diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/admin_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 13 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 44 | ||||
| -rw-r--r-- | app/views/request/_after_actions.rhtml | 2 | ||||
| -rw-r--r-- | app/views/request/_bubble.rhtml | 16 | ||||
| -rw-r--r-- | app/views/request/_request_listing_via_event.rhtml | 2 | ||||
| -rw-r--r-- | app/views/request/similar.rhtml | 2 |
7 files changed, 62 insertions, 21 deletions
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index d7933b212..d93e68dab 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -28,6 +28,10 @@ class AdminController < ApplicationController cache_subpath = foi_fragment_cache_all_for_request(info_request) FileUtils.rm_rf(cache_subpath) + # Remove any download zips + download_dir = request_download_zip_dir(info_request) + FileUtils.rm_rf(download_dir) + # Remove the database caches of body / attachment text (the attachment text # one is after privacy rules are applied) info_request.clear_in_database_caches! diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 3206df1d2..9b39d5178 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -226,6 +226,19 @@ class ApplicationController < ActionController::Base end end + def request_dirs(info_request) + first_three_digits = info_request.id.to_s()[0..2] + File.join(first_three_digits.to_s, info_request.id.to_s) + end + + def request_download_zip_dir(info_request) + File.join(download_zip_dir, "download", request_dirs(info_request)) + end + + def download_zip_dir() + File.join(Rails.root, '/cache/zips/') + end + # get the local locale def locale_from_params(*args) if params[:show_locale] diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 17d2d9428..6106d68da 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -137,6 +137,11 @@ class RequestController < ApplicationController short_cache @per_page = 25 @page = (params[:page] || "1").to_i + + # Later pages are very expensive to load + if @page > MAX_RESULTS / PER_PAGE + raise ActiveRecord::RecordNotFound.new("Sorry. No pages after #{MAX_RESULTS / PER_PAGE}.") + end @info_request = InfoRequest.find_by_url_title!(params[:url_title]) raise ActiveRecord::RecordNotFound.new("Request not found") if @info_request.nil? @@ -146,6 +151,8 @@ class RequestController < ApplicationController end @xapian_object = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, :offset => (@page - 1) * @per_page, :limit => @per_page, :collapse_by_prefix => 'request_collapse') + @matches_estimated = @xapian_object.matches_estimated + @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated if (@page > 1) @page_desc = " (page " + @page.to_s + ")" @@ -738,6 +745,12 @@ class RequestController < ApplicationController end def get_attachment_as_html + + # The conversion process can generate files in the cache directory that can be served up + # directly by the webserver according to httpd.conf, so don't allow it unless that's OK. + if @files_can_be_cached != true + raise ActiveRecord::RecordNotFound.new("Attachment HTML not found.") + end get_attachment_internal(true) # images made during conversion (e.g. images in PDF files) are put in the cache directory, so @@ -857,22 +870,32 @@ class RequestController < ApplicationController def download_entire_request @locale = self.locale_from_params() I18n.with_locale(@locale) do - info_request = InfoRequest.find_by_url_title!(params[:url_title]) + @info_request = InfoRequest.find_by_url_title!(params[:url_title]) + # Test for whole request being hidden or requester-only + if !@info_request.all_can_view? + render :template => 'request/hidden', :status => 410 # gone + return + end if authenticated?( :web => _("To download the zip file"), - :email => _("Then you can download a zip file of {{info_request_title}}.",:info_request_title=>info_request.title), - :email_subject => _("Log in to download a zip file of {{info_request_title}}",:info_request_title=>info_request.title) + :email => _("Then you can download a zip file of {{info_request_title}}.", + :info_request_title=>@info_request.title), + :email_subject => _("Log in to download a zip file of {{info_request_title}}", + :info_request_title=>@info_request.title) ) - updated = Digest::SHA1.hexdigest(info_request.get_last_event.created_at.to_i.to_s + info_request.updated_at.to_i.to_s) - @url_path = "/download/#{updated[0..1]}/#{updated}/#{params[:url_title]}.zip" - file_path = File.expand_path(File.join(File.dirname(__FILE__), '../../cache/zips', @url_path)) + updated = Digest::SHA1.hexdigest(@info_request.get_last_event.created_at.to_i.to_s + @info_request.updated_at.to_i.to_s) + @url_path = File.join("/download", + request_dirs(@info_request), + updated, + "#{params[:url_title]}.zip") + file_path = File.expand_path(File.join(download_zip_dir(), @url_path)) if !File.exists?(file_path) FileUtils.mkdir_p(File.dirname(file_path)) Zip::ZipFile.open(file_path, Zip::ZipFile::CREATE) { |zipfile| convert_command = Configuration::html_to_pdf_command done = false if !convert_command.blank? && File.exists?(convert_command) - url = "http://#{Configuration::domain}#{request_url(info_request)}?print_stylesheet=1" + url = "http://#{Configuration::domain}#{request_url(@info_request)}?print_stylesheet=1" tempfile = Tempfile.new('foihtml2pdf') output = AlaveteliExternalCommand.run(convert_command, url, tempfile.path) if !output.nil? @@ -881,22 +904,21 @@ class RequestController < ApplicationController } done = true else - logger.error("Could not convert info request #{info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'") + logger.error("Could not convert info request #{@info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'") end tempfile.close else logger.warn("No HTML -> PDF converter found at #{convert_command}") end if !done - @info_request = info_request - @info_request_events = info_request.info_request_events + @info_request_events = @info_request.info_request_events template = File.read(File.join(File.dirname(__FILE__), "..", "views", "request", "simple_correspondence.rhtml")) output = ERB.new(template).result(binding) zipfile.get_output_stream("correspondence.txt") { |f| f.puts(output) } end - for message in info_request.incoming_messages + for message in @info_request.incoming_messages attachments = message.get_attachments_for_display for attachment in attachments filename = "#{attachment.url_part_number}_#{attachment.display_filename}" diff --git a/app/views/request/_after_actions.rhtml b/app/views/request/_after_actions.rhtml index a3ee7c86b..3d74cf42d 100644 --- a/app/views/request/_after_actions.rhtml +++ b/app/views/request/_after_actions.rhtml @@ -15,9 +15,11 @@ <%= link_to _('Update the status of this request'), '#describe_state_form_1' %> </li> <% end %> + <% if @info_request.all_can_view? %> <li> <%= link_to _("Download a zip file of all correspondence"), download_entire_request_url(:url_title => @info_request.url_title) %> </li> + <% end %> </ul> </div> <% if ! @info_request.is_external? %> diff --git a/app/views/request/_bubble.rhtml b/app/views/request/_bubble.rhtml index 331c2163e..747e2aa1f 100644 --- a/app/views/request/_bubble.rhtml +++ b/app/views/request/_bubble.rhtml @@ -1,16 +1,16 @@ <div class="correspondence_text"> <% if not attachments.nil? and attachments.size > 0 %> - <div class="attachments"> + <div class="attachments"> <hr class="top"> <% attachments.each do |a| %> <p class="attachment"> - <% + <% attachment_url = get_attachment_url(:id => incoming_message.info_request_id, - :incoming_message_id => incoming_message.id, :part => a.url_part_number, - :file_name => a.display_filename) + :incoming_message_id => incoming_message.id, :part => a.url_part_number, + :file_name => a.display_filename) attachment_as_html_url = get_attachment_as_html_url(:id => incoming_message.info_request_id, - :incoming_message_id => incoming_message.id, :part => a.url_part_number, - :file_name => a.display_filename + '.html') + :incoming_message_id => incoming_message.id, :part => a.url_part_number, + :file_name => a.display_filename + '.html') %> <% img_filename = "icon_" + a.content_type.sub('/', '_') + "_large.png" full_filename = File.expand_path(File.join(File.dirname(__FILE__), "../../../public/images", img_filename)) @@ -23,9 +23,9 @@ <br> <%= a.display_size %> <%= link_to "Download", attachment_url %> - <% if a.has_body_as_html? %> + <% if a.has_body_as_html? && incoming_message.info_request.all_can_view? %> <%= link_to "View as HTML", attachment_as_html_url %> - <% end %> + <% end %> <!-- (<%= a.content_type %>) --> <%= a.extra_note %> </p> diff --git a/app/views/request/_request_listing_via_event.rhtml b/app/views/request/_request_listing_via_event.rhtml index ee1cc079a..2ba9613e5 100644 --- a/app/views/request/_request_listing_via_event.rhtml +++ b/app/views/request/_request_listing_via_event.rhtml @@ -25,7 +25,7 @@ end %> <%=event.display_status %> <%= _('by {{public_body_name}} to {{info_request_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:date=>simple_date(event.created_at )) %> <% elsif event.event_type == 'comment' %> - <%= _('Request to {{public_body_name}} by {{info_request_user}}. Annotated by {{event_comment_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>user_link_absolute(info_request.user),:event_comment_user=>user_link_absolute(event.comment.user),:date=>simple_date(event.created_at)) %> + <%= _('Request to {{public_body_name}} by {{info_request_user}}. Annotated by {{event_comment_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:event_comment_user=>user_link_absolute(event.comment.user),:date=>simple_date(event.created_at)) %> <% else %> <%# Events of other types will not be indexed: see InfoRequestEvent#indexed_by_search? However, it can happen that we see other types of event transiently here in the period diff --git a/app/views/request/similar.rhtml b/app/views/request/similar.rhtml index d9806aeb1..0d53f6919 100644 --- a/app/views/request/similar.rhtml +++ b/app/views/request/similar.rhtml @@ -20,4 +20,4 @@ <% end %> <% end %> -<%= will_paginate WillPaginate::Collection.new(@page, @per_page, @xapian_object.matches_estimated) %> +<%= will_paginate WillPaginate::Collection.new(@page, @per_page, @show_no_more_than) %> |