3 files changed, 10 insertions, 7 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7aa522389..2633aca4d 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -371,7 +371,7 @@ class ApplicationController < ActionController::Base
         # XXX this is a result of the OR hack below -- should fix by
         # allowing a parameter to perform_search to control the
         # default operator!
-        query = query.strip.gsub(/(\s-\s|&)/, "")
+        query = query.strip.gsub(/(\s-\s|&|\(|\))/, "")
         query = query.split(/ +(?![-+]+)/)
         if query.last.nil? || query.last.strip.length < 3
             xapian_requests = nil
@@ -435,7 +435,7 @@ class ApplicationController < ActionController::Base
                 params[:latest_status] = [params[:latest_status]]
             end
             if params[:latest_status].include?("recent") ||  params[:latest_status].include?("all")
-                query += " variety:sent"
+                query += " (variety:sent OR variety:followup_sent OR variety:response OR variety:comment)"
             end
             if params[:latest_status].include? "successful"
                 statuses << ['latest_status:successful', 'latest_status:partially_successful']
@@ -444,7 +444,7 @@ class ApplicationController < ActionController::Base
                 statuses << ['latest_status:rejected', 'latest_status:not_held']
             end
             if params[:latest_status].include? "awaiting"
-                statuses << ['latest_status:waiting_response', 'latest_status:waiting_clarification', 'waiting_classification:true']
+                statuses << ['latest_status:waiting_response', 'latest_status:waiting_clarification', 'waiting_classification:true', 'latest_status:internal_review','latest_status:gone_postal', 'latest_status:error_message', 'latest_status:requires_admin']
             end
             if params[:latest_status].include? "internal_review"
                 statuses << ['status:internal_review']
diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb
index 194a1cec0..6cdfb9d5f 100644
--- a/app/controllers/general_controller.rb
+++ b/app/controllers/general_controller.rb
@@ -99,7 +99,7 @@ class GeneralController < ApplicationController
             @variety_postfix = path.pop
         end
         @variety_postfix = "bodies" if @variety_postfix.nil? && !params[:bodies].nil?
-        @variety_postfix = "requests" if @variety_postfix.nil?
+        @variety_postfix = "all" if @variety_postfix.nil?
         if @variety_postfix != "users"
             @common_query = get_tags_from_params
         end
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index fbf862af3..8714f03cf 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -151,11 +151,14 @@ class RequestController < ApplicationController
     def list
         medium_cache
         @view = params[:view]
+        @page = get_search_page_from_params if !@page # used in cache case, as perform_search sets @page as side effect
+        if @view == "recent"
+            return redirect_to request_list_all_path(:action => "list", :view => "all", :page => @page), :status => :moved_permanently
+        end
         params[:latest_status] = @view
         query = make_query_from_params
         @title = _("View and search requests")
         sortby = "newest"
-        @page = get_search_page_from_params if !@page # used in cache case, as perform_search sets @page as side effect
         behavior_cache :tag => [@view, @page] do
             xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse')
             @list_results = xapian_object.results.map { |r| r[:model] }
@@ -601,10 +604,10 @@ class RequestController < ApplicationController
 
     before_filter :authenticate_attachment, :only => [ :get_attachment, :get_attachment_as_html ]
     def authenticate_attachment
-        # Test for hidden
-        if request.path =~ /\/$/ 
+        if request.path =~ /\/$/ || !(params[:part] =~ /^\d+$/)
             raise PermissionDenied.new("Directory listing not allowed")
         else
+            # Test for hidden
             incoming_message = IncomingMessage.find(params[:incoming_message_id])
             if !incoming_message.info_request.user_can_view?(authenticated_user)
                 @info_request = incoming_message.info_request # used by view