diff options
Diffstat (limited to 'app')
114 files changed, 1275 insertions, 1333 deletions
diff --git a/app/assets/javascripts/admin.js b/app/assets/javascripts/admin.js index 4925a65a4..9402f7f6c 100644 --- a/app/assets/javascripts/admin.js +++ b/app/assets/javascripts/admin.js @@ -3,8 +3,10 @@ //= require jquery.ui.tabs //= require jquery.ui.sortable //= require jquery.ui.effect-highlight -//= require admin/bootstrap-collapse -//= require admin/bootstrap-tab +//= require bootstrap-collapse +//= require bootstrap-tab +//= require bootstrap-dropdown //= require admin/admin //= require admin/category-order +//= require admin/holidays //= require jquery_ujs diff --git a/app/assets/javascripts/admin/bootstrap-collapse.js b/app/assets/javascripts/admin/bootstrap-collapse.js deleted file mode 100644 index 9a364468b..000000000 --- a/app/assets/javascripts/admin/bootstrap-collapse.js +++ /dev/null @@ -1,138 +0,0 @@ -/* ============================================================= - * bootstrap-collapse.js v2.0.2 - * http://twitter.github.com/bootstrap/javascript.html#collapse - * ============================================================= - * Copyright 2012 Twitter, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============================================================ */ - -!function( $ ){ - - "use strict" - - var Collapse = function ( element, options ) { - this.$element = $(element) - this.options = $.extend({}, $.fn.collapse.defaults, options) - - if (this.options["parent"]) { - this.$parent = $(this.options["parent"]) - } - - this.options.toggle && this.toggle() - } - - Collapse.prototype = { - - constructor: Collapse - - , dimension: function () { - var hasWidth = this.$element.hasClass('width') - return hasWidth ? 'width' : 'height' - } - - , show: function () { - var dimension = this.dimension() - , scroll = $.camelCase(['scroll', dimension].join('-')) - , actives = this.$parent && this.$parent.find('.in') - , hasData - - if (actives && actives.length) { - hasData = actives.data('collapse') - actives.collapse('hide') - hasData || actives.data('collapse', null) - } - - this.$element[dimension](0) - this.transition('addClass', 'show', 'shown') - this.$element[dimension](this.$element[0][scroll]) - - } - - , hide: function () { - var dimension = this.dimension() - this.reset(this.$element[dimension]()) - this.transition('removeClass', 'hide', 'hidden') - this.$element[dimension](0) - } - - , reset: function ( size ) { - var dimension = this.dimension() - - this.$element - .removeClass('collapse') - [dimension](size || 'auto') - [0].offsetWidth - - this.$element[size ? 'addClass' : 'removeClass']('collapse') - - return this - } - - , transition: function ( method, startEvent, completeEvent ) { - var that = this - , complete = function () { - if (startEvent == 'show') that.reset() - that.$element.trigger(completeEvent) - } - - this.$element - .trigger(startEvent) - [method]('in') - - $.support.transition && this.$element.hasClass('collapse') ? - this.$element.one($.support.transition.end, complete) : - complete() - } - - , toggle: function () { - this[this.$element.hasClass('in') ? 'hide' : 'show']() - } - - } - - /* COLLAPSIBLE PLUGIN DEFINITION - * ============================== */ - - $.fn.collapse = function ( option ) { - return this.each(function () { - var $this = $(this) - , data = $this.data('collapse') - , options = typeof option == 'object' && option - if (!data) $this.data('collapse', (data = new Collapse(this, options))) - if (typeof option == 'string') data[option]() - }) - } - - $.fn.collapse.defaults = { - toggle: true - } - - $.fn.collapse.Constructor = Collapse - - - /* COLLAPSIBLE DATA-API - * ==================== */ - - $(function () { - $('body').on('click.collapse.data-api', '[data-toggle=collapse]', function ( e ) { - var $this = $(this), href - , target = $this.attr('data-target') - || e.preventDefault() - || (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '') //strip for ie7 - , option = $(target).data('collapse') ? 'toggle' : $this.data() - $(target).collapse(option) - }) - }) - -}( window.jQuery );
\ No newline at end of file diff --git a/app/assets/javascripts/admin/bootstrap-tab.js b/app/assets/javascripts/admin/bootstrap-tab.js deleted file mode 100644 index 26c9ece75..000000000 --- a/app/assets/javascripts/admin/bootstrap-tab.js +++ /dev/null @@ -1,130 +0,0 @@ -/* ======================================================== - * bootstrap-tab.js v2.0.1 - * http://twitter.github.com/bootstrap/javascript.html#tabs - * ======================================================== - * Copyright 2012 Twitter, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ======================================================== */ - - -!function( $ ){ - - "use strict" - - /* TAB CLASS DEFINITION - * ==================== */ - - var Tab = function ( element ) { - this.element = $(element) - } - - Tab.prototype = { - - constructor: Tab - - , show: function () { - var $this = this.element - , $ul = $this.closest('ul:not(.dropdown-menu)') - , selector = $this.attr('data-target') - , previous - , $target - - if (!selector) { - selector = $this.attr('href') - selector = selector && selector.replace(/.*(?=#[^\s]*$)/, '') //strip for ie7 - } - - if ( $this.parent('li').hasClass('active') ) return - - previous = $ul.find('.active a').last()[0] - - $this.trigger({ - type: 'show' - , relatedTarget: previous - }) - - $target = $(selector) - - this.activate($this.parent('li'), $ul) - this.activate($target, $target.parent(), function () { - $this.trigger({ - type: 'shown' - , relatedTarget: previous - }) - }) - } - - , activate: function ( element, container, callback) { - var $active = container.find('> .active') - , transition = callback - && $.support.transition - && $active.hasClass('fade') - - function next() { - $active - .removeClass('active') - .find('> .dropdown-menu > .active') - .removeClass('active') - - element.addClass('active') - - if (transition) { - element[0].offsetWidth // reflow for transition - element.addClass('in') - } else { - element.removeClass('fade') - } - - if ( element.parent('.dropdown-menu') ) { - element.closest('li.dropdown').addClass('active') - } - - callback && callback() - } - - transition ? - $active.one($.support.transition.end, next) : - next() - - $active.removeClass('in') - } - } - - - /* TAB PLUGIN DEFINITION - * ===================== */ - - $.fn.tab = function ( option ) { - return this.each(function () { - var $this = $(this) - , data = $this.data('tab') - if (!data) $this.data('tab', (data = new Tab(this))) - if (typeof option == 'string') data[option]() - }) - } - - $.fn.tab.Constructor = Tab - - - /* TAB DATA-API - * ============ */ - - $(function () { - $('body').on('click.tab.data-api', '[data-toggle="tab"], [data-toggle="pill"]', function (e) { - e.preventDefault() - $(this).tab('show') - }) - }) - -}( window.jQuery );
\ No newline at end of file diff --git a/app/assets/javascripts/admin/holidays.js b/app/assets/javascripts/admin/holidays.js new file mode 100644 index 000000000..55eae9e2a --- /dev/null +++ b/app/assets/javascripts/admin/holidays.js @@ -0,0 +1,46 @@ +$(function() { + + // New button loads the 'new' form via AJAX + $('#new-holiday-button').click(function(){ + var new_call = $.ajax({ type: 'GET', url: $(this).attr('href')}); + new_call.done(function(response) { + $('#existing-holidays').before(response); + }); + return false; + + }); + + // Each edit button loads the 'edit' form for that holiday via AJAX + $('.holiday').each(function(index){ + var holiday_row = $(this); + var edit_button = holiday_row.find('.edit-button'); + edit_button.click(function(){ + var edit_call = $.ajax({ type: 'GET', url: holiday_row.data('target') }); + edit_call.done(function(response) { + holiday_row.html(response); + }); + return false; + }); + }); + + // Remove button removes form div for holiday from an import set + $('.remove-holiday').each(function(index){ + $(this).click(function(){ + $(this).parents('.import-holiday-info').remove(); + return false; + }); + }); + + if ($('#holiday_import_source_suggestions').is(':checked')){ + $('#holiday_import_ical_feed_url').attr("disabled", "disabled"); + } + // Enable and disable the feed element when that is selected as the import source + $('#holiday_import_source_feed').click(function(){ + $('#holiday_import_ical_feed_url').removeAttr("disabled"); + }); + + $('#holiday_import_source_suggestions').click(function(){ + $('#holiday_import_ical_feed_url').attr("disabled", "disabled"); + }); + +}); diff --git a/app/assets/javascripts/bootstrap-collapse.js b/app/assets/javascripts/bootstrap-collapse.js deleted file mode 100644 index 9a364468b..000000000 --- a/app/assets/javascripts/bootstrap-collapse.js +++ /dev/null @@ -1,138 +0,0 @@ -/* ============================================================= - * bootstrap-collapse.js v2.0.2 - * http://twitter.github.com/bootstrap/javascript.html#collapse - * ============================================================= - * Copyright 2012 Twitter, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============================================================ */ - -!function( $ ){ - - "use strict" - - var Collapse = function ( element, options ) { - this.$element = $(element) - this.options = $.extend({}, $.fn.collapse.defaults, options) - - if (this.options["parent"]) { - this.$parent = $(this.options["parent"]) - } - - this.options.toggle && this.toggle() - } - - Collapse.prototype = { - - constructor: Collapse - - , dimension: function () { - var hasWidth = this.$element.hasClass('width') - return hasWidth ? 'width' : 'height' - } - - , show: function () { - var dimension = this.dimension() - , scroll = $.camelCase(['scroll', dimension].join('-')) - , actives = this.$parent && this.$parent.find('.in') - , hasData - - if (actives && actives.length) { - hasData = actives.data('collapse') - actives.collapse('hide') - hasData || actives.data('collapse', null) - } - - this.$element[dimension](0) - this.transition('addClass', 'show', 'shown') - this.$element[dimension](this.$element[0][scroll]) - - } - - , hide: function () { - var dimension = this.dimension() - this.reset(this.$element[dimension]()) - this.transition('removeClass', 'hide', 'hidden') - this.$element[dimension](0) - } - - , reset: function ( size ) { - var dimension = this.dimension() - - this.$element - .removeClass('collapse') - [dimension](size || 'auto') - [0].offsetWidth - - this.$element[size ? 'addClass' : 'removeClass']('collapse') - - return this - } - - , transition: function ( method, startEvent, completeEvent ) { - var that = this - , complete = function () { - if (startEvent == 'show') that.reset() - that.$element.trigger(completeEvent) - } - - this.$element - .trigger(startEvent) - [method]('in') - - $.support.transition && this.$element.hasClass('collapse') ? - this.$element.one($.support.transition.end, complete) : - complete() - } - - , toggle: function () { - this[this.$element.hasClass('in') ? 'hide' : 'show']() - } - - } - - /* COLLAPSIBLE PLUGIN DEFINITION - * ============================== */ - - $.fn.collapse = function ( option ) { - return this.each(function () { - var $this = $(this) - , data = $this.data('collapse') - , options = typeof option == 'object' && option - if (!data) $this.data('collapse', (data = new Collapse(this, options))) - if (typeof option == 'string') data[option]() - }) - } - - $.fn.collapse.defaults = { - toggle: true - } - - $.fn.collapse.Constructor = Collapse - - - /* COLLAPSIBLE DATA-API - * ==================== */ - - $(function () { - $('body').on('click.collapse.data-api', '[data-toggle=collapse]', function ( e ) { - var $this = $(this), href - , target = $this.attr('data-target') - || e.preventDefault() - || (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '') //strip for ie7 - , option = $(target).data('collapse') ? 'toggle' : $this.data() - $(target).collapse(option) - }) - }) - -}( window.jQuery );
\ No newline at end of file diff --git a/app/assets/javascripts/bootstrap-tab.js b/app/assets/javascripts/bootstrap-tab.js deleted file mode 100644 index 26c9ece75..000000000 --- a/app/assets/javascripts/bootstrap-tab.js +++ /dev/null @@ -1,130 +0,0 @@ -/* ======================================================== - * bootstrap-tab.js v2.0.1 - * http://twitter.github.com/bootstrap/javascript.html#tabs - * ======================================================== - * Copyright 2012 Twitter, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ======================================================== */ - - -!function( $ ){ - - "use strict" - - /* TAB CLASS DEFINITION - * ==================== */ - - var Tab = function ( element ) { - this.element = $(element) - } - - Tab.prototype = { - - constructor: Tab - - , show: function () { - var $this = this.element - , $ul = $this.closest('ul:not(.dropdown-menu)') - , selector = $this.attr('data-target') - , previous - , $target - - if (!selector) { - selector = $this.attr('href') - selector = selector && selector.replace(/.*(?=#[^\s]*$)/, '') //strip for ie7 - } - - if ( $this.parent('li').hasClass('active') ) return - - previous = $ul.find('.active a').last()[0] - - $this.trigger({ - type: 'show' - , relatedTarget: previous - }) - - $target = $(selector) - - this.activate($this.parent('li'), $ul) - this.activate($target, $target.parent(), function () { - $this.trigger({ - type: 'shown' - , relatedTarget: previous - }) - }) - } - - , activate: function ( element, container, callback) { - var $active = container.find('> .active') - , transition = callback - && $.support.transition - && $active.hasClass('fade') - - function next() { - $active - .removeClass('active') - .find('> .dropdown-menu > .active') - .removeClass('active') - - element.addClass('active') - - if (transition) { - element[0].offsetWidth // reflow for transition - element.addClass('in') - } else { - element.removeClass('fade') - } - - if ( element.parent('.dropdown-menu') ) { - element.closest('li.dropdown').addClass('active') - } - - callback && callback() - } - - transition ? - $active.one($.support.transition.end, next) : - next() - - $active.removeClass('in') - } - } - - - /* TAB PLUGIN DEFINITION - * ===================== */ - - $.fn.tab = function ( option ) { - return this.each(function () { - var $this = $(this) - , data = $this.data('tab') - if (!data) $this.data('tab', (data = new Tab(this))) - if (typeof option == 'string') data[option]() - }) - } - - $.fn.tab.Constructor = Tab - - - /* TAB DATA-API - * ============ */ - - $(function () { - $('body').on('click.tab.data-api', '[data-toggle="tab"], [data-toggle="pill"]', function (e) { - e.preventDefault() - $(this).tab('show') - }) - }) - -}( window.jQuery );
\ No newline at end of file diff --git a/app/assets/stylesheets/admin.scss b/app/assets/stylesheets/admin.scss index 104f10c75..31fe7e95a 100644 --- a/app/assets/stylesheets/admin.scss +++ b/app/assets/stylesheets/admin.scss @@ -80,6 +80,10 @@ body.admin { } } + .fieldWithErrors input{ + border: 1px solid #ff0c11; + } + body.admin blockquote p { font-size: 13px; display: inline; @@ -119,5 +123,34 @@ body.admin { padding: 3px 0; } + /* Holidays */ + .day_select { + width: 75px; + } + + .holiday-description, .holiday-day, .holiday-buttons, .holiday-destroy { + padding: 6px 4px; + } + + .holiday-description, .holiday-day, .holiday-buttons{ + display: inline-block; + } + + .holiday-description { + width: 300px; + } + .holiday-day { + width: 240px; + text-align: center; + } + .holiday-buttons{ + width: 200px; + text-align: right; + } + + #import_start_year, #import_end_year { + width: 75px; + } + } diff --git a/app/assets/stylesheets/responsive/_new_request_layout.scss b/app/assets/stylesheets/responsive/_new_request_layout.scss index a2ab23060..a8b24e1b1 100644 --- a/app/assets/stylesheets/responsive/_new_request_layout.scss +++ b/app/assets/stylesheets/responsive/_new_request_layout.scss @@ -58,6 +58,10 @@ } } +#typeahead_response .close-button { + float: right; +} + /* Advice sits on right hand side */ #request_advice { diff --git a/app/assets/stylesheets/responsive/_public_body_layout.scss b/app/assets/stylesheets/responsive/_public_body_layout.scss index ac02b1c10..39d42e213 100644 --- a/app/assets/stylesheets/responsive/_public_body_layout.scss +++ b/app/assets/stylesheets/responsive/_public_body_layout.scss @@ -3,3 +3,8 @@ #foi_results_section { @include grid-column(12); } + +.back-to-results { + @include grid-column(12); + margin-top: 0.5em; +} diff --git a/app/assets/stylesheets/responsive/_public_body_style.scss b/app/assets/stylesheets/responsive/_public_body_style.scss index 240d92618..4040198b3 100644 --- a/app/assets/stylesheets/responsive/_public_body_style.scss +++ b/app/assets/stylesheets/responsive/_public_body_style.scss @@ -1,4 +1,14 @@ /* Style for public body pages */ + +.back-to-results { + .message { + margin-top: 0.5em; + padding: 0.5em 0.8em; + background-color: #fff; + background-color: rgba(0,0,0,0.1); + } +} + .public-body-name-prefix { color:#888; font-size: 1.3em; diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb index 68ca57510..3387fd832 100644 --- a/app/controllers/admin_censor_rule_controller.rb +++ b/app/controllers/admin_censor_rule_controller.rb @@ -5,11 +5,15 @@ # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminCensorRuleController < AdminController + + before_filter :set_editor, :only => [:create, :update] + before_filter :find_and_check_rule, :only => [:edit, :update, :destroy] + def new - if params[:info_request_id] - @info_request = InfoRequest.find(params[:info_request_id]) + if params[:request_id] + @info_request = InfoRequest.find(params[:request_id]) @censor_rule = @info_request.censor_rules.build - @form_url = admin_info_request_censor_rules_path(@info_request) + @form_url = admin_request_censor_rules_path(@info_request) end if params[:user_id] @@ -17,18 +21,13 @@ class AdminCensorRuleController < AdminController @censor_rule = @censor_user.censor_rules.build @form_url = admin_user_censor_rules_path(@censor_user) end - - @censor_rule ||= CensorRule.new - @form_url ||= admin_rule_create_path end def create - params[:censor_rule][:last_edit_editor] = admin_current_user - - if params[:info_request_id] - @info_request = InfoRequest.find(params[:info_request_id]) + if params[:request_id] + @info_request = InfoRequest.find(params[:request_id]) @censor_rule = @info_request.censor_rules.build(params[:censor_rule]) - @form_url = admin_info_request_censor_rules_path(@info_request) + @form_url = admin_request_censor_rules_path(@info_request) end if params[:user_id] @@ -37,26 +36,16 @@ class AdminCensorRuleController < AdminController @form_url = admin_user_censor_rules_path(@censor_user) end - @censor_rule ||= CensorRule.new(params[:censor_rule]) - @form_url ||= admin_rule_create_path - if @censor_rule.save - if !@censor_rule.info_request.nil? - expire_for_request(@censor_rule.info_request) - end - - if !@censor_rule.user.nil? - expire_requests_for_user(@censor_rule.user) - end flash[:notice] = 'CensorRule was successfully created.' - if !@censor_rule.info_request.nil? - redirect_to admin_request_show_url(@censor_rule.info_request) - elsif !@censor_rule.user.nil? - redirect_to admin_user_show_url(@censor_rule.user) - else - raise "internal error" + if @censor_rule.info_request + expire_for_request(@censor_rule.info_request) + redirect_to admin_request_url(@censor_rule.info_request) + elsif @censor_rule.user + expire_requests_for_user(@censor_rule.user) + redirect_to admin_user_url(@censor_rule.user) end else render :action => 'new' @@ -64,63 +53,55 @@ class AdminCensorRuleController < AdminController end def edit - @censor_rule = CensorRule.find(params[:id]) end def update - params[:censor_rule][:last_edit_editor] = admin_current_user - @censor_rule = CensorRule.find(params[:id]) - if @censor_rule.update_attributes(params[:censor_rule]) - unless @censor_rule.info_request.nil? - expire_for_request(@censor_rule.info_request) - end - - unless @censor_rule.user.nil? - expire_requests_for_user(@censor_rule.user) - end flash[:notice] = 'CensorRule was successfully updated.' - if !@censor_rule.info_request.nil? - redirect_to admin_request_show_url(@censor_rule.info_request) - elsif !@censor_rule.user.nil? - redirect_to admin_user_show_url(@censor_rule.user) - else - raise "internal error" + if @censor_rule.info_request + expire_for_request(@censor_rule.info_request) + redirect_to admin_request_url(@censor_rule.info_request) + elsif @censor_rule.user + expire_requests_for_user(@censor_rule.user) + redirect_to admin_user_url(@censor_rule.user) end + else render :action => 'edit' end end def destroy - @censor_rule = CensorRule.find(params[:censor_rule_id]) info_request = @censor_rule.info_request user = @censor_rule.user - @censor_rule.destroy - unless info_request.nil? - expire_for_request(info_request) - end - - unless user.nil? - expire_requests_for_user(user) - end - flash[:notice] = "CensorRule was successfully destroyed." - if !info_request.nil? - redirect_to admin_request_show_url(info_request) - elsif !user.nil? - redirect_to admin_user_show_url(user) - else - raise "internal error" + if info_request + expire_for_request(info_request) + redirect_to admin_request_url(info_request) + elsif user + expire_requests_for_user(user) if user + redirect_to admin_user_url(user) end + end private + def set_editor + params[:censor_rule][:last_edit_editor] = admin_current_user + end + + def find_and_check_rule + @censor_rule = CensorRule.find(params[:id]) + unless (@censor_rule.user || @censor_rule.info_request) + flash[:notice] = 'Only user and request censor rules can be edited' + redirect_to admin_general_index_path + end + end end diff --git a/app/controllers/admin_comment_controller.rb b/app/controllers/admin_comment_controller.rb new file mode 100644 index 000000000..0aafb122a --- /dev/null +++ b/app/controllers/admin_comment_controller.rb @@ -0,0 +1,36 @@ +# app/controllers/admin_comment_controller.rb: +# Controller for editing comments from the admin interface. +# +# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ + +class AdminCommentController < AdminController + + def edit + @comment = Comment.find(params[:id]) + end + + def update + @comment = Comment.find(params[:id]) + + old_body = @comment.body + old_visible = @comment.visible + @comment.visible = params[:comment][:visible] == "true" ? true : false + + if @comment.update_attributes(params[:comment]) + @comment.info_request.log_event("edit_comment", + { :comment_id => @comment.id, + :editor => admin_current_user(), + :old_body => old_body, + :body => @comment.body, + :old_visible => old_visible, + :visible => @comment.visible, + }) + flash[:notice] = 'Comment successfully updated.' + redirect_to admin_request_url(@comment.info_request) + else + render :action => 'edit' + end + end + +end diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index 3bf40b8f9..7760c372b 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -9,7 +9,6 @@ require 'fileutils' class AdminController < ApplicationController layout "admin" before_filter :authenticate - protect_from_forgery # See ActionController::RequestForgeryProtection for details # action to take if expecting an authenticity token and one isn't received def handle_unverified_request diff --git a/app/controllers/admin_holiday_imports_controller.rb b/app/controllers/admin_holiday_imports_controller.rb new file mode 100644 index 000000000..8596936f0 --- /dev/null +++ b/app/controllers/admin_holiday_imports_controller.rb @@ -0,0 +1,28 @@ +class AdminHolidayImportsController < AdminController + + def new + @holiday_import = HolidayImport.new(holiday_import_params) + @holiday_import.populate if @holiday_import.valid? + end + + def create + @holiday_import = HolidayImport.new(holiday_import_params) + if @holiday_import.save + notice = "Holidays successfully imported" + redirect_to admin_holidays_path, :notice => notice + else + render :new + end + end + + private + + def holiday_import_params(key = :holiday_import) + if params[key] + params[key].slice(:holidays_attributes, :start_year, :end_year, :source, :ical_feed_url) + else + {} + end + end + +end diff --git a/app/controllers/admin_holidays_controller.rb b/app/controllers/admin_holidays_controller.rb new file mode 100644 index 000000000..9177ebd44 --- /dev/null +++ b/app/controllers/admin_holidays_controller.rb @@ -0,0 +1,67 @@ +class AdminHolidaysController < AdminController + + def index + get_all_holidays + end + + def new + @holiday = Holiday.new + if request.xhr? + render :partial => 'new_form', :locals => { :holiday => @holiday } + else + render :action => 'new' + end + end + + def create + @holiday = Holiday.new(holiday_params) + if @holiday.save + notice = "Holiday successfully created." + redirect_to admin_holidays_path, :notice => notice + else + render :new + end + end + + def edit + @holiday = Holiday.find(params[:id]) + if request.xhr? + render :partial => 'edit_form' + else + render :action => 'edit' + end + end + + def update + @holiday = Holiday.find(params[:id]) + if @holiday.update_attributes(holiday_params) + flash[:notice] = 'Holiday successfully updated.' + redirect_to admin_holidays_path + else + render :edit + end + end + + def destroy + @holiday = Holiday.find(params[:id]) + @holiday.destroy + notice = "Holiday successfully destroyed" + redirect_to admin_holidays_path, :notice => notice + end + + private + + def get_all_holidays + @holidays_by_year = Holiday.all.group_by { |holiday| holiday.day.year } + @years = @holidays_by_year.keys.sort.reverse + end + + def holiday_params(key = :holiday) + if params[key] + params[key].slice(:description, 'day(1i)', 'day(2i)', 'day(3i)') + else + {} + end + end + +end diff --git a/app/controllers/admin_incoming_message_controller.rb b/app/controllers/admin_incoming_message_controller.rb index 6b50d0e36..bc653bf53 100644 --- a/app/controllers/admin_incoming_message_controller.rb +++ b/app/controllers/admin_incoming_message_controller.rb @@ -20,14 +20,14 @@ class AdminIncomingMessageController < AdminController :prominence_reason => @incoming_message.prominence_reason) expire_for_request(@incoming_message.info_request) flash[:notice] = 'Incoming message successfully updated.' - redirect_to admin_request_show_url(@incoming_message.info_request) + redirect_to admin_request_url(@incoming_message.info_request) else render :action => 'edit' end end def destroy - @incoming_message = IncomingMessage.find(params[:incoming_message_id]) + @incoming_message = IncomingMessage.find(params[:id]) @info_request = @incoming_message.info_request incoming_message_id = @incoming_message.id @@ -37,11 +37,11 @@ class AdminIncomingMessageController < AdminController # expire cached files expire_for_request(@info_request) flash[:notice] = 'Incoming message successfully destroyed.' - redirect_to admin_request_show_url(@info_request) + redirect_to admin_request_url(@info_request) end def redeliver - incoming_message = IncomingMessage.find(params[:redeliver_incoming_message_id]) + incoming_message = IncomingMessage.find(params[:id]) message_ids = params[:url_title].split(",").each {|x| x.strip} previous_request = incoming_message.info_request destination_request = nil @@ -54,7 +54,7 @@ class AdminIncomingMessageController < AdminController end if destination_request.nil? flash[:error] = "Failed to find destination request '" + m + "'" - return redirect_to admin_request_show_url(previous_request) + return redirect_to admin_request_url(previous_request) end raw_email_data = incoming_message.raw_email.data @@ -74,7 +74,7 @@ class AdminIncomingMessageController < AdminController expire_for_request(previous_request) incoming_message.fully_destroy end - redirect_to admin_request_show_url(destination_request) + redirect_to admin_request_url(destination_request) end end diff --git a/app/controllers/admin_info_request_event_controller.rb b/app/controllers/admin_info_request_event_controller.rb new file mode 100644 index 000000000..17d147582 --- /dev/null +++ b/app/controllers/admin_info_request_event_controller.rb @@ -0,0 +1,24 @@ +# app/controllers/admin_info_request_event_controller.rb: +# Controller for FOI request event manipulation from the admin interface. +# +# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ + +class AdminInfoRequestEventController < AdminController + + # used so due dates get fixed + def update + @info_request_event = InfoRequestEvent.find(params[:id]) + if @info_request_event.event_type != 'response' + raise Exception("can only mark responses as requires clarification") + end + @info_request_event.described_state = 'waiting_clarification' + @info_request_event.calculated_state = 'waiting_clarification' + # TODO: deliberately don't update described_at so doesn't reenter search? + @info_request_event.save! + + flash[:notice] = "Old response marked as having been a clarification" + redirect_to admin_request_url(@info_request_event.info_request) + end + +end diff --git a/app/controllers/admin_outgoing_message_controller.rb b/app/controllers/admin_outgoing_message_controller.rb index ec0981677..2ee811dc0 100644 --- a/app/controllers/admin_outgoing_message_controller.rb +++ b/app/controllers/admin_outgoing_message_controller.rb @@ -5,7 +5,7 @@ class AdminOutgoingMessageController < AdminController end def destroy - @outgoing_message = OutgoingMessage.find(params[:outgoing_message_id]) + @outgoing_message = OutgoingMessage.find(params[:id]) @info_request = @outgoing_message.info_request outgoing_message_id = @outgoing_message.id @@ -14,7 +14,7 @@ class AdminOutgoingMessageController < AdminController { :editor => admin_current_user(), :deleted_outgoing_message_id => outgoing_message_id }) flash[:notice] = 'Outgoing message successfully destroyed.' - redirect_to admin_request_show_url(@info_request) + redirect_to admin_request_url(@info_request) end def update @@ -38,10 +38,41 @@ class AdminOutgoingMessageController < AdminController :prominence_reason => @outgoing_message.prominence_reason }) flash[:notice] = 'Outgoing message successfully updated.' expire_for_request(@outgoing_message.info_request) - redirect_to admin_request_show_url(@outgoing_message.info_request) + redirect_to admin_request_url(@outgoing_message.info_request) else render :action => 'edit' end end + def resend + @outgoing_message = OutgoingMessage.find(params[:id]) + @outgoing_message.prepare_message_for_resend + + mail_message = case @outgoing_message.message_type + when 'initial_request' + OutgoingMailer.initial_request( + @outgoing_message.info_request, + @outgoing_message + ).deliver + when 'followup' + OutgoingMailer.followup( + @outgoing_message.info_request, + @outgoing_message, + @outgoing_message.incoming_message_followup + ).deliver + else + raise "Message id #{id} has type '#{message_type}' which cannot be resent" + end + + @outgoing_message.record_email_delivery( + mail_message.to_addrs.join(', '), + mail_message.message_id, + 'resent' + ) + + flash[:notice] = "Outgoing message resent" + redirect_to admin_request_url(@outgoing_message.info_request) + end + + end diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb index baa5a1d22..d188f109d 100644 --- a/app/controllers/admin_public_body_controller.rb +++ b/app/controllers/admin_public_body_controller.rb @@ -5,69 +5,9 @@ # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminPublicBodyController < AdminController - def index - list - render :action => 'list' - end - - def _lookup_query_internal - @locale = self.locale_from_params() - underscore_locale = @locale.gsub '-', '_' - I18n.with_locale(@locale) do - @query = params[:query] - if @query == "" - @query = nil - end - @page = params[:page] - if @page == "" - @page = nil - end - @public_bodies = PublicBody.joins(:translations).where(@query.nil? ? "public_body_translations.locale = '#{underscore_locale}'" : - ["(lower(public_body_translations.name) like lower('%'||?||'%') or - lower(public_body_translations.short_name) like lower('%'||?||'%') or - lower(public_body_translations.request_email) like lower('%'||?||'%' )) AND (public_body_translations.locale = '#{underscore_locale}')", @query, @query, @query]).paginate :order => "public_body_translations.name", :page => @page, :per_page => 100 - end - @public_bodies_by_tag = PublicBody.find_by_tag(@query) - end - def list - self._lookup_query_internal - end - - def mass_tag_add - self._lookup_query_internal - - if params[:new_tag] and params[:new_tag] != "" - if params[:table_name] == 'exact' - bodies = @public_bodies_by_tag - elsif params[:table_name] == 'substring' - bodies = @public_bodies - else - raise "Unknown table_name " + params[:table_name] - end - for body in bodies - body.add_tag_if_not_already_present(params[:new_tag]) - end - flash[:notice] = "Added tag to table of bodies." - end - - redirect_to admin_body_list_url(:query => @query, :page => @page) - end - - def missing_scheme - # There might be a way to do this in ActiveRecord, but I can't find it - @public_bodies = PublicBody.find_by_sql(" - SELECT a.id, a.name, a.url_name, COUNT(*) AS howmany - FROM public_bodies a JOIN info_requests r ON a.id = r.public_body_id - WHERE a.publication_scheme = '' - GROUP BY a.id, a.name, a.url_name - ORDER BY howmany DESC - LIMIT 20 - ") - @stats = { - "total" => PublicBody.count, - "entered" => PublicBody.count(:conditions => "publication_scheme != ''") - } + def index + lookup_query end def show @@ -116,7 +56,7 @@ class AdminPublicBodyController < AdminController @change_request.send_response(params[:subject], response_text) end flash[:notice] = 'PublicBody was successfully created.' - redirect_to admin_body_show_url(@public_body) + redirect_to admin_body_url(@public_body) else render :action => 'new' end @@ -157,7 +97,7 @@ class AdminPublicBodyController < AdminController @change_request.send_response(params[:subject], params[:response]) end flash[:notice] = 'PublicBody was successfully updated.' - redirect_to admin_body_show_url(@public_body) + redirect_to admin_body_url(@public_body) else render :action => 'edit' end @@ -171,17 +111,53 @@ class AdminPublicBodyController < AdminController if public_body.info_requests.size > 0 flash[:notice] = "There are requests associated with the authority, so can't destroy it" - redirect_to admin_body_show_url(public_body) + redirect_to admin_body_url(public_body) return end public_body.tag_string = "" public_body.destroy flash[:notice] = "PublicBody was successfully destroyed." - redirect_to admin_body_list_url + redirect_to admin_bodies_url end end + def mass_tag_add + lookup_query + + if params[:new_tag] and params[:new_tag] != "" + if params[:table_name] == 'exact' + bodies = @public_bodies_by_tag + elsif params[:table_name] == 'substring' + bodies = @public_bodies + else + raise "Unknown table_name " + params[:table_name] + end + for body in bodies + body.add_tag_if_not_already_present(params[:new_tag]) + end + flash[:notice] = "Added tag to table of bodies." + end + + redirect_to admin_bodies_url(:query => @query, :page => @page) + end + + def missing_scheme + # There might be a way to do this in ActiveRecord, but I can't find it + @public_bodies = PublicBody.find_by_sql(" + SELECT a.id, a.name, a.url_name, COUNT(*) AS howmany + FROM public_bodies a JOIN info_requests r ON a.id = r.public_body_id + WHERE a.publication_scheme = '' + GROUP BY a.id, a.name, a.url_name + ORDER BY howmany DESC + LIMIT 20 + ") + @stats = { + "total" => PublicBody.count, + "entered" => PublicBody.count(:conditions => "publication_scheme != ''") + } + end + def import_csv @notes = "" @errors = "" @@ -261,4 +237,24 @@ class AdminPublicBodyController < AdminController return csv_contents end + def lookup_query + @locale = self.locale_from_params() + underscore_locale = @locale.gsub '-', '_' + I18n.with_locale(@locale) do + @query = params[:query] + if @query == "" + @query = nil + end + @page = params[:page] + if @page == "" + @page = nil + end + @public_bodies = PublicBody.joins(:translations).where(@query.nil? ? "public_body_translations.locale = '#{underscore_locale}'" : + ["(lower(public_body_translations.name) like lower('%'||?||'%') or + lower(public_body_translations.short_name) like lower('%'||?||'%') or + lower(public_body_translations.request_email) like lower('%'||?||'%' )) AND (public_body_translations.locale = '#{underscore_locale}')", @query, @query, @query]).paginate :order => "public_body_translations.name", :page => @page, :per_page => 100 + end + @public_bodies_by_tag = PublicBody.find_by_tag(@query) + end + end diff --git a/app/controllers/admin_raw_email_controller.rb b/app/controllers/admin_raw_email_controller.rb new file mode 100644 index 000000000..1b3ee2871 --- /dev/null +++ b/app/controllers/admin_raw_email_controller.rb @@ -0,0 +1,45 @@ +# app/controllers/admin_raw_email_controller.rb: +# Controller for managing raw emails from the admin interface. +# +# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. +# Email: hello@mysociety.org; WWW: http://www.mysociety.org/ + +class AdminRawEmailController < AdminController + + def show + @raw_email = RawEmail.find(params[:id]) + respond_to do |format| + format.html do + # For the holding pen, try to guess where it should be ... + @holding_pen = false + if (@raw_email.incoming_message.info_request == InfoRequest.holding_pen_request && !@raw_email.incoming_message.empty_from_field?) + @holding_pen = true + + # 1. Use domain of email to try and guess which public body it + # is associated with, so we can display that. + email = @raw_email.incoming_message.from_email + domain = PublicBody.extract_domain_from_email(email) + + if domain.nil? + @public_bodies = [] + else + @public_bodies = PublicBody.find(:all, :order => "name", + :conditions => [ "lower(request_email) like lower('%'||?||'%')", domain ]) + end + + # 2. Match the email address in the message without matching the hash + @info_requests = InfoRequest.guess_by_incoming_email(@raw_email.incoming_message) + + # 3. Give a reason why it's in the holding pen + last_event = InfoRequestEvent.find_by_incoming_message_id(@raw_email.incoming_message.id) + @rejected_reason = last_event.params[:rejected_reason] || "unknown reason" + end + end + format.text do + response.content_type = 'message/rfc822' + render :text => @raw_email.data + end + end + end + +end diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index 8f023bf12..1e083f57e 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -4,15 +4,9 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ -require 'ostruct' - class AdminRequestController < AdminController - def index - list - render :action => 'list' - end - def list + def index @query = params[:query] if @query info_requests = InfoRequest.where(["lower(title) like lower('%'||?||'%')", @query]) @@ -35,36 +29,6 @@ class AdminRequestController < AdminController :locals => vars_for_explanation) end - def resend - @outgoing_message = OutgoingMessage.find(params[:outgoing_message_id]) - @outgoing_message.prepare_message_for_resend - - mail_message = case @outgoing_message.message_type - when 'initial_request' - OutgoingMailer.initial_request( - @outgoing_message.info_request, - @outgoing_message - ).deliver - when 'followup' - OutgoingMailer.followup( - @outgoing_message.info_request, - @outgoing_message, - @outgoing_message.incoming_message_followup - ).deliver - else - raise "Message id #{id} has type '#{message_type}' which cannot be resent" - end - - @outgoing_message.record_email_delivery( - mail_message.to_addrs.join(', '), - mail_message.message_id, - 'resent' - ) - - flash[:notice] = "Outgoing message resent" - redirect_to admin_request_show_url(@outgoing_message.info_request) - end - def edit @info_request = InfoRequest.find(params[:id]) end @@ -108,13 +72,13 @@ class AdminRequestController < AdminController # expire cached files expire_for_request(@info_request) flash[:notice] = 'Request successfully updated.' - redirect_to admin_request_show_url(@info_request) + redirect_to admin_request_url(@info_request) else render :action => 'edit' end end - def fully_destroy + def destroy @info_request = InfoRequest.find(params[:id]) user = @info_request.user @@ -125,36 +89,12 @@ class AdminRequestController < AdminController expire_for_request(@info_request) email = user.try(:email) ? user.email : 'This request is external so has no associated user' flash[:notice] = "Request #{ url_title } has been completely destroyed. Email of user who made request: #{ email }" - redirect_to admin_request_list_url - end - - def edit_comment - @comment = Comment.find(params[:id]) - end - - def update_comment - @comment = Comment.find(params[:id]) - - old_body = @comment.body - old_visible = @comment.visible - @comment.visible = params[:comment][:visible] == "true" ? true : false - - if @comment.update_attributes(params[:comment]) - @comment.info_request.log_event("edit_comment", - { :comment_id => @comment.id, :editor => admin_current_user(), - :old_body => old_body, :body => @comment.body, - :old_visible => old_visible, :visible => @comment.visible, - }) - flash[:notice] = 'Comment successfully updated.' - redirect_to admin_request_show_url(@comment.info_request) - else - render :action => 'edit_comment' - end + redirect_to admin_requests_url end # change user or public body of a request magically - def move_request - info_request = InfoRequest.find(params[:info_request_id]) + def move + info_request = InfoRequest.find(params[:id]) if params[:commit] == 'Move request to user' && !params[:user_url_name].blank? old_user = info_request.user destination_user = User.find_by_url_name(params[:user_url_name]) @@ -172,7 +112,7 @@ class AdminRequestController < AdminController info_request.reindex_request_events flash[:notice] = "Message has been moved to new user" end - redirect_to admin_request_show_url(info_request) + redirect_to admin_request_url(info_request) elsif params[:commit] == 'Move request to authority' && !params[:public_body_url_name].blank? old_public_body = info_request.public_body destination_public_body = PublicBody.find_by_url_name(params[:public_body_url_name]) @@ -191,10 +131,10 @@ class AdminRequestController < AdminController flash[:notice] = "Request has been moved to new body" end - redirect_to admin_request_show_url(info_request) + redirect_to admin_request_url(info_request) else flash[:error] = "Please enter the user or authority to move the request to" - redirect_to admin_request_show_url(info_request) + redirect_to admin_request_url(info_request) end end @@ -218,7 +158,7 @@ class AdminRequestController < AdminController if !info_request.public_body.is_foi_officer?(user) flash[:notice] = user.email + " is not an email at the domain @" + info_request.public_body.foi_officer_domain_required + ", so won't be able to upload." - redirect_to admin_request_show_url(info_request) + redirect_to admin_request_url(info_request) return end @@ -230,61 +170,11 @@ class AdminRequestController < AdminController post_redirect.save! url = confirm_url(:email_token => post_redirect.email_token) - flash[:notice] = ("Send \"#{name}\" <<a href=\"mailto:#{email}\">#{email}</a>> this URL: <a href=\"#{url}\">#{url}</a> - it will log them in and let them upload a response to this request.").html_safe - redirect_to admin_request_show_url(info_request) - end - - def show_raw_email - @raw_email = RawEmail.find(params[:id]) - # For the holding pen, try to guess where it should be ... - @holding_pen = false - if (@raw_email.incoming_message.info_request == InfoRequest.holding_pen_request && !@raw_email.incoming_message.empty_from_field?) - @holding_pen = true - - # 1. Use domain of email to try and guess which public body it - # is associated with, so we can display that. - email = @raw_email.incoming_message.from_email - domain = PublicBody.extract_domain_from_email(email) - - if domain.nil? - @public_bodies = [] - else - @public_bodies = PublicBody.find(:all, :order => "name", - :conditions => [ "lower(request_email) like lower('%'||?||'%')", domain ]) - end - - # 2. Match the email address in the message without matching the hash - @info_requests = InfoRequest.guess_by_incoming_email(@raw_email.incoming_message) - - # 3. Give a reason why it's in the holding pen - last_event = InfoRequestEvent.find_by_incoming_message_id(@raw_email.incoming_message.id) - @rejected_reason = last_event.params[:rejected_reason] || "unknown reason" - end - end - - def download_raw_email - @raw_email = RawEmail.find(params[:id]) - - response.content_type = 'message/rfc822' - render :text => @raw_email.data - end - - # used so due dates get fixed - def mark_event_as_clarification - info_request_event = InfoRequestEvent.find(params[:info_request_event_id]) - if info_request_event.event_type != 'response' - raise Exception("can only mark responses as requires clarification") - end - info_request_event.described_state = 'waiting_clarification' - info_request_event.calculated_state = 'waiting_clarification' - # TODO: deliberately don't update described_at so doesn't reenter search? - info_request_event.save! - - flash[:notice] = "Old response marked as having been a clarification" - redirect_to admin_request_show_url(info_request_event.info_request) + flash[:notice] = ("Send \"#{CGI.escapeHTML(name)}\" <<a href=\"mailto:#{email}\">#{email}</a>> this URL: <a href=\"#{url}\">#{url}</a> - it will log them in and let them upload a response to this request.").html_safe + redirect_to admin_request_url(info_request) end - def hide_request + def hide ActiveRecord::Base.transaction do subject = params[:subject] explanation = params[:explanation] @@ -314,7 +204,7 @@ class AdminRequestController < AdminController end # expire cached files expire_for_request(info_request) - redirect_to admin_request_show_url(info_request) + redirect_to admin_request_url(info_request) end end diff --git a/app/controllers/admin_track_controller.rb b/app/controllers/admin_track_controller.rb index 085c9c6cc..63ee5c12e 100644 --- a/app/controllers/admin_track_controller.rb +++ b/app/controllers/admin_track_controller.rb @@ -5,7 +5,8 @@ # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminTrackController < AdminController - def list + + def index @query = params[:query] if @query track_things = TrackThing.where(["lower(track_query) like lower('%'||?||'%')", @query]) @@ -13,7 +14,14 @@ class AdminTrackController < AdminController track_things = TrackThing end @admin_tracks = track_things.paginate :order => "created_at desc", :page => params[:page], :per_page => 100 - @popular = ActiveRecord::Base.connection.select_all("select count(*) as count, title, info_request_id from track_things join info_requests on info_request_id = info_requests.id where info_request_id is not null group by info_request_id, title order by count desc limit 10;") + @popular = ActiveRecord::Base.connection.select_all("select count(*) as count, title, info_request_id from track_things join info_requests on info_request_id = info_requests.id where info_request_id is not null group by info_request_id, title order by count desc limit 10;") + end + + def destroy + track_thing = TrackThing.find(params[:id].to_i) + track_thing.destroy + flash[:notice] = 'Track destroyed' + redirect_to admin_user_url(track_thing.tracking_user) end private diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index a6438e151..7ef461594 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -5,12 +5,8 @@ # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class AdminUserController < AdminController - def index - list - render :action => 'list' - end - def list + def index @query = params[:query] if @query users = User.where(["lower(name) like lower('%'||?||'%') or @@ -21,20 +17,11 @@ class AdminUserController < AdminController @admin_users = users.paginate :order => "name", :page => params[:page], :per_page => 100 end - def list_banned - @banned_users = User.paginate :order => "name", :page => params[:page], :per_page => 100, - :conditions => ["ban_text <> ''"] - end - def show # Don't use @user as that is any logged in user @admin_user = User.find(params[:id]) end - def show_bounce_message - @admin_user = User.find(params[:id]) - end - def edit @admin_user = User.find(params[:id]) end @@ -53,17 +40,19 @@ class AdminUserController < AdminController if @admin_user.valid? @admin_user.save! flash[:notice] = 'User successfully updated.' - redirect_to admin_user_show_url(@admin_user) + redirect_to admin_user_url(@admin_user) else render :action => 'edit' end end - def destroy_track - track_thing = TrackThing.find(params[:track_id].to_i) - track_thing.destroy - flash[:notice] = 'Track destroyed' - redirect_to admin_user_show_url(track_thing.tracking_user) + def banned + @banned_users = User.paginate :order => "name", :page => params[:page], :per_page => 100, + :conditions => ["ban_text <> ''"] + end + + def show_bounce_message + @admin_user = User.find(params[:id]) end def clear_bounce @@ -71,7 +60,7 @@ class AdminUserController < AdminController user.email_bounced_at = nil user.email_bounce_message = "" user.save! - redirect_to admin_user_show_url(user) + redirect_to admin_user_url(user) end def login_as @@ -87,16 +76,12 @@ class AdminUserController < AdminController def clear_profile_photo @admin_user = User.find(params[:id]) - if !request.post? - raise "Can only clear profile photo from POST request" - end - if @admin_user.profile_photo @admin_user.profile_photo.destroy end flash[:notice] = "Profile photo cleared" - redirect_to admin_user_show_url(@admin_user) + redirect_to admin_user_url(@admin_user) end def modify_comment_visibility diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 4d3f40d40..dbd879a1c 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -14,9 +14,14 @@ class ApplicationController < ActionController::Base end class RouteNotFound < StandardError end + protect_from_forgery + # assign our own handler method for non-local exceptions rescue_from Exception, :with => :render_exception + # Add some security-related headers (see config/initializers/secure_headers.rb) + ensure_security_headers + # Standard headers, footers and navigation for whole site layout "default" include FastGettext::Translation # make functions like _, n_, N_ etc available) @@ -27,6 +32,8 @@ class ApplicationController < ActionController::Base before_filter :check_in_post_redirect before_filter :session_remember_me before_filter :set_vary_header + before_filter :validate_session_timestamp + after_filter :persist_session_timestamp def set_vary_header response.headers['Vary'] = 'Cookie' @@ -118,6 +125,29 @@ class ApplicationController < ActionController::Base end end + # Set a TTL for non "remember me" sessions so that the cookie + # is not replayable forever + SESSION_TTL = 3.hours + def validate_session_timestamp + if session[:user_id] && session.key?(:ttl) && session[:ttl] < SESSION_TTL.ago + clear_session_credentials + redirect_to signin_path + end + end + + def persist_session_timestamp + session[:ttl] = Time.now if session[:user_id] && !session[:remember_me] + end + + # Logout form + def clear_session_credentials + session[:user_id] = nil + session[:user_circumstance] = nil + session[:remember_me] = false + session[:using_admin] = nil + session[:admin_name] = nil + end + def render_exception(exception) # In development or the admin interface let Rails handle the exception # with its stack trace templates diff --git a/app/controllers/comment_controller.rb b/app/controllers/comment_controller.rb index 2c0037577..890e9faaa 100644 --- a/app/controllers/comment_controller.rb +++ b/app/controllers/comment_controller.rb @@ -10,7 +10,6 @@ class CommentController < ApplicationController before_filter :create_track_thing, :only => [ :new ] before_filter :reject_unless_comments_allowed, :only => [ :new ] before_filter :reject_if_user_banned, :only => [ :new ] - protect_from_forgery :only => [ :new ] def new if params[:comment] diff --git a/app/controllers/public_body_controller.rb b/app/controllers/public_body_controller.rb index e64644a1b..2e540d198 100644 --- a/app/controllers/public_body_controller.rb +++ b/app/controllers/public_body_controller.rb @@ -55,6 +55,8 @@ class PublicBodyController < ApplicationController @xapian_requests = nil end + flash.keep(:search_params) + @track_thing = TrackThing.create_track_for_public_body(@public_body) @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] @@ -349,6 +351,7 @@ class PublicBodyController < ApplicationController # Since acts_as_xapian doesn't support the Partial match flag, we work around it # by making the last work a wildcard, which is quite the same query = params[:query] + flash[:search_params] = params.slice(:query, :bodies, :page) @xapian_requests = perform_search_typeahead(query, PublicBody) render :partial => "public_body/search_ahead" end diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index a334abcb7..081c14d7f 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -10,7 +10,6 @@ require 'open-uri' class RequestController < ApplicationController before_filter :check_read_only, :only => [ :new, :show_response, :describe_state, :upload_response ] - protect_from_forgery :only => [ :new, :show_response, :describe_state, :upload_response ] # See ActionController::RequestForgeryProtection for details before_filter :check_batch_requests_and_user_allowed, :only => [ :select_authorities, :new_batch ] MAX_RESULTS = 500 PER_PAGE = 25 @@ -38,6 +37,7 @@ class RequestController < ApplicationController end if !params[:query].nil? query = params[:query] + flash[:search_params] = params.slice(:query, :bodies, :page) @xapian_requests = perform_search_typeahead(query, PublicBody) end medium_cache @@ -124,7 +124,6 @@ class RequestController < ApplicationController @track_thing = TrackThing.create_track_for_request(@info_request) @feed_autodetect = [ { :url => do_track_url(@track_thing, 'feed'), :title => @track_thing.params[:title_in_rss], :has_json => true } ] - respond_to do |format| format.html { @has_json = true; render :template => 'request/show'} format.json { render :json => @info_request.json_for_api(true) } @@ -246,13 +245,8 @@ class RequestController < ApplicationController :body => params[:outgoing_message][:body], :public_bodies => @public_bodies, :user => authenticated_user) - flash[:notice] = _("<p>Your {{law_used_full}} requests will be <strong>sent</strong> shortly!</p> - <p><strong>We will email you</strong> when they have been sent. - We will also email you when there is a response to any of them, or after {{late_number_of_days}} working days if the authorities still haven't - replied by then.</p> - <p>If you write about these requests (for example in a forum or a blog) please link to this page.</p>", - :law_used_full=>@info_request.law_used_full, - :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) + + flash[:batch_sent] = true redirect_to info_request_batch_path(@info_request_batch) end @@ -380,12 +374,7 @@ class RequestController < ApplicationController ) end - flash[:notice] = _("<p>Your {{law_used_full}} request has been <strong>sent on its way</strong>!</p> - <p><strong>We will email you</strong> when there is a response, or after {{late_number_of_days}} working days if the authority still hasn't - replied by then.</p> - <p>If you write about this request (for example in a forum or a blog) please link to this page, and add an - annotation below telling people about your writing.</p>",:law_used_full=>@info_request.law_used_full, - :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) + flash[:request_sent] = true redirect_to show_new_request_path(:url_title => @info_request.url_title) end @@ -770,13 +759,13 @@ class RequestController < ApplicationController get_attachment_internal(false) return unless @attachment - # Prevent spam to magic request address. Note that the binary - # subsitution method used depends on the content type - @incoming_message.binary_mask_stuff!(@attachment.body, @attachment.content_type) # we don't use @attachment.content_type here, as we want same mime type when cached in cache_attachments above response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name]) || 'application/octet-stream' + # Prevent spam to magic request address. Note that the binary + # subsitution method used depends on the content type + @incoming_message.apply_masks!(@attachment.body, @attachment.content_type) if response.content_type == 'text/html' @attachment.body = ActionController::Base.helpers.sanitize(@attachment.body) end @@ -808,10 +797,9 @@ class RequestController < ApplicationController :body_prefix => render_to_string(:partial => "request/view_html_prefix") } ) - - @incoming_message.html_mask_stuff!(html) - response.content_type = 'text/html' + @incoming_message.apply_masks!(html, response.content_type) + render :text => html end @@ -845,7 +833,15 @@ class RequestController < ApplicationController end # check filename in URL matches that in database (use a censor rule if you want to change a filename) - raise ActiveRecord::RecordNotFound.new("please use same filename as original file has, display: '" + @attachment.display_filename + "' old_display: '" + @attachment.old_display_filename + "' original: '" + @original_filename + "'") if @attachment.display_filename != @original_filename && @attachment.old_display_filename != @original_filename + if @attachment.display_filename != @original_filename && @attachment.old_display_filename != @original_filename + msg = 'please use same filename as original file has, display: ' + msg += "'#{ @attachment.display_filename }' " + msg += 'old_display: ' + msg += "'#{ @attachment.old_display_filename }' " + msg += 'original: ' + msg += "'#{ @original_filename }'" + raise ActiveRecord::RecordNotFound.new(msg) + end @attachment_url = get_attachment_url(:id => @incoming_message.info_request_id, :incoming_message_id => @incoming_message.id, :part => @part_number, @@ -904,10 +900,18 @@ class RequestController < ApplicationController # Type ahead search def search_typeahead - # Since acts_as_xapian doesn't support the Partial match flag, we work around it - # by making the last work a wildcard, which is quite the same - query = params[:q] - @xapian_requests = perform_search_typeahead(query, InfoRequestEvent) + # Since acts_as_xapian doesn't support the Partial match flag, we work + # around it by making the last word a wildcard, which is quite the same + @query = '' + + if params.key?(:requested_from) + @query << "requested_from:#{ params[:requested_from] } " + end + + @per_page = (params.fetch(:per_page) { 25 }).to_i + + @query << params[:q] + @xapian_requests = perform_search_typeahead(@query, InfoRequestEvent, @per_page) render :partial => "request/search_ahead" end diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb index dc4f783a6..9b3a3396f 100644 --- a/app/controllers/services_controller.rb +++ b/app/controllers/services_controller.rb @@ -5,6 +5,8 @@ require 'open-uri' class ServicesController < ApplicationController def other_country_message + flash.keep + text = "" iso_country_code = AlaveteliConfiguration::iso_country_code.downcase if country_from_ip.downcase != iso_country_code diff --git a/app/controllers/track_controller.rb b/app/controllers/track_controller.rb index 144f4d55a..4b272797f 100644 --- a/app/controllers/track_controller.rb +++ b/app/controllers/track_controller.rb @@ -6,9 +6,6 @@ # Email: hello@mysociety.org; WWW: http://www.mysociety.org/ class TrackController < ApplicationController - - protect_from_forgery # See ActionController::RequestForgeryProtection for details - before_filter :medium_cache # Track all updates to a particular request diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 43eb99c58..56f42891d 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -7,15 +7,8 @@ require 'set' class UserController < ApplicationController - layout :select_layout - protect_from_forgery :only => [ :contact, - :set_profile_photo, - :signchangeemail, - :clear_profile_photo, - :set_profile_about_me ] # See ActionController::RequestForgeryProtection for details - # Show page about a user def show long_cache @@ -260,16 +253,8 @@ class UserController < ApplicationController do_post_redirect post_redirect end - # Logout form - def _do_signout - session[:user_id] = nil - session[:user_circumstance] = nil - session[:remember_me] = false - session[:using_admin] = nil - session[:admin_name] = nil - end def signout - self._do_signout + clear_session_credentials if params[:r] redirect_to URI.parse(params[:r]).path else diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb index 151e53758..d13fea79b 100644 --- a/app/helpers/admin_helper.rb +++ b/app/helpers/admin_helper.rb @@ -21,17 +21,17 @@ module AdminHelper def request_both_links(info_request) link_to(eye, request_path(info_request), :title => "view request on public website") + " " + - link_to(info_request.title, admin_request_show_path(info_request), :title => "view full details") + link_to(info_request.title, admin_request_path(info_request), :title => "view full details") end def public_body_both_links(public_body) link_to(eye, public_body_path(public_body), :title => "view authority on public website") + " " + - link_to(h(public_body.name), admin_body_show_path(public_body), :title => "view full details") + link_to(h(public_body.name), admin_body_path(public_body), :title => "view full details") end def user_both_links(user) link_to(eye, user_path(user), :title => "view user's page on public website") + " " + - link_to(h(user.name), admin_user_show_path(user), :title => "view full details") + link_to(h(user.name), admin_user_path(user), :title => "view full details") end def comment_visibility(comment) diff --git a/app/helpers/link_to_helper.rb b/app/helpers/link_to_helper.rb index 3709469cf..44d6c6f5f 100755 --- a/app/helpers/link_to_helper.rb +++ b/app/helpers/link_to_helper.rb @@ -116,7 +116,7 @@ module LinkToHelper if request.is_external? external_text || (request.external_user_name || _("Anonymous user")) + " (external)" else - link_to(internal_text || request.user.name, admin_user_show_url(request.user)) + link_to(internal_text || request.user.name, admin_user_url(request.user)) end end @@ -178,7 +178,7 @@ module LinkToHelper end def user_admin_link(user, name="admin", cls=nil) - link_to name, admin_user_show_url(user), :class => cls + link_to name, admin_user_url(user), :class => cls end # Tracks. feed can be 'track' or 'feed' diff --git a/app/mailers/outgoing_mailer.rb b/app/mailers/outgoing_mailer.rb index 797bf9fdd..19054b4e2 100644 --- a/app/mailers/outgoing_mailer.rb +++ b/app/mailers/outgoing_mailer.rb @@ -21,7 +21,7 @@ class OutgoingMailer < ApplicationMailer mail(:from => info_request.incoming_name_and_email, :to => info_request.recipient_name_and_email, - :subject => info_request.email_subject_request) + :subject => info_request.email_subject_request(:html => false)) end # Later message to public body regarding existing request @@ -32,7 +32,7 @@ class OutgoingMailer < ApplicationMailer mail(:from => info_request.incoming_name_and_email, :to => OutgoingMailer.name_and_email_for_followup(info_request, incoming_message_followup), - :subject => OutgoingMailer.subject_for_followup(info_request, outgoing_message)) + :subject => OutgoingMailer.subject_for_followup(info_request, outgoing_message, :html => false)) end # TODO: the condition checking valid_to_reply_to? also appears in views/request/_followup.html.erb, @@ -67,11 +67,12 @@ class OutgoingMailer < ApplicationMailer end end # Subject to use for followup - def OutgoingMailer.subject_for_followup(info_request, outgoing_message) + def OutgoingMailer.subject_for_followup(info_request, outgoing_message, options = {}) if outgoing_message.what_doing == 'internal_review' - return "Internal review of " + info_request.email_subject_request + return "Internal review of " + info_request.email_subject_request(:html => options[:html]) else - return info_request.email_subject_followup(outgoing_message.incoming_message_followup) + return info_request.email_subject_followup(:incoming_message => outgoing_message.incoming_message_followup, + :html => options[:html]) end end # Whether we have a valid email address for a followup diff --git a/app/mailers/request_mailer.rb b/app/mailers/request_mailer.rb index 768257ba8..c9decc6db 100644 --- a/app/mailers/request_mailer.rb +++ b/app/mailers/request_mailer.rb @@ -20,7 +20,7 @@ class RequestMailer < ApplicationMailer mail(:from => from_user.name_and_email, :to => info_request.incoming_name_and_email, - :subject => info_request.email_subject_followup) + :subject => info_request.email_subject_followup(:html => false)) end # Used when a response is uploaded using the API @@ -58,7 +58,7 @@ class RequestMailer < ApplicationMailer user = set_by || info_request.user @reported_by = user @url = request_url(info_request) - @admin_url = admin_request_show_url(info_request) + @admin_url = admin_request_url(info_request) @info_request = info_request @message = message diff --git a/app/models/holiday.rb b/app/models/holiday.rb index 4c4941589..34044683a 100644 --- a/app/models/holiday.rb +++ b/app/models/holiday.rb @@ -22,6 +22,8 @@ class Holiday < ActiveRecord::Base + validates_presence_of :day + def self.holidays @@holidays ||= all.collect { |h| h.day }.to_set end diff --git a/app/models/holiday_import.rb b/app/models/holiday_import.rb new file mode 100644 index 000000000..c6019fac0 --- /dev/null +++ b/app/models/holiday_import.rb @@ -0,0 +1,93 @@ +class HolidayImport + + include ActiveModel::Validations + + attr_accessor :holidays, + :ical_feed_url, + :start_year, + :end_year, + :start_date, + :end_date, + :source, + :populated + + validate :all_holidays_valid + validates_inclusion_of :source, :in => %w( suggestions feed ) + validates_presence_of :ical_feed_url, + :if => proc { |holiday_import| holiday_import.source == 'feed' } + + def initialize(opts = {}) + @populated = false + @start_year = opts.fetch(:start_year, Time.now.year).to_i + @end_year = opts.fetch(:end_year, Time.now.year).to_i + @start_date = Date.civil(start_year, 1, 1) + @end_date = Date.civil(end_year, 12, 31) + @source = opts.fetch(:source, 'suggestions') + @ical_feed_url = opts.fetch(:ical_feed_url, nil) + @country_code = AlaveteliConfiguration::iso_country_code.downcase + self.holidays_attributes = opts.fetch(:holidays_attributes, []) + end + + def populate + source == 'suggestions' ? populate_from_suggestions : populate_from_ical_feed + @populated = true + end + + def suggestions_country_name + IsoCountryCodes.find(@country_code).name if @country_code + end + + def period + start_year == end_year ? "#{start_year}" : "#{start_year}-#{end_year}" + end + + def save + holidays.all?(&:save) + end + + def holidays_attributes=(incoming_data) + incoming_data.each{ |offset, incoming| self.holidays << Holiday.new(incoming) } + end + + def holidays + @holidays ||= [] + end + + private + + def all_holidays_valid + errors.add(:base, 'These holidays could not be imported') unless holidays.all?(&:valid?) + end + + def populate_from_ical_feed + begin + cal_file = open(ical_feed_url) + cals = Icalendar.parse(cal_file, strict=false) + cal = cals.first + cal.events.each{ |cal_event| populate_from_ical_event(cal_event) } + rescue Errno::ENOENT, Exception => e + if e.message == 'Invalid line in calendar string!' + errors.add(:ical_feed_url, "Sorry, there's a problem with the format of that feed.") + elsif e.message.starts_with 'No such file or directory' + errors.add(:ical_feed_url, "Sorry we couldn't find that feed.") + else + raise e + end + end + end + + def populate_from_ical_event(cal_event) + if cal_event.dtstart >= start_date and cal_event.dtstart <= end_date + holidays << Holiday.new(:description => cal_event.summary, + :day => cal_event.dtstart) + end + end + + def populate_from_suggestions + holiday_info = Holidays.between(start_date, end_date, @country_code.to_sym, :observed) + holiday_info.each do |holiday_info_hash| + holidays << Holiday.new(:description => holiday_info_hash[:name], + :day => holiday_info_hash[:date]) + end + end +end diff --git a/app/models/incoming_message.rb b/app/models/incoming_message.rb index db6722976..658ee969a 100644 --- a/app/models/incoming_message.rb +++ b/app/models/incoming_message.rb @@ -52,17 +52,6 @@ class IncomingMessage < ActiveRecord::Base has_prominence - # See binary_mask_stuff function below. It just test for inclusion - # in this hash, not the value of the right hand side. - DoNotBinaryMask = { - 'image/tiff' => 1, - 'image/gif' => 1, - 'image/jpeg' => 1, - 'image/png' => 1, - 'image/bmp' => 1, - 'application/zip' => 1, - } - # Given that there are in theory many info request events, a convenience method for # getting the response event def response_event @@ -218,111 +207,10 @@ class IncomingMessage < ActiveRecord::Base end end - # Converts email addresses we know about into textual descriptions of them - def mask_special_emails!(text) - # TODO: can later display some of these special emails as actual emails, - # if they are public anyway. For now just be precautionary and only - # put in descriptions of them in square brackets. - if self.info_request.public_body.is_followupable? - text.gsub!(self.info_request.public_body.request_email, _("[{{public_body}} request email]", :public_body => self.info_request.public_body.short_or_long_name)) - end - text.gsub!(self.info_request.incoming_email, _('[FOI #{{request}} email]', :request => self.info_request.id.to_s) ) - text.gsub!(AlaveteliConfiguration::contact_email, _("[{{site_name}} contact email]", :site_name => AlaveteliConfiguration::site_name) ) - end - - # Replaces all email addresses in (possibly binary data) with equal length alternative ones. - # Also replaces censor items - def binary_mask_stuff!(text, content_type) - # See if content type is one that we mask - things like zip files and - # images may get broken if we try to. We err on the side of masking too - # much, as many unknown types will really be text. - if DoNotBinaryMask.include?(content_type) - return - end - - # Special cases for some content types - if content_type == 'application/pdf' - uncompressed_text = nil - uncompressed_text = AlaveteliExternalCommand.run("pdftk", "-", "output", "-", "uncompress", :stdin_string => text) - # if we managed to uncompress the PDF... - if !uncompressed_text.nil? && !uncompressed_text.empty? - # then censor stuff (making a copy so can compare again in a bit) - censored_uncompressed_text = uncompressed_text.dup - self._binary_mask_stuff_internal!(censored_uncompressed_text) - # if the censor rule removed something... - if censored_uncompressed_text != uncompressed_text - # then use the altered file (recompressed) - recompressed_text = nil - if AlaveteliConfiguration::use_ghostscript_compression == true - command = ["gs", "-sDEVICE=pdfwrite", "-dCompatibilityLevel=1.4", "-dPDFSETTINGS=/screen", "-dNOPAUSE", "-dQUIET", "-dBATCH", "-sOutputFile=-", "-"] - else - command = ["pdftk", "-", "output", "-", "compress"] - end - recompressed_text = AlaveteliExternalCommand.run(*(command + [{:stdin_string=>censored_uncompressed_text}])) - if recompressed_text.nil? || recompressed_text.empty? - # buggy versions of pdftk sometimes fail on - # compression, I don't see it's a disaster in - # these cases to save an uncompressed version? - recompressed_text = censored_uncompressed_text - logger.warn "Unable to compress PDF; problem with your pdftk version?" - end - if !recompressed_text.nil? && !recompressed_text.empty? - text.replace recompressed_text - end - end - end - return - end - - self._binary_mask_stuff_internal!(text) - end - - # Used by binary_mask_stuff - replace text in place - def _binary_mask_stuff_internal!(text) - # Keep original size, so can check haven't resized it - orig_size = text.mb_chars.size - - # Replace ASCII email addresses... - text.gsub!(MySociety::Validate.email_find_regexp) do |email| - email.gsub(/[^@.]/, 'x') - end - - # And replace UCS-2 ones (for Microsoft Office documents)... - # Find emails, by finding them in parts of text that have ASCII - # equivalents to the UCS-2 - ascii_chars = text.gsub(/\0/, "") - emails = ascii_chars.scan(MySociety::Validate.email_find_regexp) - - # Convert back to UCS-2, making a mask at the same time - if String.method_defined?(:encode) - emails.map! do |email| - # We want the ASCII representation of UCS-2 - [email[0].encode('UTF-16LE').force_encoding('US-ASCII'), - email[0].gsub(/[^@.]/, 'x').encode('UTF-16LE').force_encoding('US-ASCII')] - end - else - emails.map! {|email| [ - Iconv.conv('ucs-2le', 'ascii', email[0]), - Iconv.conv('ucs-2le', 'ascii', email[0].gsub(/[^@.]/, 'x')) - ] } - end - - # Now search and replace the UCS-2 email with the UCS-2 mask - for email, mask in emails - text.gsub!(email, mask) - end - - # Replace censor items - self.info_request.apply_censor_rules_to_binary!(text) - - raise "internal error in binary_mask_stuff" if text.mb_chars.size != orig_size - return text - end - - # Removes censored stuff from from HTML conversion of downloaded binaries - def html_mask_stuff!(html) - self.mask_special_emails!(html) - self.remove_privacy_sensitive_things!(html) + def apply_masks!(text, content_type) + mask_options = { :censor_rules => info_request.applicable_censor_rules, + :masks => info_request.masks } + AlaveteliTextMasker.apply_masks!(text, content_type, mask_options) end # Lotus notes quoting yeuch! @@ -346,26 +234,6 @@ class IncomingMessage < ActiveRecord::Base end - # Remove emails, mobile phones and other details FOI officers ask us to remove. - def remove_privacy_sensitive_things!(text) - # Remove any email addresses - we don't want bounce messages to leak out - # either the requestor's email address or the request's response email - # address out onto the internet - text.gsub!(MySociety::Validate.email_find_regexp, "[email address]") - - # Mobile phone numbers - # http://www.whatdotheyknow.com/request/failed_test_purchases_off_licenc#incoming-1013 - # http://www.whatdotheyknow.com/request/selective_licensing_statistics_i#incoming-550 - # http://www.whatdotheyknow.com/request/common_purpose_training_graduate#incoming-774 - text.gsub!(/(Mobile|Mob)([\s\/]*(Fax|Tel))*\s*:?[\s\d]*\d/, "[mobile number]") - - # Remove WhatDoTheyKnow signup links - text.gsub!(/http:\/\/#{AlaveteliConfiguration::domain}\/c\/[^\s]+/, "[WDTK login link]") - - # Remove things from censor rules - self.info_request.apply_censor_rules_to_text!(text) - end - # Remove quoted sections from emails (eventually the aim would be for this # to do as good a job as GMail does) TODO: bet it needs a proper parser @@ -465,9 +333,8 @@ class IncomingMessage < ActiveRecord::Base raise "main body text more than 1 MB, need to implement clipping like for attachment text, or there is some other MIME decoding problem or similar" end - # remove emails for privacy/anti-spam reasons - self.mask_special_emails!(text) - self.remove_privacy_sensitive_things!(text) + # apply masks for this message + apply_masks!(text, 'text/html') # Remove existing quoted sections folded_quoted_text = self.remove_lotus_quoting(text, 'FOLDED_QUOTED_SECTION') @@ -735,7 +602,14 @@ class IncomingMessage < ActiveRecord::Base text = MySociety::Format.simplify_angle_bracketed_urls(text) text = CGI.escapeHTML(text) text = MySociety::Format.make_clickable(text, :contract => 1) - text.gsub!(/\[(email address|mobile number)\]/, '[<a href="/help/officers#mobiles">\1</a>]') + + # add a helpful link to email addresses and mobile numbers removed + # by apply_masks! + email_pattern = Regexp.escape(_("email address")) + mobile_pattern = Regexp.escape(_("mobile number")) + text.gsub!(/\[(#{email_pattern}|#{mobile_pattern})\]/, + '[<a href="/help/officers#mobiles">\1</a>]') + if collapse_quoted_sections text = text.gsub(/(\s*FOLDED_QUOTED_SECTION\s*)+/m, "FOLDED_QUOTED_SECTION") text.strip! @@ -773,8 +647,8 @@ class IncomingMessage < ActiveRecord::Base # Returns text version of attachment text def get_attachment_text_full text = self._get_attachment_text_internal - self.mask_special_emails!(text) - self.remove_privacy_sensitive_things!(text) + apply_masks!(text, 'text/html') + # This can be useful for memory debugging #STDOUT.puts 'xxx '+ MySociety::DebugHelpers::allocated_string_size_around_gc diff --git a/app/models/info_request.rb b/app/models/info_request.rb index d0052603a..8d455e488 100644 --- a/app/models/info_request.rb +++ b/app/models/info_request.rb @@ -210,16 +210,6 @@ class InfoRequest < ActiveRecord::Base OLD_AGE_IN_DAYS = 21.days - def after_initialize - if self.described_state.nil? - self.described_state = 'waiting_response' - end - # FOI or EIR? - if !self.public_body.nil? && self.public_body.eir_only? - self.law_used = 'eir' - end - end - def visible_comments self.comments.find(:all, :conditions => 'visible') end @@ -292,13 +282,18 @@ public end # Subject lines for emails about the request - def email_subject_request - _('{{law_used_full}} request - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title.html_safe) + def email_subject_request(opts = {}) + html = opts.fetch(:html, true) + _('{{law_used_full}} request - {{title}}', + :law_used_full => self.law_used_full, + :title => (html ? title : title.html_safe)) end - def email_subject_followup(incoming_message = nil) + def email_subject_followup(opts = {}) + incoming_message = opts.fetch(:incoming_message, nil) + html = opts.fetch(:html, true) if incoming_message.nil? || !incoming_message.valid_to_reply_to? || !incoming_message.subject - 'Re: ' + self.email_subject_request + 'Re: ' + self.email_subject_request(:html => html) else if incoming_message.subject.match(/^Re:/i) incoming_message.subject @@ -1148,6 +1143,22 @@ public return binary end + # Masks we apply to text associated with this request convert email addresses + # we know about into textual descriptions of them + def masks + masks = [{ :to_replace => incoming_email, + :replacement => _('[FOI #{{request}} email]', + :request => id.to_s) }, + { :to_replace => AlaveteliConfiguration::contact_email, + :replacement => _("[{{site_name}} contact email]", + :site_name => AlaveteliConfiguration::site_name)} ] + if public_body.is_followupable? + masks << { :to_replace => public_body.request_email, + :replacement => _("[{{public_body}} request email]", + :public_body => public_body.short_or_long_name) } + end + end + def is_owning_user?(user) !user.nil? && (user.id == user_id || user.owns_every_request?) end @@ -1345,9 +1356,9 @@ public end def InfoRequest.find_in_state(state) - find(:all, :select => '*, ' + last_event_time_clause + ' as last_event_time', - :conditions => ["described_state = ?", state], - :order => "last_event_time") + select("*, #{ last_event_time_clause } as last_event_time"). + where(:described_state => state). + order('last_event_time') end private diff --git a/app/models/info_request_event.rb b/app/models/info_request_event.rb index 9dde3ba80..635ba8f58 100644 --- a/app/models/info_request_event.rb +++ b/app/models/info_request_event.rb @@ -161,11 +161,10 @@ class InfoRequestEvent < ActiveRecord::Base end def incoming_message_selective_columns(fields) - message = IncomingMessage.find(:all, - :select => fields + ", incoming_messages.info_request_id", - :joins => "INNER JOIN info_request_events ON incoming_messages.id = incoming_message_id ", - :conditions => "info_request_events.id = #{self.id}" - ) + message = IncomingMessage.select("#{ fields }, incoming_messages.info_request_id"). + joins('INNER JOIN info_request_events ON incoming_messages.id = incoming_message_id'). + where('info_request_events.id = ?', id) + message = message[0] if !message.nil? message.info_request = InfoRequest.find(message.info_request_id) diff --git a/app/models/public_body.rb b/app/models/public_body.rb index 829625cac..b8163b07d 100644 --- a/app/models/public_body.rb +++ b/app/models/public_body.rb @@ -349,33 +349,29 @@ class PublicBody < ActiveRecord::Base # Use tags to describe what type of thing this is def type_of_authority(html = false) - types = [] - first = true - for tag in self.tags + types = tags.each_with_index.map do |tag, index| if PublicBodyCategory.get().by_tag().include?(tag.name) desc = PublicBodyCategory.get().singular_by_tag()[tag.name] - if first - # terrible that Ruby/Rails doesn't have an equivalent of ucfirst - # (capitalize shockingly converts later characters to lowercase) - desc = desc[0,1].capitalize + desc[1,desc.size] - first = false + + if index.zero? + desc = desc.sub(/\S/) { |m| Unicode.upcase(m) } end + if html # TODO: this should call proper route helpers, but is in model sigh desc = '<a href="/body/list/' + tag.name + '">' + desc + '</a>' end - types.push(desc) + + desc end end - if types.size > 0 - ret = types[0, types.size - 1].join(", ") - if types.size > 1 - ret = ret + " and " - end - ret = ret + types[-1] - return ret.html_safe + + types.compact! + + if types.any? + types.to_sentence(:last_word_connector => ' and ').html_safe else - return _("A public authority") + _("A public authority") end end diff --git a/app/models/public_body_category.rb b/app/models/public_body_category.rb index bb83c4c82..c313e5734 100644 --- a/app/models/public_body_category.rb +++ b/app/models/public_body_category.rb @@ -2,11 +2,8 @@ # # Table name: public_body_categories # -# id :integer not null, primary key -# title :text not null -# category_tag :text not null -# description :text not null -# display_order :integer +# id :integer not null, primary key +# category_tag :text not null # require 'forwardable' diff --git a/app/models/public_body_category_link.rb b/app/models/public_body_category_link.rb index ba3ff1f95..8c3eb8060 100644 --- a/app/models/public_body_category_link.rb +++ b/app/models/public_body_category_link.rb @@ -1,10 +1,11 @@ # == Schema Information # -# Table name: public_body_category_link +# Table name: public_body_category_links # -# public_body_category_id :integer not null -# public_body_heading_id :integer not null -# category_display_order :integer +# public_body_category_id :integer not null +# public_body_heading_id :integer not null +# category_display_order :integer +# id :integer not null, primary key # class PublicBodyCategoryLink < ActiveRecord::Base diff --git a/app/models/public_body_heading.rb b/app/models/public_body_heading.rb index f1916d233..f394c37c6 100644 --- a/app/models/public_body_heading.rb +++ b/app/models/public_body_heading.rb @@ -2,8 +2,7 @@ # # Table name: public_body_headings # -# id :integer not null, primary key -# name :text not null +# id :integer not null, primary key # display_order :integer # diff --git a/app/models/user.rb b/app/models/user.rb index 1c6dc0eb0..c953e52f2 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -264,11 +264,9 @@ class User < ActiveRecord::Base # Returns list of requests which the user hasn't described (and last # changed more than a day ago) def get_undescribed_requests - info_requests.find( - :all, - :conditions => [ 'awaiting_description = ? and ' + InfoRequest.last_event_time_clause + ' < ?', - true, Time.now() - 1.day - ] + info_requests.where( + "awaiting_description = ? and #{ InfoRequest.last_event_time_clause } < ?", + true, 1.day.ago ) end diff --git a/app/views/admin_censor_rule/_show.html.erb b/app/views/admin_censor_rule/_show.html.erb index 46904b3b9..4b37d0cc9 100644 --- a/app/views/admin_censor_rule/_show.html.erb +++ b/app/views/admin_censor_rule/_show.html.erb @@ -15,7 +15,7 @@ <td><%=h censor_rule.send(column) %></td> <% end %> <td> - <%= link_to "Edit", admin_rule_edit_path(censor_rule) %> + <%= link_to "Edit", edit_admin_censor_rule_path(censor_rule) %> </td> </tr> <% end %> @@ -25,7 +25,7 @@ <% end %> <% if defined? info_request %> - <%= link_to "New censor rule", new_admin_info_request_censor_rule_path(info_request), :class => "btn btn-info" %> + <%= link_to "New censor rule", new_admin_request_censor_rule_path(info_request), :class => "btn btn-info" %> <span class="label label-info">for this request only</span> <% end %> diff --git a/app/views/admin_censor_rule/edit.html.erb b/app/views/admin_censor_rule/edit.html.erb index 230446ed3..ff07987f2 100644 --- a/app/views/admin_censor_rule/edit.html.erb +++ b/app/views/admin_censor_rule/edit.html.erb @@ -2,15 +2,14 @@ <h1><%=@title%></h1> -<%= form_tag admin_rule_update_path(@censor_rule), :class => "form form-horizontal" do %> +<%= form_tag admin_censor_rule_path(@censor_rule), :method => 'put', :class => "form form-horizontal" do %> <%= render :partial => 'form', :locals => { :info_request => @censor_rule.info_request, :user => @censor_rule.user } %> <div class="form-actions"> <%= submit_tag 'Save', :accesskey => 's', :class => "btn btn-primary" %> </div> <% end %> -<%= form_tag admin_rule_destroy_path(@censor_rule), :class => "form form-horizontal" do %> - <%= hidden_field_tag(:censor_rule_id, @censor_rule.id) %> +<%= form_tag admin_censor_rule_path(@censor_rule), :method => 'delete', :class => "form form-horizontal" do %> <div class="form-actions"> Permanent! --> <%= submit_tag "Destroy rule", :class => "btn btn-primary" %> </div> diff --git a/app/views/admin_censor_rule/new.html.erb b/app/views/admin_censor_rule/new.html.erb index 26b3212be..ded31cff2 100644 --- a/app/views/admin_censor_rule/new.html.erb +++ b/app/views/admin_censor_rule/new.html.erb @@ -4,7 +4,6 @@ <%= form_for @censor_rule, :url => @form_url, :class => "form form-horizontal" do %> <%= render :partial => 'form', :locals => { :info_request => @info_request, :user => @censor_user } %> - <div class="form-actions"> <%= submit_tag "Create", :class => "btn btn-primary" %> </div> diff --git a/app/views/admin_request/edit_comment.html.erb b/app/views/admin_comment/edit.html.erb index 2cf49a4a8..e3cbd7472 100644 --- a/app/views/admin_request/edit_comment.html.erb +++ b/app/views/admin_comment/edit.html.erb @@ -2,12 +2,12 @@ <%= error_messages_for 'comment' %> -<%= form_tag admin_request_update_comment_path(@comment) do %> +<%= form_tag admin_comment_path(@comment), :method => 'put' do %> <p><label for="comment_body">Body of annotation</label><br/> <%= text_area 'comment', 'body', :rows => 10, :cols => 60 %></p> - <p><label for="comment_visible">Visible</label> + <p><label for="comment_visible">Visible</label> <%= select('comment', "visible", [["Yes – show comment",true],["No – hide comment",false]]) %> </p> @@ -16,7 +16,7 @@ <% end %> <p> -<%= link_to 'Show', admin_request_show_path(@comment.info_request) %> | -<%= link_to 'List all', admin_request_list_path %> +<%= link_to 'Show request', admin_request_path(@comment.info_request) %> | +<%= link_to 'List all requests', admin_requests_path %> </p> diff --git a/app/views/admin_general/_admin_navbar.html.erb b/app/views/admin_general/_admin_navbar.html.erb index 14fc06092..b6e01f049 100644 --- a/app/views/admin_general/_admin_navbar.html.erb +++ b/app/views/admin_general/_admin_navbar.html.erb @@ -9,11 +9,17 @@ <li><%= link_to 'Timeline', admin_timeline_path %></li> <li><%= link_to 'Stats', admin_stats_path %></li> <li><%= link_to 'Debug', admin_debug_path %></li> - <li><%= link_to 'Authorities', admin_body_list_path %></li> - <li><%= link_to 'Categories', admin_categories_path %></li> - <li><%= link_to 'Requests', admin_request_list_path %></li> - <li><%= link_to 'Users', admin_user_list_path %></li> - <li><%= link_to 'Tracks', admin_track_list_path %></li> + <li class="dropdown"> + <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">Authorities<span class="caret"></span></a> + <ul class="dropdown-menu" role="menu"> + <li><%= link_to 'Authorities', admin_bodies_path %></li> + <li><%= link_to 'Categories', admin_categories_path %></li> + </ul> + </li> + <li><%= link_to 'Requests', admin_requests_path %></li> + <li><%= link_to 'Users', admin_users_path %></li> + <li><%= link_to 'Tracks', admin_tracks_path %></li> + <li><%= link_to 'Holidays', admin_holidays_path %></li> <li><%= link_to 'Log out', signout_path %></li> </ul> </div> diff --git a/app/views/admin_general/index.html.erb b/app/views/admin_general/index.html.erb index ba9396ceb..ba0563bb6 100644 --- a/app/views/admin_general/index.html.erb +++ b/app/views/admin_general/index.html.erb @@ -37,9 +37,9 @@ <tr> <td> <% if message.get_body_for_quoting.strip.size == 0 %> - <%= link_to "(no body)", admin_request_show_raw_email_path(message.raw_email_id) %> + <%= link_to "(no body)", admin_raw_email_path(message.raw_email_id) %> <% else %> - <%= link_to excerpt(message.get_body_for_quoting, "", :radius => 60), admin_request_show_raw_email_path(message.raw_email_id) %> + <%= link_to excerpt(message.get_body_for_quoting, "", :radius => 60), admin_raw_email_path(message.raw_email_id) %> <% end %> </td> <td class="span2"> @@ -183,10 +183,10 @@ <div id="new-authorities" class="accordion-body collapse"> <% for @change_request in @new_body_requests %> <%= render :partial => 'change_request_summary'%> - <%= form_tag admin_change_request_update_path(@change_request), :class => "form form-horizontal" do %> + <%= form_tag admin_change_request_path(@change_request), :method => 'put', :class => "form form-horizontal" do %> <%= submit_tag 'Close', :class => "btn btn-danger" %> - <%= link_to("Close and respond", admin_change_request_edit_path(@change_request), :class => 'btn') %> - <%= link_to("Add authority", admin_body_new_path(:change_request_id => @change_request.id), :class => 'btn btn-primary') %> + <%= link_to("Close and respond", edit_admin_change_request_path(@change_request), :class => 'btn') %> + <%= link_to("Add authority", new_admin_body_path(:change_request_id => @change_request.id), :class => 'btn btn-primary') %> <% end %> <% end %> @@ -202,10 +202,10 @@ <div id="update-authorities" class="accordion-body collapse"> <% for @change_request in @body_update_requests %> <%= render :partial => 'change_request_summary' %> - <%= form_tag admin_change_request_update_path(@change_request), :class => "form form-horizontal" do %> + <%= form_tag admin_change_request_path(@change_request), :class => "form form-horizontal", :method => 'put' do %> <%= submit_tag 'Close', :class => "btn btn-danger" %> - <%= link_to("Close and respond", admin_change_request_edit_path(@change_request), :class => 'btn') %> - <%= link_to("Make update", admin_body_edit_path(@change_request.public_body, :change_request_id => @change_request.id), :class => 'btn btn-primary') %> + <%= link_to("Close and respond", edit_admin_change_request_path(@change_request), :class => 'btn') %> + <%= link_to("Make update", edit_admin_body_path(@change_request.public_body, :change_request_id => @change_request.id), :class => 'btn btn-primary') %> <% end %> <% end %> </div> diff --git a/app/views/admin_general/stats.html.erb b/app/views/admin_general/stats.html.erb index 27dc25ee0..03268cc14 100644 --- a/app/views/admin_general/stats.html.erb +++ b/app/views/admin_general/stats.html.erb @@ -53,8 +53,3 @@ </div> </div> </div> -<div class="row"> - <div class="span12"> - <h2>Web analytics</h2> - </div> -</div> diff --git a/app/views/admin_holiday_imports/new.html.erb b/app/views/admin_holiday_imports/new.html.erb new file mode 100644 index 000000000..047f321f9 --- /dev/null +++ b/app/views/admin_holiday_imports/new.html.erb @@ -0,0 +1,81 @@ +<% @title = "Create holidays from suggestions or iCal feed" %> +<h1><%= @title %></h1> + +<%= form_for( @holiday_import, :as => 'holiday_import', :url => '', :method => 'get', :html => { :class => 'form-horizontal form-inline' }) do |f| %> + <% if @holiday_import.holidays.empty? %> + <%= error_messages_for 'holiday_import', :header_message => 'There was a problem with these import settings' %> + <% end %> + <legend>Import settings</legend> + <div> + <div class="control-group"> + <label class="control-label">Choose the years to import holidays for</label> + <div class="controls"> + <label for="import_start_year" class="inline">Start year:</label> + <%= f.select :start_year, (Time.now.year)..(Time.now.year + 5) %> + <label for="import_end_year" class="inline">End year:</label> + <%= f.select :end_year, (Time.now.year)..(Time.now.year + 5) %> + </div> + </div> + + <div class="control-group"> + <label class="control-label">Import from built-in suggestions or iCal feed</label> + <div class="controls"> + <label class="radio inline"> + <%= f.radio_button :source, "suggestions" %>Built-in suggestions + </label> + <label class="radio inline"> + <%= f.radio_button :source, "feed" %>iCal feed + </label> + </div> + </div> + + <div class="control-group"> + <label class="control-label">iCal feed URL:</label> + <div class="controls"> + <%= f.text_field 'ical_feed_url' %> + </div> + </div> + + <div class="control-group"> + <input type="submit" value="Show holidays" class="btn btn-primary"> + </div> + + </div> +<% end %> + +<% if @holiday_import.populated %> + <h2>Holidays to import</h2> + + <table class="table table-striped table-condensed"> + <tbody> + <tr> + <td> + <% if @holiday_import.holidays.empty? %> + <% if @holiday_import.source == 'suggestions' %> + Sorry, we don't have any built-in suggestions for holiday days in <%= @holiday_import.suggestions_country_name %>. + <% else %> + Sorry, we couldn't find any holidays in that iCal feed. + <% end %> + <% else %> + <%= form_for( @holiday_import, :as => 'holiday_import', :url => admin_holiday_imports_path, :html => { :class => 'form-inline' } ) do |f| -%> + <%= error_messages_for 'holiday_import' %> + <legend> + <% if @holiday_import.source == 'suggestions' %> + Suggested holidays for <%= @holiday_import.suggestions_country_name %> (<%= @holiday_import.period %>) + <% else %> + Holidays from feed (<%= @holiday_import.period %>) + <% end %> + </legend> + <%= f.fields_for :holidays do |holiday_fields| %> + <div class="import-holiday-info"> + <%= render :partial => 'admin_holidays/form', :locals => {:f => holiday_fields, :context => :import, :holiday => holiday_fields.object } %> + </div> + <% end%> + <%= f.submit "Import", :class => 'btn btn-warning' %> + <% end %> + <% end %> + </td> + </tr> + </tbody> + </table> +<% end %> diff --git a/app/views/admin_holidays/_edit_form.html.erb b/app/views/admin_holidays/_edit_form.html.erb new file mode 100644 index 000000000..b750dbf4c --- /dev/null +++ b/app/views/admin_holidays/_edit_form.html.erb @@ -0,0 +1,14 @@ +<td> + <%= form_for(@holiday, :url => admin_holiday_path(@holiday), :html => { :class => 'form-inline edit-holiday-form'}) do |f| -%> + <%= render :partial => 'form', :locals => { :f => f, :holiday => @holiday, :context => :edit } %> + <% end %> + + <div class="holiday-destroy "> + <%= form_for @holiday, :url => admin_holiday_path(@holiday), :method => 'delete', :html => { :class => "form form-inline delete-holiday-form" } do |f| %> + <%= f.submit "Destroy", + :class => "btn btn-danger", + :confirm => 'Are you sure you want to destroy this public holiday?' %> + <% end %> + </div> + +</td> diff --git a/app/views/admin_holidays/_form.html.erb b/app/views/admin_holidays/_form.html.erb new file mode 100644 index 000000000..35370e5fc --- /dev/null +++ b/app/views/admin_holidays/_form.html.erb @@ -0,0 +1,22 @@ +<%= error_messages_for 'holiday' %> + +<div class="holiday-description"> + <% if holiday.new_record? %> + <%= f.text_field :description, :class => 'input', :placeholder => 'Enter description here' %> + <% else %> + <%= f.text_field :description, :class => 'input' %> + <% end %> +</div> + +<div class="holiday-day"> + <%= f.date_select :day, { :use_month_numbers => true }, { :class => "day_select" } %> +</div> +<div class="holiday-buttons"> + <% if context == :import %> + <%= f.submit "Remove", :class => 'btn remove-holiday' %> + <% else %> + <%= link_to("Cancel", admin_holidays_path, :class => 'btn') %> + <%= f.submit "Save", :class => 'btn btn-warning' %> +<% end %> +</div> + diff --git a/app/views/admin_holidays/_holiday.html.erb b/app/views/admin_holidays/_holiday.html.erb new file mode 100644 index 000000000..78818f411 --- /dev/null +++ b/app/views/admin_holidays/_holiday.html.erb @@ -0,0 +1,7 @@ +<td> + <div class="holiday-description"><%= holiday.description %></div> + <div class="holiday-day"><%= holiday.day %></div> + <div class="holiday-buttons"> + <%= link_to 'Edit', edit_admin_holiday_path(holiday), :class => "btn edit-button" %> + </div> +</td> diff --git a/app/views/admin_holidays/_new_form.html.erb b/app/views/admin_holidays/_new_form.html.erb new file mode 100644 index 000000000..aee73f426 --- /dev/null +++ b/app/views/admin_holidays/_new_form.html.erb @@ -0,0 +1,10 @@ +<table class="table table-striped table-condensed"> + <tbody> + <tr> + <td><%= form_for(@holiday, :url => admin_holidays_path, :html => { :class => 'form-inline new-holiday-form'}) do |f| -%> + <%= render :partial => 'form', :locals => { :f => f, :holiday => @holiday, :context => :new } %> + <% end %> + </td> + </tr> + </tbody> +</table> diff --git a/app/views/admin_holidays/edit.html.erb b/app/views/admin_holidays/edit.html.erb new file mode 100644 index 000000000..8f29c9a44 --- /dev/null +++ b/app/views/admin_holidays/edit.html.erb @@ -0,0 +1,9 @@ +<% @title = 'Edit public holiday' %> +<h1><%= @title %></h1> +<table class="table table-striped table-condensed"> + <tbody> + <tr> + <%= render :partial => 'edit_form' %> + </tr> + </tbody> +</table> diff --git a/app/views/admin_holidays/index.html.erb b/app/views/admin_holidays/index.html.erb new file mode 100644 index 000000000..d4ee8706b --- /dev/null +++ b/app/views/admin_holidays/index.html.erb @@ -0,0 +1,41 @@ +<% @title = 'Public Holidays' %> +<h1><%= @title %></h1> +<p> + + Alaveteli calculates the due dates of requests taking account of the + public holidays shown here. If you have set the + <code>WORKING_OR_CALENDAR_DAYS</code><a + href="http://alaveteli.org/docs/customising/config/#working_or_calendar_days" + target="_blank">(docs)</a> setting for Alaveteli to + <code>working</code>, the date when a response to a request is + officially overdue will be calculated in days that are not weekends + or public holidays. If you have set + <code>WORKING_OR_CALENDAR_DAYS</code> to <code>calendar</code>, the + date will be calculated in calendar days, but if the due date falls + on a public holiday or weekend day, then the due date is considered + to be the next week day that isn't a holiday. + +</p> +<div class="btn-toolbar"> + <div class="btn-group"> + <%= link_to 'New holiday', new_admin_holiday_path, :class => "btn btn-primary", :id => 'new-holiday-button' %> + </div> + <div class="btn-group"> + <%= link_to 'Create holidays from suggestions or iCal feed', new_admin_holiday_import_path, :class => "btn btn-warning" %> + </div> +</div> + +<div id="existing-holidays"> + <% @years.each do |year| %> + <h2><%= year %></h2> + <table class="table table-striped table-condensed"> + <tbody> + <% @holidays_by_year[year].sort_by(&:day).each do |holiday| %> + <%= content_tag_for(:tr, holiday, prefix=nil, 'data-target' => edit_admin_holiday_path(holiday)) do %> + <%= render :partial => 'holiday', :locals => { :holiday => holiday }%> + <% end %> + <% end %> + </tbody> + </table> + <% end %> +</div> diff --git a/app/views/admin_holidays/new.html.erb b/app/views/admin_holidays/new.html.erb new file mode 100644 index 000000000..792c32f52 --- /dev/null +++ b/app/views/admin_holidays/new.html.erb @@ -0,0 +1,4 @@ +<% @title = 'New public holiday' %> +<h1><%= @title %></h1> + +<%= render :partial => 'new_form' %> diff --git a/app/views/admin_request/_incoming_message_actions.html.erb b/app/views/admin_incoming_message/_actions.html.erb index 22effcce5..4780ad910 100644 --- a/app/views/admin_request/_incoming_message_actions.html.erb +++ b/app/views/admin_incoming_message/_actions.html.erb @@ -1,6 +1,6 @@ <fieldset class="form-horizontal"> <legend>Actions</legend> - <%= form_tag admin_incoming_redeliver_path, :class => "form form-inline" do %> + <%= form_tag redeliver_admin_incoming_message_path(incoming_message), :class => "form form-inline" do %> <div class="control-group"> <label class="control-label" for="url_title_<%= incoming_message.id %>">Redeliver message to one or more other requests</label> <div class="controls"> @@ -9,7 +9,6 @@ <% else %> <%= text_field_tag 'url_title', "", { :size => 20, :id => "url_title_#{incoming_message.id}" } %> <% end %> - <%= hidden_field_tag 'redeliver_incoming_message_id', incoming_message.id, :id => nil %> <%= submit_tag "Redeliver to another request", :class => "btn" %> <p class="help-block"><code>id</code> or <code>url_title</code>; you can supply more than one, separated by commas</p> </div> @@ -18,7 +17,10 @@ <div class="control-group"> <label class="control-label">Generate FOI officer upload URL</label> <div class="controls"> - <%= link_to 'Generate and take me there', admin_request_generate_upload_url_path(incoming_message.info_request, :incoming_message_id => incoming_message.id), :class => "btn" %> + <%= form_tag generate_upload_url_admin_request_path(incoming_message.info_request), :class => "form form-inline" do %> + <%= hidden_field_tag 'incoming_message_id', incoming_message.id, :id => nil %> + <%= submit_tag "Generate and take me there", :class => "btn" %> + <% end %> </div> </div> @@ -29,7 +31,7 @@ </div> </div> - <%= form_tag admin_incoming_destroy_path, :class => "form form-inline" do %> + <%= form_tag admin_incoming_message_path(incoming_message), :method => 'delete', :class => "form form-inline" do %> <div class="control-group"> <label class="control-label" for="destroy_message_<%= incoming_message.id %>">Destroy message</label> <div class="controls"> @@ -44,7 +46,7 @@ <div class="control-group"> <label class="control-label">Inspect email</label> <div class="controls"> - <%= link_to "View raw email", admin_request_show_raw_email_path(incoming_message.raw_email_id), :class => "btn" %> + <%= link_to "View raw email", admin_raw_email_path(incoming_message.raw_email_id), :class => "btn" %> </div> </div> <% end %> diff --git a/app/views/admin_incoming_message/edit.html.erb b/app/views/admin_incoming_message/edit.html.erb index 1088edcab..5e172af76 100644 --- a/app/views/admin_incoming_message/edit.html.erb +++ b/app/views/admin_incoming_message/edit.html.erb @@ -1,8 +1,8 @@ <%= render :partial => 'intro', :locals => {:incoming_message => @incoming_message } %> -<%= render :partial => 'admin_request/incoming_message_actions', :locals => { :incoming_message => @incoming_message } %> +<%= render :partial => 'actions', :locals => { :incoming_message => @incoming_message } %> <fieldset class="form-horizontal"> <legend>Prominence</legend> - <%= form_tag admin_incoming_update_path(@incoming_message), :class => "form form-inline" do %> + <%= form_tag admin_incoming_message_path(@incoming_message), :method => 'put', :class => "form form-inline" do %> <div class="control-group"> <label class="control-label" for="incoming_message_prominence"> Prominence</label> diff --git a/app/views/admin_outgoing_message/edit.html.erb b/app/views/admin_outgoing_message/edit.html.erb index d5f5f43bf..d84a5ba66 100644 --- a/app/views/admin_outgoing_message/edit.html.erb +++ b/app/views/admin_outgoing_message/edit.html.erb @@ -2,7 +2,7 @@ <%= error_messages_for 'outgoing_message' %> -<%= form_tag admin_outgoing_update_path(@outgoing_message) do %> +<%= form_tag admin_outgoing_message_path(@outgoing_message), :method => 'put' do %> <div class="control-group"> <label class="control-label" for="outgoing_message_prominence"> Prominence</label> <div class="controls"> @@ -36,13 +36,12 @@ <% end %> <p> -<%= link_to 'Show', admin_request_show_path(@outgoing_message.info_request) %> | -<%= link_to 'List all', admin_request_list_path %> +<%= link_to 'Show', admin_request_path(@outgoing_message.info_request) %> | +<%= link_to 'List all', admin_requests_path %> </p> -<%= form_tag admin_outgoing_destroy_path do %> +<%= form_tag admin_outgoing_message_path(@outgoing_message), :method => 'delete' do %> <div> - <%= hidden_field_tag 'outgoing_message_id', @outgoing_message.id %> <%= submit_tag "Destroy outgoing message", :class => "btn btn-danger", :confirm => "This is permanent! Are you sure?" %> </div> <% end %> diff --git a/app/views/admin_public_body/_one_list.html.erb b/app/views/admin_public_body/_one_list.html.erb index 8f1d719ec..8d891d16c 100644 --- a/app/views/admin_public_body/_one_list.html.erb +++ b/app/views/admin_public_body/_one_list.html.erb @@ -4,7 +4,7 @@ <div class="accordion-heading accordion-toggle row"> <span class="item-title span6"> <a href="#body_<%=public_body.id%>" data-toggle="collapse" data-parent="requests"><%= chevron_right %></a> - <%= link_to(public_body.name, admin_body_show_path(public_body), :title => "view full details")%> + <%= link_to(public_body.name, admin_body_path(public_body), :title => "view full details")%> </span> <span class="item-metadata span6"> <%= render :partial => 'tags', :locals => { :body => public_body} %> @@ -31,7 +31,7 @@ <% end %> </div> -<%= form_tag(admin_body_mass_tag_add_url, :method => "post", :class => "form form-inline" ) do %> +<%= form_tag(mass_tag_add_admin_bodies_path, :method => "post", :class => "form form-inline" ) do %> <p> <%= text_field_tag 'new_tag', params[:new_tag], { :size => 15, :id => "mass_add_tag_new_tag_" + table_name } %> <%= hidden_field_tag(:query, params[:query], { :id => "mass_add_tag_query_" + table_name } ) %> diff --git a/app/views/admin_public_body/edit.html.erb b/app/views/admin_public_body/edit.html.erb index 11b7eec22..dcafbd270 100644 --- a/app/views/admin_public_body/edit.html.erb +++ b/app/views/admin_public_body/edit.html.erb @@ -3,7 +3,7 @@ <div class="row"> <div class="span8"> <div id="public_body_form"> - <%= form_for @public_body, :url => admin_body_update_path(@public_body), :html => { :class => "form form-horizontal" } do |f| %> + <%= form_for @public_body, :url => admin_body_path(@public_body), :method => 'put', :html => { :class => "form form-horizontal" } do |f| %> <%= render :partial => 'form', :locals => {:f => f} %> <div class="form-actions"> <%= f.submit 'Save', :accesskey => 's', :class => "btn btn-success" %></p> @@ -13,15 +13,14 @@ <div class="row"> <div class="span8"> <div class="well"> - <%= link_to 'Show', admin_body_show_path(@public_body), :class => "btn" %> - <%= link_to 'List all', admin_body_list_path, :class => "btn" %> + <%= link_to 'Show', admin_bodies_path(@public_body), :class => "btn" %> + <%= link_to 'List all', admin_bodies_path, :class => "btn" %> </div> </div> </div> <% if @public_body.info_requests.empty? %> - <%= form_tag(admin_body_destroy_path(@public_body), :class => "form form-inline") do %> - <%= hidden_field_tag(:public_body_id, { :value => @public_body.id } ) %> + <%= form_tag(admin_body_path(@public_body), :class => "form form-inline", :method => 'delete') do %> <%= submit_tag _("Destroy {{name}}", :name => @public_body.name), :class => "btn btn-danger" %> (this is permanent!) <% end %> <% end %> diff --git a/app/views/admin_public_body/import_csv.html.erb b/app/views/admin_public_body/import_csv.html.erb index 4b14226d1..4b481e895 100644 --- a/app/views/admin_public_body/import_csv.html.erb +++ b/app/views/admin_public_body/import_csv.html.erb @@ -70,16 +70,25 @@ Another One,another@example.com,Otro organismo,a_tag "Add new tags to existing ones". </p> - <p><%= submit_tag 'Dry run' %> <%= submit_tag 'Upload' %></p> + <div class="form-actions"> + <p> + <%= submit_tag 'Dry run', :class => 'btn btn-success' %> + <%= submit_tag 'Upload', :class => 'btn btn-warning' %> + </p> + </div> <% end %> <hr> -<p>Standard tags: - <% for category, description in PublicBodyCategory.get().by_tag() %> - <% if category != "other" %> - <strong><%= category %></strong>=<%= description %>; - <% end %> +<div id="standard-tags"> + <h2>Standard tags:</h2> + + <ul> + <% PublicBodyCategory.get().by_tag().each do |category, description| %> + <% if category != "other" %> + <li><strong><%= category %></strong>=<%= description %></li> + <% end %> <% end %> - </p> + </ul> +</div> diff --git a/app/views/admin_public_body/list.html.erb b/app/views/admin_public_body/index.html.erb index 3d7d9c4cd..861593bee 100644 --- a/app/views/admin_public_body/list.html.erb +++ b/app/views/admin_public_body/index.html.erb @@ -8,10 +8,10 @@ <div class="btn-toolbar"> <div class="btn-group"> - <%= link_to 'New public authority', admin_body_new_path, :class => "btn btn-primary" %> + <%= link_to 'New public authority', new_admin_body_path, :class => "btn btn-primary" %> </div> <div class="btn-group"> - <%= link_to 'Import from CSV file', admin_body_import_csv_path, :class => "btn btn-warning" %> + <%= link_to 'Import from CSV file', import_csv_admin_bodies_path, :class => "btn btn-warning" %> </div> </div> @@ -19,7 +19,7 @@ <%= text_field_tag 'query', params[:query], { :size => 30, :class => "input-large search-query" } %> <%= submit_tag "Search", :class => "btn" %> <% if !@query.nil? %> - <%= link_to 'Show all', admin_body_list_path, :class => "btn" %> + <%= link_to 'Show all', admin_bodies_path, :class => "btn" %> <% end %><br> (substring search in names and emails; exact match of tags) <% end %> diff --git a/app/views/admin_public_body/new.html.erb b/app/views/admin_public_body/new.html.erb index 24b27d7af..69b1f8503 100644 --- a/app/views/admin_public_body/new.html.erb +++ b/app/views/admin_public_body/new.html.erb @@ -4,7 +4,7 @@ <div class="row"> <div class="span8"> <div id="public_body_form"> - <%= form_for @public_body, :as => :public_body, :url => admin_body_create_path, :html => {:class => "form form-horizontal"} do |f| %> + <%= form_for @public_body, :as => :public_body, :url => admin_bodies_path, :html => {:class => "form form-horizontal"} do |f| %> <%= render :partial => 'form', :locals => {:f => f} %> @@ -14,7 +14,7 @@ <% end %> <div class="row"> <div class="span8 well"> - <%= link_to 'List all', admin_body_list_path, :class => "btn" %> + <%= link_to 'List all', admin_bodies_path, :class => "btn" %> </div> </div> </div> diff --git a/app/views/admin_public_body/show.html.erb b/app/views/admin_public_body/show.html.erb index f8161db26..40f341a22 100644 --- a/app/views/admin_public_body/show.html.erb +++ b/app/views/admin_public_body/show.html.erb @@ -45,7 +45,7 @@ </tr> </tbody> </table> -<%= link_to _("Edit"), admin_body_edit_path(@public_body), :class => "btn btn-primary" %> +<%= link_to _("Edit"), edit_admin_body_path(@public_body), :class => "btn btn-primary" %> <% unless @public_body.url_name.nil? %> <%=link_to _("Public page"), public_body_path(@public_body), :class => "btn" %> <% else %> diff --git a/app/views/admin_public_body_change_requests/edit.html.erb b/app/views/admin_public_body_change_requests/edit.html.erb index cc9c5b5d9..aaf457084 100644 --- a/app/views/admin_public_body_change_requests/edit.html.erb +++ b/app/views/admin_public_body_change_requests/edit.html.erb @@ -1,6 +1,6 @@ <h1><%=@title%></h1> -<%= form_tag admin_change_request_update_path(@change_request), :class => "form form-horizontal" do %> +<%= form_tag admin_change_request_path(@change_request), :method => 'put', :class => "form form-horizontal" do %> <%= render :partial => 'admin_public_body_change_requests/response'%> <div class="form-actions"> <%= submit_tag 'Close', :accesskey => 'c', :class => "btn btn-primary" %> diff --git a/app/views/admin_request/show_raw_email.html.erb b/app/views/admin_raw_email/show.html.erb index da22b6069..f88b00ef0 100644 --- a/app/views/admin_request/show_raw_email.html.erb +++ b/app/views/admin_raw_email/show.html.erb @@ -31,7 +31,7 @@ <tr> <td><strong>Authority:</strong></td> <td> - <%= link_to(info_request.public_body.name, admin_body_show_path(info_request.public_body)) %> + <%= link_to(info_request.public_body.name, admin_body_path(info_request.public_body)) %> </td> </tr> <tr> @@ -52,12 +52,12 @@ </p> <div> - <%= render :partial => 'incoming_message_actions', :locals => { :incoming_message => @raw_email.incoming_message } %> + <%= render :partial => 'admin_incoming_message/actions', :locals => { :incoming_message => @raw_email.incoming_message } %> </div> <h2>Raw email</h2> -<p><%= link_to "Download", admin_request_download_raw_email_path(@raw_email) %></p> +<p><%= link_to "Download", admin_raw_email_path(@raw_email, :format => 'txt') %></p> <pre><%=h(@raw_email.data).gsub(/\n/, '<br>').html_safe %></pre> diff --git a/app/views/admin_request/_some_annotations.html.erb b/app/views/admin_request/_some_annotations.html.erb index 7adcdc5bb..de470d26b 100644 --- a/app/views/admin_request/_some_annotations.html.erb +++ b/app/views/admin_request/_some_annotations.html.erb @@ -1,20 +1,20 @@ <% if comments.any? %> - <%= form_tag admin_user_modify_comment_visibility_path do %> + <%= form_tag modify_comment_visibility_admin_users_path do %> <div class="accordion" id="comments"> <% comments.each do |comment| %> <div class="accordion-group"> <div class="accordion-heading"> <%= check_box_tag 'comment_ids[]', comment.id %> - + <a href="#comment_<%= comment.id %>" data-toggle="collapse" data-parent="#comments"><%= chevron_right %></a> - - <%= link_to admin_request_edit_comment_path(comment) do %> + + <%= link_to edit_admin_comment_path(comment) do %> #<%= comment.id %> -- <%= h(comment.user.name) %> <%= admin_value(comment.created_at) %> <% end %> - + <%= comment_visibility(comment) %> <blockquote class="incoming-message"> @@ -58,4 +58,4 @@ <% end %> <% else %> <p>None yet.</p> -<% end %> +<% end %> diff --git a/app/views/admin_request/_some_requests.html.erb b/app/views/admin_request/_some_requests.html.erb index cff94956d..9a39cd0c0 100644 --- a/app/views/admin_request/_some_requests.html.erb +++ b/app/views/admin_request/_some_requests.html.erb @@ -4,10 +4,10 @@ <div class="accordion-heading accordion-toggle row"> <span class="item-title span6"> <a href="#request_<%=info_request.id%>" data-toggle="collapse" data-parent="requests"><%= chevron_right %></a> - <%= link_to(info_request.title, admin_request_show_path(info_request), :title => "view full details") %> + <%= link_to(info_request.title, admin_request_path(info_request), :title => "view full details") %> </span> <span class="item-metadata span6"> - <%= user_admin_link_for_request(info_request) %> <%= arrow_right %> <%= link_to("#{info_request.public_body.name}", admin_body_show_path(info_request.public_body)) %>, <%= time_ago_in_words(info_request.updated_at) %> ago + <%= user_admin_link_for_request(info_request) %> <%= arrow_right %> <%= link_to("#{info_request.public_body.name}", admin_body_path(info_request.public_body)) %>, <%= time_ago_in_words(info_request.updated_at) %> ago </span> </div> <div id="request_<%=info_request.id%>" class="item-detail accordion-body collapse row"> diff --git a/app/views/admin_request/edit.html.erb b/app/views/admin_request/edit.html.erb index 552b31bbb..db0b54655 100644 --- a/app/views/admin_request/edit.html.erb +++ b/app/views/admin_request/edit.html.erb @@ -2,7 +2,7 @@ <%= error_messages_for 'info_request' %> -<%= form_tag admin_request_update_path(@info_request) do %> +<%= form_tag admin_request_path(@info_request), :method => :put do %> <p><label for="info_request_title"><strong>Title</strong></label> (warning: editing this will break URLs right now)<br/> <%= text_field 'info_request', 'title', :size => 50 %></p> @@ -43,15 +43,15 @@ <% end %> <p> -<%= link_to 'Show', admin_request_show_path(@info_request) %> | -<%= link_to 'List all', admin_request_list_path %> +<%= link_to 'Show', admin_request_path(@info_request) %> | +<%= link_to 'List all', admin_requests_path %> </p> <hr> <div class="well"> -<%= form_tag admin_request_destroy_path(@info_request) do %> +<%= form_tag admin_request_path(@info_request), :method => :delete do %> <p> <strong>This is permanent and irreversible!</strong> <%= submit_tag 'Destroy request entirely', :class => 'btn btn-danger' %> <br>Use it mainly if someone posts private information, e.g. made a Data Protection request. It diff --git a/app/views/admin_request/list.html.erb b/app/views/admin_request/index.html.erb index 2bd3e3326..2bd3e3326 100644 --- a/app/views/admin_request/list.html.erb +++ b/app/views/admin_request/index.html.erb diff --git a/app/views/admin_request/show.html.erb b/app/views/admin_request/show.html.erb index 9c04badeb..dfb911ea7 100644 --- a/app/views/admin_request/show.html.erb +++ b/app/views/admin_request/show.html.erb @@ -2,8 +2,7 @@ <h1><%=@title%></h1> -<%= form_tag admin_request_move_request_path, { :class => "form form-horizontal" } do %> - <%= hidden_field_tag 'info_request_id', @info_request.id %> +<%= form_tag move_admin_request_path(@info_request), { :class => "form form-horizontal" } do %> <div class="accordion" id="info_request"> <div class="accordion-group"> <div class="accordion-heading"> @@ -16,7 +15,7 @@ <thead> <tr> <td colspan="2"> - <%= link_to 'Edit metadata', admin_request_edit_path(@info_request), :class => "btn" %> + <%= link_to 'Edit metadata', edit_admin_request_path(@info_request), :class => "btn" %> </td> </tr> </thead> @@ -101,7 +100,7 @@ <tfoot> <tr> <td colspan="2"> - <%= link_to 'Edit metadata', admin_request_edit_path(@info_request), :class => "btn" %> + <%= link_to 'Edit metadata', edit_admin_request_path(@info_request), :class => "btn" %> </td> </tr> </tfoot> @@ -117,11 +116,13 @@ FOI officer upload URL </label> <div class="controls"> - <%= link_to 'Generate URL', admin_request_generate_upload_url_path(@info_request), :class => "btn" %> + <%= form_tag generate_upload_url_admin_request_path(@info_request), :class => "form form-inline" do %> + <%= submit_tag "Generate URL", :class => "btn" %> + <% end %> <p class="help-block">(see also option to generate URLs for individual incoming messages below)</p> </div> </div> - <%= form_tag admin_request_hide_path(@info_request), :class => "form form-inline", :id => "hide_request_form", 'data-info-request-id' => @info_request.id.to_s do %> + <%= form_tag hide_admin_request_path(@info_request), :class => "form form-inline", :id => "hide_request_form", 'data-info-request-id' => @info_request.id.to_s do %> <div class="control-group"> <% if @info_request.is_external? %> <label class="control-label">Hide the request:</label> @@ -191,8 +192,7 @@ <tr> <td> <% if info_request_event.described_state != 'waiting_clarification' and info_request_event.event_type == 'response' %> - <%= form_tag admin_request_clarification_path, :class => "form form-inline admin-table-form admin-inline-form" do %> - <%= hidden_field_tag 'info_request_event_id', info_request_event.id, :id => nil %> + <%= form_tag admin_info_request_event_path(info_request_event), :method => 'put', :class => "form form-inline admin-table-form admin-inline-form" do %> <%= submit_tag "Was clarification request", :class => "btn btn-mini btn-primary" %> <% end %> <% end %> @@ -233,7 +233,7 @@ <div class="accordion-group"> <div class="accordion-heading"> <a href="#outgoing_<%=outgoing_message.id%>" data-toggle="collapse" data-parent="#outgoing_messages"><%= chevron_right %></a> - <%= link_to admin_outgoing_edit_path(outgoing_message) do %> + <%= link_to edit_admin_outgoing_message_path(outgoing_message) do %> #<%= outgoing_message.id %> -- <%= outgoing_message.status.humanize %> <%= outgoing_message.message_type.humanize %> <% end %> <blockquote> @@ -245,8 +245,7 @@ <tbody> <tr> <td colspan="2"> - <%= form_tag admin_request_resend_path, :class => "admin-table-form" do %> - <%= hidden_field_tag 'outgoing_message_id', outgoing_message.id %> + <%= form_tag resend_admin_outgoing_message_path(outgoing_message), :class => "admin-table-form" do %> <%= submit_tag "Resend", :class => "btn" %> <% end %> </td> @@ -279,7 +278,7 @@ <div class="accordion-group"> <div class="accordion-heading"> <a href="#incoming_<%=incoming_message.id%>" data-toggle="collapse" data-parent="#incoming_messages"><%= chevron_right %></a> - <%= link_to admin_incoming_edit_path(incoming_message) do %> + <%= link_to edit_admin_incoming_message_path(incoming_message) do %> <%=incoming_message.id%> -- <%= h(incoming_message.mail_from) %> @@ -296,7 +295,7 @@ <thead> <tr> <td colspan="2" class="well"> - <%= render :partial => 'incoming_message_actions', :locals => { :incoming_message => incoming_message } %> + <%= render :partial => 'admin_incoming_message/actions', :locals => { :incoming_message => incoming_message } %> </td> </tr> </thead> diff --git a/app/views/admin_track/_some_tracks.html.erb b/app/views/admin_track/_some_tracks.html.erb index e9facfb5d..c17350e4b 100644 --- a/app/views/admin_track/_some_tracks.html.erb +++ b/app/views/admin_track/_some_tracks.html.erb @@ -32,9 +32,8 @@ <% if include_destroy %> <tr> <td colspan="2"> - <%= form_tag admin_user_destroy_track_path, :class => "form form-inline admin-table-form" do %> + <%= form_tag admin_track_path(track_thing), :method => 'delete', :class => "form form-inline admin-table-form" do %> <div> - <%= hidden_field_tag 'track_id', track_thing.id %> <%= submit_tag "Destroy track", :class => "btn btn-warning" %> </div> <% end %> diff --git a/app/views/admin_track/list.html.erb b/app/views/admin_track/index.html.erb index 5e967a926..2b1dc5737 100644 --- a/app/views/admin_track/list.html.erb +++ b/app/views/admin_track/index.html.erb @@ -14,7 +14,7 @@ <h2>Current top tracks:</h2> <ol> <% for row in @popular %> - <li><%= link_to row['title'], admin_request_show_path(row['info_request_id']) %> (<%= row['count'] %> people following)</li> + <li><%= link_to row['title'], admin_request_path(row['info_request_id']) %> (<%= row['count'] %> people following)</li> <% end %> </ol> diff --git a/app/views/admin_user/_form.html.erb b/app/views/admin_user/_form.html.erb index f1edc0927..01273a657 100644 --- a/app/views/admin_user/_form.html.erb +++ b/app/views/admin_user/_form.html.erb @@ -41,7 +41,7 @@ user from filing new requests, making annotations or messaging other users; the text is shown in public on the user's page and when they try to do a forbidden action; write in the second person (you); see - <%= link_to 'banned users', admin_user_list_banned_path %> for examples</small> + <%= link_to 'banned users', banned_admin_users_path %> for examples</small> </div> </div> </div> diff --git a/app/views/admin_user/_user_table.html.erb b/app/views/admin_user/_user_table.html.erb index 57066bf3f..4fd90d5c6 100644 --- a/app/views/admin_user/_user_table.html.erb +++ b/app/views/admin_user/_user_table.html.erb @@ -7,7 +7,7 @@ <% if user.admin_level == "super" %> <span class="label">superuser</span> <% end %> - <%= link_to("#{h(user.name)}", admin_user_show_path(user))%> + <%= link_to("#{h(user.name)}", admin_user_path(user))%> <%= link_to("(#{h(user.email)})", "mailto:#{h(user.email)}")%> </span> <span class="item-metadata"> diff --git a/app/views/admin_user/list_banned.html.erb b/app/views/admin_user/banned.html.erb index e535415e6..ee17d9899 100644 --- a/app/views/admin_user/list_banned.html.erb +++ b/app/views/admin_user/banned.html.erb @@ -2,7 +2,7 @@ <h1><%=@title%></h1> -<p><%= link_to 'List all', admin_user_list_path %></p> +<p><%= link_to 'List all', admin_users_path %></p> <%= render :partial => 'user_table', :locals => { :users => @banned_users, :banned_column => true } %> diff --git a/app/views/admin_user/edit.html.erb b/app/views/admin_user/edit.html.erb index e641a13d6..ed1fb6e08 100644 --- a/app/views/admin_user/edit.html.erb +++ b/app/views/admin_user/edit.html.erb @@ -1,11 +1,11 @@ <h1><%=@title%></h1> -<%= form_tag admin_user_update_path(@admin_user), :class => "form form-horizontal" do %> +<%= form_tag admin_user_path(@admin_user), :method => 'put', :class => "form form-horizontal" do %> <%= render :partial => 'form' %> <div class="form-actions"> <%= submit_tag 'Save', :accesskey => 's', :class => "btn btn-primary" %> </div> <% end %> -<%= link_to 'Show', admin_user_show_path(@admin_user), :class => "btn" %> -<%= link_to 'List all', admin_user_list_path, :class => "btn" %> +<%= link_to 'Show', admin_user_path(@admin_user), :class => "btn" %> +<%= link_to 'List all', admin_users_path, :class => "btn" %> diff --git a/app/views/admin_user/list.html.erb b/app/views/admin_user/index.html.erb index b1238f87a..cfb34fd7b 100644 --- a/app/views/admin_user/list.html.erb +++ b/app/views/admin_user/index.html.erb @@ -5,7 +5,7 @@ <%= form_tag({}, :method => "get", :class => "form form-search") do %> <%= text_field_tag 'query', params[:query], { :size => 30, :class => "input-large search-query"} %> <%= submit_tag "Search", :class => "btn" %> (substring search, names and emails) - <%= link_to 'Banned users', admin_user_list_banned_path, :class => "btn btn-info" %> + <%= link_to 'Banned users', banned_admin_users_path, :class => "btn btn-info" %> <% end %> <%= render :partial => 'user_table', :locals => { :users => @admin_users, :banned_column => false } %> diff --git a/app/views/admin_user/show.html.erb b/app/views/admin_user/show.html.erb index 6d12aeff5..1e7d885c5 100644 --- a/app/views/admin_user/show.html.erb +++ b/app/views/admin_user/show.html.erb @@ -4,7 +4,7 @@ <% if @admin_user.profile_photo %> <div class="user_photo_on_admin"> - <%= form_tag admin_clear_profile_photo_path(@admin_user), :multipart => true, :class => "form" do %> + <%= form_tag clear_profile_photo_admin_user_path(@admin_user), :multipart => true, :class => "form" do %> <img src="<%= get_profile_photo_url(:url_name => @admin_user.url_name) %>"> <br> <%= submit_tag "Clear photo", :class => "btn btn-info" %> @@ -32,13 +32,13 @@ <%=link_to @admin_user.email, "mailto:#{h @admin_user.email}"%> <% elsif column_name == 'email_bounce_message' %> <% unless @admin_user.email_bounce_message.empty? %> - <%= link_to _("See bounce message"), admin_user_show_bounce_path(@admin_user.id) %> + <%= link_to _("See bounce message"), show_bounce_message_admin_user_path(@admin_user) %> <% end %> <% else %> <%=h admin_value(value)%> <% end %> <% if column_name == 'email_bounced_at' && !@admin_user.email_bounced_at.nil? %> - <%= form_tag admin_user_clear_bounce_path(@admin_user), :class => "form form-inline" do %> + <%= form_tag clear_bounce_admin_user_path(@admin_user), :class => "form form-inline" do %> <input type="submit" name="action" value="Clear bounce" class="btn btn-info"> <% end %> <% end %> @@ -48,11 +48,13 @@ </tbody> </table> - -<%= link_to 'Edit', admin_user_edit_path(@admin_user), :class => "btn btn-primary" %> +<div class="btn-toolbar"> +<%= link_to 'Edit', edit_admin_user_path(@admin_user), :class => "btn btn-primary" %> <%= link_to 'Public page', user_path(@admin_user), :class => "btn" %> -<%= link_to "Log in as #{@admin_user.name} (also confirms their email)", admin_user_login_as_path(@admin_user), :class => "btn btn-info" %> - +</div> +<%= form_tag login_as_admin_user_path(@admin_user), :class => "form form-horizontal" do %> + <%= submit_tag "Log in as #{@admin_user.name} (also confirms their email)", :class => "btn btn-info" %> +<% end %> <hr> <h2>Track things</h2> diff --git a/app/views/comment/_single_comment.html.erb b/app/views/comment/_single_comment.html.erb index cdcb3b85f..07017dabf 100644 --- a/app/views/comment/_single_comment.html.erb +++ b/app/views/comment/_single_comment.html.erb @@ -17,7 +17,7 @@ <p class="event_actions"> <% if !comment.id.nil? %> <% if !@user.nil? && @user.admin_page_links? %> - <%= link_to "Admin", admin_request_edit_comment_path(comment) %> | + <%= link_to "Admin", edit_admin_comment_path(comment) %> | <% end %> <%= link_to "Link to this", comment_path(comment), :class => "link_to_this" %> <!-- | <%= link_to _('Report abuse'), comment_path(comment) %> --> diff --git a/app/views/comment/new.html.erb b/app/views/comment/new.html.erb index 578732cdb..48fe055ac 100644 --- a/app/views/comment/new.html.erb +++ b/app/views/comment/new.html.erb @@ -1,4 +1,5 @@ -<% @title = "Make an annotation on '" + h(@info_request.title) + "'" %> +<% @title = _("Add an annotation to “{{request_title}}”", + :request_title => h(@info_request.title)) %> <% if @existing_comment %> <div class="errorExplanation" id="errorExplanation"><ul> @@ -11,8 +12,10 @@ <%= foi_error_messages_for :comment %> -<h1><%= _('Add an annotation')%></h1> -<h2>to “<%=request_link(@info_request)%>”</h2> +<h1> + <%= _("Add an annotation to “{{request_title}}”", + :request_title => request_link(@info_request)) %> +</h1> <p> <%= _('Annotations are so anyone, including you, can help the requester with their request. For example:')%> diff --git a/app/views/contact_mailer/add_public_body.text.erb b/app/views/contact_mailer/add_public_body.text.erb index 5baa1fa1a..306a70432 100644 --- a/app/views/contact_mailer/add_public_body.text.erb +++ b/app/views/contact_mailer/add_public_body.text.erb @@ -13,7 +13,7 @@ <%= @change_request.notes %> <%= _('Add the authority:') %> -<%= admin_body_new_url(:change_request_id => @change_request.id, :only_path => false ) %> +<%= new_admin_body_url(:change_request_id => @change_request.id, :only_path => false ) %> <%= _('Close the request and respond:') %> -<%= admin_change_request_edit_url(:id => @change_request.id, :only_path => false ) %> +<%= edit_admin_change_request_url(@change_request, :only_path => false ) %> diff --git a/app/views/contact_mailer/update_public_body_email.text.erb b/app/views/contact_mailer/update_public_body_email.text.erb index 7d5a3dae0..e849463d0 100644 --- a/app/views/contact_mailer/update_public_body_email.text.erb +++ b/app/views/contact_mailer/update_public_body_email.text.erb @@ -10,7 +10,7 @@ <%= @change_request.notes %> <%= _('Update the address:') %> -<%= admin_body_edit_path(@change_request.public_body, :change_request_id => @change_request.id, :only_path => false) %> +<%= edit_admin_body_path(@change_request.public_body, :change_request_id => @change_request.id, :only_path => false) %> <%= _('Close the request and respond:') %> -<%= admin_change_request_edit_url(:id => @change_request.id, :only_path => false ) %> +<%= edit_admin_change_request_url(@change_request, :only_path => false ) %> diff --git a/app/views/general/exception_caught.html.erb b/app/views/general/exception_caught.html.erb index 8d78e2e92..21223dc1e 100644 --- a/app/views/general/exception_caught.html.erb +++ b/app/views/general/exception_caught.html.erb @@ -12,13 +12,10 @@ <%= submit_tag _("Search") %> <% end %> </li> - </ul> + </ul> <% else %> <h1><%= _("Sorry, there was a problem processing this page") %></h1> <p><%= _('You have found a bug. Please <a href="{{contact_url}}">contact us</a> to tell us about the problem', :contact_url => help_contact_path) %></p> <% end %> - <h2><%= _('Technical details') %></h2> - <p><strong><%= h(@exception_class ? @exception_class : _("Unknown")) %></strong></p> - <p><strong><%= h(@exception_message) %></strong></p> </div> diff --git a/app/views/general/search.html.erb b/app/views/general/search.html.erb index 0a04f544e..4f9ef5b68 100644 --- a/app/views/general/search.html.erb +++ b/app/views/general/search.html.erb @@ -131,6 +131,7 @@ <div id="header_right"> <h2><%= _('Track this search')%></h2> <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => false, :location => 'main' } %> + <%= render :partial => 'track/rss_feed', :locals => { :track_thing => @track_thing, :location => 'main' } %> </div> <% end %> diff --git a/app/views/info_request_batch/_batch_sent.html.erb b/app/views/info_request_batch/_batch_sent.html.erb new file mode 100644 index 000000000..1bf51962f --- /dev/null +++ b/app/views/info_request_batch/_batch_sent.html.erb @@ -0,0 +1,18 @@ +<div id="notice"> + <p> + <%= _("Your requests will be <strong>sent</strong> shortly!") %> + </p> + + <p> + <%= _("<strong>We will email you</strong> when they have been sent. " \ + "We will also email you when there is a response to any of them, or " \ + "after {{late_number_of_days}} working days if the authorities still" \ + "haven't replied by then.", + :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) %> + </p> + + <p> + <%= _("If you write about these requests (for example in a forum or a blog) " \ + "please link to this page.") %> + </p> +</div> diff --git a/app/views/info_request_batch/show.html.erb b/app/views/info_request_batch/show.html.erb index 8bb834b3c..9f94306d9 100644 --- a/app/views/info_request_batch/show.html.erb +++ b/app/views/info_request_batch/show.html.erb @@ -1,4 +1,9 @@ <% @title = _("{{title}} - a batch request", :title => @info_request_batch.title) %> + +<% if flash[:batch_sent] %> + <%= render :partial => 'batch_sent' %> +<% end %> + <div class="info_request_batch_intro"> <h1><%= @title %></h1> <% if @info_request_batch.sent_at %> diff --git a/app/views/layouts/default.html.erb b/app/views/layouts/default.html.erb index 50abc59c3..56e6b3362 100644 --- a/app/views/layouts/default.html.erb +++ b/app/views/layouts/default.html.erb @@ -20,10 +20,14 @@ <% end %> <%= javascript_include_tag "application" %> + <% if @profile_photo_javascript %> <%= javascript_include_tag "profile-photos" %> <%= stylesheet_link_tag "jquery.Jcrop.css" %> <% end %> + <% if is_admin? %> + <%= javascript_include_tag "bootstrap-dropdown" %> + <% end %> <% if @feed_autodetect %> <% for feed in @feed_autodetect %> diff --git a/app/views/public_body/show.html.erb b/app/views/public_body/show.html.erb index 011aea535..403216c6c 100644 --- a/app/views/public_body/show.html.erb +++ b/app/views/public_body/show.html.erb @@ -1,5 +1,16 @@ <% @title = h(@public_body.name) + _(" - view and make Freedom of Information requests") %> <div id="main_content"> + + <% if flash[:search_params] %> + <div class="back-to-results"> + <div class="message"> + <%= link_to select_authority_path(flash[:search_params]) do %> + <%= _('« Back to search results') %> + <% end %> + </div> + </div> + <% end %> + <div id="header_right"> <h2><%= _('Follow this authority')%></h2> @@ -12,6 +23,7 @@ </p> <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => false, :location => 'sidebar' } %> + <%= render :partial => 'track/rss_feed', :locals => { :track_thing => @track_thing, :location => 'sidebar' } %> <%= render :partial => 'more_info', :locals => { :public_body => @public_body } %> </div> @@ -23,7 +35,7 @@ <%=@public_body.type_of_authority(true)%><% if not @public_body.short_name.empty? %>, <%= _('also called {{public_body_short_name}}', :public_body_short_name => h(@public_body.short_name))%><% end %> <% if !@user.nil? && @user.admin_page_links? %> - (<%= link_to _("admin"), admin_body_show_path(@public_body) %>) + (<%= link_to _("admin"), admin_body_path(@public_body) %>) <% end %> </p> @@ -91,7 +103,8 @@ <a name="results"></a> <% if @public_body.info_requests.size > 4 %> - <%= render :partial => 'request/request_filter_form' %> + <%= render :partial => 'request/request_search_form', + :locals => { :after_form_fields => render(:partial => 'request/request_filter_form') } %> <% end %> <% end %> diff --git a/app/views/request/_act.html.erb b/app/views/request/_act.html.erb index 1199cb4a2..878cdf4ff 100644 --- a/app/views/request/_act.html.erb +++ b/app/views/request/_act.html.erb @@ -1,7 +1,14 @@ <h2><%= _("Act on what you've learnt") %></h2> <div class="act_link"> - <% tweet_link = "https://twitter.com/share?" + {:url => request.url, :via => AlaveteliConfiguration::twitter_username, :text => "'#{@info_request.title}'", :related => _('alaveteli_foi:The software that runs {{site_name}}', :site_name => site_name)}.to_query %> + <% tweet_link = "https://twitter.com/share?" << { + :url => request.url, + :via => AlaveteliConfiguration.twitter_username, + :text => "'#{ @info_request.title }'", + :related => _('alaveteli_foi:The software that runs {{site_name}}', :site_name => site_name) + }.to_query + %> + <% link_to tweet_link do %> <%= image_tag "twitter-16.png", :alt => "twitter icon" %> <% end %> diff --git a/app/views/request/_incoming_correspondence.html.erb b/app/views/request/_incoming_correspondence.html.erb index f39d650d8..70bd25c7f 100644 --- a/app/views/request/_incoming_correspondence.html.erb +++ b/app/views/request/_incoming_correspondence.html.erb @@ -17,7 +17,7 @@ <p class="event_actions"> <% if !@user.nil? && @user.admin_page_links? %> - <%= link_to "Admin", admin_incoming_edit_path(incoming_message.id) %> | + <%= link_to "Admin", edit_admin_incoming_message_path(incoming_message.id) %> | <% end %> <%= link_to _("Link to this"), incoming_message_path(incoming_message), :class => "link_to_this" %> </p> diff --git a/app/views/request/_request_filter_form.html.erb b/app/views/request/_request_filter_form.html.erb index 090db01df..0983c8c57 100644 --- a/app/views/request/_request_filter_form.html.erb +++ b/app/views/request/_request_filter_form.html.erb @@ -1,41 +1,14 @@ -<%= render :partial => 'general/localised_datepicker' %> - -<div id="list-filter"> - <%= form_tag(request.path, :method => "get", :id=>"filter_requests_form") do %> - <div class="list-filter-item"> - <%= label_tag(:query, _("Keywords"), :class=>"form_label title") %> - <%= text_field_tag(:query, params[:query]) %> - </div> -<% if false # don't think we want this, but leaving as an example %> - <div class="list-filter-item"> - <%= _("Search for words in:") %> <br/> - <% [["sent", _("messages from users")], - ["response", _("messages from authorities")], - ["comment", _("comments")]].each_with_index do |item, index| - variety, title = item %> - - <%= check_box_tag "request_variety[]", variety, params[:request_variety].nil? ? true : params[:request_variety].include?(variety), :id => "request_variety_#{index}" %> - <%= label_tag("request_variety_#{index}", title) %> <br/> - <% end %> - </div> -<% end %> - <div class="list-filter-item"> - <%= label_tag(:query, _("Made between"), :class=>"form_label title") %> - <%= text_field_tag(:request_date_after, params[:request_date_after], {:class => "use-datepicker", :size => 10}) %> - <%= label_tag(:query, _("and"), :class=>"form_label") %> - <%= text_field_tag(:request_date_before, params[:request_date_before], {:class => "use-datepicker", :size => 10}) %> - </div> - <div class="list-filter-item"> - <h3 class="title"><%= _("Showing") %></h3> - <div class="filter-request-types"> - <% statuses = [["all", _("all requests")], - ["successful", _("successful requests")], - ["unsuccessful", _("unsuccessful requests")], - ["awaiting", _("unresolved requests")]] %> - <% for status, label in statuses %> - <% if params[:view] != status %> - <% if params[:controller] == "public_body" %> - <%= link_to label, url_for(:controller => "public_body", :action => "show", :view => status, :url_name => @public_body.url_name) + "?" + request.query_string + '#results' %> +<div class="list-filter-item"> + <h3 class="title"><%= _("Showing") %></h3> + <div class="filter-request-types"> + <% statuses = [["all", _("all requests")], + ["successful", _("successful requests")], + ["unsuccessful", _("unsuccessful requests")], + ["awaiting", _("unresolved requests")]] %> + <% statuses.each do |status, label| %> + <% if params[:view] != status %> + <% if params[:controller] == "public_body" %> + <%= link_to label, url_for(:controller => "public_body", :action => "show", :view => status, :url_name => @public_body.url_name) + "?" + request.query_string + '#results' %> <% else %> <%= link_to label, url_for(:controller => "request", :action => "list", :view => status) + "?" + request.query_string + '#results' %> <% end %> @@ -43,12 +16,6 @@ <%= label %> <% end %> <%= "|" unless statuses.last[0] == status %> - <% end %> - </div> - </div> - - <div class="list-filter-item"> - <%= submit_tag(_("Search")) %> - </div> -<% end %> + <% end %> + </div> </div> diff --git a/app/views/request/_request_search_form.html.erb b/app/views/request/_request_search_form.html.erb new file mode 100644 index 000000000..3f2f66950 --- /dev/null +++ b/app/views/request/_request_search_form.html.erb @@ -0,0 +1,35 @@ +<%= render :partial => 'general/localised_datepicker' %> + +<div id="list-filter"> + <%= form_tag(request.path, :method => "get", :id=>"filter_requests_form") do %> + <div class="list-filter-item"> + <%= label_tag(:query, _("Keywords"), :class=>"form_label title") %> + <%= text_field_tag(:query, params[:query]) %> + </div> +<% if false # don't think we want this, but leaving as an example %> + <div class="list-filter-item"> + <%= _("Search for words in:") %> <br/> + <% [["sent", _("messages from users")], + ["response", _("messages from authorities")], + ["comment", _("comments")]].each_with_index do |item, index| + variety, title = item %> + + <%= check_box_tag "request_variety[]", variety, params[:request_variety].nil? ? true : params[:request_variety].include?(variety), :id => "request_variety_#{index}" %> + <%= label_tag("request_variety_#{index}", title) %> <br/> + <% end %> + </div> +<% end %> + <div class="list-filter-item"> + <%= label_tag(:query, _("Made between"), :class=>"form_label title") %> + <%= text_field_tag(:request_date_after, params[:request_date_after], {:class => "use-datepicker", :size => 10}) %> + <%= label_tag(:query, _("and"), :class=>"form_label") %> + <%= text_field_tag(:request_date_before, params[:request_date_before], {:class => "use-datepicker", :size => 10}) %> + </div> + + <%= after_form_fields if defined?(after_form_fields) -%> + + <div class="list-filter-item"> + <%= submit_tag(_("Search")) %> + </div> +<% end %> +</div> diff --git a/app/views/request/_request_sent.html.erb b/app/views/request/_request_sent.html.erb new file mode 100644 index 000000000..5ce6f5317 --- /dev/null +++ b/app/views/request/_request_sent.html.erb @@ -0,0 +1,19 @@ +<div id="notice"> + <p> + <%= _("Your {{law_used_full}} request has been <strong>sent on its way</strong>!", + :law_used_full => @info_request.law_used_full) %> + </p> + + <p> + <%= _("<strong>We will email you</strong> when there is a response, or after " \ + "{{late_number_of_days}} working days if the authority still hasn't " \ + "replied by then.", + :late_number_of_days => AlaveteliConfiguration.reply_late_after_days) %> + </p> + + <p> + <%= _("If you write about this request (for example in a forum or a blog) " \ + "please link to this page, and add an annotation below telling people " \ + "about your writing.") %> + </p> +</div> diff --git a/app/views/request/_search_ahead.html.erb b/app/views/request/_search_ahead.html.erb index 1e65a5458..4fbe06ebc 100644 --- a/app/views/request/_search_ahead.html.erb +++ b/app/views/request/_search_ahead.html.erb @@ -1,14 +1,20 @@ -<div id="request_search_ahead_results"> - <% if !@xapian_requests.nil? %> - <% if @xapian_requests.results.size > 0 %> +<% unless @xapian_requests.nil? %> + <div id="request_search_ahead_results"> + <% if @xapian_requests.results.any? %> + <span class="close-button">X</span> <h3><%= _("Possibly related requests:") %></h3> - <% end %> - <% for result in @xapian_requests.results %> - <%= render :partial => 'request/request_listing_short_via_event', :locals => { :event => result[:model], :info_request => result[:model].info_request } %> - <% end %> - <p> - <a id="body-site-search-link"><%= _("Or search in their website for this information.") %></a> - </p> - <% end %> -</div> + <% @xapian_requests.results.each do |result| %> + <%= render :partial => 'request/request_listing_short_via_event', + :locals => { :event => result[:model], + :info_request => result[:model].info_request } %> + <% end %> + + <p> + <a id="body-site-search-link"> + <%= _("Search in their website for this information →") %> + </a> + </p> + <% end %> + </div> +<% end %> diff --git a/app/views/request/_sidebar.html.erb b/app/views/request/_sidebar.html.erb index 0f7965ffa..0d81ef111 100644 --- a/app/views/request/_sidebar.html.erb +++ b/app/views/request/_sidebar.html.erb @@ -10,6 +10,7 @@ :count => follower_count) %> </p> <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => @info_request.user && @info_request.user == @user, :location => 'sidebar' } %> + <%= render :partial => 'track/rss_feed', :locals => { :track_thing => @track_thing, :location => 'sidebar' } %> </div> <% if @info_request.described_state != "attention_requested" %> <h2><%= _('Offensive? Unsuitable?') %></h2> diff --git a/app/views/request/details.html.erb b/app/views/request/details.html.erb index 3cb2f5afe..194820da6 100644 --- a/app/views/request/details.html.erb +++ b/app/views/request/details.html.erb @@ -1,5 +1,10 @@ -<% @title = _("Details of request '") + h(@info_request.title) + "'" %> -<h1><%= _("Details of request '") + request_link(@info_request) + "'" %></h1> +<% @title = _("Details of request “{{request_title}}”", + :request_title => h(@info_request.title)) %> + +<h1> + <%= _("Details of request “{{request_title}}”", + :request_title => request_link(@info_request)) %> +</h1> <h2><%= _('Event history') %></h2> diff --git a/app/views/request/followup_preview.html.erb b/app/views/request/followup_preview.html.erb index 55afc0245..83978a2f5 100644 --- a/app/views/request/followup_preview.html.erb +++ b/app/views/request/followup_preview.html.erb @@ -3,7 +3,7 @@ <div id="followup"> <%= form_for(@outgoing_message, :html => { :id => 'preview_form' }, :url => (@incoming_message.nil? ? show_response_no_followup_url(:id => @info_request.id) : show_response_url(:id => @info_request.id, :incoming_message_id => @incoming_message.id)) + "#followup" ) do |o| %> - + <% if @internal_review %> <h1><%= _('Now preview your message asking for an internal review') %></h1> <% else %> @@ -20,7 +20,7 @@ <div class="correspondence" id="outgoing-0"> <p class="preview_subject"> <strong><%= _('To:') %></strong> <%=h OutgoingMailer.name_for_followup(@info_request, @incoming_message) %> - <br><strong><%= _('Subject:') %></strong> <%=h OutgoingMailer.subject_for_followup(@info_request, @outgoing_message) %> + <br><strong><%= _('Subject:') %></strong> <%= OutgoingMailer.subject_for_followup(@info_request, @outgoing_message, :html => true) %> </p> <div class="correspondence_text"> diff --git a/app/views/request/list.html.erb b/app/views/request/list.html.erb index a465f03ba..75cb463ef 100644 --- a/app/views/request/list.html.erb +++ b/app/views/request/list.html.erb @@ -1,13 +1,14 @@ - <div id="header_left"> - <h1><%=@title%></h1> - <%= render :partial => 'request/request_filter_form' %> + <h1><%= @title %></h1> + <%= render :partial => 'request/request_search_form', + :locals => { :after_form_fields => render(:partial => 'request/request_filter_form') } %> </div> <div id="header_right"> <h2><%= _("Follow these requests") %></h2> <% if @track_thing %> <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => false, :location => 'main' } %> + <%= render :partial => 'track/rss_feed', :locals => { :track_thing => @track_thing, :location => 'main' } %> <% end %> </div> diff --git a/app/views/request/new.html.erb b/app/views/request/new.html.erb index 7f1332464..51224129e 100644 --- a/app/views/request/new.html.erb +++ b/app/views/request/new.html.erb @@ -1,19 +1,33 @@ <% unless @batch %> <script type="text/javascript"> $(document).ready(function(){ - // Avoid triggering too often (on each keystroke) by using the debounce jQuery plugin: + // Avoid triggering too often (on each keystroke) by using the + // debounce jQuery plugin: // http://benalman.com/projects/jquery-throttle-debounce-plugin/ $("#typeahead_search").keypress($.debounce( 300, function() { - $("#typeahead_response").load("<%=search_ahead_url%>?q="+encodeURI(this.value), function() { - // When following links in typeahead results, open new tab/window - $("#typeahead_response a").attr("target","_blank"); - - // Update the public body site search link - $("#body-site-search-link").attr("href", "http://www.google.com/#q="+encodeURI($("#typeahead_search").val())+ - "+site:<%= @info_request.public_body.calculated_home_page %>"); + if ( $('#request_search_ahead_results').text().trim().length > 0) { + $('#typeahead_response').slideUp('fast'); + } + + $("#typeahead_response").load("<%= search_ahead_url %>?q="+encodeURI(this.value)+ + "&requested_from=<%= @info_request.public_body.url_name %>"+ + "&per_page=3", function() { + + if ( $('#request_search_ahead_results').text().trim().length > 0) { + $('#typeahead_response').hide().slideDown('fast'); + + // When following links in typeahead results, open new + // tab/window + $("#typeahead_response a").attr("target","_blank"); + + // Update the public body site search link + $("#body-site-search-link").attr("href", "http://www.google.com/#q="+encodeURI($("#typeahead_search").val())+ + "+site:<%= @info_request.public_body.calculated_home_page %>"); + + $('.close-button').click(function() { $(this).parent().hide() }); + } }); })); - }); </script> <% end %> diff --git a/app/views/request/preview.html.erb b/app/views/request/preview.html.erb index 0265d0328..ddd5ab30c 100644 --- a/app/views/request/preview.html.erb +++ b/app/views/request/preview.html.erb @@ -23,7 +23,7 @@ <% else %> <%=h(@info_request.public_body.name)%> <% end %> - <br><strong><%= _('Subject:') %></strong> <%=h @info_request.email_subject_request %> + <br><strong><%= _('Subject:') %></strong> <%= @info_request.email_subject_request %> </p> <div class="correspondence_text"> diff --git a/app/views/request/show.html.erb b/app/views/request/show.html.erb index 153b0b861..78e022aa9 100644 --- a/app/views/request/show.html.erb +++ b/app/views/request/show.html.erb @@ -2,6 +2,11 @@ :title => h(@info_request.title), :public_body => (@info_request.public_body.name)) %> +<% if flash[:request_sent] %> + <%= render :partial => 'request_sent', + :locals => { :info_request => @info_request } %> +<% end %> + <% if @info_request.prominence == 'hidden' %> <p id="hidden_request"> <%= _('This request has prominence \'hidden\'. You can only see it because you are logged @@ -37,9 +42,9 @@ :user => request_user_link(@info_request, _('An anonymous user')), :law_used_full => h(@info_request.law_used_full), :user_admin_link => user_admin_link_for_request(@info_request, _('external'), _('admin')), - :request_admin_url => admin_request_show_url(@info_request), + :request_admin_url => admin_request_url(@info_request), :public_body_link => public_body_link(@info_request.public_body), - :public_body_admin_url => admin_body_show_url(@info_request.public_body)) %> + :public_body_admin_url => admin_body_url(@info_request.public_body)) %> <% else %> <%= _('{{user}} made this {{law_used_full}} request', :user=>request_user_link(@info_request, _('An anonymous user')), @@ -51,19 +56,20 @@ <p id="request_status" class="request_icon_line icon_<%= @info_request.calculate_status %>"> <% if @info_request.awaiting_description %> <% if @is_owning_user && !@info_request.is_external? && !@render_to_file %> - <%= _('Please <strong>answer the question above</strong> so we know whether the ')%> - <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'recent response contains', 'recent responses contain') %> <%= _('useful information.') %> + <%= n_('Please <strong>answer the question above</strong> so we know whether the recent response contains useful information.', + 'Please <strong>answer the question above</strong> so we know whether the recent responses contain useful information.', + @new_responses_count) %> <% else %> <%= _('This request has an <strong>unknown status</strong>.') %> <% if @old_unclassified %> - <%= _('We\'re waiting for someone to read') %> - <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %> - <%= _('and update the status accordingly. Perhaps <strong>you</strong> might like to help out by doing that?') %> + <%= n_("We're waiting for someone to read a recent response and update the status accordingly. Perhaps <strong>you</strong> might like to help out by doing that?", + "We're waiting for someone to read recent responses and update the status accordingly. Perhaps <strong>you</strong> might like to help out by doing that?", + @new_responses_count) %> <% else %> - <%= _('We\'re waiting for') %> - <%= user_link_for_request(@info_request) %> <%= _('to read') %> - <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %> - <%= _('and update the status.') %> + <%= n_("We're waiting for {{user}} to read a recent response and update the status.", + "We're waiting for {{user}} to read recent responses and update the status.", + @new_responses_count, + :user => user_link_for_request(@info_request)) %> <% end %> <% end %> <% elsif @status == 'waiting_response' %> diff --git a/app/views/request/show_response.html.erb b/app/views/request/show_response.html.erb index ace86cf4c..7571f147b 100644 --- a/app/views/request/show_response.html.erb +++ b/app/views/request/show_response.html.erb @@ -35,7 +35,7 @@ </dt> <dd> <%= _('To do that please send a private email to ') %><%=h(@postal_email_name)%> - <<%=link_to h(@postal_email), "mailto:" + @postal_email%>> + <<%=mail_to h(@postal_email) %>> <%= _('containing your postal address, and asking them to reply to this request. Or you could phone them.') %> diff --git a/app/views/track/_rss_feed.html.erb b/app/views/track/_rss_feed.html.erb new file mode 100644 index 000000000..4be46ffa9 --- /dev/null +++ b/app/views/track/_rss_feed.html.erb @@ -0,0 +1,4 @@ +<div class="feed_link feed_link_<%= location %>"> + <%= link_to image_tag('feed-16.png', :alt => "RSS icon"), do_track_path(track_thing, 'feed') %> + <%= link_to (location == 'sidebar' ? _('RSS feed of updates') : _('RSS feed')), do_track_path(track_thing, 'feed') %> +</div> diff --git a/app/views/track/_tracking_links.html.erb b/app/views/track/_tracking_links.html.erb index 5419ec605..c027e9732 100644 --- a/app/views/track/_tracking_links.html.erb +++ b/app/views/track/_tracking_links.html.erb @@ -13,17 +13,12 @@ </div> <% elsif track_thing %> <div class="feed_link feed_link_<%=location%>"> - <% if defined? follower_count && follower_count > 0 %> + <% if defined?(follower_count) && follower_count > 0 %> <%= link_to _("I like this request"), do_track_path(track_thing), :class => "link_button_green" %> <% else %> <%= link_to _("Follow"), do_track_path(track_thing), :class => "link_button_green" %> <% end %> </div> - - <div class="feed_link feed_link_<%=location%>"> - <%= link_to image_tag('feed-16.png', :alt => "RSS icon"), do_track_path(track_thing, 'feed') %> - <%= link_to (location == 'sidebar' ? _('RSS feed of updates') : _('RSS feed')), do_track_path(track_thing, 'feed') %> - </div> <% end %> diff --git a/app/views/user/_signin.html.erb b/app/views/user/_signin.html.erb index afc55d249..e86791aaf 100644 --- a/app/views/user/_signin.html.erb +++ b/app/views/user/_signin.html.erb @@ -14,11 +14,11 @@ <p> <label class="form_label" for="user_signin_password"><%= _('Password:')%></label> - <%= password_field 'user_signin', 'password', { :size => 15, :tabindex => 20 } %> + <%= password_field 'user_signin', 'password', { :size => 15, :tabindex => 20, :autocomplete => 'off' } %> </p> <p class="form_note"> - <%= link_to _('Forgotten your password?'), signchangepassword_path + "?pretoken=" + h(params[:token]), :tabindex => 30 %> + <%= link_to _('Forgotten your password?'), signchangepassword_path(:pretoken => h(params[:token])), :tabindex => 30 %> </p> <p class="form_checkbox"> diff --git a/app/views/user/show.html.erb b/app/views/user/show.html.erb index b23f74326..7c8d52568 100644 --- a/app/views/user/show.html.erb +++ b/app/views/user/show.html.erb @@ -34,6 +34,7 @@ <% if !@track_thing.nil? %> <h2><%= _('Track this person')%></h2> <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => false, :location => 'sidebar' } %> + <%= render :partial => 'track/rss_feed', :locals => { :track_thing => @track_thing, :location => 'sidebar' } %> <% end %> <% if !@xapian_requests.nil? %> <h2><%= _('On this page')%></h2> @@ -66,7 +67,7 @@ <p class="subtitle"> <%= _('Joined {{site_name}} in', :site_name=>site_name) %> <%= @display_user.created_at.year %> <% if !@user.nil? && @user.admin_page_links? %> - (<%= link_to "admin", admin_user_show_path(@display_user) %>) + (<%= link_to "admin", admin_user_path(@display_user) %>) <% end %> </p> diff --git a/app/views/user/sign.html.erb b/app/views/user/sign.html.erb index e8c5d5a58..5536e6c73 100644 --- a/app/views/user/sign.html.erb +++ b/app/views/user/sign.html.erb @@ -1,52 +1,51 @@ - <% if !@post_redirect.nil? && @post_redirect.reason_params[:user_name] %> <% @title = _("Sign in") %> <div id="sign_alone"> - <p id="sign_in_reason"> - <% if @post_redirect.reason_params[:web].empty? %> - <%= _('Please sign in as ')%><%= link_to h(@post_redirect.reason_params[:user_name]), @post_redirect.reason_params[:user_url] %>. - <% else %> - <%= @post_redirect.reason_params[:web] %>, - <%= _('please sign in as ')%><%= link_to h(@post_redirect.reason_params[:user_name]), @post_redirect.reason_params[:user_url] %>. - <% end %> - </p> - <% if @post_redirect.post_params["controller"] == "admin_general" %> - <% unless AlaveteliConfiguration::disable_emergency_user %> - <p id="superuser_message"><%= _("Don't have a superuser account yet?") %> <%= link_to _("Sign in as the emergency user"), @post_redirect.uri + "?emergency=1" %></p> + <p id="sign_in_reason"> + <% if @post_redirect.reason_params[:web].empty? %> + <%= _('Please sign in as ')%><%= link_to h(@post_redirect.reason_params[:user_name]), @post_redirect.reason_params[:user_url] %>. + <% else %> + <%= @post_redirect.reason_params[:web] %>, + <%= _('please sign in as ')%><%= link_to h(@post_redirect.reason_params[:user_name]), @post_redirect.reason_params[:user_url] %>. <% end %> - <% end %> + </p> - <%= render :partial => 'signin', :locals => { :sign_in_as_existing_user => true } %> + <% if @post_redirect.post_params["controller"] == "admin_general" %> + <% unless AlaveteliConfiguration::disable_emergency_user %> + <p id="superuser_message"><%= _("Don't have a superuser account yet?") %> <%= link_to _("Sign in as the emergency user"), @post_redirect.uri + "?emergency=1" %></p> + <% end %> + <% end %> + <%= render :partial => 'signin', :locals => { :sign_in_as_existing_user => true } %> </div> - <% else %> <% @title = _('Sign in or make a new account') %> <div id="sign_together"> - <% if !@post_redirect.nil? %> - <p id="sign_in_reason"> - <% if @post_redirect.reason_params[:web].empty? %> - <%= _('Please sign in or make a new account.') %> - <% else %> - <%= _('{{reason}}, please sign in or make a new account.', :reason => @post_redirect.reason_params[:web]) %> - <% end %> - </p> - <% end %> + <% if !@post_redirect.nil? %> + <p id="sign_in_reason"> + <% if @post_redirect.reason_params[:web].empty? %> + <%= _('Please sign in or make a new account.') %> + <% else %> + <%= _('{{reason}}, please sign in or make a new account.', :reason => @post_redirect.reason_params[:web]) %> + <% end %> + </p> + <% end %> <div id="left_half"> - <h1><%= _('Sign in') %></h1> - <%= render :partial => 'signin', :locals => { :sign_in_as_existing_user => false } %> + <h1><%= _('Sign up') %></h1> + <%= render :partial => 'signup' %> </div> + <div id="middle_strip"> - <%= _('- or -') %> + <%= _('- or -') %> </div> + <div id="right_half"> - <h1><%= _('Sign up') %></h1> - <%= render :partial => 'signup' %> + <h1><%= _('Sign in') %></h1> + <%= render :partial => 'signin', :locals => { :sign_in_as_existing_user => false } %> </div> + <div style="clear:both"></div> </div> - <% end %> - diff --git a/app/views/user/signchangeemail.html.erb b/app/views/user/signchangeemail.html.erb index 7308179f4..a99bcb785 100644 --- a/app/views/user/signchangeemail.html.erb +++ b/app/views/user/signchangeemail.html.erb @@ -23,7 +23,7 @@ <p> <label class="form_label" for="signchangeemail_password"> <%= _('Your password:')%></label> - <%= password_field 'signchangeemail', 'password', { :size => 15 } %> + <%= password_field 'signchangeemail', 'password', { :size => 15, :autocomplete => 'off' } %> </p> <p class="form_note"> diff --git a/app/views/user/signchangepassword.html.erb b/app/views/user/signchangepassword.html.erb index 51bcb466d..60f5d2c62 100644 --- a/app/views/user/signchangepassword.html.erb +++ b/app/views/user/signchangepassword.html.erb @@ -13,12 +13,12 @@ <p> <label class="form_label" for="user_password"><%= _('New password:')%></label> - <%= password_field 'user', 'password', { :size => 15 } %> + <%= password_field 'user', 'password', { :size => 15, :autocomplete => 'off' } %> </p> <p> <label class="form_label" for="user_password_confirmation"><%= _('New password: (again)')%></label> - <%= password_field 'user', 'password_confirmation', { :size => 15 } %> + <%= password_field 'user', 'password_confirmation', { :size => 15, :autocomplete => 'off' } %> </p> <div class="form_button"> |