5 files changed, 84 insertions, 41 deletions

diff --git a/app/models/censor_rule.rb b/app/models/censor_rule.rb
index cedbd767e..da3f49760 100644
--- a/app/models/censor_rule.rb
+++ b/app/models/censor_rule.rb
@@ -29,17 +29,39 @@ class CensorRule < ActiveRecord::Base
     belongs_to :user
     belongs_to :public_body
 
-    named_scope :regexps, {:conditions => {:regexp => true}}
+    # a flag to allow the require_user_request_or_public_body validation to be skipped
+    attr_accessor :allow_global
+    validate :require_user_request_or_public_body, :unless => proc{ |rule| rule.allow_global == true }
+    validate :require_valid_regexp, :if => proc{ |rule| rule.regexp? == true }
+    validates_presence_of :text
 
-    def binary_replacement
-        self.text.gsub(/./, 'x')
+    named_scope :global, {:conditions => {:info_request_id => nil,
+                                          :user_id => nil,
+                                          :public_body_id => nil}}
+
+    def require_user_request_or_public_body
+        if self.info_request.nil? && self.user.nil? && self.public_body.nil?
+            errors.add("Censor must apply to an info request a user or a body; ")
+        end
+    end
+
+    def require_valid_regexp
+        begin
+            self.make_regexp()
+        rescue RegexpError => e
+            errors.add(:text, e.message)
+        end
+    end
+
+    def make_regexp
+        return Regexp.new(self.text, Regexp::MULTILINE)
     end
 
     def apply_to_text!(text)
         if text.nil?
             return nil
         end
-        to_replace = regexp? ? Regexp.new(self.text, Regexp::MULTILINE) : self.text
+        to_replace = regexp? ? self.make_regexp() : self.text
         text.gsub!(to_replace, self.replacement)
     end
 
@@ -47,18 +69,19 @@ class CensorRule < ActiveRecord::Base
         if binary.nil?
             return nil
         end
-        binary.gsub!(self.text, self.binary_replacement)
+        to_replace = regexp? ? self.make_regexp() : self.text
+        binary.gsub!(to_replace){ |match| match.gsub(/./, 'x') }
     end
 
-    def validate
-        if !self.regexp? && self.info_request.nil? && self.user.nil? && self.public_body.nil?
-            errors.add("Censor must apply to an info request a user or a body; ")
+    def for_admin_column
+        self.class.content_columns.each do |column|
+          yield(column.human_name, self.send(column.name), column.type.to_s, column.name)
         end
     end
 
-  def for_admin_column
-    self.class.content_columns.each do |column|
-      yield(column.human_name, self.send(column.name), column.type.to_s, column.name)
+    def is_global?
+        return true if (info_request_id.nil? && user_id.nil? && public_body_id.nil?)
+        return false
     end
-  end
+
 end
diff --git a/app/models/exim_log.rb b/app/models/exim_log.rb
index 60faa7f0b..82000efa1 100644
--- a/app/models/exim_log.rb
+++ b/app/models/exim_log.rb
@@ -94,7 +94,7 @@ class EximLog < ActiveRecord::Base
         # Get all requests sent for from 2 to 10 days ago. The 2 day gap is
         # because we load exim log lines via cron at best an hour after they
         # are made)
-        irs = InfoRequest.find(:all, :conditions => [ "created_at < ? and created_at > ?", Time.now() - 2.day, Time.now() - 10.days ] )
+        irs = InfoRequest.find(:all, :conditions => [ "created_at < ? and created_at > ? and user_id is not null", Time.now() - 2.day, Time.now() - 10.days ] )
 
         # Go through each request and check it
         ok = true
diff --git a/app/models/info_request.rb b/app/models/info_request.rb
index 4c8181faa..6f472c290 100644
--- a/app/models/info_request.rb
+++ b/app/models/info_request.rb
@@ -104,7 +104,7 @@ class InfoRequest < ActiveRecord::Base
         errors.add(:described_state, "is not a valid state") if
             !InfoRequest.enumerate_states.include? described_state
     end
-    
+
     # The request must either be internal, in which case it has
     # a foreign key reference to a User object and no external_url or external_user_name,
     # or else be external in which case it has no user_id but does have an external_url,
@@ -120,15 +120,15 @@ class InfoRequest < ActiveRecord::Base
             errors.add(:external_url, "must be null for an internal request") if !external_url.nil?
         end
     end
-    
+
     def is_external?
         !external_url.nil?
     end
-    
+
     def user_name
         is_external? ? external_user_name : user.name
     end
-    
+
     def user_name_slug
         if is_external?
             if external_user_name.nil?
@@ -223,7 +223,7 @@ class InfoRequest < ActiveRecord::Base
             incoming_message.clear_in_database_caches!
         end
     end
-
+    
     # For debugging
     def InfoRequest.profile_search(query)
         t = Time.now.usec
@@ -246,7 +246,9 @@ public
         # For request with same title as others, add on arbitary numeric identifier
         unique_url_title = url_title
         suffix_num = 2 # as there's already one without numeric suffix
-        while not InfoRequest.find_by_url_title(unique_url_title, :conditions => self.id.nil? ? nil : ["id <> ?", self.id] ).nil?
+        while not InfoRequest.find_by_url_title(unique_url_title,
+            :conditions => self.id.nil? ? nil : ["id <> ?", self.id]
+        ).nil?
             unique_url_title = url_title + "_" + suffix_num.to_s
             suffix_num = suffix_num + 1
         end
@@ -456,7 +458,7 @@ public
 
             if !allow
                 if self.handle_rejected_responses == 'bounce'
-                    RequestMailer.deliver_stopped_responses(self, email, raw_email_data)
+                    RequestMailer.deliver_stopped_responses(self, email, raw_email_data) if !is_external?
                 elsif self.handle_rejected_responses == 'holding_pen'
                     InfoRequest.holding_pen_request.receive(email, raw_email_data, false, reason)
                 elsif self.handle_rejected_responses == 'blackhole'
@@ -566,7 +568,10 @@ public
         self.calculate_event_states
 
         if self.requires_admin?
-            RequestMailer.deliver_requires_admin(self, set_by)
+            # Check there is someone to send the message "from"
+            if !set_by.nil? || !self.user.nil?
+                RequestMailer.deliver_requires_admin(self, set_by)
+            end
         end
     end
 
@@ -708,10 +713,10 @@ public
         return self.public_body.is_followupable?
     end
     def recipient_name_and_email
-        return TMail::Address.address_from_name_and_email( 
-            _("{{law_used}} requests at {{public_body}}", 
-                :law_used => self.law_used_short, 
-                :public_body => self.public_body.short_or_long_name), 
+        return TMail::Address.address_from_name_and_email(
+            _("{{law_used}} requests at {{public_body}}",
+                :law_used => self.law_used_short,
+                :public_body => self.public_body.short_or_long_name),
             self.recipient_email).to_s
     end
 
@@ -942,7 +947,7 @@ public
         last_response_created_at = last_event_time_clause('response')
         age = extra_params[:age_in_days] ? extra_params[:age_in_days].days : OLD_AGE_IN_DAYS
         params = {:select => "*, #{last_response_created_at} as last_response_time",
-                  :conditions => ["awaiting_description = ? and #{last_response_created_at} < ? and url_title != 'holding_pen'",
+                  :conditions => ["awaiting_description = ? and #{last_response_created_at} < ? and url_title != 'holding_pen' and user_id is not null",
                                  true, Time.now() - age],
                                  :order => "last_response_time"}
         params[:limit] = extra_params[:limit] if extra_params[:limit]
@@ -960,6 +965,7 @@ public
     end
 
     def is_old_unclassified?
+        return false if is_external?
         return false if !awaiting_description
         return false if url_title == 'holding_pen'
         last_response_event = get_last_response_event
@@ -995,24 +1001,28 @@ public
         return ret.reverse
     end
 
+    # Get the list of censor rules that apply to this request
+    def applicable_censor_rules
+        applicable_rules = [self.censor_rules, self.public_body.censor_rules, CensorRule.global.all]
+        if self.user && !self.user.censor_rules.empty?
+            applicable_rules << self.user.censor_rules
+        end
+        return applicable_rules.flatten
+    end
+
     # Call groups of censor rules
     def apply_censor_rules_to_text!(text)
-        [self.censor_rules, self.user.try(:censor_rules),
-            CensorRule.regexps.all].flatten.compact.each do |censor_rule|
-                censor_rule.apply_to_text!(text)
-            end
+        self.applicable_censor_rules.each do |censor_rule|
+            censor_rule.apply_to_text!(text)
+        end
         return text
     end
 
     def apply_censor_rules_to_binary!(binary)
-        for censor_rule in self.censor_rules
+        self.applicable_censor_rules.each do |censor_rule|
             censor_rule.apply_to_binary!(binary)
         end
-        if self.user # requests during construction have no user
-            for censor_rule in self.user.censor_rules
-                censor_rule.apply_to_binary!(binary)
-            end
-        end
+        return binary
     end
 
     def is_owning_user?(user)
@@ -1032,6 +1042,12 @@ public
         return true
     end
 
+    # Is this request visible to everyone?
+    def all_can_view?
+        return true if ['normal', 'backpage'].include?(self.prominence)
+        return false
+    end
+
     def indexed_by_search?
         if self.prominence == 'backpage' || self.prominence == 'hidden' || self.prominence == 'requester_only'
             return false
diff --git a/app/models/public_body.rb b/app/models/public_body.rb
index 9efeadf55..60ecb2781 100644
--- a/app/models/public_body.rb
+++ b/app/models/public_body.rb
@@ -1,3 +1,4 @@
+# -*- coding: utf-8 -*-
 # == Schema Information
 #
 # Table name: public_bodies
@@ -41,6 +42,7 @@ class PublicBody < ActiveRecord::Base
 
     has_many :info_requests, :order => 'created_at desc'
     has_many :track_things, :order => 'created_at desc'
+    has_many :censor_rules, :order => 'created_at desc'
 
     has_tag_string
 
@@ -91,8 +93,9 @@ class PublicBody < ActiveRecord::Base
       # Make sure publication_scheme gets the correct default value.
       # (This would work automatically, were publication_scheme not a translated attribute)
       self.publication_scheme = "" if self.publication_scheme.nil?
-      
-      # Set an API key if there isn’t one
+    end
+
+    def before_save
       self.api_key = SecureRandom.base64(33) if self.api_key.nil?
     end
 
diff --git a/app/models/request_mailer.rb b/app/models/request_mailer.rb
index 03d26f237..ba9285fc6 100644
--- a/app/models/request_mailer.rb
+++ b/app/models/request_mailer.rb
@@ -28,17 +28,17 @@ class RequestMailer < ApplicationMailer
                 :filename => attachment_name
         end
     end
-    
+
     # Used when a response is uploaded using the API
     def external_response(info_request, body, sent_at, attachments)
         @from = blackhole_email
         @recipients = info_request.incoming_name_and_email
         @body = { :body => body }
-        
+
         # ActionMailer only works properly when the time is in the local timezone:
         # see https://rails.lighthouseapp.com/projects/8994/tickets/3113-actionmailer-only-works-correctly-with-sent_on-times-that-are-in-the-local-time-zone
         @sent_on = sent_at.dup.localtime
-        
+
         attachments.each do |attachment_hash|
             attachment attachment_hash
         end
@@ -392,6 +392,7 @@ class RequestMailer < ApplicationMailer
         )
         for info_request in info_requests
 
+            next if info_request.is_external?
             # Count number of new comments to alert on
             earliest_unalerted_comment_event = nil
             last_comment_event = nil