diff options
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/admin_censor_rule_controller.rb | 55 | ||||
| -rw-r--r-- | app/controllers/admin_public_body_categories_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/admin_public_body_headings_controller.rb | 11 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 3 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 16 |
5 files changed, 67 insertions, 26 deletions
diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb index 6f79b5ba1..68ca57510 100644 --- a/app/controllers/admin_censor_rule_controller.rb +++ b/app/controllers/admin_censor_rule_controller.rb @@ -8,23 +8,49 @@ class AdminCensorRuleController < AdminController def new if params[:info_request_id] @info_request = InfoRequest.find(params[:info_request_id]) + @censor_rule = @info_request.censor_rules.build + @form_url = admin_info_request_censor_rules_path(@info_request) end + if params[:user_id] @censor_user = User.find(params[:user_id]) + @censor_rule = @censor_user.censor_rules.build + @form_url = admin_user_censor_rules_path(@censor_user) end + + @censor_rule ||= CensorRule.new + @form_url ||= admin_rule_create_path end def create - params[:censor_rule][:last_edit_editor] = admin_current_user() - @censor_rule = CensorRule.new(params[:censor_rule]) + params[:censor_rule][:last_edit_editor] = admin_current_user + + if params[:info_request_id] + @info_request = InfoRequest.find(params[:info_request_id]) + @censor_rule = @info_request.censor_rules.build(params[:censor_rule]) + @form_url = admin_info_request_censor_rules_path(@info_request) + end + + if params[:user_id] + @censor_user = User.find(params[:user_id]) + @censor_rule = @censor_user.censor_rules.build(params[:censor_rule]) + @form_url = admin_user_censor_rules_path(@censor_user) + end + + @censor_rule ||= CensorRule.new(params[:censor_rule]) + @form_url ||= admin_rule_create_path + if @censor_rule.save if !@censor_rule.info_request.nil? expire_for_request(@censor_rule.info_request) end + if !@censor_rule.user.nil? expire_requests_for_user(@censor_rule.user) end + flash[:notice] = 'CensorRule was successfully created.' + if !@censor_rule.info_request.nil? redirect_to admin_request_show_url(@censor_rule.info_request) elsif !@censor_rule.user.nil? @@ -42,16 +68,20 @@ class AdminCensorRuleController < AdminController end def update - params[:censor_rule][:last_edit_editor] = admin_current_user() + params[:censor_rule][:last_edit_editor] = admin_current_user @censor_rule = CensorRule.find(params[:id]) + if @censor_rule.update_attributes(params[:censor_rule]) - if !@censor_rule.info_request.nil? + unless @censor_rule.info_request.nil? expire_for_request(@censor_rule.info_request) end - if !@censor_rule.user.nil? + + unless @censor_rule.user.nil? expire_requests_for_user(@censor_rule.user) end + flash[:notice] = 'CensorRule was successfully updated.' + if !@censor_rule.info_request.nil? redirect_to admin_request_show_url(@censor_rule.info_request) elsif !@censor_rule.user.nil? @@ -65,19 +95,22 @@ class AdminCensorRuleController < AdminController end def destroy - censor_rule = CensorRule.find(params[:censor_rule_id]) - info_request = censor_rule.info_request - user = censor_rule.user + @censor_rule = CensorRule.find(params[:censor_rule_id]) + info_request = @censor_rule.info_request + user = @censor_rule.user - censor_rule.destroy - if !info_request.nil? + @censor_rule.destroy + + unless info_request.nil? expire_for_request(info_request) end - if !user.nil? + + unless user.nil? expire_requests_for_user(user) end flash[:notice] = "CensorRule was successfully destroyed." + if !info_request.nil? redirect_to admin_request_show_url(info_request) elsif !user.nil? diff --git a/app/controllers/admin_public_body_categories_controller.rb b/app/controllers/admin_public_body_categories_controller.rb index fda09fa4a..5e305dde3 100644 --- a/app/controllers/admin_public_body_categories_controller.rb +++ b/app/controllers/admin_public_body_categories_controller.rb @@ -22,7 +22,8 @@ class AdminPublicBodyCategoriesController < AdminController I18n.with_locale(I18n.default_locale) do if params[:public_body_category][:category_tag] && PublicBody.find_by_tag(@category.category_tag).count > 0 && @category.category_tag != params[:public_body_category][:category_tag] - flash[:notice] = 'There are authorities associated with this category, so the tag can\'t be renamed' + flash[:error] = "There are authorities associated with this category, so the tag can't be renamed" + render :action => 'edit' else if params[:headings] heading_ids = params[:headings].values @@ -48,10 +49,11 @@ class AdminPublicBodyCategoriesController < AdminController if @category.update_attributes(params[:public_body_category]) flash[:notice] = 'Category was successfully updated.' + redirect_to edit_admin_category_path(@category) + else + render :action => 'edit' end end - - render :action => 'edit' end end diff --git a/app/controllers/admin_public_body_headings_controller.rb b/app/controllers/admin_public_body_headings_controller.rb index c7c80e802..e893e760d 100644 --- a/app/controllers/admin_public_body_headings_controller.rb +++ b/app/controllers/admin_public_body_headings_controller.rb @@ -10,8 +10,10 @@ class AdminPublicBodyHeadingsController < AdminController @heading = PublicBodyHeading.find(params[:id]) if @heading.update_attributes(params[:public_body_heading]) flash[:notice] = 'Category heading was successfully updated.' + redirect_to edit_admin_heading_path(@heading) + else + render :action => 'edit' end - render :action => 'edit' end end @@ -54,13 +56,6 @@ class AdminPublicBodyHeadingsController < AdminController @locale = self.locale_from_params() I18n.with_locale(@locale) do heading = PublicBodyHeading.find(params[:id]) - - if heading.public_body_categories.count > 0 - flash[:notice] = "There are categories associated with this heading, so can't destroy it" - redirect_to edit_admin_heading_url(heading) - return - end - heading.destroy flash[:notice] = "Category heading was successfully destroyed." redirect_to admin_categories_url diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 4d3f40d40..1ccf7e5db 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -17,6 +17,9 @@ class ApplicationController < ActionController::Base # assign our own handler method for non-local exceptions rescue_from Exception, :with => :render_exception + # Add some security-related headers (see config/initializers/secure_headers.rb) + ensure_security_headers + # Standard headers, footers and navigation for whole site layout "default" include FastGettext::Translation # make functions like _, n_, N_ etc available) diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 9e2c291dc..346aaf384 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -900,10 +900,18 @@ class RequestController < ApplicationController # Type ahead search def search_typeahead - # Since acts_as_xapian doesn't support the Partial match flag, we work around it - # by making the last work a wildcard, which is quite the same - query = params[:q] - @xapian_requests = perform_search_typeahead(query, InfoRequestEvent) + # Since acts_as_xapian doesn't support the Partial match flag, we work + # around it by making the last word a wildcard, which is quite the same + @query = '' + + if params.key?(:requested_from) + @query << "requested_from:#{ params[:requested_from] } " + end + + @per_page = (params.fetch(:per_page) { 25 }).to_i + + @query << params[:q] + @xapian_requests = perform_search_typeahead(@query, InfoRequestEvent, @per_page) render :partial => "request/search_ahead" end |