 @@ class RequestController < ApplicationController end if !done @info_request_events = @info_request.info_request_events - template = File.read(File.join(File.dirname(__FILE__), "..", "views", "request", "simple_correspondence.rhtml")) + template = File.read(File.join(File.dirname(__FILE__), "..", "views", "request", "simple_correspondence.html.erb")) output = ERB.new(template).result(binding) zipfile.get_output_stream("correspondence.txt") { |f| f.puts(output) diff --git a/app/controllers/request_game_controller.rb b/app/controllers/request_game_controller.rb index 4b6f02970..6eac399ac 100644 --- a/app/controllers/request_game_controller.rb +++ b/app/controllers/request_game_controller.rb @@ -2,7 +2,7 @@ # The 'categorise old requests' game # # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class RequestGameController < ApplicationController diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb index e75dac903..11ed4ac8f 100644 --- a/app/controllers/services_controller.rb +++ b/app/controllers/services_controller.rb @@ -6,7 +6,7 @@ class ServicesController < ApplicationController def other_country_message text = "" - iso_country_code = Configuration::iso_country_code.downcase + iso_country_code = AlaveteliConfiguration::iso_country_code.downcase if country_from_ip.downcase != iso_country_code found_country = WorldFOIWebsites.by_code(country_from_ip) @@ -36,9 +36,9 @@ class ServicesController < ApplicationController :content_type => "text/plain", :layout => false, :locals => {:name_to => info_request.user_name, - :name_from => Configuration::contact_name, + :name_from => AlaveteliConfiguration::contact_name, :info_request => info_request, :reason => params[:reason], - :info_request_url => 'http://' + Configuration::domain + request_path(info_request), + :info_request_url => 'http://' + AlaveteliConfiguration::domain + request_path(info_request), :site_name => site_name} end diff --git a/app/controllers/track_controller.rb b/app/controllers/track_controller.rb index 15da7f327..9076148c4 100644 --- a/app/controllers/track_controller.rb +++ b/app/controllers/track_controller.rb @@ -3,7 +3,7 @@ # social bookmarking. # # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class TrackController < ApplicationController @@ -80,10 +80,7 @@ class TrackController < ApplicationController # Track a search term def track_search_query - # XXX should be better thing in rails routes than having to do this - # join just to get / and . to work in a query. - query_array = params[:query_array] - @query = query_array.join("/") + @query = params[:query_array] # XXX more hackery to make alternate formats still work with query_array if /^(.*)\.json$/.match(@query) @@ -157,10 +154,10 @@ class TrackController < ApplicationController def atom_feed_internal @xapian_object = perform_search([InfoRequestEvent], @track_thing.track_query, @track_thing.params[:feed_sortby], nil, 25, 1) respond_to do |format| - format.atom { render :template => 'track/atom_feed', :content_type => "application/atom+xml" } format.json { render :json => @xapian_object.results.map { |r| r[:model].json_for_api(true, - lambda { |t| @template.highlight_and_excerpt(t, @xapian_object.words_to_highlight, 150) } + lambda { |t| view_context.highlight_and_excerpt(t, @xapian_object.words_to_highlight, 150) } ) } } + format.any { render :template => 'track/atom_feed.atom', :layout => false, :content_type => :atom } end end diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index fc8b6e014..dca3cda17 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -2,7 +2,7 @@ # Show information about a user. # # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. -# Email: francis@mysociety.org; WWW: http://www.mysociety.org/ +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ require 'set' @@ -136,7 +136,7 @@ class UserController < ApplicationController # Login form def signin work_out_post_redirect - @request_from_foreign_country = country_from_ip != Configuration::iso_country_code + @request_from_foreign_country = country_from_ip != AlaveteliConfiguration::iso_country_code # make sure we have cookies if session.instance_variable_get(:@dbman) if not session.instance_variable_get(:@dbman).instance_variable_get(:@original) @@ -190,7 +190,7 @@ class UserController < ApplicationController # Create new account form def signup work_out_post_redirect - @request_from_foreign_country = country_from_ip != Configuration::iso_country_code + @request_from_foreign_country = country_from_ip != AlaveteliConfiguration::iso_country_code # Make the user and try to save it @user_signup = User.new(params[:user_signup]) error = false @@ -222,7 +222,7 @@ class UserController < ApplicationController post_redirect = PostRedirect.find_by_email_token(params[:email_token]) if post_redirect.nil? - render :template => 'user/bad_token.rhtml' + render :template => 'user/bad_token' return end @@ -288,7 +288,7 @@ class UserController < ApplicationController post_redirect.user = user_signchangepassword post_redirect.save! url = confirm_url(:email_token => post_redirect.email_token) - UserMailer.deliver_confirm_login(user_signchangepassword, post_redirect.reason_params, url) + UserMailer.confirm_login(user_signchangepassword, post_redirect.reason_params, url).deliver else # User not found, but still show confirm page to not leak fact user exists end @@ -352,7 +352,7 @@ class UserController < ApplicationController # if new email already in use, send email there saying what happened user_alreadyexists = User.find_user_by_email(@signchangeemail.new_email) if user_alreadyexists - UserMailer.deliver_changeemail_already_used(@user.email, @signchangeemail.new_email) + UserMailer.changeemail_already_used(@user.email, @signchangeemail.new_email).deliver # it is important this screen looks the same as the one below, so # you can't change to someone's email in order to tell if they are # registered with that email on the site @@ -373,7 +373,7 @@ class UserController < ApplicationController post_redirect.save! url = confirm_url(:email_token => post_redirect.email_token) - UserMailer.deliver_changeemail_confirm(@user, @signchangeemail.new_email, url) + UserMailer.changeemail_confirm(@user, @signchangeemail.new_email, url).deliver # it is important this screen looks the same as the one above, so # you can't change to someone's email in order to tell if they are # registered with that email on the site @@ -419,13 +419,13 @@ class UserController < ApplicationController params[:contact][:email] = @user.email @contact = ContactValidator.new(params[:contact]) if @contact.valid? - ContactMailer.deliver_user_message( + ContactMailer.user_message( @user, @recipient_user, user_url(@user), params[:contact][:subject], params[:contact][:message] - ) + ).deliver flash[:notice] = _("Your message to {{recipient_user_name}} has been sent!",:recipient_user_name=>CGI.escapeHTML(@recipient_user.name)) redirect_to user_url(@recipient_user) return @@ -465,7 +465,7 @@ class UserController < ApplicationController @draft_profile_photo = ProfilePhoto.new(:data => file_content, :draft => true) if !@draft_profile_photo.valid? # error page (uses @profile_photo's error fields in view to show errors) - render :template => 'user/set_draft_profile_photo.rhtml' + render :template => 'user/set_draft_profile_photo' return end @draft_profile_photo.save @@ -480,7 +480,7 @@ class UserController < ApplicationController return end - render :template => 'user/set_crop_profile_photo.rhtml' + render :template => 'user/set_crop_profile_photo' return elsif !params[:submitted_crop_profile_photo].nil? # crop the draft photo according to jquery parameters and set it as the users photo @@ -499,7 +499,7 @@ class UserController < ApplicationController redirect_to set_profile_about_me_url() end else - render :template => 'user/set_draft_profile_photo.rhtml' + render :template => 'user/set_draft_profile_photo' end end @@ -631,7 +631,7 @@ class UserController < ApplicationController post_redirect.save! url = confirm_url(:email_token => post_redirect.email_token) - UserMailer.deliver_confirm_login(user, post_redirect.reason_params, url) + UserMailer.confirm_login(user, post_redirect.reason_params, url).deliver render :action => 'confirm' end @@ -642,7 +642,7 @@ class UserController < ApplicationController post_redirect.save! url = confirm_url(:email_token => post_redirect.email_token) - UserMailer.deliver_already_registered(user, post_redirect.reason_params, url) + UserMailer.already_registered(user, post_redirect.reason_params, url).deliver render :action => 'confirm' # must be same as for send_confirmation_mail above to avoid leak of presence of email in db end |