diff options
Diffstat (limited to 'app')
166 files changed, 2757 insertions, 2181 deletions
diff --git a/app/controllers/admin_censor_rule_controller.rb b/app/controllers/admin_censor_rule_controller.rb index 5381921bf..f6abc70df 100644 --- a/app/controllers/admin_censor_rule_controller.rb +++ b/app/controllers/admin_censor_rule_controller.rb @@ -26,9 +26,9 @@ class AdminCensorRuleController < AdminController end flash[:notice] = 'CensorRule was successfully created.' if !@censor_rule.info_request.nil? - redirect_to admin_url('request/show/' + @censor_rule.info_request.id.to_s) + redirect_to admin_request_show_url(@censor_rule.info_request) elsif !@censor_rule.user.nil? - redirect_to admin_url('user/show/' + @censor_rule.user.id.to_s) + redirect_to admin_user_show_url(@censor_rule.user) else raise "internal error" end @@ -53,9 +53,9 @@ class AdminCensorRuleController < AdminController end flash[:notice] = 'CensorRule was successfully updated.' if !@censor_rule.info_request.nil? - redirect_to admin_url('request/show/' + @censor_rule.info_request.id.to_s) + redirect_to admin_request_show_url(@censor_rule.info_request) elsif !@censor_rule.user.nil? - redirect_to admin_url('user/show/' + @censor_rule.user.id.to_s) + redirect_to admin_user_show_url(@censor_rule.user) else raise "internal error" end @@ -79,9 +79,9 @@ class AdminCensorRuleController < AdminController flash[:notice] = "CensorRule was successfully destroyed." if !info_request.nil? - redirect_to admin_url('request/show/' + info_request.id.to_s) + redirect_to admin_request_show_url(info_request) elsif !user.nil? - redirect_to admin_url('user/show/' + user.id.to_s) + redirect_to admin_user_show_url(user) else raise "internal error" end diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index d7933b212..d93e68dab 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -28,6 +28,10 @@ class AdminController < ApplicationController cache_subpath = foi_fragment_cache_all_for_request(info_request) FileUtils.rm_rf(cache_subpath) + # Remove any download zips + download_dir = request_download_zip_dir(info_request) + FileUtils.rm_rf(download_dir) + # Remove the database caches of body / attachment text (the attachment text # one is after privacy rules are applied) info_request.clear_in_database_caches! diff --git a/app/controllers/admin_general_controller.rb b/app/controllers/admin_general_controller.rb index 9f4c398c1..800678787 100644 --- a/app/controllers/admin_general_controller.rb +++ b/app/controllers/admin_general_controller.rb @@ -5,6 +5,8 @@ # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ class AdminGeneralController < AdminController + skip_before_filter :authenticate, :only => :admin_js + def index # ensure we have a trailing slash current_uri = request.env['REQUEST_URI'] @@ -115,6 +117,17 @@ class AdminGeneralController < AdminController end def stats + # Overview counts of things + @public_body_count = PublicBody.count + + @info_request_count = InfoRequest.count + @outgoing_message_count = OutgoingMessage.count + @incoming_message_count = IncomingMessage.count + + @user_count = User.count + @track_thing_count = TrackThing.count + + @comment_count = Comment.count @request_by_state = InfoRequest.count(:group => 'described_state') @tracks_by_type = TrackThing.count(:group => 'track_type') end @@ -128,5 +141,10 @@ class AdminGeneralController < AdminController @github_origin = "https://github.com/#{repo}/tree/" @request_env = request.env end + + # TODO: Remove this when support for proxy admin interface is removed + def admin_js + render :layout => false, :content_type => "application/javascript" + end end diff --git a/app/controllers/admin_public_body_controller.rb b/app/controllers/admin_public_body_controller.rb index ac12e97b2..bb5e98852 100644 --- a/app/controllers/admin_public_body_controller.rb +++ b/app/controllers/admin_public_body_controller.rb @@ -92,7 +92,7 @@ class AdminPublicBodyController < AdminController @public_body = PublicBody.new(params[:public_body]) if @public_body.save flash[:notice] = 'PublicBody was successfully created.' - redirect_to admin_url('body/show/' + @public_body.id.to_s) + redirect_to admin_body_show_url(@public_body) else render :action => 'new' end @@ -111,7 +111,7 @@ class AdminPublicBodyController < AdminController @public_body = PublicBody.find(params[:id]) if @public_body.update_attributes(params[:public_body]) flash[:notice] = 'PublicBody was successfully updated.' - redirect_to admin_url('body/show/' + @public_body.id.to_s) + redirect_to admin_body_show_url(@public_body) else render :action => 'edit' end diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index 6b6a8525e..d84b44b6f 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -42,7 +42,7 @@ class AdminRequestController < AdminController vars = OpenStruct.new(:name_to => @info_request.user_name, :name_from => Configuration::contact_name, :info_request => @info_request, :reason => params[:reason], - :info_request_url => 'http://' + Configuration::domain + request_url(@info_request), + :info_request_url => 'http://' + Configuration::domain + request_path(@info_request), :site_name => site_name) template = File.read(File.join(File.dirname(__FILE__), "..", "views", "admin_request", "hidden_user_explanation.rhtml")) @request_hidden_user_explanation = ERB.new(template).result(vars.instance_eval { binding }) @@ -52,7 +52,7 @@ class AdminRequestController < AdminController @outgoing_message = OutgoingMessage.find(params[:outgoing_message_id]) @outgoing_message.resend_message flash[:notice] = "Outgoing message resent" - redirect_to request_admin_url(@outgoing_message.info_request) + redirect_to admin_request_show_url(@outgoing_message.info_request) end def edit @@ -98,7 +98,7 @@ class AdminRequestController < AdminController # expire cached files expire_for_request(@info_request) flash[:notice] = 'Request successfully updated.' - redirect_to request_admin_url(@info_request) + redirect_to admin_request_show_url(@info_request) else render :action => 'edit' end @@ -114,7 +114,7 @@ class AdminRequestController < AdminController # expire cached files expire_for_request(@info_request) flash[:notice] = "Request #{url_title} has been completely destroyed. Email of user who made request: " + user.email - redirect_to admin_url('request/list') + redirect_to admin_request_list_url end def edit_outgoing @@ -131,7 +131,7 @@ class AdminRequestController < AdminController { :editor => admin_current_user(), :deleted_outgoing_message_id => outgoing_message_id }) flash[:notice] = 'Outgoing message successfully destroyed.' - redirect_to request_admin_url(@info_request) + redirect_to admin_request_show_url(@info_request) end def update_outgoing @@ -144,7 +144,7 @@ class AdminRequestController < AdminController { :outgoing_message_id => @outgoing_message.id, :editor => admin_current_user(), :old_body => old_body, :body => @outgoing_message.body }) flash[:notice] = 'Outgoing message successfully updated.' - redirect_to request_admin_url(@outgoing_message.info_request) + redirect_to admin_request_show_url(@outgoing_message.info_request) else render :action => 'edit_outgoing' end @@ -168,7 +168,7 @@ class AdminRequestController < AdminController :old_visible => old_visible, :visible => @comment.visible, }) flash[:notice] = 'Comment successfully updated.' - redirect_to request_admin_url(@comment.info_request) + redirect_to admin_request_show_url(@comment.info_request) else render :action => 'edit_comment' end @@ -186,7 +186,7 @@ class AdminRequestController < AdminController # expire cached files expire_for_request(@info_request) flash[:notice] = 'Incoming message successfully destroyed.' - redirect_to request_admin_url(@info_request) + redirect_to admin_request_show_url(@info_request) end def redeliver_incoming @@ -203,12 +203,11 @@ class AdminRequestController < AdminController end if destination_request.nil? flash[:error] = "Failed to find destination request '" + m + "'" - return redirect_to request_admin_url(previous_request) + return redirect_to admin_request_show_url(previous_request) end raw_email_data = incoming_message.raw_email.data - mail = TMail::Mail.parse(raw_email_data) - mail.base64_decode + mail = MailHandler.mail_from_raw_email(raw_email_data) destination_request.receive(mail, raw_email_data, true) incoming_message_id = incoming_message.id @@ -224,7 +223,7 @@ class AdminRequestController < AdminController expire_for_request(previous_request) incoming_message.fully_destroy end - redirect_to request_admin_url(destination_request) + redirect_to admin_request_show_url(destination_request) end # change user or public body of a request magically @@ -247,7 +246,7 @@ class AdminRequestController < AdminController info_request.reindex_request_events flash[:notice] = "Message has been moved to new user" end - redirect_to request_admin_url(info_request) + redirect_to admin_request_show_url(info_request) elsif params[:commit] == 'Move request to authority' && !params[:public_body_url_name].blank? old_public_body = info_request.public_body destination_public_body = PublicBody.find_by_url_name(params[:public_body_url_name]) @@ -266,10 +265,10 @@ class AdminRequestController < AdminController flash[:notice] = "Request has been moved to new body" end - redirect_to request_admin_url(info_request) + redirect_to admin_request_show_url(info_request) else flash[:error] = "Please enter the user or authority to move the request to" - redirect_to request_admin_url(info_request) + redirect_to admin_request_show_url(info_request) end end @@ -278,7 +277,7 @@ class AdminRequestController < AdminController if params[:incoming_message_id] incoming_message = IncomingMessage.find(params[:incoming_message_id]) - email = incoming_message.from_address + email = incoming_message.from_email name = incoming_message.safe_mail_from || info_request.public_body.name else email = info_request.public_body.request_email @@ -293,20 +292,20 @@ class AdminRequestController < AdminController if !info_request.public_body.is_foi_officer?(user) flash[:notice] = user.email + " is not an email at the domain @" + info_request.public_body.foi_officer_domain_required + ", so won't be able to upload." - redirect_to request_admin_url(info_request) + redirect_to admin_request_show_url(info_request) return end # Bejeeps, look, sometimes a URL is something that belongs in a controller, jesus. - # XXX hammer this square peg into the round MVC hole - should be calling main_url(upload_response_url()) + # XXX hammer this square peg into the round MVC hole post_redirect = PostRedirect.new( - :uri => main_url(upload_response_url(:url_title => info_request.url_title, :only_path => true)), + :uri => upload_response_url(:url_title => info_request.url_title), :user_id => user.id) post_redirect.save! - url = main_url(confirm_url(:email_token => post_redirect.email_token, :only_path => true)) + url = confirm_url(:email_token => post_redirect.email_token) - flash[:notice] = 'Send "' + name + '" <<a href="mailto:' + email + '">' + email + '</a>> this URL: <a href="' + url + '">' + url + "</a> - it will log them in and let them upload a response to this request." - redirect_to request_admin_url(info_request) + flash[:notice] = ("Send \"#{name}\" <<a href=\"mailto:#{email}\">#{email}</a>> this URL: <a href=\"#{url}\">#{url}</a> - it will log them in and let them upload a response to this request.").html_safe + redirect_to admin_request_show_url(info_request) end def show_raw_email @@ -356,7 +355,7 @@ class AdminRequestController < AdminController info_request_event.save! flash[:notice] = "Old response marked as having been a clarification" - redirect_to request_admin_url(info_request_event.info_request) + redirect_to admin_request_show_url(info_request_event.info_request) end def hide_request @@ -380,7 +379,7 @@ class AdminRequestController < AdminController ContactMailer.deliver_from_admin_message( info_request.user, subject, - params[:explanation] + params[:explanation].strip.html_safe ) flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name)) else @@ -388,7 +387,7 @@ class AdminRequestController < AdminController end # expire cached files expire_for_request(info_request) - redirect_to request_admin_url(info_request) + redirect_to admin_request_show_url(info_request) end end diff --git a/app/controllers/admin_track_controller.rb b/app/controllers/admin_track_controller.rb index 03217da45..525c96782 100644 --- a/app/controllers/admin_track_controller.rb +++ b/app/controllers/admin_track_controller.rb @@ -9,6 +9,7 @@ class AdminTrackController < AdminController @query = params[:query] @admin_tracks = TrackThing.paginate :order => "created_at desc", :page => params[:page], :per_page => 100, :conditions => @query.nil? ? nil : ["lower(track_query) like lower('%'||?||'%')", @query ] + @popular = ActiveRecord::Base.connection.select_all("select count(*) as count, title, info_request_id from track_things join info_requests on info_request_id = info_requests.id where info_request_id is not null group by info_request_id, title order by count desc limit 10;") end private diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb index ed20ddcf4..feffa208e 100644 --- a/app/controllers/admin_user_controller.rb +++ b/app/controllers/admin_user_controller.rb @@ -48,7 +48,7 @@ class AdminUserController < AdminController if @admin_user.valid? @admin_user.save! flash[:notice] = 'User successfully updated.' - redirect_to user_admin_url(@admin_user) + redirect_to admin_user_show_url(@admin_user) else render :action => 'edit' end @@ -58,7 +58,7 @@ class AdminUserController < AdminController track_thing = TrackThing.find(params[:track_id].to_i) track_thing.destroy flash[:notice] = 'Track destroyed' - redirect_to user_admin_url(track_thing.tracking_user) + redirect_to admin_user_show_url(track_thing.tracking_user) end def clear_bounce @@ -66,15 +66,15 @@ class AdminUserController < AdminController user.email_bounced_at = nil user.email_bounce_message = "" user.save! - redirect_to user_admin_url(user) + redirect_to admin_user_show_url(user) end def login_as @admin_user = User.find(params[:id]) # check user does exist - post_redirect = PostRedirect.new( :uri => main_url(user_url(@admin_user)), :user_id => @admin_user.id, :circumstance => "login_as" ) + post_redirect = PostRedirect.new( :uri => user_url(@admin_user), :user_id => @admin_user.id, :circumstance => "login_as" ) post_redirect.save! - url = main_url(confirm_url(:email_token => post_redirect.email_token, :only_path => true)) + url = confirm_url(:email_token => post_redirect.email_token) redirect_to url end @@ -91,7 +91,7 @@ class AdminUserController < AdminController end flash[:notice] = "Profile photo cleared" - redirect_to user_admin_url(@admin_user) + redirect_to admin_user_show_url(@admin_user) end private diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index aa5e85db3..5d8ceb888 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -1,30 +1,30 @@ class ApiController < ApplicationController before_filter :check_api_key - + def show_request @request = InfoRequest.find(params[:id]) raise PermissionDenied if @request.public_body_id != @public_body.id - + @request_data = { :id => @request.id, :url => make_url("request", @request.url_title), :title => @request.title, - + :created_at => @request.created_at, :updated_at => @request.updated_at, - + :status => @request.calculate_status, - + :public_body_url => make_url("body", @request.public_body.url_name), :requestor_url => make_url("user", @request.user.url_name), :request_email => @request.incoming_email, - + :request_text => @request.last_event_forming_initial_request.outgoing_message.body, } - + render :json => @request_data end - + def create_request json = ActiveSupport::JSON.decode(params[:request_json]) request = InfoRequest.new( @@ -34,7 +34,7 @@ class ApiController < ApplicationController :external_user_name => json["external_user_name"], :external_url => json["external_url"] ) - + outgoing_message = OutgoingMessage.new( :status => 'ready', :message_type => 'initial_request', @@ -44,7 +44,7 @@ class ApiController < ApplicationController :info_request => request ) request.outgoing_messages << outgoing_message - + # Return an error if the request is invalid # (Can this ever happen?) if !request.valid? @@ -53,7 +53,7 @@ class ApiController < ApplicationController } return end - + # Save the request, and add the corresponding InfoRequestEvent request.save! request.log_event("sent", @@ -62,69 +62,69 @@ class ApiController < ApplicationController :outgoing_message_id => outgoing_message.id, :smtp_message_id => nil ) - + # Return the URL and ID number. render :json => { 'url' => make_url("request", request.url_title), 'id' => request.id } - + end - + def add_correspondence request = InfoRequest.find_by_id(params[:id]) if request.nil? render :json => { "errors" => ["Could not find request #{params[:id]}"] }, :status => 404 return end - + json = ActiveSupport::JSON.decode(params[:correspondence_json]) attachments = params[:attachments] - + direction = json["direction"] body = json["body"] sent_at_str = json["sent_at"] - + errors = [] - + if !request.is_external? render :json => { "errors" => ["Request #{params[:id]} cannot be updated using the API"] }, :status => 500 return end - + if request.public_body_id != @public_body.id render :json => { "errors" => ["You do not own request #{params[:id]}"] }, :status => 500 return end - + if !["request", "response"].include?(direction) errors << "The direction parameter must be 'request' or 'response'" end - + if body.nil? errors << "The 'body' is missing" elsif body.empty? errors << "The 'body' is empty" end - + begin sent_at = Time.iso8601(sent_at_str) rescue ArgumentError errors << "Failed to parse 'sent_at' field as ISO8601 time: #{sent_at_str}" end - + if direction == "request" && !attachments.nil? errors << "You cannot attach files to messages in the 'request' direction" end - + if !errors.empty? render :json => { "errors" => errors }, :status => 500 return end - + if direction == "request" # In the 'request' direction, i.e. what we (Alaveteli) regard as outgoing - + outgoing_message = OutgoingMessage.new( :info_request => request, :status => 'ready', @@ -154,19 +154,19 @@ class ApiController < ApplicationController :filename => filename ) end - + mail = RequestMailer.create_external_response(request, body, sent_at, attachment_hashes) request.receive(mail, mail.encoded, true) end render :json => { 'url' => make_url("request", request.url_title), - } + } end - + def body_request_events feed_type = params[:feed_type] raise PermissionDenied.new("#{@public_body.id} != #{params[:id]}") if @public_body.id != params[:id].to_i - + since_date_str = params[:since_date] if since_date_str.nil? @events = InfoRequestEvent.find_by_sql([ @@ -213,24 +213,24 @@ class ApiController < ApplicationController @event_data = [] @events.each do |event| break if event.id == @since_event_id - + request = event.info_request this_event = { :request_id => request.id, :event_id => event.id, :created_at => event.created_at.iso8601, :event_type => event.event_type, - :request_url => main_url(request_url(request)), + :request_url => request_url(request), :request_email => request.incoming_email, :title => request.title, :body => event.outgoing_message.body, - + :user_name => request.user_name, } if request.user - this_event[:user_url] = main_url(user_url(request.user)) + this_event[:user_url] = user_url(request.user) end - + @event_data.push(this_event) end render :json => @event_data @@ -238,14 +238,14 @@ class ApiController < ApplicationController raise ActiveRecord::RecordNotFound.new("Unrecognised feed type: #{feed_type}") end end - + protected def check_api_key - raise "Missing required parameter 'k'" if params[:k].nil? + raise PermissionDenied.new("Missing required parameter 'k'") if params[:k].nil? @public_body = PublicBody.find_by_api_key(params[:k].gsub(' ', '+')) raise PermissionDenied if @public_body.nil? end - + private def make_url(*args) "http://" + Configuration::domain + "/" + args.join("/") diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 3f3c169ae..f3deeb64a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -54,10 +54,15 @@ class ApplicationController < ActionController::Base end def set_gettext_locale + if Configuration::include_default_locale_in_urls == false + params_locale = params[:locale] ? params[:locale] : I18n.default_locale + else + params_locale = params[:locale] + end if Configuration::use_default_browser_language - requested_locale = params[:locale] || session[:locale] || cookies[:locale] || request.env['HTTP_ACCEPT_LANGUAGE'] || I18n.default_locale + requested_locale = params_locale || session[:locale] || cookies[:locale] || request.env['HTTP_ACCEPT_LANGUAGE'] || I18n.default_locale else - requested_locale = params[:locale] || session[:locale] || cookies[:locale] || I18n.default_locale + requested_locale = params_locale || session[:locale] || cookies[:locale] || I18n.default_locale end requested_locale = FastGettext.best_locale_in(requested_locale) session[:locale] = FastGettext.set_locale(requested_locale) @@ -117,17 +122,14 @@ class ApplicationController < ActionController::Base # Override default error handler, for production sites. def rescue_action_in_public(exception) - # Call `set_view_paths` from the theme, if it exists. + # Looks for before_filters called something like `set_view_paths_{themename}`. These + # are set by the themes. # Normally, this is called by the theme itself in a # :before_filter, but when there's an error, this doesn't # happen. By calling it here, we can ensure error pages are # still styled according to the theme. - begin - set_view_paths - rescue NameError => e - if !(e.message =~ /undefined local variable or method `set_view_paths'/) - raise - end + ActionController::Base.before_filters.select{|f| f.to_s =~ /set_view_paths/}.each do |f| + self.send(f) end # Make sure expiry time for session is set (before_filters are # otherwise missed by this override) @@ -229,6 +231,19 @@ class ApplicationController < ActionController::Base end end + def request_dirs(info_request) + first_three_digits = info_request.id.to_s()[0..2] + File.join(first_three_digits.to_s, info_request.id.to_s) + end + + def request_download_zip_dir(info_request) + File.join(download_zip_dir, "download", request_dirs(info_request)) + end + + def download_zip_dir() + File.join(Rails.root, '/cache/zips/') + end + # get the local locale def locale_from_params(*args) if params[:show_locale] @@ -441,11 +456,7 @@ class ApplicationController < ActionController::Base end end - def param_exists(item) - return params[item] && !params[item].empty? - end - - def get_request_variety_from_params + def get_request_variety_from_params(params) query = "" sortby = "newest" varieties = [] @@ -467,7 +478,7 @@ class ApplicationController < ActionController::Base return query end - def get_status_from_params + def get_status_from_params(params) query = "" if params[:latest_status] statuses = [] @@ -502,24 +513,24 @@ class ApplicationController < ActionController::Base return query end - def get_date_range_from_params + def get_date_range_from_params(params) query = "" - if param_exists(:request_date_after) && !param_exists(:request_date_before) + if params.has_key?(:request_date_after) && !params.has_key?(:request_date_before) params[:request_date_before] = Time.now.strftime("%d/%m/%Y") query += " #{params[:request_date_after]}..#{params[:request_date_before]}" - elsif !param_exists(:request_date_after) && param_exists(:request_date_before) + elsif !params.has_key?(:request_date_after) && params.has_key?(:request_date_before) params[:request_date_after] = "01/01/2001" end - if param_exists(:request_date_after) + if params.has_key?(:request_date_after) query = " #{params[:request_date_after]}..#{params[:request_date_before]}" end return query end - def get_tags_from_params + def get_tags_from_params(params) query = "" tags = [] - if param_exists(:tags) + if params.has_key?(:tags) params[:tags].split().each do |tag| tags << "tag:#{tag}" end @@ -530,12 +541,12 @@ class ApplicationController < ActionController::Base return query end - def make_query_from_params + def make_query_from_params(params) query = params[:query] || "" if query.nil? - query += get_date_range_from_params - query += get_request_variety_from_params - query += get_status_from_params - query += get_tags_from_params + query += get_date_range_from_params(params) + query += get_request_variety_from_params(params) + query += get_status_from_params(params) + query += get_tags_from_params(params) return query end @@ -549,7 +560,7 @@ class ApplicationController < ActionController::Base end def set_popup_banner - @popup_banner = render_to_string(:partial => "general/popup_banner").strip + @popup_banner = render_to_string(:partial => "general/popup_banner").strip.html_safe end # URL generating functions are needed by all controllers (for redirects), # views (for links) and mailers (for use in emails), so include them into diff --git a/app/controllers/general_controller.rb b/app/controllers/general_controller.rb index 0cde238cd..f6a46458e 100644 --- a/app/controllers/general_controller.rb +++ b/app/controllers/general_controller.rb @@ -19,53 +19,51 @@ class GeneralController < ApplicationController # New, improved front page! def frontpage medium_cache - behavior_cache :tag => [session[:user_id], request.url] do - # get some example searches and public bodies to display - # either from config, or based on a (slow!) query if not set - body_short_names = Configuration::frontpage_publicbody_examples.split(/\s*;\s*/).map{|s| "'%s'" % s.gsub(/'/, "''") }.join(", ") - @locale = self.locale_from_params() - locale_condition = 'public_body_translations.locale = ?' - conditions = [locale_condition, @locale] - PublicBody.with_locale(@locale) do - if body_short_names.empty? - # This is too slow - @popular_bodies = PublicBody.visible.find(:all, - :order => "info_requests_count desc", - :limit => 32, - :conditions => conditions, - :joins => :translations - ) - else - conditions[0] += " and public_bodies.url_name in (" + body_short_names + ")" - @popular_bodies = PublicBody.find(:all, - :conditions => conditions, - :joins => :translations) - end + # get some example searches and public bodies to display + # either from config, or based on a (slow!) query if not set + body_short_names = Configuration::frontpage_publicbody_examples.split(/\s*;\s*/).map{|s| "'%s'" % s.gsub(/'/, "''") }.join(", ") + @locale = self.locale_from_params() + locale_condition = 'public_body_translations.locale = ?' + conditions = [locale_condition, @locale] + PublicBody.with_locale(@locale) do + if body_short_names.empty? + # This is too slow + @popular_bodies = PublicBody.visible.find(:all, + :order => "info_requests_count desc", + :limit => 32, + :conditions => conditions, + :joins => :translations + ) + else + conditions[0] += " and public_bodies.url_name in (" + body_short_names + ")" + @popular_bodies = PublicBody.find(:all, + :conditions => conditions, + :joins => :translations) end - # Get some successful requests - begin - query = 'variety:response (status:successful OR status:partially_successful)' - sortby = "newest" - max_count = 5 - xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count) - @request_events = xapian_object.results.map { |r| r[:model] } - - # If there are not yet enough successful requests, fill out the list with - # other requests - if @request_events.count < max_count - @request_events_all_successful = false - query = 'variety:sent' - xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count-@request_events.count) - more_events = xapian_object.results.map { |r| r[:model] } - @request_events += more_events - # Overall we still want the list sorted with the newest first - @request_events.sort!{|e1,e2| e2.created_at <=> e1.created_at} - else - @request_events_all_successful = true - end - rescue - @request_events = [] + end + # Get some successful requests + begin + query = 'variety:response (status:successful OR status:partially_successful)' + sortby = "newest" + max_count = 5 + xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count) + @request_events = xapian_object.results.map { |r| r[:model] } + + # If there are not yet enough successful requests, fill out the list with + # other requests + if @request_events.count < max_count + @request_events_all_successful = false + query = 'variety:sent' + xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_title_collapse', max_count-@request_events.count) + more_events = xapian_object.results.map { |r| r[:model] } + @request_events += more_events + # Overall we still want the list sorted with the newest first + @request_events.sort!{|e1,e2| e2.created_at <=> e1.created_at} + else + @request_events_all_successful = true end + rescue + @request_events = [] end end @@ -153,10 +151,10 @@ class GeneralController < ApplicationController params[:query] = @query end if @variety_postfix != "all" && @requests - @query, _ = make_query_from_params + @query, _ = make_query_from_params(params) end @inputted_sortby = @sortby - @common_query = get_tags_from_params + @common_query = get_tags_from_params(params) if @sortby.nil? # Parse query, so can work out if it has prefix terms only - if so then it is a # structured query which should show newest first, rather than a free text search @@ -226,18 +224,10 @@ class GeneralController < ApplicationController redirect_to request_url(info_request) end - # For debugging - def fai_test - sleep 10 - render :text => "awake\n" - end - def custom_css long_cache @locale = self.locale_from_params() render(:layout => false, :content_type => 'text/css') end - - end diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb index cf90f45bb..573abac63 100644 --- a/app/controllers/help_controller.rb +++ b/app/controllers/help_controller.rb @@ -19,7 +19,6 @@ class HelpController < ApplicationController def contact @contact_email = Configuration::contact_email - @contact_email = @contact_email.gsub(/@/, "@") # if they clicked remove for link to request/body, remove it if params[:remove] @@ -50,7 +49,7 @@ class HelpController < ApplicationController end @contact = ContactValidator.new(params[:contact]) if @contact.valid? && !params[:remove] - ContactMailer.deliver_message( + ContactMailer.deliver_to_admin_message( params[:contact][:name], params[:contact][:email], params[:contact][:subject], diff --git a/app/controllers/public_body_controller.rb b/app/controllers/public_body_controller.rb index 8a4a65820..aa6980b69 100644 --- a/app/controllers/public_body_controller.rb +++ b/app/controllers/public_body_controller.rb @@ -25,22 +25,20 @@ class PublicBodyController < ApplicationController end # If found by historic name, or alternate locale name, redirect to new name if @public_body.url_name != params[:url_name] - redirect_to show_public_body_url(:url_name => @public_body.url_name) + redirect_to :url_name => @public_body.url_name return end set_last_body(@public_body) - top_url = main_url("/") + top_url = frontpage_url @searched_to_send_request = false referrer = request.env['HTTP_REFERER'] if !referrer.nil? && referrer.match(%r{^#{top_url}search/.*/bodies$}) @searched_to_send_request = true end @view = params[:view] - params[:latest_status] = @view - - query = make_query_from_params + query = make_query_from_params(params.merge(:latest_status => @view)) query += " requested_from:#{@public_body.url_name}" # Use search query for this so can collapse and paginate easily # XXX really should just use SQL query here rather than Xapian. diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index c732a4b32..fe948db19 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -99,15 +99,13 @@ class RequestController < ApplicationController # Sidebar stuff # ... requests that have similar imporant terms - behavior_cache :tag => ['similar', @info_request.id] do - begin - limit = 10 - @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, - :limit => limit, :collapse_by_prefix => 'request_collapse') - @xapian_similar_more = (@xapian_similar.matches_estimated > limit) - rescue - @xapian_similar = nil - end + begin + limit = 10 + @xapian_similar = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, + :limit => limit, :collapse_by_prefix => 'request_collapse') + @xapian_similar_more = (@xapian_similar.matches_estimated > limit) + rescue + @xapian_similar = nil end # Track corresponding to this page @@ -139,6 +137,11 @@ class RequestController < ApplicationController short_cache @per_page = 25 @page = (params[:page] || "1").to_i + + # Later pages are very expensive to load + if @page > MAX_RESULTS / PER_PAGE + raise ActiveRecord::RecordNotFound.new("Sorry. No pages after #{MAX_RESULTS / PER_PAGE}.") + end @info_request = InfoRequest.find_by_url_title!(params[:url_title]) raise ActiveRecord::RecordNotFound.new("Request not found") if @info_request.nil? @@ -148,6 +151,8 @@ class RequestController < ApplicationController end @xapian_object = ::ActsAsXapian::Similar.new([InfoRequestEvent], @info_request.info_request_events, :offset => (@page - 1) * @per_page, :limit => @per_page, :collapse_by_prefix => 'request_collapse') + @matches_estimated = @xapian_object.matches_estimated + @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated if (@page > 1) @page_desc = " (page " + @page.to_s + ")" @@ -161,7 +166,7 @@ class RequestController < ApplicationController @view = params[:view] @page = get_search_page_from_params if !@page # used in cache case, as perform_search sets @page as side effect if @view == "recent" - return redirect_to request_list_all_path(:action => "list", :view => "all", :page => @page), :status => :moved_permanently + return redirect_to request_list_all_url(:action => "list", :view => "all", :page => @page), :status => :moved_permanently end # Later pages are very expensive to load @@ -169,17 +174,13 @@ class RequestController < ApplicationController raise ActiveRecord::RecordNotFound.new("Sorry. No pages after #{MAX_RESULTS / PER_PAGE}.") end - params[:latest_status] = @view - query = make_query_from_params + query = make_query_from_params(params.merge(:latest_status => @view)) @title = _("View and search requests") sortby = "newest" - @cache_tag = Digest::MD5.hexdigest(query + @page.to_s + I18n.locale.to_s) - behavior_cache :tag => [@cache_tag] do - xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse') - @list_results = xapian_object.results.map { |r| r[:model] } - @matches_estimated = xapian_object.matches_estimated - @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated - end + xapian_object = perform_search([InfoRequestEvent], query, sortby, 'request_collapse') + @list_results = xapian_object.results.map { |r| r[:model] } + @matches_estimated = xapian_object.matches_estimated + @show_no_more_than = (@matches_estimated > MAX_RESULTS) ? MAX_RESULTS : @matches_estimated @title = @title + " (page " + @page.to_s + ")" if (@page > 1) @track_thing = TrackThing.create_track_for_search_query(query) @@ -320,9 +321,9 @@ class RequestController < ApplicationController message = "" if @outgoing_message.contains_email? if @user.nil? - message += _("<p>You do not need to include your email in the request in order to get a reply, as we will ask for it on the next screen (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]; + message += (_("<p>You do not need to include your email in the request in order to get a reply, as we will ask for it on the next screen (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]).html_safe; else - message += _("<p>You do not need to include your email in the request in order to get a reply (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]; + message += (_("<p>You do not need to include your email in the request in order to get a reply (<a href=\"%s\">details</a>).</p>") % [help_privacy_path+"#email_address"]).html_safe; end message += _("<p>We recommend that you edit your request and remove the email address. If you leave it, the email address will be sent to the authority, but will not be displayed on the site.</p>") @@ -331,7 +332,7 @@ class RequestController < ApplicationController message += _("<p>Your request contains a <strong>postcode</strong>. Unless it directly relates to the subject of your request, please remove any address as it will <strong>appear publicly on the Internet</strong>.</p>"); end if not message.empty? - flash.now[:error] = message + flash.now[:error] = message.html_safe end render :action => 'preview' return @@ -368,7 +369,7 @@ class RequestController < ApplicationController <p>If you write about this request (for example in a forum or a blog) please link to this page, and add an annotation below telling people about your writing.</p>",:law_used_full=>@info_request.law_used_full, :late_number_of_days => Configuration::reply_late_after_days) - redirect_to show_new_request_path(:url_title => @info_request.url_title) + redirect_to show_new_request_url(:url_title => @info_request.url_title) end # Submitted to the describing state of messages form @@ -437,8 +438,8 @@ class RequestController < ApplicationController # Don't give advice on what to do next, as it isn't their request RequestMailer.deliver_old_unclassified_updated(@info_request) if !@info_request.is_external? if session[:request_game] - flash[:notice] = _('Thank you for updating the status of the request \'<a href="{{url}}">{{info_request_title}}</a>\'. There are some more requests below for you to classify.',:info_request_title=>CGI.escapeHTML(@info_request.title), :url=>CGI.escapeHTML(request_url(@info_request))) - redirect_to play_url + flash[:notice] = _('Thank you for updating the status of the request \'<a href="{{url}}">{{info_request_title}}</a>\'. There are some more requests below for you to classify.',:info_request_title=>CGI.escapeHTML(@info_request.title), :url=>CGI.escapeHTML(request_path(@info_request))) + redirect_to categorise_play_url else flash[:notice] = _('Thank you for updating this request!') redirect_to request_url(@info_request) @@ -623,7 +624,7 @@ class RequestController < ApplicationController if !params[:submitted_followup].nil? && !params[:reedit] if @info_request.allow_new_responses_from == 'nobody' - flash[:error] = _('Your follow up has not been sent because this request has been stopped to prevent spam. Please <a href="%s">contact us</a> if you really want to send a follow up message.') % [help_contact_path] + flash[:error] = (_('Your follow up has not been sent because this request has been stopped to prevent spam. Please <a href="%s">contact us</a> if you really want to send a follow up message.') % [help_contact_path]).html_safe else if @info_request.find_existing_outgoing_message(params[:outgoing_message][:body]) flash[:error] = _('You previously submitted that exact follow up message for this request.') @@ -743,6 +744,12 @@ class RequestController < ApplicationController end def get_attachment_as_html + + # The conversion process can generate files in the cache directory that can be served up + # directly by the webserver according to httpd.conf, so don't allow it unless that's OK. + if @files_can_be_cached != true + raise ActiveRecord::RecordNotFound.new("Attachment HTML not found.") + end get_attachment_internal(true) # images made during conversion (e.g. images in PDF files) are put in the cache directory, so @@ -862,22 +869,32 @@ class RequestController < ApplicationController def download_entire_request @locale = self.locale_from_params() PublicBody.with_locale(@locale) do - info_request = InfoRequest.find_by_url_title!(params[:url_title]) + @info_request = InfoRequest.find_by_url_title!(params[:url_title]) + # Test for whole request being hidden or requester-only + if !@info_request.all_can_view? + render :template => 'request/hidden', :status => 410 # gone + return + end if authenticated?( :web => _("To download the zip file"), - :email => _("Then you can download a zip file of {{info_request_title}}.",:info_request_title=>info_request.title), - :email_subject => _("Log in to download a zip file of {{info_request_title}}",:info_request_title=>info_request.title) + :email => _("Then you can download a zip file of {{info_request_title}}.", + :info_request_title=>@info_request.title), + :email_subject => _("Log in to download a zip file of {{info_request_title}}", + :info_request_title=>@info_request.title) ) - updated = Digest::SHA1.hexdigest(info_request.get_last_event.created_at.to_i.to_s + info_request.updated_at.to_i.to_s) - @url_path = "/download/#{updated[0..1]}/#{updated}/#{params[:url_title]}.zip" - file_path = File.expand_path(File.join(File.dirname(__FILE__), '../../cache/zips', @url_path)) + updated = Digest::SHA1.hexdigest(@info_request.get_last_event.created_at.to_i.to_s + @info_request.updated_at.to_i.to_s) + @url_path = File.join("/download", + request_dirs(@info_request), + updated, + "#{params[:url_title]}.zip") + file_path = File.expand_path(File.join(download_zip_dir(), @url_path)) if !File.exists?(file_path) FileUtils.mkdir_p(File.dirname(file_path)) Zip::ZipFile.open(file_path, Zip::ZipFile::CREATE) { |zipfile| convert_command = Configuration::html_to_pdf_command done = false if !convert_command.blank? && File.exists?(convert_command) - url = "http://#{Configuration::domain}#{request_url(info_request)}?print_stylesheet=1" + url = "http://#{Configuration::domain}#{request_path(@info_request)}?print_stylesheet=1" tempfile = Tempfile.new('foihtml2pdf') output = AlaveteliExternalCommand.run(convert_command, url, tempfile.path) if !output.nil? @@ -886,22 +903,21 @@ class RequestController < ApplicationController } done = true else - logger.error("Could not convert info request #{info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'") + logger.error("Could not convert info request #{@info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'") end tempfile.close else logger.warn("No HTML -> PDF converter found at #{convert_command}") end if !done - @info_request = info_request - @info_request_events = info_request.info_request_events + @info_request_events = @info_request.info_request_events template = File.read(File.join(File.dirname(__FILE__), "..", "views", "request", "simple_correspondence.rhtml")) output = ERB.new(template).result(binding) zipfile.get_output_stream("correspondence.txt") { |f| f.puts(output) } end - for message in info_request.incoming_messages + for message in @info_request.incoming_messages attachments = message.get_attachments_for_display for attachment in attachments filename = "#{attachment.url_part_number}_#{attachment.display_filename}" diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb index 38bf51772..e75dac903 100644 --- a/app/controllers/services_controller.rb +++ b/app/controllers/services_controller.rb @@ -15,7 +15,7 @@ class ServicesController < ApplicationController FastGettext.locale = FastGettext.best_locale_in(request.env['HTTP_ACCEPT_LANGUAGE']) if found_country && found_country[:country_name] && found_country[:url] && found_country[:name] text = _("Hello! You can make Freedom of Information requests within {{country_name}} at {{link_to_website}}", - :country_name => found_country[:country_name], :link_to_website => "<a href=\"#{found_country[:url]}\">#{found_country[:name]}</a>") + :country_name => found_country[:country_name], :link_to_website => "<a href=\"#{found_country[:url]}\">#{found_country[:name]}</a>".html_safe) else current_country = WorldFOIWebsites.by_code(iso_country_code)[:country_name] text = _("Hello! We have an <a href=\"/help/alaveteli?country_name=#{CGI.escape(current_country)}\">important message</a> for visitors outside {{country_name}}", :country_name => current_country) @@ -25,7 +25,7 @@ class ServicesController < ApplicationController end end if !text.empty? - text += ' <span class="close-button">X</span>' + text += ' <span class="close-button">X</span>'.html_safe end render :text => text, :content_type => "text/plain" # XXX workaround the HTML validation in test suite end @@ -38,7 +38,7 @@ class ServicesController < ApplicationController :locals => {:name_to => info_request.user_name, :name_from => Configuration::contact_name, :info_request => info_request, :reason => params[:reason], - :info_request_url => 'http://' + Configuration::domain + request_url(info_request), + :info_request_url => 'http://' + Configuration::domain + request_path(info_request), :site_name => site_name} end diff --git a/app/controllers/track_controller.rb b/app/controllers/track_controller.rb index 51e081c88..15da7f327 100644 --- a/app/controllers/track_controller.rb +++ b/app/controllers/track_controller.rb @@ -157,7 +157,7 @@ class TrackController < ApplicationController def atom_feed_internal @xapian_object = perform_search([InfoRequestEvent], @track_thing.track_query, @track_thing.params[:feed_sortby], nil, 25, 1) respond_to do |format| - format.atom { render :template => 'track/atom_feed' } + format.atom { render :template => 'track/atom_feed', :content_type => "application/atom+xml" } format.json { render :json => @xapian_object.results.map { |r| r[:model].json_for_api(true, lambda { |t| @template.highlight_and_excerpt(t, @xapian_object.words_to_highlight, 150) } ) } } diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 4ee527bae..fc8b6e014 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -422,7 +422,7 @@ class UserController < ApplicationController ContactMailer.deliver_user_message( @user, @recipient_user, - main_url(user_url(@user)), + user_url(@user), params[:contact][:subject], params[:contact][:message] ) diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 5c856383b..42f9d30f1 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -35,15 +35,15 @@ module ApplicationHelper end end - error_messages = [] + error_messages = "".html_safe for object in objects object.errors.each do |attr, message| - error_messages << content_tag(:li, message) + error_messages << content_tag(:li, h(message)) end end content_tag(:div, - content_tag(:ul, error_messages.join), + content_tag(:ul, error_messages), html ) else @@ -54,15 +54,12 @@ module ApplicationHelper # Highlight words, also escapes HTML (other than spans that we add) def highlight_words(t, words, html = true) if html - t = h(t) - end - if html - t = highlight(t, words, '<span class="highlight">\1</span>') + highlight(h(t), words, '<span class="highlight">\1</span>').html_safe else - t = highlight(t, words, '*\1*') + highlight(t, words, '*\1*') end - return t end + def highlight_and_excerpt(t, words, excount, html = true) newt = excerpt(t, words[0], excount) if not newt @@ -112,5 +109,12 @@ module ApplicationHelper return "#{exact_date} (#{ago_text})" end + # Note that if the admin interface is proxied via another server, we can't + # rely on a sesssion being shared between the front end and admin interface, + # so need to check the status of the user. + def is_admin? + return !session[:using_admin].nil? || (!@user.nil? && @user.super?) + end + end diff --git a/app/helpers/link_to_helper.rb b/app/helpers/link_to_helper.rb index 994da0e87..15cce39eb 100755 --- a/app/helpers/link_to_helper.rb +++ b/app/helpers/link_to_helper.rb @@ -10,95 +10,105 @@ module LinkToHelper # Links to various models # Requests - def request_url(info_request, extra_params={}) - params = {:url_title => info_request.url_title, :only_path => true} - return show_request_url(params.merge(extra_params)) + def request_url(info_request, options = {}) + show_request_url({:url_title => info_request.url_title}.merge(options)) end - def request_link(info_request, cls=nil ) - link_to h(info_request.title), request_url(info_request), :class => cls + def request_path(info_request, options = {}) + request_url(info_request, {:only_path => true}.merge(options)) end - def request_admin_url(info_request) - return admin_url('request/show/' + info_request.id.to_s) + def request_link(info_request, cls=nil ) + link_to h(info_request.title), request_path(info_request), :class => cls end def request_admin_link(info_request, name="admin", cls=nil) - link_to name, request_admin_url(info_request), :class => cls + link_to name, admin_request_show_url(info_request), :class => cls end def request_both_links(info_request) - link_to(h(info_request.title), main_url(request_url(info_request))) + " (" + link_to("admin", request_admin_url(info_request)) + ")" + link_to(h(info_request.title), request_url(info_request)) + " (" + link_to("admin", admin_request_show_url(info_request)) + ")" end - def request_similar_url(info_request) - return similar_request_url(:url_title => info_request.url_title, :only_path => true) + def request_details_path(info_request) + details_request_path(:url_title => info_request.url_title) end - def request_details_url(info_request) - return details_request_url(:url_title => info_request.url_title, :only_path => true) + # Incoming / outgoing messages + def incoming_message_url(incoming_message, options = {}) + return request_url(incoming_message.info_request, options.merge(:anchor => "incoming-#{incoming_message.id}")) end - # Incoming / outgoing messages - def incoming_message_url(incoming_message) - return request_url(incoming_message.info_request)+"#incoming-"+incoming_message.id.to_s + def incoming_message_path(incoming_message) + incoming_message_url(incoming_message, :only_path => true) + end + + def outgoing_message_url(outgoing_message, options = {}) + return request_path(outgoing_message.info_request, options.merge(:anchor => "outgoing-#{outgoing_message.id}")) + end + + def outgoing_message_path(outgoing_message) + outgoing_message_url(outgoing_message, :only_path => true) end - def outgoing_message_url(outgoing_message) - return request_url(outgoing_message.info_request)+"#outgoing-"+outgoing_message.id.to_s + def comment_url(comment, options = {}) + request_url(comment.info_request, options.merge(:anchor => "comment-#{comment.id}")) end - def comment_url(comment) - return request_url(comment.info_request)+"#comment-"+comment.id.to_s + def comment_path(comment) + comment_url(comment, :only_path => true) end # Respond to request - def respond_to_last_url(info_request) + def respond_to_last_url(info_request, options = {}) last_response = info_request.get_last_response if last_response.nil? - respond_url = show_response_no_followup_url(:id => info_request.id) + show_response_no_followup_url(options.merge(:id => info_request.id)) else - respond_url = show_response_url(:id => info_request.id, :incoming_message_id => last_response.id) + show_response_url(options.merge(:id => info_request.id, :incoming_message_id => last_response.id)) end - return respond_url + end + + def respond_to_last_path(info_request) + respond_to_last_url(info_request, :only_path => true) end # Public bodies - def public_body_url(public_body) - public_body.url_name.nil? ? '' : show_public_body_url(:url_name => public_body.url_name, :only_path => true) + def public_body_url(public_body, options = {}) + public_body.url_name.nil? ? '' : show_public_body_url(options.merge(:url_name => public_body.url_name)) + end + + def public_body_path(public_body) + public_body_url(public_body, :only_path => true) end def public_body_link_short(public_body) - link_to h(public_body.short_or_long_name), public_body_url(public_body) + link_to h(public_body.short_or_long_name), public_body_path(public_body) end def public_body_link(public_body, cls=nil) - link_to h(public_body.name), public_body_url(public_body), :class => cls + link_to h(public_body.name), public_body_path(public_body), :class => cls end def public_body_link_absolute(public_body) # e.g. for in RSS - link_to h(public_body.name), main_url(public_body_url(public_body)) - end - - def public_body_admin_url(public_body) - return admin_url('body/show/' + public_body.id.to_s) + link_to h(public_body.name), public_body_url(public_body) end def public_body_both_links(public_body) - link_to(h(public_body.name), main_url(public_body_url(public_body))) + " (" + link_to("admin", public_body_admin_url(public_body)) + ")" + link_to(h(public_body.name), public_body_url(public_body)) + " (" + link_to("admin", admin_body_show_url(public_body)) + ")" end - def list_public_bodies_default - list_public_bodies_url(:tag => 'all') + # Users + def user_url(user, options = {}) + show_user_url(options.merge(:url_name => user.url_name)) end - # Users - def user_url(user) - return show_user_url(:url_name => user.url_name, :only_path => true) + def user_path(user) + user_url(user, :only_path => true) end def user_link(user, cls=nil) - link_to h(user.name), user_url(user), :class => cls + link_to h(user.name), user_path(user), :class => cls end def user_link_for_request(request, cls=nil) @@ -110,7 +120,7 @@ module LinkToHelper user_name end else - link_to h(request.user.name), user_url(request.user), :class => cls + link_to h(request.user.name), user_path(request.user), :class => cls end end @@ -119,12 +129,16 @@ module LinkToHelper text = external_text ? external_text : (request.external_user_name || _("Anonymous user")) + " (external)" else text = internal_text ? internal_text : request.user.name - link_to(h(text), user_admin_url(request.user)) + link_to(h(text), admin_user_show_url(request.user)) end end def user_link_absolute(user) - link_to h(user.name), main_url(user_url(user)) + link_to h(user.name), user_url(user) + end + + def user_link(user) + link_to h(user.name), user_path(user) end def request_user_link_absolute(request) @@ -135,11 +149,19 @@ module LinkToHelper end end + def request_user_link(request) + if request.is_external? + request.external_user_name || _("Anonymous user") + else + user_link(request.user) + end + end + def user_or_you_link(user) if @user && user == @user - link_to h("you"), user_url(user) + link_to h("you"), user_path(user) else - link_to h(user.name), user_url(user) + link_to h(user.name), user_path(user) end end @@ -152,40 +174,40 @@ module LinkToHelper end def user_or_you_capital_link(user) - link_to user_or_you_capital(user), user_url(user) - end - - def user_admin_url(user) - return admin_url('user/show/' + user.id.to_s) + link_to user_or_you_capital(user), user_path(user) end def user_admin_link(user, name="admin", cls=nil) - link_to name, user_admin_url(user), :class => cls + link_to name, admin_user_show_url(user), :class => cls end def user_both_links(user) - link_to(h(user.name), main_url(user_url(user))) + " (" + link_to("admin", user_admin_url(user)) + ")" + link_to(h(user.name), user_url(user)) + " (" + link_to("admin", admin_user_show_url(user)) + ")" end # Tracks. feed can be 'track' or 'feed' - def do_track_url(track_thing, feed = 'track') + def do_track_url(track_thing, feed = 'track', options = {}) if track_thing.track_type == 'request_updates' - track_request_url(:url_title => track_thing.info_request.url_title, :feed => feed) + track_request_url(options.merge(:url_title => track_thing.info_request.url_title, :feed => feed)) elsif track_thing.track_type == 'all_new_requests' - track_list_url(:view => 'recent', :feed => feed) + track_list_url(options.merge(:view => 'recent', :feed => feed)) elsif track_thing.track_type == 'all_successful_requests' - track_list_url(:view => 'successful', :feed => feed) + track_list_url(options.merge(:view => 'successful', :feed => feed)) elsif track_thing.track_type == 'public_body_updates' - track_public_body_url(:url_name => track_thing.public_body.url_name, :feed => feed) + track_public_body_url(options.merge(:url_name => track_thing.public_body.url_name, :feed => feed)) elsif track_thing.track_type == 'user_updates' - track_user_url(:url_name => track_thing.tracked_user.url_name, :feed => feed) + track_user_url(options.merge(:url_name => track_thing.tracked_user.url_name, :feed => feed)) elsif track_thing.track_type == 'search_query' - track_search_url(:query_array => track_thing.track_query, :feed => feed) + track_search_url(options.merge(:query_array => track_thing.track_query, :feed => feed)) else raise "unknown tracking type " + track_thing.track_type end end + def do_track_path(track_thing, feed = 'track') + do_track_url(track_thing, feed, :only_path => true) + end + # General pages. def search_url(query, params = nil) if query.kind_of?(Array) @@ -213,31 +235,26 @@ module LinkToHelper return url end - def search_link(query, variety_postfix = nil, sort_postfix = nil, advanced = nil) - link_to h(query), search_url(query) - end - # Admin pages - def admin_url(relative_path) - admin_url_prefix = Configuration::admin_base_url - (admin_url_prefix.empty? ? admin_general_index_url + '/' : admin_url_prefix) + relative_path + def search_path(query, options = {}) + search_url(query, options.merge(:only_path => true)) end - # About page URLs - def about_url - return help_general_url(:action => 'about') + def search_link(query) + link_to h(query), search_url(query) end - def unhappy_url(info_request = nil) - if info_request.nil? - return help_general_url(:action => 'unhappy') - else - return help_unhappy_url(:url_title => info_request.url_title) - end + # Deprecated helper + # TODO: Remove in next release + def admin_url(relative_path) + warn "[DEPRECATION] admin_url is deprecated. Please remove it from your theme." + relative_path end - + # Deprecated helper + # TODO: Remove in next release def main_url(relative_path, append = nil) + warn "[DEPRECATION] main_url is deprecated. Please remove it from your theme." url_prefix = "http://" + Configuration::domain url = url_prefix + relative_path if !append.nil? @@ -253,11 +270,26 @@ module LinkToHelper return url end + # About page URLs + def about_url + return help_general_url(:action => 'about') + end + + def unhappy_url(info_request = nil) + if info_request.nil? + return help_general_url(:action => 'unhappy') + else + return help_unhappy_url(:url_title => info_request.url_title) + end + end + # Basic date format def simple_date(date) + date = date.in_time_zone.to_date unless date.is_a? Date + date_format = _("simple_date_format") date_format = :long if date_format == "simple_date_format" - return I18n.l(date.to_date, :format => date_format) + return I18n.l(date, :format => date_format) end def simple_time(date) @@ -267,13 +299,5 @@ module LinkToHelper def year_from_date(date) return date.strftime("%Y").strip end - - #I18n locale switcher - - def locale_switcher(locale, params) - params['locale'] = locale - return url_for(params) - end - end diff --git a/app/models/about_me_validator.rb b/app/models/about_me_validator.rb index 5e04c2761..8ee505ac8 100644 --- a/app/models/about_me_validator.rb +++ b/app/models/about_me_validator.rb @@ -17,10 +17,14 @@ class AboutMeValidator < ActiveRecord::BaseWithoutTable column :about_me, :text, "I...", false - def validate + # TODO: Switch to built in validations + validate :length_of_about_me + + private + + def length_of_about_me if !self.about_me.blank? && self.about_me.size > 500 errors.add(:about_me, _("Please keep it shorter than 500 characters")) end end - end diff --git a/app/models/application_mailer.rb b/app/models/application_mailer.rb index cdb279c3c..1a97a4bf9 100644 --- a/app/models/application_mailer.rb +++ b/app/models/application_mailer.rb @@ -77,6 +77,17 @@ class ApplicationMailer < ActionMailer::Base # and via template_path, which is created from it) in the create! method when # looking for templates. Our modified version looks for templates in the view_paths # in order. + + # It also has a line converting the mail subject to a string. This is because we + # use translated strings in the subject lines, sometimes in conjunction with + # user input, like request titles. The _() function used for translation + # returns an instance of SafeBuffer, which doesn't handle gsub calls in the block form + # with $ variables - https://github.com/rails/rails/issues/1555. + # Unfortunately ActionMailer uses that form in quoted_printable(), which will be + # called if any part of the subject requires quoting. So we convert the subject + # back to a string via to_str() before passing in to create_mail. There is a test + # for this in spec/models/request_mailer_spec.rb + # Changed lines marked with *** # Initialize the mailer via the given +method_name+. The body will be @@ -139,6 +150,9 @@ class ApplicationMailer < ActionMailer::Base # already set. @mime_version ||= "1.0" if !@parts.empty? + # *** Convert into a string + @subject = @subject.to_str if @subject + # build the mail object itself @mail = create_mail end diff --git a/app/models/change_email_validator.rb b/app/models/change_email_validator.rb index 9ef25217d..2ddebb177 100644 --- a/app/models/change_email_validator.rb +++ b/app/models/change_email_validator.rb @@ -28,12 +28,15 @@ class ChangeEmailValidator < ActiveRecord::BaseWithoutTable validates_presence_of :old_email, :message => N_("Please enter your old email address") validates_presence_of :new_email, :message => N_("Please enter your new email address") validates_presence_of :password, :message => N_("Please enter your password"), :unless => :changing_email + validate :password_and_format_of_email def changing_email() self.user_circumstance == 'change_email' end - def validate + private + + def password_and_format_of_email if !self.old_email.blank? && !MySociety::Validate.is_valid_email(self.old_email) errors.add(:old_email, _("Old email doesn't look like a valid address")) end diff --git a/app/models/comment.rb b/app/models/comment.rb index 5507910e2..70f3ba00d 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -24,13 +24,13 @@ class Comment < ActiveRecord::Base strip_attributes! belongs_to :user - #validates_presence_of :user # breaks during construction of new ones :( - - validates_inclusion_of :comment_type, :in => [ 'request' ] belongs_to :info_request - has_many :info_request_events # in practice only ever has one + #validates_presence_of :user # breaks during construction of new ones :( + validates_inclusion_of :comment_type, :in => [ 'request' ] + validate :body_of_comment + def body ret = read_attribute(:body) if ret.nil? @@ -40,6 +40,7 @@ class Comment < ActiveRecord::Base ret = ret.gsub(/(?:\n\s*){2,}/, "\n\n") # remove excess linebreaks that unnecessarily space it out ret end + def raw_body read_attribute(:body) end @@ -52,23 +53,13 @@ class Comment < ActiveRecord::Base end end - # Check have edited comment - def validate - if self.body.empty? || self.body =~ /^\s+$/ - errors.add(:body, _("Please enter your annotation")) - end - if !MySociety::Validate.uses_mixed_capitals(self.body) - errors.add(:body, _('Please write your annotation using a mixture of capital and lower case letters. This makes it easier for others to read.')) - end - end - # Return body for display as HTML def get_body_for_html_display text = self.body.strip text = CGI.escapeHTML(text) text = MySociety::Format.make_clickable(text, :contract => 1) text = text.gsub(/\n/, '<br>') - return text + return text.html_safe end # When posting a new comment, use this to check user hasn't double submitted. @@ -82,9 +73,21 @@ class Comment < ActiveRecord::Base return Comment.find(:first, :conditions => [ "info_request_id = ? and body = ?", info_request_id, body ]) end end - def for_admin_column - self.class.content_columns.each do |column| - yield(column.human_name, self.send(column.name), column.type.to_s, column.name) + + def for_admin_column + self.class.content_columns.each do |column| + yield(column.human_name, self.send(column.name), column.type.to_s, column.name) + end + end + + private + + def body_of_comment + if self.body.empty? || self.body =~ /^\s+$/ + errors.add(:body, _("Please enter your annotation")) + end + if !MySociety::Validate.uses_mixed_capitals(self.body) + errors.add(:body, _('Please write your annotation using a mixture of capital and lower case letters. This makes it easier for others to read.')) + end end - end end diff --git a/app/models/contact_mailer.rb b/app/models/contact_mailer.rb index 16aae2f15..abde64928 100644 --- a/app/models/contact_mailer.rb +++ b/app/models/contact_mailer.rb @@ -7,7 +7,7 @@ class ContactMailer < ApplicationMailer # Send message to administrator - def message(name, email, subject, message, logged_in_user, last_request, last_body) + def to_admin_message(name, email, subject, message, logged_in_user, last_request, last_body) @from = name + " <" + email + ">" @recipients = contact_from_name_and_email @subject = subject diff --git a/app/models/foi_attachment.rb b/app/models/foi_attachment.rb index a40898aef..bba0b6a8d 100644 --- a/app/models/foi_attachment.rb +++ b/app/models/foi_attachment.rb @@ -38,7 +38,7 @@ class FoiAttachment < ActiveRecord::Base BODY_MAX_DELAY = 5 def directory - rails_env = ENV['RAILS_ENV'] + rails_env = Rails.env if rails_env.nil? || rails_env.empty? raise "$RAILS_ENV is not set" end @@ -67,9 +67,22 @@ class FoiAttachment < ActiveRecord::Base file.write d } update_display_size! + encode_cached_body! @cached_body = d end + # If the original mail part had a charset, it's some kind of string, so assume that + # it should be handled as a string in the stated charset, not a bytearray, and then + # convert it our default encoding. For ruby 1.8 this is a noop. + def encode_cached_body! + if RUBY_VERSION.to_f >= 1.9 + if charset + @cached_body.force_encoding(charset) + @cached_body = @cached_body.encode(Encoding.default_internal, charset) + end + end + end + def body if @cached_body.nil? tries = 0 @@ -90,6 +103,7 @@ class FoiAttachment < ActiveRecord::Base self.incoming_message.parse_raw_email!(force) retry end + encode_cached_body! end return @cached_body end @@ -205,7 +219,7 @@ class FoiAttachment < ActiveRecord::Base def ensure_filename! - if self.filename.nil? + if self.filename.blank? calc_ext = AlaveteliFileTypes.mimetype_to_extension(self.content_type) if !calc_ext calc_ext = "bin" @@ -303,38 +317,47 @@ class FoiAttachment < ActiveRecord::Base text = CGI.escapeHTML(text) text = MySociety::Format.make_clickable(text) html = text.gsub(/\n/, '<br>') - return '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" - "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body>' + html + "</body></html>", wrapper_id + return '<!DOCTYPE html><html><head><title></title></head><body>' + html + "</body></html>", wrapper_id end # the extractions will also produce image files, which go in the # current directory, so change to the directory the function caller # wants everything in - Dir.chdir(dir) do - tempfile = Tempfile.new('foiextract', '.') - tempfile.print self.body - tempfile.flush - - html = nil - if self.content_type == 'application/pdf' - # We set a timeout here, because pdftohtml can spiral out of control - # on some PDF files and we don’t want to crash the whole server. - html = AlaveteliExternalCommand.run("pdftohtml", "-nodrm", "-zoom", "1.0", "-stdout", "-enc", "UTF-8", "-noframes", tempfile.path, :timeout => 30) - elsif self.content_type == 'application/rtf' - html = AlaveteliExternalCommand.run("unrtf", "--html", tempfile.path, :timeout => 120) - end - - if html.nil? - if self.has_google_docs_viewer? - html = '' # force error and using Google docs viewer + + html = nil + if ['application/pdf', 'application/rtf'].include?(self.content_type) + text = self.body + Dir.chdir(dir) do + if RUBY_VERSION.to_f >= 1.9 + tempfile = Tempfile.new('foiextract', '.', :encoding => text.encoding) else - raise "No HTML conversion available for type " + self.content_type + tempfile = Tempfile.new('foiextract', '.') end - end + tempfile.print text + tempfile.flush + - tempfile.close - tempfile.delete + if self.content_type == 'application/pdf' + # We set a timeout here, because pdftohtml can spiral out of control + # on some PDF files and we don't want to crash the whole server. + html = AlaveteliExternalCommand.run("pdftohtml", "-nodrm", "-zoom", "1.0", "-stdout", "-enc", "UTF-8", "-noframes", tempfile.path, :timeout => 30) + elsif self.content_type == 'application/rtf' + html = AlaveteliExternalCommand.run("unrtf", "--html", tempfile.path, :timeout => 120) + end + + tempfile.close + tempfile.delete + end end + if html.nil? + if self.has_google_docs_viewer? + html = '' # force error and using Google docs viewer + else + raise "No HTML conversion available for type " + self.content_type + end + end + + # We need to look at: # a) Any error code diff --git a/app/models/incoming_message.rb b/app/models/incoming_message.rb index 5205d0a2d..5c845ead3 100644 --- a/app/models/incoming_message.rb +++ b/app/models/incoming_message.rb @@ -38,14 +38,6 @@ require 'zip/zip' require 'mapi/msg' require 'mapi/convert' -# Monkeypatch! Adding some extra members to store extra info in. -module TMail - class Mail - attr_accessor :url_part_number - attr_accessor :rfc822_attachment # when a whole email message is attached as text - attr_accessor :within_rfc822_attachment # for parts within a message attached as text (for getting subject mainly) - end -end class IncomingMessage < ActiveRecord::Base belongs_to :info_request @@ -70,56 +62,35 @@ class IncomingMessage < ActiveRecord::Base 'application/zip' => 1, } - # Return the structured TMail::Mail object - # Documentation at http://i.loveruby.net/en/projects/tmail/doc/ + # Return a cached structured mail object def mail(force = nil) if (!force.nil? || @mail.nil?) && !self.raw_email.nil? - # Hack round bug in TMail's MIME decoding. - # Report of TMail bug: - # http://rubyforge.org/tracker/index.php?func=detail&aid=21810&group_id=4512&atid=17370 - copy_of_raw_data = self.raw_email.data.gsub(/; boundary=\s+"/im,'; boundary="') - - @mail = TMail::Mail.parse(copy_of_raw_data) - @mail.base64_decode + @mail = MailHandler.mail_from_raw_email(self.raw_email.data) end @mail end - def from_address - self.mail.from_addrs[0].address - end - def empty_from_field? self.mail.from_addrs.nil? || self.mail.from_addrs.size == 0 end def from_email - self.mail.from_addrs[0].spec + MailHandler.get_from_address(self.mail) end def addresses - ((self.mail.to || []) + - (self.mail.cc || []) + - (self.mail.envelope_to || [])).uniq + MailHandler.get_all_addresses(self.mail) end def message_id self.mail.message_id end - # Returns the name of the person the incoming message is from, or nil if - # there isn't one or if there is only an email address. XXX can probably - # remove from_name_if_present (which is a monkey patch) by just calling - # .from_addrs[0].name here instead? - # Return false if for some reason this is a message that we shouldn't let them reply to def _calculate_valid_to_reply_to # check validity of email - if empty_from_field? - return false - end email = self.from_email - if !MySociety::Validate.is_valid_email(email) + if email.nil? || !MySociety::Validate.is_valid_email(email) return false end @@ -129,13 +100,13 @@ class IncomingMessage < ActiveRecord::Base prefix = email prefix =~ /^(.*)@/ prefix = $1 - if !prefix.nil? && prefix.downcase.match(/^(postmaster|mailer-daemon|auto_reply|donotreply|no.reply)$/) + if !prefix.nil? && prefix.downcase.match(/^(postmaster|mailer-daemon|auto_reply|do.?not.?reply|no.reply)$/) return false end - if !self.mail['return-path'].nil? && self.mail['return-path'].addr == "<>" + if MailHandler.empty_return_path?(self.mail) return false end - if !self.mail['auto-submitted'].nil? + if !MailHandler.get_auto_submitted(self.mail).nil? return false end return true @@ -153,13 +124,10 @@ class IncomingMessage < ActiveRecord::Base self.extract_attachments! self.sent_at = self.mail.date || self.created_at self.subject = self.mail.subject - # XXX can probably remove from_name_if_present (which is a - # monkey patch) by just calling .from_addrs[0].name here - # instead? - self.mail_from = self.mail.from_name_if_present - begin + self.mail_from = MailHandler.get_from_name(self.mail) + if self.from_email self.mail_from_domain = PublicBody.extract_domain_from_email(self.from_email) - rescue NoMethodError + else self.mail_from_domain = "" end self.valid_to_reply_to = self._calculate_valid_to_reply_to @@ -205,54 +173,8 @@ class IncomingMessage < ActiveRecord::Base super end - # Number the attachments in depth first tree order, for use in URLs. - # XXX This fills in part.rfc822_attachment and part.url_part_number within - # all the parts of the email (see TMail monkeypatch above for how these - # attributes are added). ensure_parts_counted must be called before using - # the attributes. - def ensure_parts_counted - @count_parts_count = 0 - _count_parts_recursive(self.mail) - # we carry on using these numeric ids for attachments uudecoded from within text parts - @count_first_uudecode_count = @count_parts_count - end - def _count_parts_recursive(part) - if part.multipart? - part.parts.each do |p| - _count_parts_recursive(p) - end - else - part_filename = TMail::Mail.get_part_file_name(part) - begin - if part.content_type == 'message/rfc822' - # An email attached as text - # e.g. http://www.whatdotheyknow.com/request/64/response/102 - part.rfc822_attachment = TMail::Mail.parse(part.body) - elsif part.content_type == 'application/vnd.ms-outlook' || part_filename && AlaveteliFileTypes.filename_to_mimetype(part_filename) == 'application/vnd.ms-outlook' - # An email attached as an Outlook file - # e.g. http://www.whatdotheyknow.com/request/chinese_names_for_british_politi - msg = Mapi::Msg.open(StringIO.new(part.body)) - part.rfc822_attachment = TMail::Mail.parse(msg.to_mime.to_s) - elsif part.content_type == 'application/ms-tnef' - # A set of attachments in a TNEF file - part.rfc822_attachment = TNEF.as_tmail(part.body) - end - rescue - # If attached mail doesn't parse, treat it as text part - part.rfc822_attachment = nil - else - unless part.rfc822_attachment.nil? - _count_parts_recursive(part.rfc822_attachment) - end - end - if part.rfc822_attachment.nil? - @count_parts_count += 1 - part.url_part_number = @count_parts_count - end - end - end # And look up by URL part number to get an attachment - # XXX relies on extract_attachments calling ensure_parts_counted + # XXX relies on extract_attachments calling MailHandler.ensure_parts_counted def self.get_attachment_by_url_part_number(attachments, found_url_part_number) attachments.each do |a| if a.url_part_number == found_url_part_number @@ -362,6 +284,7 @@ class IncomingMessage < ActiveRecord::Base # Lotus notes quoting yeuch! def remove_lotus_quoting(text, replacement = "FOLDED_QUOTED_SECTION") text = text.dup + return text if self.info_request.user_name.nil? name = Regexp.escape(self.info_request.user_name) # To end of message sections @@ -473,105 +396,6 @@ class IncomingMessage < ActiveRecord::Base return text end - # Internal function - def _get_part_file_name(mail) - part_file_name = TMail::Mail.get_part_file_name(mail) - if part_file_name.nil? - return nil - end - part_file_name = part_file_name.dup - return part_file_name - end - - # (This risks losing info if the unchosen alternative is the only one to contain - # useful info, but let's worry about that another time) - def get_attachment_leaves - force = true - return _get_attachment_leaves_recursive(self.mail(force)) - end - def _get_attachment_leaves_recursive(curr_mail, within_rfc822_attachment = nil) - leaves_found = [] - if curr_mail.multipart? - if curr_mail.parts.size == 0 - raise "no parts on multipart mail" - end - - if curr_mail.sub_type == 'alternative' - # Choose best part from alternatives - best_part = nil - # Take the last text/plain one, or else the first one - curr_mail.parts.each do |m| - if not best_part - best_part = m - elsif m.content_type == 'text/plain' - best_part = m - end - end - # Take an HTML one as even higher priority. (They tend - # to render better than text/plain, e.g. don't wrap links here: - # http://www.whatdotheyknow.com/request/amount_and_cost_of_freedom_of_in#incoming-72238 ) - curr_mail.parts.each do |m| - if m.content_type == 'text/html' - best_part = m - end - end - leaves_found += _get_attachment_leaves_recursive(best_part, within_rfc822_attachment) - else - # Add all parts - curr_mail.parts.each do |m| - leaves_found += _get_attachment_leaves_recursive(m, within_rfc822_attachment) - end - end - else - # XXX Yuck. this section alters various content_type's. That puts - # it into conflict with ensure_parts_counted which it has to be - # called both before and after. It will fail with cases of - # attachments of attachments etc. - charset = curr_mail.charset # save this, because overwriting content_type also resets charset - # Don't allow nil content_types - if curr_mail.content_type.nil? - curr_mail.content_type = 'application/octet-stream' - end - # PDFs often come with this mime type, fix it up for view code - if curr_mail.content_type == 'application/octet-stream' - part_file_name = self._get_part_file_name(curr_mail) - calc_mime = AlaveteliFileTypes.filename_and_content_to_mimetype(part_file_name, curr_mail.body) - if calc_mime - curr_mail.content_type = calc_mime - end - end - - # Use standard content types for Word documents etc. - curr_mail.content_type = normalise_content_type(curr_mail.content_type) - if curr_mail.content_type == 'message/rfc822' - ensure_parts_counted # fills in rfc822_attachment variable - if curr_mail.rfc822_attachment.nil? - # Attached mail didn't parse, so treat as text - curr_mail.content_type = 'text/plain' - end - end - if curr_mail.content_type == 'application/vnd.ms-outlook' || curr_mail.content_type == 'application/ms-tnef' - ensure_parts_counted # fills in rfc822_attachment variable - if curr_mail.rfc822_attachment.nil? - # Attached mail didn't parse, so treat as binary - curr_mail.content_type = 'application/octet-stream' - end - end - # If the part is an attachment of email - if curr_mail.content_type == 'message/rfc822' || curr_mail.content_type == 'application/vnd.ms-outlook' || curr_mail.content_type == 'application/ms-tnef' - ensure_parts_counted # fills in rfc822_attachment variable - leaves_found += _get_attachment_leaves_recursive(curr_mail.rfc822_attachment, curr_mail.rfc822_attachment) - else - # Store leaf - curr_mail.within_rfc822_attachment = within_rfc822_attachment - leaves_found += [curr_mail] - end - # restore original charset - curr_mail.charset = charset - end - return leaves_found - end - # Removes anything cached about the object in the database, and saves def clear_in_database_caches! self.cached_attachment_text_clipped = nil @@ -634,7 +458,8 @@ class IncomingMessage < ActiveRecord::Base text = "[ Email has no body, please see attachments ]" source_charset = "utf-8" else - text = part.body # by default, TMail converts to UTF8 in this call + # by default, the body (coming from an foi_attachment) should have been converted to utf-8 + text = part.body source_charset = part.charset if part.content_type == 'text/html' # e.g. http://www.whatdotheyknow.com/request/35/response/177 @@ -642,42 +467,31 @@ class IncomingMessage < ActiveRecord::Base # convert to text routine. Could instead call a # sanitize HTML one. - # If the text isn't UTF8, it means TMail had a problem + # If the text isn't UTF8, it means we had a problem # converting it (invalid characters, etc), and we # should instead tell elinks to respect the source # charset use_charset = "utf-8" - begin - text = Iconv.conv('utf-8', 'utf-8', text) - rescue Iconv::IllegalSequence - use_charset = source_charset - end - text = self.class._get_attachment_text_internal_one_file(part.content_type, text, use_charset) - end - end - - # If TMail can't convert text, it just returns it, so we sanitise it. - begin - # Test if it's good UTF-8 - text = Iconv.conv('utf-8', 'utf-8', text) - rescue Iconv::IllegalSequence - # Text looks like unlabelled nonsense, - # strip out anything that isn't UTF-8 - begin - source_charset = 'utf-8' if source_charset.nil? - text = Iconv.conv('utf-8//IGNORE', source_charset, text) + - _("\n\n[ {{site_name}} note: The above text was badly encoded, and has had strange characters removed. ]", - :site_name => Configuration::site_name) - rescue Iconv::InvalidEncoding, Iconv::IllegalSequence - if source_charset != "utf-8" - source_charset = "utf-8" - retry + if RUBY_VERSION.to_f >= 1.9 + begin + text.encode('utf-8') + rescue Encoding::UndefinedConversionError, Encoding::InvalidByteSequenceError + use_charset = source_charset + end + else + begin + text = Iconv.conv('utf-8', 'utf-8', text) + rescue Iconv::IllegalSequence + use_charset = source_charset + end end + text = MailHandler.get_attachment_text_one_file(part.content_type, text, use_charset) end end + # If text hasn't been converted, we sanitise it. + text = _sanitize_text(text) # Fix DOS style linefeeds to Unix style ones (or other later regexps won't work) - # Needed for e.g. http://www.whatdotheyknow.com/request/60/response/98 text = text.gsub(/\r\n/, "\n") # Compress extra spaces down to save space, and to stop regular expressions @@ -687,6 +501,51 @@ class IncomingMessage < ActiveRecord::Base return text end + + def _sanitize_text(text) + if RUBY_VERSION.to_f >= 1.9 + begin + # Test if it's good UTF-8 + text.encode('utf-8') + rescue Encoding::UndefinedConversionError, Encoding::InvalidByteSequenceError + source_charset = 'utf-8' if source_charset.nil? + # strip out anything that isn't UTF-8 + begin + text = text.encode("utf-8", :invalid => :replace, + :undef => :replace, + :replace => "") + + _("\n\n[ {{site_name}} note: The above text was badly encoded, and has had strange characters removed. ]", + :site_name => MySociety::Config.get('SITE_NAME', 'Alaveteli')) + rescue Encoding::UndefinedConversionError, Encoding::InvalidByteSequenceError + if source_charset != "utf-8" + source_charset = "utf-8" + retry + end + end + end + else + begin + # Test if it's good UTF-8 + text = Iconv.conv('utf-8', 'utf-8', text) + rescue Iconv::IllegalSequence + # Text looks like unlabelled nonsense, + # strip out anything that isn't UTF-8 + begin + source_charset = 'utf-8' if source_charset.nil? + text = Iconv.conv('utf-8//IGNORE', source_charset, text) + + _("\n\n[ {{site_name}} note: The above text was badly encoded, and has had strange characters removed. ]", + :site_name => Configuration::site_name) + rescue Iconv::InvalidEncoding, Iconv::IllegalSequence, Iconv::InvalidCharacter + if source_charset != "utf-8" + source_charset = "utf-8" + retry + end + end + end + end + text + end + # Returns part which contains main body text, or nil if there isn't one def get_main_body_text_part leaves = self.foi_attachments @@ -740,7 +599,7 @@ class IncomingMessage < ActiveRecord::Base filename = uu.match(/^begin\s+[0-9]+\s+(.*)$/)[1] calc_mime = AlaveteliFileTypes.filename_and_content_to_mimetype(filename, content) if calc_mime - calc_mime = normalise_content_type(calc_mime) + calc_mime = MailHandler.normalise_content_type(calc_mime) content_type = calc_mime else content_type = 'application/octet-stream' @@ -769,55 +628,15 @@ class IncomingMessage < ActiveRecord::Base end def extract_attachments! - leaves = get_attachment_leaves # XXX check where else this is called from - # XXX we have to call ensure_parts_counted after get_attachment_leaves - # which is really messy. - ensure_parts_counted + force = true + attachment_attributes = MailHandler.get_attachment_attributes(self.mail(force)) attachments = [] - for leaf in leaves - body = leaf.body - # As leaf.body causes MIME decoding which uses lots of RAM, do garbage collection here - # to prevent excess memory use. XXX not really sure if this helps reduce - # peak RAM use overall. Anyway, maybe there is something better to do than this. - GC.start - if leaf.within_rfc822_attachment - within_rfc822_subject = leaf.within_rfc822_attachment.subject - # Test to see if we are in the first part of the attached - # RFC822 message and it is text, if so add headers. - # XXX should probably use hunting algorithm to find main text part, rather than - # just expect it to be first. This will do for now though. - # Example request that needs this: - # http://www.whatdotheyknow.com/request/2923/response/7013/attach/2/Cycle%20Path%20Bank.txt - if leaf.within_rfc822_attachment == leaf && leaf.content_type == 'text/plain' - headers = "" - for header in [ 'Date', 'Subject', 'From', 'To', 'Cc' ] - if leaf.within_rfc822_attachment.header.include?(header.downcase) - header_value = leaf.within_rfc822_attachment.header[header.downcase] - # Example message which has a blank Date header: - # http://www.whatdotheyknow.com/request/30747/response/80253/attach/html/17/Common%20Purpose%20Advisory%20Group%20Meeting%20Tuesday%202nd%20March.txt.html - if !header_value.blank? - headers = headers + header + ": " + header_value.to_s + "\n" - end - end - end - # XXX call _convert_part_body_to_text here, but need to get charset somehow - # e.g. http://www.whatdotheyknow.com/request/1593/response/3088/attach/4/Freedom%20of%20Information%20request%20-%20car%20oval%20sticker:%20Article%2020,%20Convention%20on%20Road%20Traffic%201949.txt - body = headers + "\n" + body - - # This is quick way of getting all headers, but instead we only add some a) to - # make it more usable, b) as at least one authority accidentally leaked security - # information into a header. - #attachment.body = leaf.within_rfc822_attachment.port.to_s - end - end - hexdigest = Digest::MD5.hexdigest(body) - attachment = self.foi_attachments.find_or_create_by_hexdigest(:hexdigest => hexdigest) - attachment.update_attributes(:url_part_number => leaf.url_part_number, - :content_type => leaf.content_type, - :filename => _get_part_file_name(leaf), - :charset => leaf.charset, - :within_rfc822_subject => within_rfc822_subject, - :body => body) + attachment_attributes.each do |attrs| + attachment = self.foi_attachments.find_or_create_by_hexdigest(:hexdigest => attrs[:hexdigest]) + body = attrs.delete(:body) + attachment.update_attributes(attrs) + # Set the body separately as its handling can depend on the value of charset + attachment.body = body attachment.save! attachments << attachment.id end @@ -827,7 +646,7 @@ class IncomingMessage < ActiveRecord::Base # e.g. for https://secure.mysociety.org/admin/foi/request/show_raw_email/24550 if !main_part.nil? uudecoded_attachments = _uudecode_and_save_attachments(main_part.body) - c = @count_first_uudecode_count + c = self.mail.count_first_uudecode_count for uudecode_attachment in uudecoded_attachments c += 1 uudecode_attachment.url_part_number = c @@ -876,7 +695,7 @@ class IncomingMessage < ActiveRecord::Base text = text.gsub(/\n/, '<br>') text = text.gsub(/(?:<br>\s*){2,}/, '<br><br>') # remove excess linebreaks that unnecessarily space it out - return text + return text.html_safe end @@ -919,101 +738,15 @@ class IncomingMessage < ActiveRecord::Base return self.cached_attachment_text_clipped end - def IncomingMessage._get_attachment_text_internal_one_file(content_type, body, charset = 'utf-8') - # note re. charset: TMail always tries to convert email bodies - # to UTF8 by default, so normally it should already be that. - text = '' - # XXX - tell all these command line tools to return utf-8 - if content_type == 'text/plain' - text += body + "\n\n" - else - tempfile = Tempfile.new('foiextract') - tempfile.print body - tempfile.flush - if content_type == 'application/vnd.ms-word' - AlaveteliExternalCommand.run("wvText", tempfile.path, tempfile.path + ".txt") - # Try catdoc if we get into trouble (e.g. for InfoRequestEvent 2701) - if not File.exists?(tempfile.path + ".txt") - AlaveteliExternalCommand.run("catdoc", tempfile.path, :append_to => text) - else - text += File.read(tempfile.path + ".txt") + "\n\n" - File.unlink(tempfile.path + ".txt") - end - elsif content_type == 'application/rtf' - # catdoc on RTF prodcues less comments and extra bumf than --text option to unrtf - AlaveteliExternalCommand.run("catdoc", tempfile.path, :append_to => text) - elsif content_type == 'text/html' - # lynx wordwraps links in its output, which then don't - # get formatted properly by Alaveteli. We use elinks - # instead, which doesn't do that. - AlaveteliExternalCommand.run("elinks", "-eval", "set document.codepage.assume = \"#{charset}\"", "-eval", "set document.codepage.force_assumed = 1", "-dump-charset", "utf-8", "-force-html", "-dump", - tempfile.path, :append_to => text, :env => {"LANG" => "C"}) - elsif content_type == 'application/vnd.ms-excel' - # Bit crazy using /usr/bin/strings - but xls2csv, xlhtml and - # py_xls2txt only extract text from cells, not from floating - # notes. catdoc may be fooled by weird character sets, but will - # probably do for UK FOI requests. - AlaveteliExternalCommand.run("/usr/bin/strings", tempfile.path, :append_to => text) - elsif content_type == 'application/vnd.ms-powerpoint' - # ppthtml seems to catch more text, but only outputs HTML when - # we want text, so just use catppt for now - AlaveteliExternalCommand.run("catppt", tempfile.path, :append_to => text) - elsif content_type == 'application/pdf' - AlaveteliExternalCommand.run("pdftotext", tempfile.path, "-", :append_to => text) - elsif content_type == 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' - # This is Microsoft's XML office document format. - # Just pull out the main XML file, and strip it of text. - xml = AlaveteliExternalCommand.run("/usr/bin/unzip", "-qq", "-c", tempfile.path, "word/document.xml") - if !xml.nil? - doc = REXML::Document.new(xml) - text += doc.each_element( './/text()' ){}.join(" ") - end - elsif content_type == 'application/zip' - # recurse into zip files - begin - zip_file = Zip::ZipFile.open(tempfile.path) - text += IncomingMessage._get_attachment_text_from_zip_file(zip_file) - zip_file.close() - rescue - $stderr.puts("Error processing zip file: #{$!.inspect}") - end - end - tempfile.close - end - return text - end - def IncomingMessage._get_attachment_text_from_zip_file(zip_file) - text = "" - for entry in zip_file - if entry.file? - filename = entry.to_s - begin - body = entry.get_input_stream.read - rescue - # move to next attachment silently if there were problems - # XXX really should reduce this to specific exceptions? - # e.g. password protected - next - end - calc_mime = AlaveteliFileTypes.filename_to_mimetype(filename) - if calc_mime - content_type = calc_mime - else - content_type = 'application/octet-stream' - end - - text += _get_attachment_text_internal_one_file(content_type, body) - end - end - return text - end def _get_attachment_text_internal # Extract text from each attachment text = '' attachments = self.get_attachments_for_display for attachment in attachments - text += IncomingMessage._get_attachment_text_internal_one_file(attachment.content_type, attachment.body, attachment.charset) + text += MailHandler.get_attachment_text_one_file(attachment.content_type, + attachment.body, + attachment.charset) end # Remove any bad characters text = Iconv.conv('utf-8//IGNORE', 'utf-8', text) @@ -1081,66 +814,12 @@ class IncomingMessage < ActiveRecord::Base return AlaveteliFileTypes.all_extensions.join(" ") end - # Return false if for some reason this is a message that we shouldn't let them reply to - def valid_to_reply_to? - # check validity of email - if empty_from_field? - return false - end - email = self.from_email - if !MySociety::Validate.is_valid_email(email) - return false - end - - # reject postmaster - authorities seem to nearly always not respond to - # email to postmaster, and it tends to only happen after delivery failure. - # likewise Mailer-Daemon, Auto_Reply... - prefix = email - prefix =~ /^(.*)@/ - prefix = $1 - if !prefix.nil? && prefix.downcase.match(/^(postmaster|mailer-daemon|auto_reply|do.?not.?reply|no.reply)$/) - return false + def for_admin_column + self.class.content_columns.each do |column| + yield(column.human_name, self.send(column.name), column.type.to_s, column.name) end - if !self.mail['return-path'].nil? && self.mail['return-path'].addr == "<>" - return false - end - if !self.mail['auto-submitted'].nil? - return false - end - return true end - def normalise_content_type(content_type) - # e.g. http://www.whatdotheyknow.com/request/93/response/250 - if content_type == 'application/excel' or content_type == 'application/msexcel' or content_type == 'application/x-ms-excel' - content_type = 'application/vnd.ms-excel' - end - if content_type == 'application/mspowerpoint' or content_type == 'application/x-ms-powerpoint' - content_type = 'application/vnd.ms-powerpoint' - end - if content_type == 'application/msword' or content_type == 'application/x-ms-word' - content_type = 'application/vnd.ms-word' - end - if content_type == 'application/x-zip-compressed' - content_type = 'application/zip' - end - - # e.g. http://www.whatdotheyknow.com/request/copy_of_current_swessex_scr_opt#incoming-9928 - if content_type == 'application/acrobat' - content_type = 'application/pdf' - end - - return content_type - end - - def for_admin_column - self.class.content_columns.each do |column| - yield(column.human_name, self.send(column.name), column.type.to_s, column.name) - end - end - - private :normalise_content_type - end diff --git a/app/models/info_request.rb b/app/models/info_request.rb index e1885dee6..cee9eb959 100644 --- a/app/models/info_request.rb +++ b/app/models/info_request.rb @@ -138,7 +138,7 @@ class InfoRequest < ActiveRecord::Base if external_user_name.nil? fake_slug = "anonymous" else - fake_slug = external_user_name.parameterize + fake_slug = MySociety::Format.simplify_url_part(external_user_name, 'external_user', 32) end (public_body.url_name || "") + "_" + fake_slug else @@ -275,7 +275,7 @@ public return self.magic_email("request-") end def incoming_name_and_email - return TMail::Address.address_from_name_and_email(self.user_name, self.incoming_email).to_s + return MailHandler.address_from_name_and_email(self.user_name, self.incoming_email) end # Subject lines for emails about the request @@ -284,9 +284,9 @@ public # into some sort of separate jurisdiction dependent file if self.public_body.url_name == 'general_register_office' # without GQ in the subject, you just get an auto response - _('{{law_used_full}} request GQ - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title) + _('{{law_used_full}} request GQ - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title.html_safe) else - _('{{law_used_full}} request - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title) + _('{{law_used_full}} request - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title.html_safe) end end def email_subject_followup(incoming_message = nil) @@ -434,11 +434,11 @@ public elsif self.allow_new_responses_from == 'anybody' allow = true elsif self.allow_new_responses_from == 'authority_only' - if email.from_addrs.nil? || email.from_addrs.size == 0 + sender_email = MailHandler.get_from_address(email) + if sender_email.nil? allow = false reason = _('Only the authority can reply to this request, but there is no "From" address to check against') else - sender_email = email.from_addrs[0].spec sender_domain = PublicBody.extract_domain_from_email(sender_email) reason = _("Only the authority can reply to this request, and I don't recognise the address this reply was sent from") allow = false @@ -707,11 +707,11 @@ public return self.public_body.is_followupable? end def recipient_name_and_email - return TMail::Address.address_from_name_and_email( + return MailHandler.address_from_name_and_email( _("{{law_used}} requests at {{public_body}}", :law_used => self.law_used_short, :public_body => self.public_body.short_or_long_name), - self.recipient_email).to_s + self.recipient_email) end # History of some things that have happened @@ -1124,7 +1124,11 @@ public } if deep - ret[:user] = self.user.json_for_api + if self.user + ret[:user] = self.user.json_for_api + else + ret[:user_name] = self.user_name + end ret[:public_body] = self.public_body.json_for_api ret[:info_request_events] = self.info_request_events.map { |e| e.json_for_api(false) } end diff --git a/app/models/info_request_event.rb b/app/models/info_request_event.rb index 5a8e3416f..09eba31ab 100644 --- a/app/models/info_request_event.rb +++ b/app/models/info_request_event.rb @@ -384,7 +384,7 @@ class InfoRequestEvent < ActiveRecord::Base if prev_addr.nil? || curr_addr.nil? return false end - return TMail::Address.parse(prev_addr).address == TMail::Address.parse(curr_addr).address + return MailHandler.address_from_string(prev_addr) == MailHandler.address_from_string(curr_addr) end def json_for_api(deep, snippet_highlight_proc = nil) diff --git a/app/models/outgoing_mailer.rb b/app/models/outgoing_mailer.rb index 277794c69..503166b8a 100644 --- a/app/models/outgoing_mailer.rb +++ b/app/models/outgoing_mailer.rb @@ -47,7 +47,8 @@ class OutgoingMailer < ApplicationMailer return info_request.recipient_name_and_email else # calling safe_mail_from from so censor rules are run - return TMail::Address.address_from_name_and_email(incoming_message_followup.safe_mail_from, incoming_message_followup.from_email).to_s + return MailHandler.address_from_name_and_email(incoming_message_followup.safe_mail_from, + incoming_message_followup.from_email) end end # Used in the preview of followup diff --git a/app/models/outgoing_message.rb b/app/models/outgoing_message.rb index 2e98e1021..c75894e6a 100644 --- a/app/models/outgoing_message.rb +++ b/app/models/outgoing_message.rb @@ -30,6 +30,7 @@ class OutgoingMessage < ActiveRecord::Base validates_inclusion_of :status, :in => ['ready', 'sent', 'failed'] validates_inclusion_of :message_type, :in => ['initial_request', 'followup' ] #, 'complaint'] + validate :format_of_body belongs_to :incoming_message_followup, :foreign_key => 'incoming_message_followup_id', :class_name => 'IncomingMessage' @@ -136,32 +137,6 @@ class OutgoingMessage < ActiveRecord::Base end end - # Check have edited letter - def validate - if self.body.empty? || self.body =~ /\A#{get_salutation}\s+#{get_signoff}/ || self.body =~ /#{get_internal_review_insert_here_note}/ - if self.message_type == 'followup' - if self.what_doing == 'internal_review' - errors.add(:body, _("Please give details explaining why you want a review")) - else - errors.add(:body, _("Please enter your follow up message")) - end - elsif - errors.add(:body, _("Please enter your letter requesting information")) - else - raise "Message id #{self.id} has type '#{self.message_type}' which validate can't handle" - end - end - if self.body =~ /#{get_signoff}\s*\Z/m - errors.add(:body, _("Please sign at the bottom with your name, or alter the \"%{signoff}\" signature" % { :signoff => get_signoff })) - end - if !MySociety::Validate.uses_mixed_capitals(self.body) - errors.add(:body, _('Please write your message using a mixture of capital and lower case letters. This makes it easier for others to read.')) - end - if self.what_doing.nil? || !['new_information', 'internal_review', 'normal_sort'].include?(self.what_doing) - errors.add(:what_doing_dummy, _('Please choose what sort of reply you are making.')) - end - end - # Deliver outgoing message # Note: You can test this from script/console with, say: # InfoRequest.find(1).outgoing_messages[0].send_message @@ -252,7 +227,7 @@ class OutgoingMessage < ActiveRecord::Base text = MySociety::Format.make_clickable(text, :contract => 1) text.gsub!(/\[(email address|mobile number)\]/, '[<a href="/help/officers#mobiles">\1</a>]') text = text.gsub(/\n/, '<br>') - return text + return text.html_safe end def fully_destroy @@ -275,6 +250,33 @@ class OutgoingMessage < ActiveRecord::Base yield(column.human_name, self.send(column.name), column.type.to_s, column.name) end end + + private + + def format_of_body + if self.body.empty? || self.body =~ /\A#{get_salutation}\s+#{get_signoff}/ || self.body =~ /#{get_internal_review_insert_here_note}/ + if self.message_type == 'followup' + if self.what_doing == 'internal_review' + errors.add(:body, _("Please give details explaining why you want a review")) + else + errors.add(:body, _("Please enter your follow up message")) + end + elsif + errors.add(:body, _("Please enter your letter requesting information")) + else + raise "Message id #{self.id} has type '#{self.message_type}' which validate can't handle" + end + end + if self.body =~ /#{get_signoff}\s*\Z/m + errors.add(:body, _("Please sign at the bottom with your name, or alter the \"%{signoff}\" signature" % { :signoff => get_signoff })) + end + if !MySociety::Validate.uses_mixed_capitals(self.body) + errors.add(:body, _('Please write your message using a mixture of capital and lower case letters. This makes it easier for others to read.')) + end + if self.what_doing.nil? || !['new_information', 'internal_review', 'normal_sort'].include?(self.what_doing) + errors.add(:what_doing_dummy, _('Please choose what sort of reply you are making.')) + end + end end diff --git a/app/models/profile_photo.rb b/app/models/profile_photo.rb index 6e605651d..73d7ca12b 100644 --- a/app/models/profile_photo.rb +++ b/app/models/profile_photo.rb @@ -23,6 +23,8 @@ class ProfilePhoto < ActiveRecord::Base belongs_to :user + validate :data_and_draft_checks + # deliberately don't strip_attributes, so keeps raw photo properly attr_accessor :x, :y, :w, :h @@ -81,7 +83,9 @@ class ProfilePhoto < ActiveRecord::Base end end - def validate + private + + def data_and_draft_checks if self.data.nil? errors.add(:data, N_("Please choose a file containing your photo.")) return diff --git a/app/models/public_body.rb b/app/models/public_body.rb index 57fe27767..168b9f4c7 100644 --- a/app/models/public_body.rb +++ b/app/models/public_body.rb @@ -35,6 +35,8 @@ class PublicBody < ActiveRecord::Base validates_uniqueness_of :short_name, :message => N_("Short name is already taken"), :if => Proc.new { |pb| pb.short_name != "" } validates_uniqueness_of :name, :message => N_("Name is already taken") + validate :request_email_if_requestable + has_many :info_requests, :order => 'created_at desc' has_many :track_things, :order => 'created_at desc' has_many :censor_rules, :order => 'created_at desc' @@ -135,15 +137,6 @@ class PublicBody < ActiveRecord::Base self.first_letter = self.name.scan(/./mu)[0].upcase end - def validate - # Request_email can be blank, meaning we don't have details - if self.is_requestable? - unless MySociety::Validate.is_valid_email(self.request_email) - errors.add(:request_email, "Request email doesn't look like a valid email address") - end - end - end - # If tagged "not_apply", then FOI/EIR no longer applies to authority at all def not_apply? return self.has_tag?('not_apply') @@ -301,7 +294,7 @@ class PublicBody < ActiveRecord::Base ret = ret + " and " end ret = ret + types[-1] - return ret + return ret.html_safe else return _("A public authority") end @@ -520,6 +513,8 @@ class PublicBody < ActiveRecord::Base 'Version', ] public_bodies.each do |public_body| + # Skip bodies we use only for site admin + next if public_body.has_tag?('site_administration') csv << [ public_body.name, public_body.short_name, @@ -640,4 +635,12 @@ class PublicBody < ActiveRecord::Base end end + def request_email_if_requestable + # Request_email can be blank, meaning we don't have details + if self.is_requestable? + unless MySociety::Validate.is_valid_email(self.request_email) + errors.add(:request_email, "Request email doesn't look like a valid email address") + end + end + end end diff --git a/app/models/request_mailer.rb b/app/models/request_mailer.rb index 90c4c6b53..6f8d88a1a 100644 --- a/app/models/request_mailer.rb +++ b/app/models/request_mailer.rb @@ -5,7 +5,11 @@ # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ require 'alaveteli_file_types' - +if Rails.env == 'test' && RUBY_VERSION.to_f >= 1.9 + # Avoid spec/script/mailin_spec.rb running script/runner as a test suite + # http://stackoverflow.com/questions/1899009/why-are-tests-running-in-production-mode-and-causing-my-script-runners-to-fail + Test::Unit.run = true +end class RequestMailer < ApplicationMailer @@ -67,8 +71,8 @@ class RequestMailer < ApplicationMailer @from = user.name_and_email @recipients = contact_from_name_and_email @subject = _("FOI response requires admin ({{reason}}) - {{title}}", :reason => info_request.described_state, :title => info_request.title) - url = main_url(request_url(info_request)) - admin_url = request_admin_url(info_request) + url = request_url(info_request) + admin_url = admin_request_show_url(info_request) @body = {:reported_by => user, :info_request => info_request, :url => url, :admin_url => admin_url } end @@ -76,14 +80,14 @@ class RequestMailer < ApplicationMailer def new_response(info_request, incoming_message) # Don't use login link here, just send actual URL. This is # because people tend to forward these emails amongst themselves. - url = main_url(incoming_message_url(incoming_message)) + url = incoming_message_url(incoming_message) @from = contact_from_name_and_email headers 'Return-Path' => blackhole_email, 'Reply-To' => @from, # not much we can do if the user's email is broken 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("New response to your FOI request - ") + info_request.title + @subject = (_("New response to your FOI request - ") + info_request.title).html_safe @body = { :incoming_message => incoming_message, :info_request => info_request, :url => url } end @@ -102,7 +106,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = user.name_and_email - @subject = _("Delayed response to your FOI request - ") + info_request.title + @subject = (_("Delayed response to your FOI request - ") + info_request.title).html_safe @body = { :info_request => info_request, :url => url } end @@ -121,7 +125,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = user.name_and_email - @subject = _("You're long overdue a response to your FOI request - ") + info_request.title + @subject = (_("You're long overdue a response to your FOI request - ") + info_request.title).html_safe @body = { :info_request => info_request, :url => url } end @@ -131,7 +135,7 @@ class RequestMailer < ApplicationMailer # Make a link going to the form to describe state, and which logs the # user in. post_redirect = PostRedirect.new( - :uri => main_url(request_url(info_request)) + "#describe_state_form_1", + :uri => request_url(info_request) + "#describe_state_form_1", :user_id => info_request.user.id) post_redirect.save! url = confirm_url(:email_token => post_redirect.email_token) @@ -153,7 +157,7 @@ class RequestMailer < ApplicationMailer 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email @subject = _("Someone has updated the status of your request") - url = main_url(request_url(info_request)) + url = request_url(info_request) @body = {:info_request => info_request, :url => url} end @@ -173,7 +177,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("Clarify your FOI request - ") + info_request.title + @subject = (_("Clarify your FOI request - ") + info_request.title).html_safe @body = { :incoming_message => incoming_message, :info_request => info_request, :url => url } end @@ -184,8 +188,8 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("Somebody added a note to your FOI request - ") + info_request.title - @body = { :comment => comment, :info_request => info_request, :url => main_url(comment_url(comment)) } + @subject = (_("Somebody added a note to your FOI request - ") + info_request.title).html_safe + @body = { :comment => comment, :info_request => info_request, :url => comment_url(comment) } end def comment_on_alert_plural(info_request, count, earliest_unalerted_comment) @from = contact_from_name_and_email @@ -193,8 +197,8 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("Some notes have been added to your FOI request - ") + info_request.title - @body = { :count => count, :info_request => info_request, :url => main_url(comment_url(earliest_unalerted_comment)) } + @subject = (_("Some notes have been added to your FOI request - ") + info_request.title).html_safe + @body = { :count => count, :info_request => info_request, :url => comment_url(earliest_unalerted_comment) } end # Class function, called by script/mailin with all incoming responses. @@ -204,15 +208,14 @@ class RequestMailer < ApplicationMailer # # That is because we want to be sure we properly record the actual message # received in its raw form - so any information won't be lost in a round - # trip via TMail, or by bugs in it, and so we can use something other than - # TMail at a later date. And so we can offer an option to download the + # trip via the mail handler, or by bugs in it, and so we can use something + # other than TMail at a later date. And so we can offer an option to download the # actual original mail sent by the authority in the admin interface (so # can check that attachment decoding failures are problems in the message, # not in our code). ] def self.receive(raw_email) logger.info "Received mail:\n #{raw_email}" unless logger.nil? - mail = TMail::Mail.parse(raw_email) - mail.base64_decode + mail = MailHandler.mail_from_raw_email(raw_email) new.receive(mail, raw_email) end diff --git a/app/models/track_mailer.rb b/app/models/track_mailer.rb index 7dfa87f52..51440e4d7 100644 --- a/app/models/track_mailer.rb +++ b/app/models/track_mailer.rb @@ -7,7 +7,7 @@ class TrackMailer < ApplicationMailer def event_digest(user, email_about_things) post_redirect = PostRedirect.new( - :uri => main_url(user_url(user)) + "#email_subscriptions", + :uri => user_url(user) + "#email_subscriptions", :user_id => user.id) post_redirect.save! unsubscribe_url = confirm_url(:email_token => post_redirect.email_token) diff --git a/app/models/track_thing.rb b/app/models/track_thing.rb index 2a61eb858..a0c74bdb6 100644 --- a/app/models/track_thing.rb +++ b/app/models/track_thing.rb @@ -23,6 +23,8 @@ require 'set' +# TODO: TrackThing looks like a good candidate for single table inheritance + class TrackThing < ActiveRecord::Base belongs_to :tracking_user, :class_name => 'User' validates_presence_of :track_query @@ -199,11 +201,12 @@ class TrackThing < ActiveRecord::Base if self.track_type == 'request_updates' @params = { # Website - :list_description => _("'{{link_to_request}}', a request", :link_to_request => "<a href=\"/request/" + CGI.escapeHTML(self.info_request.url_title) + "\">" + CGI.escapeHTML(self.info_request.title) + "</a>"), # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how + :list_description => _("'{{link_to_request}}', a request", + :link_to_request => ("<a href=\"/request/" + CGI.escapeHTML(self.info_request.url_title) + "\">" + CGI.escapeHTML(self.info_request.title) + "</a>").html_safe), # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how :verb_on_page => _("Follow this request"), :verb_on_page_already => _("You are already following this request"), # Email - :title_in_email => _("New updates for the request '{{request_title}}'", :request_title => self.info_request.title), + :title_in_email => _("New updates for the request '{{request_title}}'", :request_title => self.info_request.title.html_safe), :title_in_rss => _("New updates for the request '{{request_title}}'", :request_title => self.info_request.title), # Authentication :web => _("To follow the request '{{request_title}}'", :request_title => CGI.escapeHTML(self.info_request.title)), @@ -250,7 +253,7 @@ class TrackThing < ActiveRecord::Base elsif self.track_type == 'public_body_updates' @params = { # Website - :list_description => _("'{{link_to_authority}}', a public authority", :link_to_authority => "<a href=\"/body/" + CGI.escapeHTML(self.public_body.url_name) + "\">" + CGI.escapeHTML(self.public_body.name) + "</a>"), # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how + :list_description => _("'{{link_to_authority}}', a public authority", :link_to_authority => ("<a href=\"/body/" + CGI.escapeHTML(self.public_body.url_name) + "\">" + CGI.escapeHTML(self.public_body.name) + "</a>").html_safe), # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how :verb_on_page => _("Follow requests to {{public_body_name}}",:public_body_name=>CGI.escapeHTML(self.public_body.name)), :verb_on_page_already => _("You are already following requests to {{public_body_name}}", :public_body_name=>CGI.escapeHTML(self.public_body.name)), # Email @@ -266,11 +269,11 @@ class TrackThing < ActiveRecord::Base elsif self.track_type == 'user_updates' @params = { # Website - :list_description => _("'{{link_to_user}}', a person", :link_to_user => "<a href=\"/user/" + CGI.escapeHTML(self.tracked_user.url_name) + "\">" + CGI.escapeHTML(self.tracked_user.name) + "</a>"), # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how + :list_description => _("'{{link_to_user}}', a person", :link_to_user => ("<a href=\"/user/" + CGI.escapeHTML(self.tracked_user.url_name) + "\">" + CGI.escapeHTML(self.tracked_user.name) + "</a>").html_safe), # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how :verb_on_page => _("Follow this person"), :verb_on_page_already => _("You are already following this person"), # Email - :title_in_email => _("FOI requests by '{{user_name}}'", :user_name=>self.tracked_user.name), + :title_in_email => _("FOI requests by '{{user_name}}'", :user_name=>self.tracked_user.name.html_safe), :title_in_rss => _("FOI requests by '{{user_name}}'", :user_name=>self.tracked_user.name), # Authentication :web => _("To follow requests by '{{user_name}}'", :user_name=>CGI.escapeHTML(self.tracked_user.name)), @@ -282,7 +285,7 @@ class TrackThing < ActiveRecord::Base elsif self.track_type == 'search_query' @params = { # Website - :list_description => "<a href=\"/search/" + CGI.escapeHTML(self.track_query) + "/newest/advanced\">" + self.track_query_description + "</a>", # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how + :list_description => ("<a href=\"/search/" + CGI.escapeHTML(self.track_query) + "/newest/advanced\">" + CGI.escapeHTML(self.track_query_description) + "</a>").html_safe, # XXX yeuch, sometimes I just want to call view helpers from the model, sorry! can't work out how :verb_on_page => _("Follow things matching this search"), :verb_on_page_already => _("You are already following things matching this search"), # Email diff --git a/app/models/user.rb b/app/models/user.rb index 70386f7e4..e6c666e47 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -50,6 +50,8 @@ class User < ActiveRecord::Base 'super', ], :message => N_('Admin level is not included in list') + validate :email_and_name_are_valid + acts_as_xapian :texts => [ :name, :about_me ], :values => [ [ :created_at_numeric, 1, "created_at", :number ] # for sorting @@ -108,15 +110,6 @@ class User < ActiveRecord::Base self.comments.find(:all, :conditions => 'visible') end - def validate - if self.email != "" && !MySociety::Validate.is_valid_email(self.email) - errors.add(:email, _("Please enter a valid email address")) - end - if MySociety::Validate.is_valid_email(self.name) - errors.add(:name, _("Please enter your name, not your email address, in the name field.")) - end - end - # Don't display any leading/trailing spaces # XXX we have strip_attributes! now, so perhaps this can be removed (might # be still needed for existing cases) @@ -203,7 +196,7 @@ class User < ActiveRecord::Base # For use in to/from in email messages def name_and_email - return TMail::Address.address_from_name_and_email(self.name, self.email).to_s + return MailHandler.address_from_name_and_email(self.name, self.email) end # The "internal admin" is a special user for internal use. @@ -361,12 +354,13 @@ class User < ActiveRecord::Base end # Return about me text for display as HTML + # TODO: Move this to a view helper def get_about_me_for_html_display text = self.about_me.strip text = CGI.escapeHTML(text) text = MySociety::Format.make_clickable(text, :contract => 1) text = text.gsub(/\n/, '<br>') - return text + return text.html_safe end def json_for_api @@ -413,6 +407,15 @@ class User < ActiveRecord::Base self.salt = self.object_id.to_s + rand.to_s end + def email_and_name_are_valid + if self.email != "" && !MySociety::Validate.is_valid_email(self.email) + errors.add(:email, _("Please enter a valid email address")) + end + if MySociety::Validate.is_valid_email(self.name) + errors.add(:name, _("Please enter your name, not your email address, in the name field.")) + end + end + ## Class methods def User.encrypted_password(password, salt) string_to_hash = password + salt # XXX need to add a secret here too? diff --git a/app/sass/admin.scss b/app/sass/admin.scss new file mode 100644 index 000000000..584b0d00d --- /dev/null +++ b/app/sass/admin.scss @@ -0,0 +1,112 @@ +/* As we're namespacing bootstrap to class admin, which is applied to the body + element in the admin interface (no id or class allowed on the HTML element + in HTML 4.01) and to the navbar also, so it can be styled with bootstrap + when showing for admin users on the front end, re-apply the bootstrap html + and body styles here. +*/ +html { + font-size: 100%; + -webkit-text-size-adjust: 100%; + -ms-text-size-adjust: 100%; +} + +body.admin { + margin: 0; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + font-size: 14px; + line-height: 20px; + color: #333333; + background-color: white; +} + +/* When the admin stylesheet is loaded (and so the user is seeing the admin navbar), pad the banner of the front end interface so that it isn't hidden, and move any special notice down too. +*/ + +.entirebody, #banner { + padding-top: 50px; +} + +#special-notice { + margin-top: 50px; +} + +.admin { + + @import "compass/css3"; + @import "bootstrap"; + + #main { + padding-top: 50px; + + } + + .form-inline { + display: inline; + } + + table .form { + display: inline-block; + margin: 0; + } + + .accordion-group { + border: none; + } + .accordion-heading { + .btn { + float: left; + margin: 6px 15px; + } + .accordion-toggle { + padding: 2px; + &:hover { + text-decoration: none; + } + } + } + + div.item-detail { + div:nth-child(odd) span { + background-color: #eee; + } + } + + span.label.tag { + margin-right: 2px; + a { + color: white; + } + } + + body.admin blockquote p { + font-size: 13px; + display: inline; + } + + div#user_locale_switcher { + div.btn-group:before, + div.btn-group:after { + display: inline; + } + } + + #request_hidden_user_subject_field { + width: 440px; + } + #request_hidden_user_explanation_field { + width: 100%; + height: 15em; + } + #request_hidden_user_subject, + #request_hide_button, + #request_hidden_user_explanation { + display: none; + } + + #outgoing_message_body, + #comment_body { + width: 750px; + } + +} + diff --git a/app/views/admin_censor_rule/_form.rhtml b/app/views/admin_censor_rule/_form.rhtml index ac43de704..ac84935c5 100644 --- a/app/views/admin_censor_rule/_form.rhtml +++ b/app/views/admin_censor_rule/_form.rhtml @@ -1,40 +1,77 @@ <%= error_messages_for 'censor_rule' %> -<p>Applies to: - <% if !info_request.nil? %> - <%=request_both_links(info_request)%> request - <%= hidden_field 'censor_rule', 'info_request_id', { :value => info_request.id } %> - <% end %> - <% if !user.nil? %> - <%=user_both_links(user)%> user - <%= hidden_field 'censor_rule', 'user_id', { :value => user.id } %> - <% end %> -</p> +<div class="well"> + <%=_("Applies to")%> + <% unless info_request.nil? %> + <%= request_link(info_request)%> + <%= request_admin_link(info_request, "(admin)", "btn btn-info")%> + <%= hidden_field 'censor_rule', 'info_request_id', { :value => info_request.id } %> + <% end %> + <% unless user.nil? %> + <%= user_link(user) %> + <%= user_admin_link(user, "admin", "btn btn-info") %> + <%= hidden_field 'censor_rule', 'user_id', { :value => user.id } %> +<% end %> +</div> -<p><label for="censor_rule_regexp">Is it regexp replacement?</label> (Leave unchecked if you are not sure about this)<br/> -<%= check_box 'censor_rule', 'regexp' %></p> +<div class="control-group"> + <label for="censor_rule_regexp" class="control-label">Is it regexp replacement?</label> + <div class="controls"> + <%= check_box 'censor_rule', 'regexp' %> + <div class="help-block"> + Leave unchecked if you are not sure about this + </div> + </div> +</div> -<p><label for="censor_rule_text">Text</label> (that you want to remove, case sensitive)<br/> -<%= text_field 'censor_rule', 'text', :size => 60 %></p> +<div class="control-group"> + <label for="censor_rule_text" class="control-label">Text</label> + <div class="controls"> + <%= text_field 'censor_rule', 'text', :class => "span3" %> + <div class="help-block"> + that you want to remove, case sensitive + </div> + </div> +</div> -<p><label for="censor_rule_replacement">Replacement</label> (put it in <strong>[square brackets]</strong>, e.g. [personal information removed]. applies to text in emails and HTML conversions of binaries; binaries themselves must stay the same length and the replacement is just a bunch of 'x's)<br/> -<%= text_field 'censor_rule', 'replacement', :size => 60 %></p> +<div class="control-group"> + <label for="censor_rule_replacement" class="control-label">Replacement</label> + <div class="controls"> + <%= text_field 'censor_rule', 'replacement', :class => "span3" %> + <div class="help-block"> + put it in <strong>[square brackets]</strong>, e.g. [personal information removed]. applies to text in emails and HTML conversions of binaries; binaries themselves must stay the same length and the replacement is just a bunch of 'x's + </div> + </div> +</div> -<p><label for="censor_rule_last_edit_comment">Comment for this edit</label> (put purpose of the rule, and why the change)<br/> -<%= text_area 'censor_rule', 'last_edit_comment', :rows => 2, :cols => 60 %></p> - -<p><strong>Warning and notes:</strong> This does replace text in binary files, but for -most formats only in a naive way. It works well on surprisingly many Word documents. Notably -it doesn't even do UCS-2 (unicode sometimes used in Word). There is also special code -which works on some PDFs. Please <strong>carefully check</strong> all attachments have -changed in the way you expect, and haven't become corrupted. -</p> - -<p>You may need to manually rebuild the search index afterwards. You can redact -things by individual request or by user by adding the censor rule from the -appropriate page. If you need to redact across a whole -authority, it will be easy enough to make code changes to add it, so do ask. -</p> -<p><strong>Regexp rules that are hard to process will really slow down request display.</strong> Please only use regexps if you really need to. -</p> +<div class="control-group"> + <label for="censor_rule_last_edit_comment" class="control-label">Comment for this edit</label> + <div class="controls"> + <%= text_area 'censor_rule', 'last_edit_comment', :rows => 2, :class => "span6" %> + <div class="help-block"> + put purpose of the rule, and why the change + </div> + </div> +</div> +<div class="row"> + <div class="span10 offset2"> + <div class="alert alert-info"> + <h3>Warning and notes:</h3> + <p> This does replace text in binary files, but for + most formats only in a naive way. It works well on surprisingly many Word documents. Notably + it doesn't even do UCS-2 (unicode sometimes used in Word). There is also special code + which works on some PDFs. Please <strong>carefully check</strong> all attachments have + changed in the way you expect, and haven't become corrupted. + </p> + <p>You may need to manually rebuild the search index afterwards. You can redact + things by individual request or by user by adding the censor rule from the + appropriate page. If you need to redact across a whole + authority, it will be easy enough to make code changes to add it, so do ask. + </p> + <p> + <strong>Regexp rules that are hard to process will really slow down request display.</strong> Please only use regexps if you really need to. + </p> + </div> + </div> +</div> diff --git a/app/views/admin_censor_rule/_show.rhtml b/app/views/admin_censor_rule/_show.rhtml index 363c3fb6f..baa93e832 100644 --- a/app/views/admin_censor_rule/_show.rhtml +++ b/app/views/admin_censor_rule/_show.rhtml @@ -1,6 +1,6 @@ <% if censor_rules.size > 0 %> - <table> + <table class="table table-condensed"> <tr> <th>Id</th> <% for column in CensorRule.content_columns %> @@ -26,14 +26,10 @@ <% end %> <% if defined? info_request %> - <p> - <%= link_to "New censor rule", '../../censor/new?info_request_id=' + info_request.id.to_s %> (for this request only) - </p> + <%= link_to "New censor rule (for this request only)", "../../censor/new?info_request_id=#{info_request.id}", :class => "btn btn-info" %> <% end %> <% if defined? user %> - <p> - <%= link_to "New censor rule", '../../censor/new?user_id=' + user.id.to_s %> (for all requests by this user) - </p> + <%= link_to "New censor rule", "../../censor/new?user_id=#{user.id}", :class => "btn btn-info" %> <span class="label label-info">for all requests by this user</span> <% end %> diff --git a/app/views/admin_censor_rule/new.rhtml b/app/views/admin_censor_rule/new.rhtml index c6b8cea6a..6cac58b3b 100644 --- a/app/views/admin_censor_rule/new.rhtml +++ b/app/views/admin_censor_rule/new.rhtml @@ -1,9 +1,11 @@ -<% @title = 'New censor rule' %> +<% @title = _('New censor rule') %> <h1><%=@title%></h1> -<% form_tag 'create' do %> +<% form_tag 'create', :class => "form form-horizontal" do %> <%= render :partial => 'form', :locals => { :info_request => @info_request, :user => @user } %> - <p><%= submit_tag "Create" %></p> + <div class="form-actions"> + <%= submit_tag "Create", :class => "btn btn-primary" %> + </div> <% end %> diff --git a/app/views/admin_general/_admin_navbar.rhtml b/app/views/admin_general/_admin_navbar.rhtml index 8b1378917..5cc740f70 100644 --- a/app/views/admin_general/_admin_navbar.rhtml +++ b/app/views/admin_general/_admin_navbar.rhtml @@ -1 +1,22 @@ - +<div class="admin"> + <div class="navbar navbar-fixed-top navbar-inverse"> + <div class="navbar-inner"> + <div class="container"> + <%= link_to 'Alaveteli', frontpage_path, :class => "brand" %> + <div class="nav-collapse"> + <ul class="nav"> + <li><%= link_to 'Summary', admin_general_index_path %></li> + <li><%= link_to 'Timeline', admin_timeline_path %></li> + <li><%= link_to 'Stats', admin_stats_path %></li> + <li><%= link_to 'Debug', admin_debug_path %></li> + <li><%= link_to 'Authorities', admin_body_list_path %></li> + <li><%= link_to 'Requests', admin_request_list_path %></li> + <li><%= link_to 'Users', admin_user_list_path %></li> + <li><%= link_to 'Tracks', admin_track_list_path %></li> + <li><%= link_to 'Log out', signout_path %></li> + </ul> + </div> + </div> + </div> + </div> +</div> diff --git a/app/views/admin_general/admin.coffee b/app/views/admin_general/admin.coffee new file mode 100644 index 000000000..8f9e879ae --- /dev/null +++ b/app/views/admin_general/admin.coffee @@ -0,0 +1,24 @@ +jQuery -> + $('.locales a:first').tab('show') + $('.accordion-body').on('hidden', -> + $(@).prev().find('i').first().removeClass().addClass('icon-chevron-right') + ) + $('.accordion-body').on('shown', -> + $(@).prev().find('i').first().removeClass().addClass('icon-chevron-down')) + $('.toggle-hidden').live('click', -> + $(@).parents('td').find('div:hidden').show() + false) + $('#request_hidden_user_explanation_reasons input').live('click', -> + $('#request_hidden_user_subject, #request_hidden_user_explanation, #request_hide_button').show() + info_request_id = $('#hide_request_form').attr('info_request_id') + reason = $(this).val() + $('#request_hidden_user_explanation_field').attr("value", "[loading default text...]") + $.ajax "/hidden_user_explanation?reason=" + reason + "&info_request_id=" + info_request_id, + type: "GET" + dataType: "text" + error: (data, textStatus, jqXHR) -> + $('#request_hidden_user_explanation_field').attr("value", "Error: #{textStatus}") + success: (data, textStatus, jqXHR) -> + $('#request_hidden_user_explanation_field').attr("value", data) + ) + diff --git a/app/views/admin_general/admin.js b/app/views/admin_general/admin.js new file mode 100644 index 000000000..61382dab3 --- /dev/null +++ b/app/views/admin_general/admin.js @@ -0,0 +1,32 @@ +(function() { + jQuery(function() { + $('.locales a:first').tab('show'); + $('.accordion-body').on('hidden', function() { + return $(this).prev().find('i').first().removeClass().addClass('icon-chevron-right'); + }); + $('.accordion-body').on('shown', function() { + return $(this).prev().find('i').first().removeClass().addClass('icon-chevron-down'); + }); + $('.toggle-hidden').live('click', function() { + $(this).parents('td').find('div:hidden').show(); + return false; + }); + return $('#request_hidden_user_explanation_reasons input').live('click', function() { + var info_request_id, reason; + $('#request_hidden_user_subject, #request_hidden_user_explanation, #request_hide_button').show(); + info_request_id = $('#hide_request_form').attr('info_request_id'); + reason = $(this).val(); + $('#request_hidden_user_explanation_field').attr("value", "[loading default text...]"); + return $.ajax("/hidden_user_explanation?reason=" + reason + "&info_request_id=" + info_request_id, { + type: "GET", + dataType: "text", + error: function(data, textStatus, jqXHR) { + return $('#request_hidden_user_explanation_field').attr("value", "Error: " + textStatus); + }, + success: function(data, textStatus, jqXHR) { + return $('#request_hidden_user_explanation_field').attr("value", data); + } + }); + }); + }); +}).call(this); diff --git a/app/views/admin_general/admin_js.erb b/app/views/admin_general/admin_js.erb new file mode 100644 index 000000000..61382dab3 --- /dev/null +++ b/app/views/admin_general/admin_js.erb @@ -0,0 +1,32 @@ +(function() { + jQuery(function() { + $('.locales a:first').tab('show'); + $('.accordion-body').on('hidden', function() { + return $(this).prev().find('i').first().removeClass().addClass('icon-chevron-right'); + }); + $('.accordion-body').on('shown', function() { + return $(this).prev().find('i').first().removeClass().addClass('icon-chevron-down'); + }); + $('.toggle-hidden').live('click', function() { + $(this).parents('td').find('div:hidden').show(); + return false; + }); + return $('#request_hidden_user_explanation_reasons input').live('click', function() { + var info_request_id, reason; + $('#request_hidden_user_subject, #request_hidden_user_explanation, #request_hide_button').show(); + info_request_id = $('#hide_request_form').attr('info_request_id'); + reason = $(this).val(); + $('#request_hidden_user_explanation_field').attr("value", "[loading default text...]"); + return $.ajax("/hidden_user_explanation?reason=" + reason + "&info_request_id=" + info_request_id, { + type: "GET", + dataType: "text", + error: function(data, textStatus, jqXHR) { + return $('#request_hidden_user_explanation_field').attr("value", "Error: " + textStatus); + }, + success: function(data, textStatus, jqXHR) { + return $('#request_hidden_user_explanation_field').attr("value", data); + } + }); + }); + }); +}).call(this); diff --git a/app/views/admin_general/debug.rhtml b/app/views/admin_general/debug.rhtml index 99488ba0c..7fd256025 100644 --- a/app/views/admin_general/debug.rhtml +++ b/app/views/admin_general/debug.rhtml @@ -2,14 +2,18 @@ <h1><%=@title%></h1> -<p>You are <%= h @admin_current_user %></p> +<p>You are <%= h @http_auth_user %></p> <h2>Version numbers</h2> <p> Alaveteli version: <%= link_to @current_version, @github_origin + @current_version %> <br> -Alaveteli branch: <%= link_to @current_branch, @github_origin + @current_branch %> +<% if @current_branch == "(no branch)" %> + Alaveteli branch: (no branch) +<% else %> + Alaveteli branch: <%= link_to @current_branch, @github_origin + @current_branch %> +<% end %> <br> Alaveteli commit: <%= link_to @current_commit, @github_origin + @current_commit %> <br> @@ -20,8 +24,6 @@ Rails::VERSION::STRING <%=h Rails::VERSION::STRING%> TMail::VERSION::STRING <%=h TMail::VERSION::STRING%> <br> Xapian::version_string <%=h Xapian::version_string%> -<br> -Spec::VERSION::STRING <%=h Spec::VERSION::STRING%> </p> <h2>Configuration</h2> diff --git a/app/views/admin_general/index.rhtml b/app/views/admin_general/index.rhtml index 48bd7f694..74d0f92f8 100644 --- a/app/views/admin_general/index.rhtml +++ b/app/views/admin_general/index.rhtml @@ -1,109 +1,190 @@ <% @title = "Summary" %> -<h1><%=@title%></h1> - -<ul> -<li><%=@public_body_count%> public authorities</li> -<li><%=@info_request_count%> requests, <%=@outgoing_message_count%> outgoing messages, - <%=@incoming_message_count%> incoming messages -</li> -<li><%=@user_count%> users, <%=@track_thing_count%> tracked things</li> -<li><%=@comment_count%> annotations</li> -</ul> - -<hr> - -<h1>Things to do</h1> - -<% if @holding_pen_messages.size > 0 %> - <h3>Put misdelivered responses with the right request (<%=@holding_pen_messages.size%> total)</h3> +<div class="row"> + <div class="span12"> + <h1><%=@title%></h1> <ul> - <% for message in @holding_pen_messages %> - <li> - <% if message.get_body_for_quoting.strip.size == 0 %> - <%= link_to "(no body)", "request/show_raw_email/" + message.raw_email_id.to_s %> - <% else %> - <%= link_to excerpt(message.get_body_for_quoting, "", 60), "request/show_raw_email/" + message.raw_email_id.to_s %> - <% end %> - (<%=simple_date(message.sent_at)%>) - </li> - <% end %> + <li><%=@public_body_count%> public authorities</li> + <li> + <%=@info_request_count%> requests, <%=@outgoing_message_count%> outgoing messages, + <%=@incoming_message_count%> incoming messages + </li> + <li><%=@user_count%> users, <%=@track_thing_count%> tracked things</li> + <li><%=@comment_count%> annotations</li> </ul> + </div> +</div> -<% end %> - -<% if @error_message_requests.size > 0 %> - <h3>Fix these delivery and other errors (<%=@error_message_requests.size%> total)</h3> - - <ul> - <% for @request in @error_message_requests %> - <li> - <%= request_both_links(@request)%> - – <%=simple_date(@request.get_last_event.created_at)%> - </li> - <% end %> - </ul> -<% end %> - -<% if @attention_requests.size > 0 %> - <h3>Review requests which have been marked as requiring your attention by users (<%=@error_message_requests.size%> total)</h3> - - <ul> - <% for @request in @attention_requests %> - <li> - <%= request_both_links(@request)%> - – <%=simple_date(@request.get_last_event.created_at)%> - </li> - <% end %> - </ul> -<% end %> - - -<% if @requires_admin_requests.size > 0 %> - <h3>These require administrator attention (<%=@requires_admin_requests.size%> total)</h3> - - <ul> - <% for @request in @requires_admin_requests %> - <li> - <%= request_both_links(@request)%> - – <%=simple_date(@request.get_last_event.created_at)%> - </li> - <% end %> - </ul> -<% end %> - -<% if @blank_contacts.size > 0 %> - <h3>Find missing FOI email for these public authorities (try phoning!) (<%=@blank_contacts.size%> total)</h3> - <ul> - <% for @blank_contact in @blank_contacts %> - <li> - <%= public_body_both_links(@blank_contact)%> - – <%=simple_date(@blank_contact.updated_at)%> - </li> - <% end %> - </ul> -<% end %> - -<% if @old_unclassified.size > 0 %> - <h3>Classify responses that are still unclassified <%=InfoRequest::OLD_AGE_IN_DAYS.inspect %> after response</h3> - - <ul> - <% for @request in @old_unclassified %> - <li> - <%= request_both_links(@request) %> - – <%=simple_date(@request.get_last_response_event.created_at)%> - </li> - <% end %> - </ul> - - <p>(<%= link_to "Full list", admin_url("unclassified") %>, or play public - <%= link_to "Categorisation game", main_url(play_url(:only_path => true)) %>) - </p> -<% end %> +<hr> -<% if @holding_pen_messages.size == 0 && @old_unclassified.size == 0 && @requires_admin_requests.size == 0 && @blank_contacts.size == 0 %> - <p>No pending administration required.</p> +<div class="row"> + <div class="span12"> + <h1>Things to do</h1> + </div> +</div> + +<div class="accordion" id="things-to-do"> + <% if @holding_pen_messages.size > 0 %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a class="accordion-toggle" href="#holding-pen" data-toggle="collapse" data-parent="things-to-do"><span class="label label-important"><%=@holding_pen_messages.size%></span><i class='icon-chevron-right'></i> Put misdelivered responses with the right request</a> + </div> + <div id="holding-pen" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% for message in @holding_pen_messages %> + <tr> + <td> + <% if message.get_body_for_quoting.strip.size == 0 %> + <%= link_to "(no body)", "request/show_raw_email/" + message.raw_email_id.to_s %> + <% else %> + <%= link_to excerpt(message.get_body_for_quoting, "", 60), "request/show_raw_email/" + message.raw_email_id.to_s %> + <% end %> + </td> + <td class="span2"> + <%=simple_date(message.sent_at)%> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> + <% end %> + + <% if @error_message_requests.size > 0 %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a class="accordion-toggle" href="#error-messages" data-toggle="collapse" data-parent="things-to-do"><span class="label label-important"><%=@error_message_requests.size%></span> <i class='icon-chevron-right'></i>Fix these delivery and other errors</a> + </div> + <div id="error-messages" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% for @request in @error_message_requests %> + <tr> + <td class="link"> + <%= link_to('<i class="icon-tags"></i>'.html_safe, admin_request_show_path(@request))%> + <%= link_to(@request.title, request_path(@request)) %> + </td> + <td class="span2"> + <%=simple_date(@request.get_last_event.created_at)%> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> + <% end %> + + <% if @attention_requests.size > 0 %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a class="accordion-toggle" href="#attention-messages" data-toggle="collapse" data-parent="things-to-do"><span class="label label-important"><%=@attention_requests.size%></span><i class='icon-chevron-right'></i> Review requests marked by users as requiring your attention +</a> + </div> + <div id="attention-messages" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% for @request in @attention_requests %> + <tr> + <td class="link"> + <%= link_to('<i class="icon-tags"></i>'.html_safe, admin_request_show_path(@request))%> + <%= link_to(@request.title, request_path(@request)) %> + </td> + <td class="span2"> + <%=simple_date(@request.get_last_event.created_at)%> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> + <% end %> + + <% if @requires_admin_requests.size > 0 %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a class="accordion-toggle" href="#requires-admin" data-toggle="collapse" data-parent="things-to-do"><span class="label label-important"><%=@requires_admin_requests.size%></span><i class='icon-chevron-right'></i> These require administrator attention</a> + </div> + <div id="requires-admin" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% for @request in @requires_admin_requests %> + <tr> + <td class="link"> + <%= link_to('<i class="icon-tags"></i>'.html_safe, admin_request_show_path(@request))%> + <%= link_to(@request.title, request_path(@request)) %> + </td> + <td class="span2"> + <%=simple_date(@request.get_last_event.created_at)%> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> + <% end %> + + <% if @blank_contacts.size > 0 %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a class="accordion-toggle" href="#blank-contacts" data-toggle="collapse" data-parent="things-to-do"><span class="label label-important"><%=@blank_contacts.size%></span><i class='icon-chevron-right'></i> Find missing FOI email for these public authorities (try phoning!)</a> + </div> + <div id="blank-contacts" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% for @blank_contact in @blank_contacts %> + <tr> + <td class="link"> + <%= link_to('<i class="icon-tags"></i>'.html_safe, admin_body_show_path(@blank_contact))%> + <%= link_to h(@blank_contact.name), public_body_path(@blank_contact) %> + </td> + <td class="span2"> + <%=simple_date(@blank_contact.updated_at)%> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> + <% end %> + + <% if @old_unclassified.size > 0 %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a class="accordion-toggle" href="#unclassified" data-toggle="collapse" data-parent="things-to-do"><span class="label label-important"><%=@old_unclassified.size%></span><i class='icon-chevron-right'></i> Classify responses that are still unclassified <%=InfoRequest::OLD_AGE_IN_DAYS.inspect %> after response</a> + </div> + <div id="unclassified" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% for @request in @old_unclassified %> + <tr> + <td class="link"> + <%= link_to("<i class='icon-tags'></i>".html_safe, admin_request_show_path(@request)) %> + <%= link_to(@request.title, request_path(@request)) %> + </td> + <td class="span2"> + <%=simple_date(@request.get_last_response_event.created_at)%> + </td> + </tr> + <% end %> + </tbody> + + </table> + </div> + </div> + <% end %> +</div> + +<% if @holding_pen_messages.size == 0 && @old_unclassified.size == 0 && @requires_admin_requests.size == 0 && @blank_contacts.size == 0 && @attention_requests.size == 0 %> + <div class="row"> + <div class="span12 alert alert-success"> + No pending administration required. + </div> + </div> <% end %> - - diff --git a/app/views/admin_general/stats.rhtml b/app/views/admin_general/stats.rhtml index b22adb581..27dc25ee0 100644 --- a/app/views/admin_general/stats.rhtml +++ b/app/views/admin_general/stats.rhtml @@ -1,38 +1,60 @@ <% @title = "Statistics" %> - -<h1>Statistics</h1> - -<h2>Chart of requests (excluding backpaged)</h2> - -<p> - <img src="<%= main_url("/foi-live-creation.png")%>"> -</p> - -<h2>State of requests (includes backpaged)</h2> - -<table> -<% for state, count in @request_by_state %> -<tr> <td><%=state %></td><td><%= count %></td> </tr> -<% end %> -</table> - -<h2>Chart of users</h2> - -<p> - <img src="<%= main_url("/foi-user-use.png")%>"> -</p> - -<h2>Tracks by type</h2> - -<table> -<% for state, count in @tracks_by_type %> -<tr> <td><%=state %></td><td><%= count %></td> </tr> -<% end %> -</table> - -<h2>Web analytics</h2> - - -</p> - - +<div class="hero-unit"> + <h2><%=@public_body_count%> public authorities</h2> + <h2><%=@info_request_count%> requests, <%=@outgoing_message_count%> outgoing messages, <%=@incoming_message_count%> incoming messages</h2> + <h2><%=@user_count%> users, <%=@track_thing_count%> tracked things</h2> + <h2><%=@comment_count%> annotations</h2> +</div> + +<div class="row"> + <div class="span12"> + <h1>Statistics</h1> + <h2>Chart of requests (excluding backpaged)</h2> + <img src="/foi-live-creation.png" alt="Chart of requests"> + </div> +</div> +<div class="row"> + <div class="span12"> + <h2>State of requests (includes backpaged)</h2> + <div class="container"> + <% for state, count in @request_by_state %> + <div class="row"> + <div class="span1"> + <span class="label label-info"><%=count%></span> + </div> + <div class="span4"> + <%=state%> + </div> + </div> + <% end %> + </div> + </div> +</div> +<div class="row"> + <div class="span12"> + <h2>Chart of users</h2> + <img src="/foi-user-use.png" alt="Chart of users"> + </div> +</div> +<div class="row"> + <div class="span12"> + <h2>Tracks by type</h2> + <div class="container"> + <% for state, count in @tracks_by_type %> + <div class="row"> + <div class="span1"> + <span class="label label-info"><%=count%></span> + </div> + <div class="span4"> + <%=state%> + </div> + </div> + <% end %> + </div> + </div> +</div> +<div class="row"> + <div class="span12"> + <h2>Web analytics</h2> + </div> +</div> diff --git a/app/views/admin_general/timeline.rhtml b/app/views/admin_general/timeline.rhtml index e84539970..0c5f24279 100644 --- a/app/views/admin_general/timeline.rhtml +++ b/app/views/admin_general/timeline.rhtml @@ -1,14 +1,19 @@ <% @title = "Timeline" %> - -<h1><%=h @events_title%></h1> - -<p> -<a href="?hour=1">Hour</a> -| <a href="?day=1">Day</a> -| <a href="?">2 days</a> -| <a href="?week=1">Week</a> -| <a href="?month=1">Month</a> -| <a href="?all=1">All time</a></p> +<div class="btn-toolbar"> + <div class="btn-group"> + <a class="btn" href="?hour=1">Hour</a> + <a class="btn" href="?day=1">Day</a> + <a class="btn" href="?">2 days</a> + <a class="btn" href="?week=1">Week</a> + <a class="btn" href="?month=1">Month</a> + <a class="btn" href="?all=1">All time</a> + </div> +</div> +<div class="row"> + <div class="span12"> + <h1><%=h @events_title%></h1> + </div> +</div> <% last_date = nil %> <% for event, event_at in @events %> @@ -26,7 +31,9 @@ <%= simple_time(event_at) %> <% if event.is_a? InfoRequestEvent %> - <%= request_both_links(event.info_request) %> + <%= link_to('<i class="icon-tags"></i>'.html_safe, admin_request_show_path(event.info_request), :title => "view full details")%> + <%= link_to(event.info_request.title, request_path(event.info_request), :title => "view request on public website")%> + <% if event.event_type == 'edit' %> was edited by administrator <strong><%=h event.params[:editor] %></strong>. <% for p in ['title', 'prominence', 'described_state', 'awaiting_description'] @@ -72,7 +79,7 @@ <% elsif event.event_type == 'response' %> <% incoming_message = event.incoming_message %> received - <%= link_to 'a response', main_url(incoming_message_url(incoming_message)) %> + <%= link_to 'a response', incoming_message_path(incoming_message) %> from <%=h event.info_request.public_body.name %>. <% elsif event.event_type == 'sent' %> was initially sent to <%=h event.params[:email]%> at <%=h event.info_request.public_body.name %>. @@ -88,12 +95,12 @@ had '<%=event.event_type%>' done to it, parameters <%=h event.params_yaml%>. <% end %> <% else %> - <%= public_body_both_links(event.public_body) %> + <%= link_to('<i class="icon-tags"></i>'.html_safe, admin_body_show_path(event.public_body), :title => "view full details")%> + <%= link_to(event.public_body.name, public_body_path(event.public_body), :title => "view authority on public website")%> was created/updated by administrator <strong><%=h event.last_edit_editor %></strong> <% end %> <% end %> +<%= will_paginate(@events, :class => 'paginator') %> <% if not @events.empty? %> </p> <% end %> -<%= will_paginate(@events) %> - diff --git a/app/views/admin_public_body/_form.rhtml b/app/views/admin_public_body/_form.rhtml index 0d6ae51e2..3f346842c 100644 --- a/app/views/admin_public_body/_form.rhtml +++ b/app/views/admin_public_body/_form.rhtml @@ -3,63 +3,97 @@ <!--[form:public_body]--> <div id="div-locales"> - <ul> - <% for locale in I18n.available_locales do %> - <li><a href="#div-locale-<%=locale.to_s%>"><%=locale_name(locale.to_s)%></a></li> - <% end %> - </ul> - -<% + <ul class="locales nav nav-tabs"> + <% I18n.available_locales.each_with_index do |locale, i| %> + <li><a href="#div-locale-<%=locale.to_s%>" data-toggle="tab" ><%=locale_name(locale.to_s) || _("Default locale")%></a></li> + <% end %> + </ul> + <div class="tab-content"> +<% for locale in I18n.available_locales do if locale==I18n.default_locale # The default locale is submitted as part of the bigger object... prefix = 'public_body' object = @public_body else # ...but additional locales go "on the side" prefix = "public_body[translated_versions][]" - object = @public_body.new_record? ? - PublicBody::Translation.new : + object = @public_body.new_record? ? + PublicBody::Translation.new : @public_body.translation(locale.to_s) || PublicBody::Translation.new end fields_for prefix, object do |t| %> - <div id="div-locale-<%=locale.to_s%>"> + <div class="tab-pane" id="div-locale-<%=locale.to_s%>"> + <div class="control-group"> <%= t.hidden_field :locale, :value => locale.to_s %> - - <p><label for="<%= form_tag_id(t.object_name, :name, locale) %>">Name</label><br/> - <%= t.text_field :name, :size => 60, :id => form_tag_id(t.object_name, :name, locale) %></p> - - <p><label for="<%= form_tag_id(t.object_name, :short_name, locale) %>">Short name <small>(only put in abbreviations which are really used, otherwise leave blank. Short or long name is used in the URL - don't worry about breaking URLs through renaming, as the history is used to redirect)</small></label><br/> - <%= t.text_field :short_name, :size => 60, :id => form_tag_id(t.object_name, :short_name, locale) %></p> - - <p><label for="<%= form_tag_id(t.object_name, :request_email, locale) %>">Request email <small>(set to <strong>blank</strong> (empty string) if can't find an address; these emails are <strong>public</strong> as anyone can view with a CAPTCHA)</small></label><br/> - <%= t.text_field :request_email, :size => 40, :id => form_tag_id(t.object_name, :request_email, locale) %></p> - - <p><label for="<%= form_tag_id(t.object_name, :publication_scheme, locale) %>">Publication scheme URL</label><br/> - <%= t.text_field :publication_scheme, :size => 60, :id => form_tag_id(t.object_name, :publication_scheme, locale) %></p> - - <p><label for="<%= form_tag_id(t.object_name, :disclosure_log, locale) %>">Disclosure log URL</label><br/> - <%= t.text_field :disclosure_log, :size => 60, :id => form_tag_id(t.object_name, :disclosure_log, locale) %></p> - - <p><label for="<%= form_tag_id(t.object_name, :notes, locale) %>">Public notes</label> <small>(HTML, for users to consider when making FOI requests to the authority)</small><br/> - <%= t.text_area :notes, :rows => 3, :cols => 60, :id => form_tag_id(t.object_name, :notes, locale) %></p> + <label for="<%= form_tag_id(t.object_name, :name, locale) %>" class="control-label">Name</label> + <div class="controls"> + <%= t.text_field :name, :id => form_tag_id(t.object_name, :name, locale), :class => "span4" %> + </div> + </div> + <div class="control-group"> + <label for="<%= form_tag_id(t.object_name, :short_name, locale) %>", class="control-label"><%=_("Short name")%></label> + <div class="controls"> + <%= t.text_field :short_name, :id => form_tag_id(t.object_name, :short_name, locale), :class => "span2" %> + <p class="help-block"><%=_("Only put in abbreviations which are really used, otherwise leave blank. Short or long name is used in the URL – don't worry about breaking URLs through renaming, as the history is used to redirect")%></p> + </div> + </div> + <div class="control-group"> + <label for="<%= form_tag_id(t.object_name, :request_email, locale) %>" class="control-label"><%=_("Request email")%></label> + <div class="controls"> + <%= t.text_field :request_email, :id => form_tag_id(t.object_name, :request_email, locale), :class => "span3" %> + <p class="help-block"><%=_("set to <strong>blank</strong> (empty string) if can't find an address; these emails are <strong>public</strong> as anyone can view with a CAPTCHA")%></p> + </div> + </div> + <div class="control-group"> + <label for="<%= form_tag_id(t.object_name, :publication_scheme, locale) %>" class="control-label"><%=_("Publication scheme URL")%></label> + <div class="controls"> + <%= t.text_field :publication_scheme, :size => 60, :id => form_tag_id(t.object_name, :publication_scheme, locale), :class => "span3" %> + </div> + </div> + <div class="control-group"> + <label for="<%= form_tag_id(t.object_name, :disclosure_log, locale) %>" class="control-label"><%=_("Disclosure log URL")%></label> + <div class="controls"> + <%= t.text_field :disclosure_log, :size => 60, :id => form_tag_id(t.object_name, :disclosure_log, locale), :class => "span3" %> + </div> + </div> + <div class="control-group"> + <label for="<%= form_tag_id(t.object_name, :notes, locale) %>" class="control-label"><%=_("Public notes")%></label> + <div class="controls"> + <%= t.text_area :notes, :rows => 3, :id => form_tag_id(t.object_name, :notes, locale), :class => "span6" %> + <p class="help-block"> + HTML, for users to consider when making FOI requests to the authority + </p> + </div> + </div> </div> -<% +<% end - end + end %> + </div> </div> <h3>Common Fields</h3> - -<p><label for="public_body_tag_string">Tags <small>(space separated; see list of tags on the right; also <strong>not_apply</strong> if FOI and EIR no longer apply to authority, <strong>eir_only</strong> if EIR but not FOI applies to authority, <strong>defunct</strong> if the authority no longer exists; charity:NUMBER if a registered charity)</small></label><br/> - -<%= text_field :public_body, :tag_string, :size => 60, :id => 'public_body_tag_string' %></p> - -<p><label for="public_body_home_page">Home page <small>(of whole authority, not just their FOI page; set to <strong>blank</strong> (empty string) to guess it from the email)</small></label><br/> -<%= text_field :public_body, :home_page, :size => 60, :id => 'public_body_home_page' %></p> - -<p><label for="public_body_last_edit_comment"><strong>Comment</strong> for this edit</label> <small>(put URL or other source of new info)</small><br/> -<%= text_area :public_body, :last_edit_comment, :rows => 3, :cols => 60, :id => 'public_body_last_edit_comment' %></p> - +<div class="control-group"> + <label for="public_body_tag_string" class="control-label"><%=_("Tags")%></label> + <div class="controls"> + <%= f.text_field :tag_string, :class => "span4" %> + <p class="help-block">space separated; see list of tags on the right; also <strong>not_apply</strong> if FOI and EIR no longer apply to authority, <strong>eir_only</strong> if EIR but not FOI applies to authority, <strong>defunct</strong> if the authority no longer exists; charity:NUMBER if a registered charity</p> + </div> +</div> +<div class="control-group"> + <label for="public_body_home_page"><%=_("Home page")%></label> + <div class="controls"> + <%= f.text_field :home_page, :class => "span4" %> + <p class="help-block">(of whole authority, not just their FOI page; set to <strong>blank</strong> (empty string) to guess it from the email)</p> + </div> +</div> +<div class="control-group"> + <label for="public_body_last_edit_comment" class="control-label"><strong>Comment</strong> for this edit</label> + <div class="controls"> + <%= f.text_area :last_edit_comment, :rows => 3, :class => "span6" %></p> + <p class="help-block">put URL or other source of new info</p> + </div> +</div> <!--[eoform:public_body]--> diff --git a/app/views/admin_public_body/_one_list.rhtml b/app/views/admin_public_body/_one_list.rhtml index e0d2399d0..c867433a0 100644 --- a/app/views/admin_public_body/_one_list.rhtml +++ b/app/views/admin_public_body/_one_list.rhtml @@ -1,29 +1,44 @@ -<table> - <tr> - <th>Name</th> - <th>Tags</th> - <% for column in PublicBody.content_columns.map { |c| c.human_name } - [ "Name", "Last edit comment" ] %> - <th><%= column %></th> - <% end %> - </tr> -<% for public_body in bodies %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%= public_body_both_links(public_body) %></td> - <td><%= render :partial => 'tags', :locals => { :body => public_body} %></td> - <% for column in PublicBody.content_columns.map { |c| c.name } - [ "name", "last_edit_comment" ] %> - <td><%=h public_body.send(column) %></td> +<div class="accordion" id="bodies"> + <% for public_body in bodies %> + <div class="accordion-group"> + <div class="accordion-heading accordion-toggle row"> + <span class="item-title span6"> + <a href="#body_<%=public_body.id%>" data-toggle="collapse" data-parent="requests"><i class="icon-chevron-right"></i></a> + <%= link_to(public_body.name, admin_body_show_path(public_body), :title => "view full details")%> + </span> + <span class="item-metadata span6"> + <%= render :partial => 'tags', :locals => { :body => public_body} %> + </span> + </div> + <div id="body_<%=public_body.id%>" class="item-detail accordion-body collapse row"> + <% public_body.for_admin_column do |name, value, type| %> + <div> + <span class="span6"> + <b><%=name%></b> + </span> + <span class="span6"> + <% if type == 'datetime' %> + <%= I18n.l(value, :format => "%e %B %Y %H:%M:%S") %> + (<%= _('{{length_of_time}} ago', :length_of_time => time_ago_in_words(value)) %>) + <% else %> + <%= h value %> + <% end %> + </span> + </div> + <% end %> + </div> + </div> <% end %> - </tr> -<% end %> -</table> +</div> -<% form_tag(admin_url("body/mass_tag_add"), :method => "post", :class => "forms_on_one_line" ) do %> +<% form_tag(admin_body_mass_tag_add_url, :method => "post", :class => "form form-inline" ) do %> <p> <%= text_field_tag 'new_tag', params[:new_tag], { :size => 15, :id => "mass_add_tag_new_tag_" + table_name } %> <%= hidden_field_tag(:query, params[:query], { :id => "mass_add_tag_query_" + table_name } ) %> <%= hidden_field_tag(:page, params[:page], { :id => "mass_add_page_" + table_name } ) %> <%= hidden_field_tag(:table_name, table_name, { :id => "mass_add_tag_table_name_" + table_name } ) %> - <%= submit_tag "Add tag to all" %> (in table just above) + <%= submit_tag "Add tag to all", :class => "btn btn-primary" %> + (in table just above) </p> <% end %> diff --git a/app/views/admin_public_body/_tag_help.rhtml b/app/views/admin_public_body/_tag_help.rhtml index 0d0f84dda..b64e65877 100644 --- a/app/views/admin_public_body/_tag_help.rhtml +++ b/app/views/admin_public_body/_tag_help.rhtml @@ -1,18 +1,16 @@ -<div id="tag_help"> - <h2>List of tags</h2> - <% first_row = true %> - <% for row in PublicBodyCategories::get().with_headings() %> - <% if row.instance_of?(Array) %> - <% if row[0] != 'other' %> - <strong><%= row[0] %></strong>=<%= row[1] %> - <br/> - <% end %> - <% elsif row != 'Miscellaneous' %> - <% if not first_row %> - <% else %> - <% first_row = false %> - <% end %> - <h3><%=h row%></h3> +<h2>List of tags</h2> +<% first_row = true %> +<% for row in PublicBodyCategories::get().with_headings() %> + <% if row.instance_of?(Array) %> + <% if row[0] != 'other' %> + <strong><%= row[0] %></strong>=<%= row[1] %> + <br/> <% end %> + <% elsif row != 'Miscellaneous' %> + <% if not first_row %> + <% else %> + <% first_row = false %> + <% end %> + <h3><%=h row%></h3> <% end %> -</div>
\ No newline at end of file +<% end %> diff --git a/app/views/admin_public_body/_tags.rhtml b/app/views/admin_public_body/_tags.rhtml index 85dc942fd..26526f304 100644 --- a/app/views/admin_public_body/_tags.rhtml +++ b/app/views/admin_public_body/_tags.rhtml @@ -1,10 +1,11 @@ <% for t in body.tags %> + <span class="label label-info tag"> <% if t.value %> - <%= link_to(h(t.name), main_url(list_public_bodies_url(:tag => t.name, :only_path => true))) %>:<%= link_to(h(t.value), main_url(list_public_bodies_url(:tag => t.name_and_value, :only_path => true))) %> + <%= link_to(h(t.name), list_public_bodies_path(:tag => t.name)) %>:<%= link_to(h(t.value), list_public_bodies_path(:tag => t.name_and_value)) %> <% else %> - <%= link_to(h(t.name), main_url(list_public_bodies_url(:tag => t.name, :only_path => true))) %> + <%= link_to(h(t.name), list_public_bodies_path(:tag => t.name)) %> <% end %> - (<a href="<%= admin_url('body/list') %>?query=<%= h(t.name)%>">admin</a>) + </span> <% end %> diff --git a/app/views/admin_public_body/edit.rhtml b/app/views/admin_public_body/edit.rhtml index b19477a6b..629f64257 100644 --- a/app/views/admin_public_body/edit.rhtml +++ b/app/views/admin_public_body/edit.rhtml @@ -1,30 +1,34 @@ <h1><%=@title%></h1> -<script type="text/javascript"> - $(function() { - $("#div-locales").tabs(); - }); -</script> - -<%= render :partial => 'tag_help' %> - -<div id="public_body_form"> - <% form_tag '../update/' + @public_body.id.to_s do %> - <%= render :partial => 'form' %> - <p><%= submit_tag 'Save', :accesskey => 's' %></p> - <% end %> +<div class="row"> + <div class="span8"> + <div id="public_body_form"> + <% form_for @public_body, :url => "../update/#{@public_body.id}", :html => { :class => "form form-horizontal" } do |f| %> + <%= render :partial => 'form', :locals => {:f => f} %> + <div class="form-actions"> + <%= f.submit 'Save', :accesskey => 's', :class => "btn btn-success" %></p> + </div> + <% end %> - <p> - <%= link_to 'Show', '../show/' + @public_body.id.to_s %> | - <%= link_to 'List all', '../list' %> - </p> + <div class="row"> + <div class="span8"> + <div class="well"> + <%= link_to 'Show', "../show/#{@public_body.id}", :class => "btn" %> + <%= link_to 'List all', '../list', :class => "btn" %> + </div> + </div> + </div> - <% if @public_body.info_requests.size == 0 %> - <% form_tag('../destroy/' + @public_body.id.to_s) do %> - <p> - <%= hidden_field_tag(:public_body_id, { :value => @public_body.id } ) %> - <%= submit_tag "Destroy " + @public_body.name %> (this is permanent!) - </p> + <% if @public_body.info_requests.empty? %> + <% form_tag("../destroy/#{@public_body.id}", :class => "form form-inline") do %> + <%= hidden_field_tag(:public_body_id, { :value => @public_body.id } ) %> + <%= submit_tag _("Destroy {{name}}", :name => @public_body.name), :class => "btn btn-danger" %> (this is permanent!) <% end %> - <% end %> + <% end %> + </div> + + </div> + <div class="span4"> + <%= render :partial => 'tag_help' %> + </div> </div> diff --git a/app/views/admin_public_body/import_csv.rhtml b/app/views/admin_public_body/import_csv.rhtml index 62908ba52..bfe1b0c3b 100644 --- a/app/views/admin_public_body/import_csv.rhtml +++ b/app/views/admin_public_body/import_csv.rhtml @@ -11,16 +11,16 @@ <% form_tag 'import_csv', :multipart => true do %> <p> - <% if @original_csv_file && @temporary_csv_file %> - CSV file: - <%= @original_csv_file %> - <%= hidden_field_tag :original_csv_file, @original_csv_file %> - <%= hidden_field_tag :temporary_csv_file, @temporary_csv_file %> - <%= link_to 'Clear current file', 'import_csv', :class => "btn btn-warning" %> - <% else %> - <label for="csv_file">CSV file:</label> - <%= file_field_tag :csv_file, :size => 40 %> - <% end %> + <% if @original_csv_file && @temporary_csv_file %> + CSV file: + <%= @original_csv_file %> + <%= hidden_field_tag :original_csv_file, @original_csv_file %> + <%= hidden_field_tag :temporary_csv_file, @temporary_csv_file %> + <%= link_to 'Clear current file', 'import_csv', :class => "btn btn-warning" %> + <% else %> + <label for="csv_file">CSV file:</label> + <%= file_field_tag :csv_file, :size => 40 %> + <% end %> </p> <p> @@ -36,10 +36,11 @@ %> </p> - <p><strong>CSV file format:</strong> A first row with the list of fields, - starting with '#', is optional but highly recommended. The fields 'name' - and 'request_email' are required; additionally, translated values are supported by - adding the locale name to the field name, e.g. 'name.es', 'name.de'... Example: + <p><strong>CSV file format:</strong>The first row should be a list + of fields, starting with '#'. The fields 'name' and + 'request_email' are required; additionally, translated values are + supported by adding the locale name to the field name, + e.g. 'name.es', 'name.de'... Example: </p> <blockquote> @@ -57,7 +58,7 @@ actually altering the database. Choose <strong>upload</strong> to actually make the changes. In either case, you will be shown any errors, or details of the changes. When uploading, any changes since last import will be - overwritten - e.g. email addresses changed back. + overwritten – e.g. email addresses changed back. </p> <p><strong>Note:</strong> The import tag will also be added to the imported bodies diff --git a/app/views/admin_public_body/list.rhtml b/app/views/admin_public_body/list.rhtml index c28060604..b4328bcad 100644 --- a/app/views/admin_public_body/list.rhtml +++ b/app/views/admin_public_body/list.rhtml @@ -1,24 +1,27 @@ <% if @query.nil? %> - <% @title = 'Listing public authorities' %> + <% @title = _('Listing public authorities') %> <% else %> - <% @title = "Listing public authorities matching '" + @query + "'" %> + <% @title = _("Listing public authorities matching '{{query}}'", :query => @query ) %> <% end %> <h1><%=@title%></h1> -<p> +<div class="btn-toolbar"> + <div class="btn-group"> + <%= link_to 'New public authority', 'new', :class => "btn btn-primary" %> + </div> + <div class="btn-group"> + <%= link_to 'Import from CSV file', 'import_csv', :class => "btn btn-warning" %> + </div> +</div> + +<% form_tag({}, :method => "get", :class => "form form-search") do %> + <%= text_field_tag 'query', params[:query], { :size => 30, :class => "input-large search-query" } %> + <%= submit_tag "Search", :class => "btn" %> <% if !@query.nil? %> - <%= link_to 'Show all', 'list' %> | - <% end %> - <%= link_to 'New public authority', 'new' %> - | <%= link_to 'Import from CSV file', 'import_csv' %> -</p> - -<% form_tag("", :method => "get") do %> - <p> - <%= text_field_tag 'query', params[:query], { :size => 30 } %> - <%= submit_tag "Search" %> (substring search in names and emails; exact match of tags) - </p> + <%= link_to 'Show all', 'list', :class => "btn" %> + <% end %><br> + (substring search in names and emails; exact match of tags) <% end %> @@ -32,9 +35,9 @@ <h2>All authorities</h2> <% else %> <h2>Substring search matches (<%= @public_bodies.total_entries %> total)</h2> + <% end %> <%= render :partial => 'one_list', :locals => { :bodies => @public_bodies, :table_name => 'substring' } %> <% end %> -<%= will_paginate(@public_bodies) %> - +<%= will_paginate(@public_bodies, :class => "paginator") %> diff --git a/app/views/admin_public_body/new.rhtml b/app/views/admin_public_body/new.rhtml index 047d5a5bb..e03ebab00 100644 --- a/app/views/admin_public_body/new.rhtml +++ b/app/views/admin_public_body/new.rhtml @@ -1,22 +1,23 @@ <% @title = 'New public authority' %> <h1><%=@title%></h1> - -<script type="text/javascript"> - $(function() { - $("#div-locales").tabs(); - }); -</script> - -<%= render :partial => 'tag_help' %> - -<div id="public_body_form"> - <% form_tag './create/' + @public_body.id.to_s do %> - <%= render :partial => 'form' %> - <p><%= submit_tag "Create" %></p> - <% end %> - - <p> - <%= link_to 'List all', 'list' %> - </p> +<div class="row"> + <div class="span8"> + <div id="public_body_form"> + <% form_for :public_body, @public_body, :url => "create", :html => {:class => "form form-horizontal"} do |f| %> + <%= render :partial => 'form', :locals => {:f => f} %> + <div class="form-actions"> + <%= f.submit "Create", :class => "btn btn-primary" %> + </div> + <% end %> + <div class="row"> + <div class="span8 well"> + <%= link_to _('List all'), 'list' %> + </div> + </div> + </div> + </div> + <div class="span4"> + <%= render :partial => 'tag_help' %> + </div> </div> diff --git a/app/views/admin_public_body/show.rhtml b/app/views/admin_public_body/show.rhtml index 094007c02..c59b90697 100644 --- a/app/views/admin_public_body/show.rhtml +++ b/app/views/admin_public_body/show.rhtml @@ -1,83 +1,89 @@ -<% @title = "Public authority - " + h(@public_body.name) %> +<% @title = _("Public authority – {{name}}", :name => h(@public_body.name)) %> <h1><%=@title%></h1> -<p> -<% - columns = PublicBody.content_columns + [] # force dup - columns.delete_if {|c| ['last_edit_comment'].include?(c.name)} - - for column in columns %> - <b><%= column.human_name %>:</b> - <% if ['home_page', 'publication_scheme', 'disclosure_log'].include? column.name %> - <%= link_to(h(@public_body.send(column.name)), @public_body.send(column.name)) %> - <% elsif column.name == 'request_email' %> - <%= link_to(h(@public_body.send(column.name)), "mailto:#{@public_body.send(column.name)}") %> - <% if !@public_body.is_requestable? %> - (not requestable due to: <%=h @public_body.not_requestable_reason %><% if @public_body.is_followupable? %>; but followupable<% end %>) - <% end %> - <% else %> - <%=h @public_body.send(column.name) %> - <% end %> - <br/> -<% end %> -<b>Calculated home page:</b> -<% if !@public_body.calculated_home_page.nil? %> - <%= link_to(h(@public_body.calculated_home_page), @public_body.calculated_home_page) %> +<table class="table table-striped table-condensed"> + <tbody> + <% @public_body.for_admin_column do |name, value, type, column_name| %> + <tr> + <td> + <b><%=name%></b> + </td> + <td> + <% if ['home_page', 'publication_scheme', 'disclosure_log'].include? column_name %> + <%= link_to(h(value), value) %> + <% elsif column_name == 'request_email' %> + <%= link_to(h(value), "mailto:#{value}") %> + <% unless @public_body.is_requestable? %> + <%=_("not requestable due to: {{reason}}", :reason => h(@public_body.not_requestable_reason))%><% if @public_body.is_followupable? %>; <%=_("but followupable")%><% end %> + <% end %> + <% else %> + <%=h value %> + <% end %> + </td> + </tr> + <% end %> + <tr> + <td> + <b><%=_("Calculated home page")%></b> + </td> + <td> + <% unless @public_body.calculated_home_page.nil? %> + <%= link_to(h(@public_body.calculated_home_page), @public_body.calculated_home_page) %> + <% else %> + <%=_("*unknown*")%> + <% end %> + </td> + </tr> + <tr> + <td> + <b><%=_("Tags")%></b> + </td> + <td> + <%= render :partial => 'tags', :locals => { :body => @public_body} %> + </td> + </tr> + </tbody> +</table> +<%= link_to _("Edit"), "../edit/#{@public_body.id}", :class => "btn btn-primary" %> +<% unless @public_body.url_name.nil? %> + <%=link_to _("Public page"), public_body_path(@public_body), :class => "btn" %> <% else %> - *unknown* + <%=_("Public page not available")%> <% end %> -<br/><b>Tags:</b> <%= render :partial => 'tags', :locals => { :body => @public_body} %> -<br/> -</p> - -<p> - <%= - # url_name can be missing if the name hasn't been set for this locale - if !@public_body.url_name.nil? - link_to 'Public page', main_url(public_body_url(@public_body)) - else - 'Public page not available' - end - %> - | <%= link_to 'Edit', '../edit/' + @public_body.id.to_s %> -</p> - +<hr> <h2>History</h2> -<table border="1"> -<tr> -<th>Updated at</th> -<% - history_columns = PublicBody.content_columns + [] # force dup - history_columns.delete_if {|c| ['created_at', 'updated_at', 'first_letter', 'api_key'].include?(c.name)} - for column in history_columns %> - <th><%= column.human_name %></th> -<% end %> -</tr> <%# There may be an option to versions() to specify order, but I can't find it. TB 2009-03-09 %> -<% for historic_public_body in @public_body.reverse_sorted_versions %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%=h historic_public_body.updated_at %></td> - <% for column in history_columns %> - <% - value = h(historic_public_body.send(column.name)) - if column.name == 'last_edit_comment' - value = historic_public_body.last_edit_comment_for_html_display - end - # Highlight entries which have changed since previous version - changed = (!['version', 'last_edit_editor', 'last_edit_comment'].include?(column.name)) && ((historic_public_body.send(column.name) != @public_body.sorted_versions[historic_public_body.version - 2].send(column.name)) || (historic_public_body.version == 1)) %> - <td <%= changed ? ' class="entry_changed" ': '' %> > - <%=value%> - </td> +<% versions = @public_body.reverse_sorted_versions; versions.each_with_index do |historic_public_body, i| %> + <div class="row"> + <div class="span2"> + <b> + <%= _("Version {{version}}", :version => historic_public_body.version)%> + </b> + </div> + <div class="span4"> + <%= I18n.l(historic_public_body.updated_at, :format => "%e %B %Y %H:%M:%S") %> + (<%= _('{{length_of_time}} ago', :length_of_time => time_ago_in_words(historic_public_body.updated_at)) %>) + </div> + <% if i == versions.length - 1 %> + <div class="span6"> + <%=_("This is the first version.")%> + </div> + <% else %> + <div class="span6"> + <p>“<%= h(historic_public_body.last_edit_comment) %>”</p> + <ul> + <% historic_public_body.compare(versions[i+1]) do |change| %> + <li><%= _("{{thing_changed}} was changed from <code>{{from_value}}</code> to <code>{{to_value}}</code>", :thing_changed => change[:name], :from_value => (change[:from] or "-"), :to_value => (change[:to] or "-")) %></li> + <% end %> + </ul> + </div> <% end %> - </tr> + </div> <% end %> -</table> - +<hr> <h2>Requests</h2> <%= render :partial => 'admin_request/some_requests', :locals => { :info_requests => @public_body.info_requests } %> - +<hr> <h2>Track things</h2> -<%= render :partial => 'admin_track/some_tracks', :locals => { :track_things => @public_body.track_things } %> - - +<%= render :partial => 'admin_track/some_tracks', :locals => { :track_things => @public_body.track_things, :include_destroy => true } %> diff --git a/app/views/admin_request/_incoming_message_actions.rhtml b/app/views/admin_request/_incoming_message_actions.rhtml index 569132861..0ebeb5f9b 100644 --- a/app/views/admin_request/_incoming_message_actions.rhtml +++ b/app/views/admin_request/_incoming_message_actions.rhtml @@ -1,26 +1,45 @@ -<% form_tag '../redeliver_incoming' do %> - <div> - id or url_title of request (or a list of requests, comma-separated): +<fieldset class="form-horizontal"> + <legend>Actions</legend> + <% form_tag '../redeliver_incoming', :class => "form form-inline" do %> + <div class="control-group"> + <label class="control-label" for="url_title_<%= incoming_message.id %>">Redeliver message to one or more other requests</label> + <div class="controls"> <% if @info_requests && @info_requests.size == 1 %> - <%= text_field_tag 'url_title', @info_requests[0].url_title, { :size => 20 } %> + <%= text_field_tag 'url_title', @info_requests[0].url_title, { :size => 20, :id => "url_title_#{incoming_message.id}" } %> <% else %> - <%= text_field_tag 'url_title', "", { :size => 20 } %> + <%= text_field_tag 'url_title', "", { :size => 20, :id => "url_title_#{incoming_message.id}" } %> <% end %> - <%= hidden_field_tag 'redeliver_incoming_message_id', incoming_message.id %> - <%= submit_tag "Redeliver to another request" %> + <%= hidden_field_tag 'redeliver_incoming_message_id', incoming_message.id, :id => nil %> + <%= submit_tag "Redeliver to another request", :class => "btn" %> + <p class="help-block"><code>id</code> or <code>url_title</code>; you can supply more than one, separated by commas</p> </div> -<% end %> - -<p> -<%= link_to 'FOI officer upload URL', '../generate_upload_url/' + incoming_message.info_request.id.to_s + "?incoming_message_id=" + incoming_message.id.to_s %> -</p> + </div> + <% end %> + <div class="control-group"> + <label class="control-label">Generate FOI officer upload URL</label> + <div class="controls"> + <%= link_to 'Generate and take me there', "../generate_upload_url/#{incoming_message.info_request.id}?incoming_message_id=#{incoming_message.id}", :class => "btn" %> + </div> + </div> -<% form_tag '../destroy_incoming' do %> - <div> - <%= hidden_field_tag 'incoming_message_id', incoming_message.id %> - Warning, this is permanent! ---> - <%= submit_tag "Destroy message" %> + <% form_tag '../destroy_incoming', :class => "form form-inline" do %> + <div class="control-group"> + <label class="control-label" for="destroy_message_<%= incoming_message.id %>">Destroy message</label> + <div class="controls"> + <%= hidden_field_tag 'incoming_message_id', incoming_message.id, :id => nil %> + <%= submit_tag "Destroy message", :class => "btn btn-danger", :confirm => "This is permanent! Are you sure?", :id => "destroy_message_#{incoming_message.id}" %> + </div> </div> -<% end %> + <% end %> + <% if @raw_email.nil? %> + <%# we're not on the raw_email page itself %> + <div class="control-group"> + <label class="control-label">Inspect email</label> + <div class="controls"> + <%= link_to "View raw email", "../show_raw_email/#{incoming_message.raw_email_id}", :class => "btn" %> + </div> + </div> + <% end %> +</fieldset> diff --git a/app/views/admin_request/_some_requests.rhtml b/app/views/admin_request/_some_requests.rhtml index dc11e0f55..03a77dd0b 100644 --- a/app/views/admin_request/_some_requests.rhtml +++ b/app/views/admin_request/_some_requests.rhtml @@ -1,31 +1,32 @@ -<table> - <tr> - <th>Title</th> - <th>Authority</th> - <th>User</th> - <% for column in InfoRequest.content_columns.map { |c| c.human_name } - [ "Url title", "Title" ] %> - <th><%= column %></th> +<div class="accordion" id="requests"> + <% for info_request in info_requests %> + <div class="accordion-group"> + <div class="accordion-heading accordion-toggle row"> + <span class="item-title span6"> + <a href="#request_<%=info_request.id%>" data-toggle="collapse" data-parent="requests"><i class="icon-chevron-right"></i></a> + <%= link_to(info_request.title, admin_request_show_path(info_request), :title => "view full details") %> + </span> + <span class="item-metadata span6"> + <%= user_admin_link_for_request(info_request) %> <i class="icon-arrow-right"></i> <%= link_to("#{info_request.public_body.name}", admin_body_show_path(info_request.public_body)) %>, <%= time_ago_in_words(info_request.updated_at) %> ago + </span> + </div> + <div id="request_<%=info_request.id%>" class="item-detail accordion-body collapse row"> + <% info_request.for_admin_column do | name, value, type | %> + <div> + <span class="span6"> + <%= h name %> + </span> + <span class="span6"> + <% if type == 'datetime' %> + <%= I18n.l(value, :format => "%e %B %Y %H:%M:%S") %> + (<%= _('{{length_of_time}} ago', :length_of_time => time_ago_in_words(value)) %>) + <% else %> + <%=h value %> + <% end %> + </span> + </div> + <% end %> + </div> + </div> <% end %> - </tr> - -<% for info_request in info_requests %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%= request_both_links(info_request) %></td> - <td><%= public_body_both_links(info_request.public_body) %></td> - <% if info_request.is_external? %> - <% if info_request.external_user_name.nil? %> - <td><i><%= _("Anonymous user") %></i></td> - <% else %> - <td><%= h(info_request.external_user_name) %></td> - <% end %> - <% else %> - <td><%= user_both_links(info_request.user) %></td> - <% end %> - <% for column in InfoRequest.content_columns.map { |c| c.name } - [ "title", "url_title" ] %> - <td><%=h info_request.send(column) %></td> - <% end %> - </tr> -<% end %> -</table> - - +</div> diff --git a/app/views/admin_request/edit.rhtml b/app/views/admin_request/edit.rhtml index 8fa2a1fe2..11c017aab 100644 --- a/app/views/admin_request/edit.rhtml +++ b/app/views/admin_request/edit.rhtml @@ -22,16 +22,14 @@ </p> <p><label for="info_request_described_state"><strong>Described state</strong></label> - <%= select( 'info_request', "described_state", InfoRequest.enumerate_states ) %>; + <%= select( 'info_request', "described_state", InfoRequest.enumerate_states) %> <label for="info_request_awaiting_description"><strong>Awaiting description</strong></label> - <%= select('info_request', "awaiting_description", [["Yes - needs state updating",true],["No - state is up to date",false]]) %> + <%= select('info_request', "awaiting_description", [["Yes – needs state updating",true],["No – state is up to date",false]]) %> <br/>(don't forget to change 'awaiting description' when you set described state)<br/> </p> - - <p><label for="info_request_comments_allowed"><strong>Are comments allowed?</strong></label> - <%= select('info_request', "comments_allowed", [["Yes – comments allowed", true], ["No – comments disabled", false]]) %> - </p> - + <p><label for="info_request_comments_allowed"><strong>Are comments allowed?</strong></label> + <%= select('info_request', "comments_allowed", [["Yes – comments allowed", true], ["No – comments disabled", false]]) %> + </p> <p><label for="info_request_tag_string"><strong>Tags</strong> <small>(space separated, can use key:value)</small></label><br/> <%= text_field 'info_request', 'tag_string', :size => 60 %></p> diff --git a/app/views/admin_request/edit_comment.rhtml b/app/views/admin_request/edit_comment.rhtml index ee43e849a..a79c096e3 100644 --- a/app/views/admin_request/edit_comment.rhtml +++ b/app/views/admin_request/edit_comment.rhtml @@ -8,7 +8,7 @@ <%= text_area 'comment', 'body', :rows => 10, :cols => 60 %></p> <p><label for="comment_visible">Visible</label> - <%= select('comment', "visible", [["Yes - show comment",true],["No - hide comment",false]]) %> + <%= select('comment', "visible", [["Yes – show comment",true],["No – hide comment",false]]) %> </p> diff --git a/app/views/admin_request/hidden_user_explanation.rhtml b/app/views/admin_request/hidden_user_explanation.rhtml index 64387ffee..7084e986f 100644 --- a/app/views/admin_request/hidden_user_explanation.rhtml +++ b/app/views/admin_request/hidden_user_explanation.rhtml @@ -1,9 +1,10 @@ Dear <%= name_to %>, -Your request '<%= info_request.title %>' at <%= info_request_url %> has been reviewed by moderators. +Your request '<%= info_request.title.html_safe %>' at <%= info_request_url %> has been reviewed by moderators. We consider it <% if reason == 'not_foi' %>is not a valid FOI request<% else %>to be vexatious<% end%>, and have therefore hidden it from other users. You will still be able to view it while logged in to the site. Please reply to this email if you would like to discuss this decision further. Yours, The <%= site_name %> team. + diff --git a/app/views/admin_request/list.rhtml b/app/views/admin_request/list.rhtml index cb328543e..10b39d3a2 100644 --- a/app/views/admin_request/list.rhtml +++ b/app/views/admin_request/list.rhtml @@ -1,15 +1,13 @@ -<% @title = 'Listing FOI/EIR requests' %> +<% @title = _("Listing FOI requests") %> <h1><%=@title%></h1> -<% form_tag("", :method => "get") do %> - <p> - <%= text_field_tag 'query', params[:query], { :size => 30 } %> - <%= submit_tag "Search" %> (substring search, titles only) - </p> +<% form_tag({}, :method => "get", :class => "form form-search") do %> + <%= text_field_tag 'query', params[:query], { :size => 30, :class => "input-large search-query" } %> + <%= submit_tag "Search", :class => "btn" %> (substring search, titles only) <% end %> <%= render :partial => 'some_requests', :locals => { :info_requests => @info_requests } %> -<%= will_paginate(@info_requests) %> +<%= will_paginate(@info_requests, :class => "paginator") %> diff --git a/app/views/admin_request/list_old_unclassified.rhtml b/app/views/admin_request/list_old_unclassified.rhtml index 2e75c2174..2bdfcf7f4 100644 --- a/app/views/admin_request/list_old_unclassified.rhtml +++ b/app/views/admin_request/list_old_unclassified.rhtml @@ -11,6 +11,5 @@ </li> <% end %> </ul> -<%= will_paginate(@info_requests) %> - +<%= will_paginate(@info_requests, :class => "paginator") %> diff --git a/app/views/admin_request/show.rhtml b/app/views/admin_request/show.rhtml index 2541fd323..72552a588 100644 --- a/app/views/admin_request/show.rhtml +++ b/app/views/admin_request/show.rhtml @@ -1,230 +1,390 @@ -<% @title = "FOI request - " + h(@info_request.title) %> -<%= javascript_include_tag :defaults %> +<% @title = _("FOI request – {{title}}", :title => h(@info_request.title)) %> <h1><%=@title%></h1> -<% form_tag '../move_request', { :class => "inline" } do %> -<p> -<%= hidden_field_tag 'info_request_id', @info_request.id %> -<% for column in InfoRequest.content_columns %> - <strong><%= column.human_name %>:</strong> <%=h @info_request.send(column.name) %> - <% if column.name == 'described_state' %> - <strong>Calculated status:</strong> <%= @info_request.calculate_status %> - <br/><strong>Initial request last sent at:</strong> <%=@info_request.date_initial_request_last_sent_at.to_date %> - <strong>Date response required by:</strong> <%= @info_request.date_response_required_by %> - <strong>Very overdue after:</strong> <%= @info_request.date_very_overdue_after %> - <% end %> - <% if ![ 'allow_new_responses_from' ].include?(column.name) %> - <br/> - <% end %> -<% end %> - <strong>Created by:</strong> - <% if @info_request.is_external? %> - <%= @info_request.public_body.name %> on behalf of <%= (@info_request.user_name || _('an anonymous user'))%> (using API) - <% else %> - <%= user_both_links(@info_request.user) %> - <% end %> - - <span> - <span> - (<%= link_to_function("move...", "$(this).up(1).childElements().invoke('toggle')") %>) - </span> - <span style="display:none;"> - <strong>url_name of new user:</strong> - <%= text_field_tag 'user_url_name', "", { :size => 20 } %> - <%= submit_tag "Move request to user" %> - </span> - </span> - <br> -<strong>Public authority:</strong> <%= public_body_both_links(@info_request.public_body) %> - <span> - <span> - (<%= link_to_function("move...", "$(this).up(1).childElements().invoke('toggle')") %>) - </span> - <span style="display:none;"> - <strong>url_name of new authority:</strong> - <%= text_field_tag 'public_body_url_name', "", { :size => 20 } %> - <%= submit_tag "Move request to authority" %> - </span> - </span> - <br> -<strong>Incoming email address:</strong> <%= link_to h(@info_request.incoming_email), "mailto:" + @info_request.incoming_email %> <br> -<b>Tags:</b> <%= render :partial => 'tags', :locals => { :info_request => @info_request} %> <br> -</p> +<% form_tag '../move_request', { :class => "form form-horizontal" } do %> + <%= hidden_field_tag 'info_request_id', @info_request.id %> + <div class="accordion" id="info_request"> + <div class="accordion-group"> + <div class="accordion-heading"> + <span class="item-title"> + <a href="#metadata_<%=@info_request.id%>" data-toggle="collapse" data-parent="#info_request"><i class="icon-chevron-down"></i></a>Request metadata + </span> + </div> + <div id="metadata_<%=@info_request.id%>" class="accordion-body collapse in"> + <table class="table table-striped table-condensed"> + <thead> + <tr> + <td colspan="2"> + <%= link_to 'Edit metadata', '../edit/' + @info_request.id.to_s, :class => "btn" %> + </td> + </tr> + </thead> + <tbody> + <tr> + <th>Public page:</th> + <td><%= link_to request_url(@info_request), request_path(@info_request) %></td> + </tr> + <% @info_request.for_admin_column do |name, value, type, column_name|%> + <tr> + <td> + <b><%= name %>:</b> + </td> + <td> + <% if type == 'datetime' %> + <%= I18n.l(value, :format => "%e %B %Y %H:%M:%S") %> + (<%= _('{{length_of_time}} ago', :length_of_time => time_ago_in_words(value)) %>) + <% else %> + <%= h value %> + <% end %> + <% if column_name == 'described_state' %> + <ul> + <li><strong>Initial request last sent at:</strong> <%= @info_request.calculate_status %></li> + <li><strong>Initial request last sent at:</strong> <%=@info_request.date_initial_request_last_sent_at.to_date %></li> + <li><strong>Date response required by:</strong> <%= @info_request.date_response_required_by %></li> + <li><strong>Very overdue after:</strong> <%= @info_request.date_very_overdue_after %></li> + </ul> + <% end %> + </td> + </tr> + <% end %> + <tr> + <td> + <b>Created by</b> + </td> + <td> + <% if @info_request.is_external? %> + <%= link_to("<i class='icon-eye-open'></i>".html_safe, @info_request.external_url, :title => "view URL of original request on external website") %> + <%= @info_request.public_body.name %> on behalf of <%= (@info_request.user_name || _('an anonymous user'))%> (using API) + <% else %> + <%= link_to("<i class='icon-eye-open'></i>".html_safe, user_path(@info_request.user), :title => "view user's page on public website") %> + <%= user_admin_link_for_request(@info_request) %> + <%= link_to _("move..."), "#", :class => "btn btn-mini btn-warning toggle-hidden" %> + <div style="display:none;"> + <strong>url_name of new user:</strong> + <%= text_field_tag 'user_url_name', "", { :size => 20 } %> + <%= submit_tag "Move request to user", :class => "btn btn-info" %> + </div> + <% end %> + </td> + </tr> + <tr> + <td> + <b>Public authority:</b> + </td> + <td> + <%= link_to("<i class='icon-eye-open'></i>".html_safe, public_body_path(@info_request.public_body), :title => "view authority on public website") %> + <%= link_to(@info_request.public_body.name, admin_body_show_path(@info_request.public_body)) %> + <%= link_to "move...", "#", :class => "btn btn-mini btn-warning toggle-hidden" %> + <div style="display:none;"> + <strong>url_name of new authority:</strong> + <%= text_field_tag 'public_body_url_name', "", { :size => 20 } %> + <%= submit_tag "Move request to authority", :class => "btn btn-info" %> + </div> + </td> + </tr> + <tr> + <td> + <b><%=_("Incoming email address")%></b> + </td> + <td> + <%= link_to h(@info_request.incoming_email), "mailto:#{@info_request.incoming_email}" %> + </td> + </tr> + <tr> + <td> + <b><%=_("Tags")%></b> + </td> + <td> + <%= render :partial => 'tags', :locals => { :info_request => @info_request} %> + </td> + </tr> + </tbody> + <tfoot> + <tr> + <td colspan="2"> + <%= link_to 'Edit metadata', '../edit/' + @info_request.id.to_s, :class => "btn" %> + </td> + </tr> + </tfoot> + </table> + </div> + </div> + </div> <% end %> - -<p> - <%= link_to 'Public page', main_url(request_url(@info_request)) %> - | <%= link_to 'Edit', '../edit/' + @info_request.id.to_s %> - | <%= link_to 'FOI officer upload URL', '../generate_upload_url/' + @info_request.id.to_s %> (see also links on incoming messages below) -</p> - -<h2>Events</h2> - -<table> - <tr> - <th>Id</th> - <% for column in InfoRequestEvent.content_columns %> - <th><%= column.human_name %></th> - <% end %> - <th>Actions</th> - </tr> - -<% for info_request_event in @info_request.info_request_events.find(:all, :order => "created_at, id") %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%=h info_request_event.id %></td> - <% for column in InfoRequestEvent.content_columns %> - <td> - <% if column.name == 'params_yaml' %> - <%= info_request_event.params_yaml_as_html %> - <% elsif column.text? %> - <%=h (info_request_event.send(column.name) || '').gsub(/_/,' ') %> +<fieldset class="form-horizontal"> + <legend>Actions</legend> + <div class="control-group"> + <label class="control-label"> + FOI officer upload URL + </label> + <div class="controls"> + <%= link_to 'Generate URL', '../generate_upload_url/' + @info_request.id.to_s, :class => "btn" %> + <p class="help-block">(see also option to general URLs for individual incoming messages below)</p> + </div> + </div> + <% form_tag '../hide/' + @info_request.id.to_s, :class => "form form-inline", :id => "hide_request_form" do %> + <div class="control-group"> + <% if @info_request.is_external? %> + <label class="control-label">Hide the request:</label> <% else %> - <%=h info_request_event.send(column.name) %> + <label class="control-label">Hide the request and notify the user:</label> <% end %> - </td> - <% end %> - <td> - <% if info_request_event.described_state != 'waiting_clarification' and info_request_event.event_type == 'response' %> - <% form_tag '../mark_event_as_clarification' do %> - <div> - <%= hidden_field_tag 'info_request_event_id', info_request_event.id %> - <%= submit_tag "Was clarification request" %> - </div> + + <div class="controls" id="request_hidden_user_explanation_reasons"> + <% if ['hidden', 'requester_only'].include? @info_request.prominence %> + <p class="help-block">This request has already been hidden</p> + <% else %> + <label class="radio inline"> + <%= radio_button_tag "reason", "not_foi" %> <%= _("Not a valid FOI request") %> + </label> + <label class="radio inline"> + <%= radio_button_tag "reason", "vexatious" %> <%= _("A vexatious request") %> + </label> <% end %> - <% end %> - </td> - </tr> -<% end %> -</table> + </div> + </div> -<h2>Outgoing messages</h2> + <% if !['hidden', 'requester_only'].include? @info_request.prominence %> + <% if ! @info_request.is_external? %> -<table> - <tr> - <th>Id</th> - <% for column in OutgoingMessage.content_columns %> - <th><%= column.human_name %></th> - <% end %> - <th>Actions</th> - </tr> + <div class="control-group" id="request_hidden_user_subject"> + <label for="request_hidden_user_subject_field" class="control-label">Subject of email:</label> + <div class="controls"> + <%= text_field_tag "subject", "Your request on WhatDoTheyKnow.com hidden", {:id => "request_hidden_user_subject_field", :cols => 100} %> + </div> + </div> -<% for outgoing_message in @info_request.outgoing_messages.find(:all, :order => 'created_at') %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%=h outgoing_message.id %></td> - <% for column in OutgoingMessage.content_columns.map { |c| c.name } %> + <div class="control-group" id="request_hidden_user_explanation"> + <label for="request_hidden_user_explanation_field" class="control-label">Reason for hiding the request (will be emailed to user):</label> + <div class="controls"> + <%= text_area_tag "explanation", h(@request_hidden_user_explanation), {:id => "request_hidden_user_explanation_field"} %> + </div> + </div> - <% if column == 'body' %> - <td> - <div><%= simple_format( truncate(outgoing_message.body, :length => 400, - :omission => link_to_function("...", "$(this).up('td').childElements().invoke('toggle')") - )) %></div> - <div style="display:none;"><%= simple_format( outgoing_message.body ) %></div> - </td> - <% else %> - <td><%= simple_format( outgoing_message.send(column) ) %></td> + <% end %> + <div class="form-actions" id="request_hide_button"> + <%= submit_tag _("Hide request"), :class => "btn" %> + </div> <% end %> + <% end %> +</fieldset> +<hr> +<h2>Events</h2> +<div class="accordion" id="events"> + <% for info_request_event in @info_request.info_request_events.find(:all, :order => "created_at, id") %> + <div class="accordion-group"> + <div class="accordion-heading"> + <span class="item-title"> + <a href="#event_<%=info_request_event.id%>" data-toggle="collapse" data-parent="#events"><i class="icon-chevron-right"></i></a> + <%= _("Event {{id}}", :id => info_request_event.id) %>: + <strong> + <%=h info_request_event.event_type.humanize %><% if !info_request_event.calculated_state.nil? %>; state: <%= info_request_event.calculated_state %><% end %> + </strong> + <em> + <%= info_request_event.created_at%> + </em> + </span> + </div> + <div id="event_<%=info_request_event.id%>" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <tr> + <td> + <% if info_request_event.described_state != 'waiting_clarification' and info_request_event.event_type == 'response' %> + <% form_tag '../mark_event_as_clarification', :class => "form form-inline admin-table-form admin-inline-form" do %> + <%= hidden_field_tag 'info_request_event_id', info_request_event.id, :id => nil %> + <%= submit_tag "Was clarification request", :class => "btn btn-mini btn-primary" %> + <% end %> + <% end %> + </td> + <td></td> + </tr> + + <% info_request_event.for_admin_column do |name, value, type, column_name| %> + <tr> + <td> + <b><%=h name%></b> + </td> + <td> + <% if column_name == 'params_yaml' %> + <%= info_request_event.params_yaml_as_html %> + <% elsif value.nil? %> + nil + <% elsif %w(text string).include?(type) %> + <%=h value.humanize %> + <% elsif type == 'datetime' %> + <%= admin_date value %> + <% else %> + <%=h value %> + <% end %> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> <% end %> - <td> - <% form_tag '../resend' do %> - <div> - <%= hidden_field_tag 'outgoing_message_id', outgoing_message.id %> - <%= submit_tag "Resend" %> +</div> +<hr> +<h2>Outgoing messages</h2> +<div class="accordion" id="outgoing_messages"> + <% for outgoing_message in @info_request.outgoing_messages.find(:all, :order => 'created_at') %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a href="#outgoing_<%=outgoing_message.id%>" data-toggle="collapse" data-parent="#outgoing_messages"><i class="icon-chevron-right"></i></a> + <a href="../edit_outgoing/<%= outgoing_message.id %>"> + #<%= outgoing_message.id %> -- <%= outgoing_message.status.humanize %> <%= outgoing_message.message_type.humanize %> + </a> + <blockquote> + <%= truncate(outgoing_message.body, :length => 400) %> + </blockquote> + </div> + <div id="outgoing_<%=outgoing_message.id%>" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <tr> + <td colspan="2"> + <% form_tag '../resend', :class => "admin-table-form" do %> + <%= hidden_field_tag 'outgoing_message_id', outgoing_message.id %> + <%= submit_tag "Resend", :class => "btn" %> + <% end %> + </td> + </tr> + <% outgoing_message.for_admin_column do |name, value, type, column_name| %> + <tr> + <td class="span3"> + <b><%=name%></b> + </td> + <td> + <% if column_name == 'body' %> + <%= simple_format(truncate(outgoing_message.body, :length => 400, :omission => link_to("...", "#", :class => "toggle-hidden" ))) %> + <div style="display:none;"><%= simple_format( outgoing_message.body ) %></div> + <% else %> + <%= admin_value(value) %> + <% end %> + </td> + </tr> + <% end %> + </tbody> + </table> </div> + </div> <% end %> - <%= link_to "Edit", '../edit_outgoing/' + outgoing_message.id.to_s %> - </td> - </tr> -<% end %> -</table> - +</div> +<hr> <h2>Incoming messages</h2> - -<table> - <tr> - <th>Id</th> - <% for column in IncomingMessage.content_columns %> - <th><%= column.human_name %></th> - <% end %> - <th>Actions</th> - </tr> - -<% for incoming_message in @info_request.incoming_messages.find(:all, :order => 'created_at') %> - <tr class="<%= cycle('odd', 'even') %>" id="incoming-<%=incoming_message.id.to_s%>"> - <td><%=h incoming_message.id %></td> - <% for column in IncomingMessage.content_columns.map { |c| c.name } %> - <% if column =~ /^cached_.*?$/ %> - <td> - <div><%= simple_format( truncate(incoming_message.send(column), :length => 400, - :omission => link_to_function("...", "$(this).up('td').childElements().invoke('toggle')") - )) %></div> - <div style="display:none;"><%= simple_format( incoming_message.send(column) ) %></div> - </td> - <% else %> - <td><%= simple_format( incoming_message.send(column) ) %></td> - <% end %> +<div class="accordion" id="incoming_messages"> + <% for incoming_message in @info_request.incoming_messages.find(:all, :order => 'created_at') %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a href="#incoming_<%=incoming_message.id%>" data-toggle="collapse" data-parent="#incoming_messages"><i class="icon-chevron-right"></i></a> + <%=incoming_message.id%> -- <%= h(incoming_message.mail_from) %> <%=_("at")%> <%=admin_value(incoming_message.sent_at)%> + <blockquote class="incoming-message"> + <% if !incoming_message.cached_main_body_text_folded.nil? %> + <%= truncate(incoming_message.cached_main_body_text_folded.gsub('FOLDED_QUOTED_SECTION', ''), :length => 400) %> + <% end %> + </blockquote> + </div> + <div id="incoming_<%=incoming_message.id%>" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <thead> + <tr> + <td colspan="2" class="well"> + <%= render :partial => 'incoming_message_actions', :locals => { :incoming_message => incoming_message } %> + </td> + </tr> + </thead> + <tbody> + <% incoming_message.for_admin_column do |name, value, type, column_name| %> + <tr> + <td> + <b><%=name%></b> + </td> + <td> + <% if column_name =~ /^cached_.*?$/ %> + <%= simple_format( truncate(value, :length => 400, :omission => link_to("...", "#", :class => "toggle-hidden"))) %> + <div style="display:none;"><%= simple_format(value) %></div> + <% else %> + <%= simple_format(value) %> + <% end %> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> <% end %> - <td> - <% if !incoming_message.raw_email_id.nil? %> - <p> - <%= link_to "View raw email", "../show_raw_email/" + incoming_message.raw_email_id.to_s %> - </p> - <% end %> - <%= render :partial => 'incoming_message_actions', :locals => { :incoming_message => incoming_message } %> - </td> - </tr> -<% end %> -</table> - +</div> +<hr> <h2>Annotations</h2> <% if @info_request.comments.size > 0 %> - <table> - <tr> - <th>Id</th> - <th>Posted by</th> - <% for column in Comment.content_columns %> - <th><%= column.human_name %></th> - <% end %> - <th>Actions</th> - </tr> + <div class="accordion" id="comments"> + <% for comment in @info_request.comments %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a href="#comment_<%=comment.id%>" data-toggle="collapse" data-parent="#comments"><i class="icon-chevron-right"></i></a> + <a href="../edit_comment/<%= comment.id %>"> + #<%=comment.id%> + -- + <%=h(comment.user.name)%> + <%=admin_value(comment.created_at)%> + </a> + <blockquote class="incoming-message"> + <%= truncate(comment.body, :length => 400) %> + </blockquote> + </div> + <div id="comment_<%=comment.id%>" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <tr> + <td colspan="2"> + By <%= link_to("<i class='icon-eye-open'></i>".html_safe, user_path(comment.user), :title => "view user's page on public website") %> - <% for comment in @info_request.comments %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%=h comment.id %></td> - <td><%= user_both_links(comment.user) %></td> - <% for column in Comment.content_columns.map { |c| c.name } %> - <% if column == 'body' && !comment.visible %> - <td><s><%=h comment.send(column) %></s></td> - <% else %> - <td><%=h comment.send(column) %></td> - <% end %> + <%= link_to(h(comment.user.name), admin_user_show_path(comment.user)) %> + </td> + </tr> + <% comment.for_admin_column do |name, value, type, column_name |%> + <tr> + <td> + <b><%=name%></b> + </td> + <td> + <% if column_name == 'body' && !comment.visible %> + <s><%=h comment.send(column_name) %></s> + <% else %> + <%=h comment.send(column_name) %> + <% end %> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> <% end %> - <td> - <%= link_to "Edit", '../edit_comment/' + comment.id.to_s %> - </td> - </tr> - <% end %> - </table> + </div> <% else %> <p>None yet.</p> <% end %> - - - +<hr> <h2>Mail server delivery logs</h2> <p><i>(Lines containing the request incoming email address, updated hourly.)</i></p> <% for mail_server_log_done_id, mail_server_logs in @info_request.mail_server_logs.group_by(&:mail_server_log_done_id) %> - <!-- <h3><%=h mail_server_logs[0].mail_server_log_done.filename %></h3> --> - <pre><% for mail_server_log in mail_server_logs %><%=h mail_server_log.line%><% end %></pre> + <!-- <h3><%=h mail_server_logs[0].mail_server_log_done.filename %></h3> --> + <pre><% for mail_server_log in mail_server_logs %><%=h mail_server_log.line%><% end %></pre> <% end %> <% if @info_request.mail_server_logs.size == 0 %> - <p>None (perhaps this is an old or a very new request)</p> + <p>None (perhaps this is an old or a very new request)</p> <% end %> +<hr> <h2>Censor rules</h2> <%= render :partial => 'admin_censor_rule/show', :locals => { :censor_rules => @info_request.censor_rules, :info_request => @info_request } %> diff --git a/app/views/admin_request/show_raw_email.rhtml b/app/views/admin_request/show_raw_email.rhtml index fa1470e77..72c782ad6 100644 --- a/app/views/admin_request/show_raw_email.rhtml +++ b/app/views/admin_request/show_raw_email.rhtml @@ -1,37 +1,67 @@ -<% @title = 'Incoming message ' + @raw_email.incoming_message.id.to_s + ' of FOI request \'' + h(@raw_email.incoming_message.info_request.title) + "'" %> +<% @title = "Incoming message #{@raw_email.incoming_message.id} of FOI request '#{@raw_email.incoming_message.info_request.title}'" %> -<h1>Incoming message <%=@raw_email.incoming_message.id.to_s %></h1> +<h1>Incoming message <%=@raw_email.incoming_message.id %></h1> <p> FOI request: <%= request_both_links(@raw_email.incoming_message.info_request) %> - <% if @holding_pen %> + <% if @holding_pen %> <br>This is in the holding pen because: <strong><%= @rejected_reason %></strong> <% if @public_bodies.size > 0 %> <br>Guessed authority: - <% for public_body in @public_bodies %> - <%=public_body_both_links(public_body)%> + <% @public_bodies.each do |public_body| %> + <%=public_body_both_links(public_body)%> <% end %> (based on From: email domain) <% end %> <% if @info_requests.size > 0 %> - <br>Guessed request: - <% for info_request in @info_requests %> - <%=request_both_links(info_request)%> - <% end %> - (based on id, not hash, in To/Cc email) + <div class="accordion" id="guessed-requests"> + Guessed request: + <% @info_requests.each do |info_request| %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a href="#info_request_<%= info_request.id %>" data-toggle="collapse"><i class="icon-chevron-right"></i></a> + <%=request_both_links(info_request)%> + </div> + <div class="accordion-body collapse" id="info_request_<%= info_request.id %>"> + <table class="table table-striped table-condensed"> + <tr> + <td><strong>Last outgoing message:</strong></td> + <td><%= info_request.outgoing_messages.last.body %></td> + </tr> + <tr> + <td><strong>Created by:</strong></td> + <td><%= user_admin_link_for_request(info_request) %></td> + </tr> + <tr> + <td><strong>Authority:</strong></td> + <td> + <%= link_to(info_request.public_body.name, admin_body_show_path(info_request.public_body)) %> + </td> + </tr> + <tr> + <td><strong>url_title:</strong></td> + <td><%= info_request.url_title %></td> + </tr> + </table> + <p> + This request was guessed because it has an incoming email address of <strong><%= info_request.incoming_email %></strong> and this incoming message was sent to <strong><%= @raw_email.incoming_message.mail.to %></strong>. + </p> + </div> + </div> + <% end %> + (based on id, not hash, in To/Cc email) + </div> <% end %> <% end %> </p> -<h2>Actions</h2> - <div> <%= render :partial => 'incoming_message_actions', :locals => { :incoming_message => @raw_email.incoming_message } %> </div> <h2>Raw email</h2> -<p><%= link_to "Download", "../download_raw_email/" + @raw_email.id.to_s %></p> +<p><%= link_to "Download", admin_request_download_raw_email_path(@raw_email) %></p> -<pre><%=h(@raw_email.data).gsub(/\n/, '<br>') %></pre> +<pre><%=h(@raw_email.data).gsub(/\n/, '<br>').html_safe %></pre> diff --git a/app/views/admin_track/_some_tracks.rhtml b/app/views/admin_track/_some_tracks.rhtml index 72ee5fd95..8ae7bd5c1 100644 --- a/app/views/admin_track/_some_tracks.rhtml +++ b/app/views/admin_track/_some_tracks.rhtml @@ -1,31 +1,72 @@ -<table> - <tr> - <th>Id</th> - <th>User</th> - <% for column in TrackThing.content_columns %> - <th><%= column.human_name %></th> - <% end %> - <th>Items sent by email (in last month)</th> - <th>Actions</th> - </tr> - -<% for track_thing in track_things %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%=h track_thing.id %></td> - <td><%=user_both_links(track_thing.tracking_user) %></td> - <% for column in TrackThing.content_columns.map { |c| c.name } %> - <td><%=h track_thing.send(column) %></td> - <% end %> - <td><%= track_thing.track_things_sent_emails.size %></td> - <td> - <% form_tag '../../user/destroy_track' do %> - <div> - <%= hidden_field_tag 'track_id', track_thing.id %> - <%= submit_tag "Destroy track" %> - </div> - <% end %> - </td> - </tr> -<% end %> -</table> +<% include_destroy = include_destroy || false %> +<% if track_things.empty? %> + <div class="row"> + <div class="span12"> + <%=_("No tracked things found.")%> + </div> + </div> +<% else %> + <div class="accordion" id="tracks"> + <% for track_thing in track_things %> + <div class="accordion-group"> + <div class="accordion-heading"> + <a href="#track_<%=track_thing.id%>" data-toggle="collapse" data-parent="requests"><i class="icon-chevron-right"></i></a> + <%=track_thing.id%>: + <% if track_thing.public_body_id %> + <%= link_to "<code>#{h track_thing.track_query}</code>".html_safe, public_body_path(track_thing.public_body) %> + <% elsif track_thing.info_request_id %> + <%= link_to "<code>#{h track_thing.track_query}</code>".html_safe, request_path(track_thing.info_request) %> + <% elsif track_thing.tracked_user_id %> + <%= link_to "<code>#{h track_thing.track_query}</code>".html_safe, user_path(track_thing.tracked_user) %> + <% else %> + <code><%=h track_thing.track_query%></code> + <% end %> + <% if @admin_user.nil? %> + <%# Do not show this on the list of tracks on the user page, because it’s rather repetitive there %> + tracked by <%=link_to '<i class="icon-eye-open"></i>'.html_safe, admin_user_show_path(track_thing.tracking_user) %> <%=link_to h(track_thing.tracking_user.name), user_path(track_thing.tracking_user) %> + <% end %> + </div> + <div id="track_<%=track_thing.id%>" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% if include_destroy %> + <tr> + <td colspan="2"> + <% form_tag '../../user/destroy_track', :class => "form form-inline admin-table-form" do %> + <div> + <%= hidden_field_tag 'track_id', track_thing.id %> + <%= submit_tag "Destroy track", :class => "btn btn-warning" %> + </div> + <% end %> + </td> + </tr> + <% end %> + <% TrackThing.content_columns.each do |column| %> + <tr> + <td> + <b><%=column.human_name%></b> + </td> + <td> + <% if column.type.to_s == 'datetime' %> + <%= I18n.l(track_thing.send(column.name), :format => "%e %B %Y %H:%M:%S") %> + (<%= _('{{length_of_time}} ago', :length_of_time => time_ago_in_words(track_thing.send(column.name))) %>) + <% elsif column.name == 'track_medium' and track_thing.track_medium == 'feed' %> + <%= link_to track_thing.track_medium, atom_feed_path(:track_id => track_thing.id) %> + <% else %> + <%= h track_thing.send(column.name)%> + <% end %> + </td> + </tr> + <% end %> + <tr> + <td><b><%=_("Items sent in last month")%></b></td> + <td><%= track_thing.track_things_sent_emails.size %></td> + </tr> + </tbody> + </table> + </div> + </div> + <% end %> + </div> +<% end %> diff --git a/app/views/admin_track/list.rhtml b/app/views/admin_track/list.rhtml index 58c87ddba..9cff5635b 100644 --- a/app/views/admin_track/list.rhtml +++ b/app/views/admin_track/list.rhtml @@ -1,39 +1,20 @@ -<% @title = 'Listing tracks' %> +<% @title = _('Listing tracks') %> <h1><%=@title%></h1> -<% form_tag("", :method => "get") do %> - <p> - <%= text_field_tag 'query', params[:query], { :size => 30 } %> - <%= submit_tag "Search" %> (substring search the query - so use url_names_for_a_particular_request_or_authority_or_person) - </p> +<% form_tag({}, :method => "get", :class => "form form-search") do %> + <%= text_field_tag 'query', params[:query], { :size => 30, :class => "input-large search-query" } %> + <%= submit_tag "Search", :class => "btn" %> (substring search the query – so use url_names_for_a_particular_request_or_authority_or_person) <% end %> -<table> - <tr> - <th>Id</th> - <th>Tracked by</th> - <% for column in TrackThing.content_columns %> - <th><%= column.human_name %></th> - <% end %> - <th>Items sent by email (in last month)</th> - </tr> - -<% for track_thing in @admin_tracks %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%=h track_thing.id %></td> - <td><%= user_both_links(track_thing.tracking_user) %></td> - <% for column in TrackThing.content_columns.map { |c| c.name } %> - <% if column == 'track_medium' and track_thing.track_medium == 'feed'%> - <td><%= link_to track_thing.track_medium, atom_feed_url(:track_id => track_thing.id) %></td> - <% else %> - <td><%=h track_thing.send(column) %></td> - <% end %> - <% end %> - <td><%= track_thing.track_things_sent_emails.size %></td> - </tr> -<% end %> -</table> +<%= render :partial => 'some_tracks', :locals => { :track_things => @admin_tracks } %> + +<%= will_paginate(@admin_tracks, :class => "paginator" ) %> -<%= will_paginate(@admin_tracks) %> +<h2>Current top tracks:</h2> +<ol> +<% for row in @popular %> + <li><%= link_to row['title'], admin_request_show_path(row['info_request_id']) %> (<%= row['count'] %> people following)</li> +<% end %> +</ol> diff --git a/app/views/admin_user/_form.rhtml b/app/views/admin_user/_form.rhtml index be69d9a80..756806d2a 100644 --- a/app/views/admin_user/_form.rhtml +++ b/app/views/admin_user/_form.rhtml @@ -2,26 +2,65 @@ <!--[form:admin_user]--> -<p><label for="admin_user_name">Name</label> (will change URL name and break URLs; unlike authorities, there is no history; you will need to rebuild the search index afterwards)<br/> -<%= text_field 'admin_user', 'name', :size => 60 %></p> +<div class="control-group"> + <label for="admin_user_name" class="control-label">Name</label> + <div class="controls"> + <%= text_field 'admin_user', 'name', :class => "span3" %> + <div class="help-block"> + will change URL name and break URLs; unlike authorities, there is no history; you will need to rebuild the search index afterwards + </div> + </div> +</div> -<p><label for="admin_user_email">Email</label> (<strong>you must</strong> first validate this)<br/> -<%= text_field 'admin_user', 'email', :size => 60 %></p> +<div class="control-group"> + <label for="admin_user_email" class="control-label">Email</label> + <div class="controls"> + <%= text_field 'admin_user', 'email', :class => "span3" %> + <div class="help-block"> + <strong>you must</strong> first validate this + </div> + </div> +</div> -<p><label for="admin_user_admin_level">Admin level</label> (<strong>none</strong> or <strong>super</strong>; this is for admin features and links which are in the site proper)<br/> -<%= text_field 'admin_user', 'admin_level', :size => 60 %></p> +<div class="control-group"> + <label for="admin_level" class="control-label">Admin level</label> + <div class="controls"> + <%= text_field 'admin_user', 'admin_level', :class => "span3" %> + <div class="help-block"> + <strong>none</strong> or <strong>super</strong>; this is for admin features and links which are in the site proper + </div> + </div> +</div> -<p><label for="admin_user_ban_text">Ban text</label> <small>(if not blank will stop the - user from filing new requests, making annotations or messaging other users; - the text is shown in public on the user's page and when they try to do a - forbidden action; write in the second person (you); see - <%= link_to 'banned users', '../banned' %> for examples</small>)<br/> - -<%= text_area 'admin_user', 'ban_text', :cols => 60, :rows => 3 %></p> - -<p><label for="admin_user_about_me">About me</label> (user's own text on their profile, format like comments):<br/> -<%= text_area 'admin_user', 'about_me', :cols => 60, :rows => 3 %></p> - -<p><%= check_box 'admin_user', 'no_limit' %> -<label for="admin_user_no_limit">No rate limit</label> (disable the limit on daily requests)</p> +<div class="control-group"> + <label for="ban_text" class="control-label">Ban text</label> + <div class="controls"> + <%= text_area 'admin_user', 'ban_text', :class => "span6", :rows => 3 %> + <div class="help-block"> + if not blank will stop the + user from filing new requests, making annotations or messaging other users; + the text is shown in public on the user's page and when they try to do a + forbidden action; write in the second person (you); see + <%= link_to 'banned users', '../banned' %> for examples</small> + </div> + </div> +</div> +<div class="control-group"> + <label for="about_me" class="control-label">About me</label> + <div class="controls"> + <%= text_area 'admin_user', 'about_me', :class => "span6", :rows => 3 %> + <div class="help-block"> + user's own text on their profile, format like comments + </div> + </div> +</div> +<div class="control-group"> + <label for="admin_user_no_limit" class="control-label">No rate limit</label> + <div class="controls"> + <%= check_box 'admin_user', 'no_limit' %> + <div class="help-block"> + disable the limit on daily requests + </div> + </div> +</div> diff --git a/app/views/admin_user/_user_table.rhtml b/app/views/admin_user/_user_table.rhtml index d35c78594..a4227e017 100644 --- a/app/views/admin_user/_user_table.rhtml +++ b/app/views/admin_user/_user_table.rhtml @@ -1,22 +1,47 @@ -<table> - <tr> - <th>Id</th> - <% for column in ['Name', 'Email', 'Created at', 'Updated at', 'Email confirmed', 'Admin'] + (banned_column ? ['Ban text'] : []) %> - <th><%= column %></th> +<div class="accordion" id="users"> + <% for user in users %> + <div class="accordion-group"> + <div class="accordion-heading accordion-toggle"> + <span class="item-title"> + <a href="#user_<%=user.id%>" data-toggle="collapse" data-parent="requests"><i class="icon-chevron-right"></i></a> + <% if user.admin_level == "super" %> + <span class="label">superuser</span> + <% end %> + <%= link_to("#{h(user.name)}", admin_user_show_path(user))%> + <%= link_to("(#{h(user.email)})", "mailto:#{h(user.email)}")%> + </span> + <span class="item-metadata"> + updated <%=I18n.l(user.updated_at, :format => "%e %B %Y %H:%M:%S")%> + </span> + </div> + <div id="user_<%=user.id%>" class="accordion-body collapse"> + <table class="table table-striped table-condensed"> + <tbody> + <% if banned_column %> + <tr> + <td><b>Ban text</b></td> + <td><%= h user.ban_text %></td> + </tr> + <% end %> + <% user.for_admin_column do |name, value, type|%> + <tr> + <td><b><%=h name%></b></td> + <td> + <% if type == 'datetime' %> + <%= I18n.l(value, :format => "%e %B %Y %H:%M:%S") %> + (<%= _('{{length_of_time}} ago', :length_of_time => time_ago_in_words(value)) %>) + <% else %> + <%= h value %> + <% end %> + </td> + </tr> + <% end %> + </tbody> + </table> + </div> + </div> <% end %> - </tr> - -<% for user in users %> - <tr class="<%= cycle('odd', 'even') %>"> - <td><%= user.id.to_s %></td> - <td><%= user_both_links(user) %></td> - <td><a href="mailto:<%=h user.email %>"><%=h user.email%></a></td> - <% for column in ['created_at', 'updated_at', 'email_confirmed', 'admin_level'] + (banned_column ? ['ban_text'] : []) %> - <td><%=h user.send(column) %></td> - <% end %> - </tr> -<% end %> -</table> +</div> -<%= will_paginate(users) %> +<%= will_paginate(users, :class => "paginator") %> diff --git a/app/views/admin_user/edit.rhtml b/app/views/admin_user/edit.rhtml index 06ddc57d3..c3ee3012b 100644 --- a/app/views/admin_user/edit.rhtml +++ b/app/views/admin_user/edit.rhtml @@ -1,16 +1,14 @@ - - <h1><%=@title%></h1> -<% form_tag '../update/' + @admin_user.id.to_s do %> +<% form_tag "../update/#{@admin_user.id}", :class => "form form-horizontal" do %> <%= render :partial => 'form' %> - <p><%= submit_tag 'Save', :accesskey => 's' %></p> + <div class="form-actions"> + <%= submit_tag 'Save', :accesskey => 's', :class => "btn btn-primary" %> + </div> <% end %> -<p> -<%= link_to 'Show', '../show/' + @admin_user.id.to_s %> | -<%= link_to 'List all', '../list' %> -</p> +<%= link_to 'Show', "../show/#{@admin_user.id}", :class => "btn" %> +<%= link_to 'List all', '../list', :class => "btn" %> <% if false #@admin_user.info_requests.size == 0 %> <% form_tag('../destroy/' + @admin_user.id.to_s) do %> diff --git a/app/views/admin_user/list.rhtml b/app/views/admin_user/list.rhtml index 9de381ecc..afe166f1f 100644 --- a/app/views/admin_user/list.rhtml +++ b/app/views/admin_user/list.rhtml @@ -1,13 +1,11 @@ -<% @title = 'Listing users' %> +<% @title = _('Listing users') %> <h1><%=@title%></h1> -<% form_tag("", :method => "get") do %> - <p> - <%= text_field_tag 'query', params[:query], { :size => 30 } %> - <%= submit_tag "Search" %> (substring search, names and emails) - <%= link_to 'Banned users', 'banned' %> - </p> +<% form_tag({}, :method => "get", :class => "form form-search") do %> + <%= text_field_tag 'query', params[:query], { :size => 30, :class => "input-large search-query"} %> + <%= submit_tag "Search", :class => "btn" %> (substring search, names and emails) + <%= link_to 'Banned users', 'banned', :class => "btn btn-info" %> <% end %> <%= render :partial => 'user_table', :locals => { :users => @admin_users, :banned_column => false } %> diff --git a/app/views/admin_user/show.rhtml b/app/views/admin_user/show.rhtml index 4af79e45a..ccf2694b9 100644 --- a/app/views/admin_user/show.rhtml +++ b/app/views/admin_user/show.rhtml @@ -1,63 +1,81 @@ -<% @title = "User - " + h(@admin_user.name) %> +<% @title = _("User – {{name}}", :name => h(@admin_user.name)) %> <h1><%=@title%></h1> <% if @admin_user.profile_photo %> - <div class="user_photo_on_admin"> - <% form_tag '../clear_profile_photo/' + @admin_user.id.to_s, :multipart => true do %> - <img src="<%= main_url(get_profile_photo_url(:url_name => @admin_user.url_name, :only_path => true)) %>"> - <br> - <%= submit_tag "Clear photo" %> - <% end %> - </div> + <div class="user_photo_on_admin"> + <% form_tag "../clear_profile_photo/#{@admin_user.id}", :multipart => true, :class => "form" do %> + <img src="<%= get_profile_photo_url(:url_name => @admin_user.url_name) %>"> + <br> + <%= submit_tag "Clear photo", :class => "btn btn-info" %> + <% end %> + </div> <% end %> - -<div> -<strong>Id:</strong> <%= @admin_user.id%> <br> -<% for column in User.content_columns %> - <strong><%= column.human_name %>:</strong> - <% if column.name == 'email' %> - <a href="mailto:<%=h @admin_user.email %>"><%=h @admin_user.email%></a> - <% elsif column.name == 'email_bounce_message' %> - <% if !@admin_user.email_bounce_message.empty? %> - <a href="../show_bounce_message/<%= @admin_user.id.to_s %>">See bounce message</a> - <% end %> - <% else %> - <%=h @admin_user.send(column.name) %> +<table class="table table-striped table-condensed"> + <tbody> + <tr> + <td> + <b><%=_("Id")%></b> + </td> + <td> + <%=@admin_user.id%> + </td> + </tr> + <% @admin_user.for_admin_column(:complete => true) do |name, value, type, column_name| %> + <tr> + <td> + <b><%=_(name)%></b> + </td> + <td> + <% if column_name == 'email' %> + <%=link_to @admin_user.email, "mailto:#{h @admin_user.email}"%> + <% elsif column_name == 'email_bounce_message' %> + <% unless @admin_user.email_bounce_message.empty? %> + <%= link_to _("See bounce message"), admin_user_show_bounce(@admin_user.id) %> + <% end %> + <% else %> + <%=h admin_value(value)%> + <% end %> + <% if column_name == 'email_bounced_at' && !@admin_user.email_bounced_at.nil? %> + <% form_tag "../clear_bounce/#{@admin_user.id}", :class => "form form-inline" do %> + <input type="submit" name="action" value="Clear bounce" class="btn btn-info"> + <% end %> + <% end %> + </td> + </tr> <% end %> - <% if column.name == 'email_bounced_at' && !@admin_user.email_bounced_at.nil? %> - <form action="../clear_bounce/<%= @admin_user.id.to_s %>" style="display: inline;"><input type="submit" name="action" value="Clear bounce"></form> - <% end %> - <br> -<% end %> -</div> + </tbody> +</table> -<p> - <%= link_to 'Public page', main_url(user_url(@admin_user)) %> - | <%= link_to 'Edit', '../edit/' + @admin_user.id.to_s %> - | <%= link_to 'Log in as this user', '../login_as/' + @admin_user.id.to_s %> (also confirms their email) -</p> + +<%= link_to 'Edit', '../edit/' + @admin_user.id.to_s, :class => "btn btn-primary" %> +<%= link_to 'Public page', user_path(@admin_user), :class => "btn" %> +<%= link_to "Log in as #{@admin_user.name} (also confirms their email)", "../login_as/#{@admin_user.id}", :class => "btn btn-info" %> + +<hr> <h2>Track things</h2> -<%= render :partial => 'admin_track/some_tracks', :locals => { :track_things => @admin_user.track_things } %> +<%= render :partial => 'admin_track/some_tracks', :locals => { :track_things => @admin_user.track_things, :include_destroy => true } %> + +<hr> <h2>Post redirects</h2> -<table> +<table class="table table-condensed table-striped"> <tr> <th>Id</th> <% for column in PostRedirect.content_columns %> <th><%= column.human_name %></th> <% end %> </tr> - + <% for post_redirect in @admin_user.post_redirects.find(:all, :order => 'created_at desc') %> <tr class="<%= cycle('odd', 'even') %>"> <td><%=h post_redirect.id %></td> <% for column in PostRedirect.content_columns.map { |c| c.name } %> <% if column == 'email_token' %> - <td><%=link_to post_redirect.send(column), main_url(confirm_url(:email_token => post_redirect.send(column), :only_path => true)) %></td> + <td><%=link_to post_redirect.send(column), confirm_path(:email_token => post_redirect.send(column)) %></td> <% else %> <td><%=h post_redirect.send(column) %></td> <% end %> @@ -66,9 +84,13 @@ <% end %> </table> +<hr> + <h2>Requests</h2> <%= render :partial => 'admin_request/some_requests', :locals => { :info_requests => @admin_user.info_requests } %> +<hr> + <h2>Censor rules</h2> <%= render :partial => 'admin_censor_rule/show', :locals => { :censor_rules => @admin_user.censor_rules, :user => @admin_user } %> diff --git a/app/views/api/request_events.atom.builder b/app/views/api/request_events.atom.builder index 44759ae7e..648a81e5c 100644 --- a/app/views/api/request_events.atom.builder +++ b/app/views/api/request_events.atom.builder @@ -8,7 +8,7 @@ atom_feed("xmlns:alaveteli" => "http://www.alaveteli.org/API/v2/RequestEvents/At entry.updated(event.created_at.utc.iso8601) entry.tag!("alaveteli:event_type", event.event_type) - entry.tag!("alaveteli:request_url", main_url(request_url(request))) + entry.tag!("alaveteli:request_url", request_url(request)) entry.title(request.title) entry.content(event.outgoing_message.body, :type => 'text') @@ -16,7 +16,7 @@ atom_feed("xmlns:alaveteli" => "http://www.alaveteli.org/API/v2/RequestEvents/At entry.author do |author| author.name(request.user_name) if !request.user.nil? - author.uri(main_url(user_url(request.user))) + author.uri(user_url(request.user)) end author.email(request.incoming_email) end diff --git a/app/views/comment/_comment_form.rhtml b/app/views/comment/_comment_form.rhtml index d430f25c8..120929643 100644 --- a/app/views/comment/_comment_form.rhtml +++ b/app/views/comment/_comment_form.rhtml @@ -13,7 +13,7 @@ <%= hidden_field_tag 'submitted_comment', 1 %> <%= hidden_field_tag 'preview', 1 %> <%= submit_tag _('Preview your annotation') %> - <%= _(' (<strong>no ranty</strong> politics, read our <a href="%s">moderation policy</a>)') % [help_requesting_path+'#moderation'] %> + <%= raw(_(' (<strong>no ranty</strong> politics, read our <a href="%s">moderation policy</a>)') % [help_requesting_path+'#moderation']) %> </p> <% end %> diff --git a/app/views/comment/_single_comment.rhtml b/app/views/comment/_single_comment.rhtml index b645721cf..421a9d4ba 100644 --- a/app/views/comment/_single_comment.rhtml +++ b/app/views/comment/_single_comment.rhtml @@ -17,11 +17,11 @@ </div> <p class="event_actions"> <% if !comment.id.nil? %> - <%= link_to "Link to this", comment_url(comment), :class => "link_to_this" %> + <%= link_to "Link to this", comment_path(comment), :class => "link_to_this" %> <% if !@user.nil? && @user.admin_page_links? %> - | <%= link_to "Admin", admin_url("request/edit_comment/" + comment.id.to_s) %> + | <%= link_to "Admin", admin_request_edit_comment_path(comment) %> <% end %> - <!-- | <%= link_to _('Report abuse'), comment_url(comment) %> --> + <!-- | <%= link_to _('Report abuse'), comment_path(comment) %> --> <% end %> </p> </div> diff --git a/app/views/comment/new.rhtml b/app/views/comment/new.rhtml index aa5b6051c..578732cdb 100644 --- a/app/views/comment/new.rhtml +++ b/app/views/comment/new.rhtml @@ -67,10 +67,10 @@ </ul> <p> - <big><%= _('Annotations will be posted publicly here, and are - <strong>not</strong> sent to {{public_body_name}}.',:public_body_name=>h(@info_request.public_body.name)) %></big> + <span class="big"><%= _('Annotations will be posted publicly here, and are + <strong>not</strong> sent to {{public_body_name}}.',:public_body_name=>h(@info_request.public_body.name)) %></span> <% if @info_request.is_external? %> - <big><%= _('Note that the requester will not be notified about your annotation, because the request was published by {{public_body_name}} on their behalf.', :public_body_name => @info_request.public_body.name) %></big> + <span class="big"><%= _('Note that the requester will not be notified about your annotation, because the request was published by {{public_body_name}} on their behalf.', :public_body_name => @info_request.public_body.name) %></span> <% end %> </p> diff --git a/app/views/contact_mailer/from_admin_message.rhtml b/app/views/contact_mailer/from_admin_message.rhtml index bdb48d580..4169d8d3a 100644 --- a/app/views/contact_mailer/from_admin_message.rhtml +++ b/app/views/contact_mailer/from_admin_message.rhtml @@ -1,2 +1,2 @@ -<%= @message.strip %> +<%= raw @message %> diff --git a/app/views/contact_mailer/message.rhtml b/app/views/contact_mailer/message.rhtml deleted file mode 100644 index 9c0a74c02..000000000 --- a/app/views/contact_mailer/message.rhtml +++ /dev/null @@ -1,11 +0,0 @@ -<%= @message.strip %> - ---------------------------------------------------------------------- -<%= _('Message sent using {{site_name}} contact form, ', :site_name=>site_name)%> -<%=(@logged_in_user ? ("logged in as user " + main_url(user_url(@logged_in_user))) : "not logged in")%><% if !@last_request.nil? %> - -<%= _('Last request viewed: ')%><%= main_url(request_url(@last_request)) %> -<% end %> <% if !@last_body.nil? %> - -<%= _('Last authority viewed: ')%><%= main_url(public_body_url(@last_body)) %> -<% end %>--------------------------------------------------------------------- diff --git a/app/views/contact_mailer/to_admin_message.rhtml b/app/views/contact_mailer/to_admin_message.rhtml new file mode 100644 index 000000000..dc9b1090b --- /dev/null +++ b/app/views/contact_mailer/to_admin_message.rhtml @@ -0,0 +1,11 @@ +<%= raw @message.strip %> + +--------------------------------------------------------------------- +<%= _('Message sent using {{site_name}} contact form, ', :site_name=>site_name)%> +<%=(@logged_in_user ? ("logged in as user " + user_url(@logged_in_user)) : "not logged in")%><% if !@last_request.nil? %> + +<%= _('Last request viewed: ')%><%= request_url(@last_request) %> +<% end %> <% if !@last_body.nil? %> + +<%= _('Last authority viewed: ')%><%= public_body_url(@last_body) %> +<% end %>--------------------------------------------------------------------- diff --git a/app/views/contact_mailer/user_message.rhtml b/app/views/contact_mailer/user_message.rhtml index b1d6e81ae..afa1494db 100644 --- a/app/views/contact_mailer/user_message.rhtml +++ b/app/views/contact_mailer/user_message.rhtml @@ -5,7 +5,7 @@ learn your email address. Only reply if that is okay.', :user_name => @from_user.name) %> --------------------------------------------------------------------- -<%= @message.strip %> +<%= raw @message.strip %> --------------------------------------------------------------------- <%= _('View Freedom of Information requests made by {{user_name}}:', :user_name=>@from_user.name)%> diff --git a/app/views/general/_advanced_search_tips.rhtml b/app/views/general/_advanced_search_tips.rhtml index 914abc1af..08ce04439 100644 --- a/app/views/general/_advanced_search_tips.rhtml +++ b/app/views/general/_advanced_search_tips.rhtml @@ -23,27 +23,27 @@ <p><%= _("All the options below can use <strong>status</strong> or <strong>latest_status</strong> before the colon. For example, <strong>status:not_held</strong> will match requests which have <em>ever</em> been marked as not held; <strong>latest_status:not_held</strong> will match only requests that are <em>currently</em> marked as not held.") %></p> <table class="status_table"> - <tr><td><strong><%=search_link('status:waiting_response', nil, nil, true)%></strong></td><td><%= _('Waiting for the public authority to reply') %></td></tr> - <tr><td><strong><%=search_link('status:not_held', nil, nil, true)%></strong></td><td><%= _('The public authority does not have the information requested') %></td></tr> - <tr><td><strong><%=search_link('status:rejected', nil, nil, true)%></strong></td><td><%= _('The request was refused by the public authority') %></td></tr> - <tr><td><strong><%=search_link('status:partially_successful', nil, nil, true)%></strong></td><td><%= _('Some of the information requested has been received') %></td></tr> - <tr><td><strong><%=search_link('status:successful', nil, nil, true)%></strong></td><td><%= _('All of the information requested has been received') %></td></tr> - <tr><td><strong><%=search_link('status:waiting_clarification', nil, nil, true)%></strong></td><td><%= _('The public authority would like part of the request explained') %></td></tr> - <tr><td><strong><%=search_link('status:gone_postal', nil, nil, true)%></strong></td><td><%= _('The public authority would like to / has responded by post') %></td></tr> - <tr><td><strong><%=search_link('status:internal_review', nil, nil, true)%></strong></td><td><%= _('Waiting for the public authority to complete an internal review of their handling of the request') %></td></tr> - <tr><td><strong><%=search_link('status:error_message', nil, nil, true)%></strong></td><td><%= _('Received an error message, such as delivery failure.') %></td></tr> - <tr><td><strong><%=search_link('status:requires_admin', nil, nil, true)%></strong></td><td><%= _('A strange reponse, required attention by the {{site_name}} team', :site_name=>site_name) %></td></tr> - <tr><td><strong><%=search_link('status:user_withdrawn', nil, nil, true)%></strong></td><td><%= _('The requester has abandoned this request for some reason') %></td></tr> + <tr><td><strong><%=search_link('status:waiting_response')%></strong></td><td><%= _('Waiting for the public authority to reply') %></td></tr> + <tr><td><strong><%=search_link('status:not_held')%></strong></td><td><%= _('The public authority does not have the information requested') %></td></tr> + <tr><td><strong><%=search_link('status:rejected')%></strong></td><td><%= _('The request was refused by the public authority') %></td></tr> + <tr><td><strong><%=search_link('status:partially_successful')%></strong></td><td><%= _('Some of the information requested has been received') %></td></tr> + <tr><td><strong><%=search_link('status:successful')%></strong></td><td><%= _('All of the information requested has been received') %></td></tr> + <tr><td><strong><%=search_link('status:waiting_clarification')%></strong></td><td><%= _('The public authority would like part of the request explained') %></td></tr> + <tr><td><strong><%=search_link('status:gone_postal')%></strong></td><td><%= _('The public authority would like to / has responded by post') %></td></tr> + <tr><td><strong><%=search_link('status:internal_review')%></strong></td><td><%= _('Waiting for the public authority to complete an internal review of their handling of the request') %></td></tr> + <tr><td><strong><%=search_link('status:error_message')%></strong></td><td><%= _('Received an error message, such as delivery failure.') %></td></tr> + <tr><td><strong><%=search_link('status:requires_admin')%></strong></td><td><%= _('A strange reponse, required attention by the {{site_name}} team', :site_name=>site_name) %></td></tr> + <tr><td><strong><%=search_link('status:user_withdrawn')%></strong></td><td><%= _('The requester has abandoned this request for some reason') %></td></tr> </table> <h2 id="varieties"><%= _('Table of varieties') %></h2> <p><%= _("All the options below can use <strong>variety</strong> or <strong>latest_variety</strong> before the colon. For example, <strong>variety:sent</strong> will match requests which have <em>ever</em> been sent; <strong>latest_variety:sent</strong> will match only requests that are <em>currently</em> marked as sent.") %></p> <table class="status_table"> - <tr><td><strong><%=search_link('variety:sent', nil, nil, true)%></strong></td><td><%= _('Original request sent') %></td></tr> - <tr><td><strong><%=search_link('variety:followup_sent', nil, nil, true)%></strong></td><td><%= _('Follow up message sent by requester') %></td></tr> - <tr><td><strong><%=search_link('variety:response', nil, nil, true)%></strong></td><td><%= _('Response from a public authority') %></td></tr> - <tr><td><strong><%=search_link('variety:comment', nil, nil, true)%></strong></td><td><%= _('Annotation added to request') %></td></tr> - <tr><td><strong><%=search_link('variety:authority', nil, nil, true)%></strong></td><td><%= _('A public authority') %></td></tr> - <tr><td><strong><%=search_link('variety:user', nil, nil, true)%></strong></td><td><%= _('A {{site_name}} user', :site_name=>site_name) %></td></tr> + <tr><td><strong><%=search_link('variety:sent')%></strong></td><td><%= _('Original request sent') %></td></tr> + <tr><td><strong><%=search_link('variety:followup_sent')%></strong></td><td><%= _('Follow up message sent by requester') %></td></tr> + <tr><td><strong><%=search_link('variety:response')%></strong></td><td><%= _('Response from a public authority') %></td></tr> + <tr><td><strong><%=search_link('variety:comment')%></strong></td><td><%= _('Annotation added to request') %></td></tr> + <tr><td><strong><%=search_link('variety:authority')%></strong></td><td><%= _('A public authority') %></td></tr> + <tr><td><strong><%=search_link('variety:user')%></strong></td><td><%= _('A {{site_name}} user', :site_name=>site_name) %></td></tr> </table> </div> diff --git a/app/views/general/_footer.rhtml b/app/views/general/_footer.rhtml index ab5ab2c47..36f3919f0 100644 --- a/app/views/general/_footer.rhtml +++ b/app/views/general/_footer.rhtml @@ -1,5 +1,5 @@ <div id="footer"> - <%= link_to _("Contact {{site_name}}", :site_name => site_name), help_contact_url %> + <%= link_to _("Contact {{site_name}}", :site_name => site_name), help_contact_path %> | <img src="/images/twitter-16.png" alt="twitter icon" class="twitter-icon"> <a href="https://twitter.com/<%= Configuration::twitter_username %>"><%= _("Follow us on twitter") %></a> <%= render :partial => 'general/credits' %> </div> diff --git a/app/views/general/_frontpage_bodies_list.rhtml b/app/views/general/_frontpage_bodies_list.rhtml index 503b38953..54400602b 100644 --- a/app/views/general/_frontpage_bodies_list.rhtml +++ b/app/views/general/_frontpage_bodies_list.rhtml @@ -11,7 +11,7 @@ <% end%> </ul> <p><strong> - <%= link_to _('Browse all authorities...'), list_public_bodies_default %> + <%= link_to _('Browse all authorities...'), list_public_bodies_default_path %> </strong></p> </div> <% end %> diff --git a/app/views/general/_frontpage_intro_sentence.rhtml b/app/views/general/_frontpage_intro_sentence.rhtml index 70b47ad06..74b849fc9 100644 --- a/app/views/general/_frontpage_intro_sentence.rhtml +++ b/app/views/general/_frontpage_intro_sentence.rhtml @@ -1,4 +1,4 @@ <h2> Your <strong>Right to Know</strong> </h2> -<p>Every citizen has the right to access information held by public authorities. <strong>By law, they have to respond</strong>. <a href="<%= help_about_url %>">Find out more about freedom of information.</a></p> +<p>Every citizen has the right to access information held by public authorities. <strong>By law, they have to respond</strong>. <a href="<%= help_about_path %>">Find out more about freedom of information.</a></p> diff --git a/app/views/general/_frontpage_new_request.rhtml b/app/views/general/_frontpage_new_request.rhtml index fd4225069..499b60eb5 100644 --- a/app/views/general/_frontpage_new_request.rhtml +++ b/app/views/general/_frontpage_new_request.rhtml @@ -4,4 +4,4 @@ Information<br/> request</strong>") %> </h1> -<a class="link_button_green_large" href="/select_authority"><%= _("Start now »") %></a> +<a class="link_button_green_large" href="<%= select_authority_path %>"><%= _("Start now »") %></a> diff --git a/app/views/general/_frontpage_requests_list.rhtml b/app/views/general/_frontpage_requests_list.rhtml index 3b0efb65e..fa498dfa7 100644 --- a/app/views/general/_frontpage_requests_list.rhtml +++ b/app/views/general/_frontpage_requests_list.rhtml @@ -19,17 +19,17 @@ :public_body_link => public_body_link(event.info_request.public_body)) %> <% end %> - <%=link_to h(event.info_request.title), request_url(event.info_request)%> + <%=link_to h(event.info_request.title), request_path(event.info_request)%> <%= _('{{length_of_time}} ago', :length_of_time => time_ago_in_words(event.described_at)) %> - <p class="excerpt" onclick="document.location.href='<%=request_url(event.info_request)%>'"><%= excerpt(event.search_text_main(true), "", 200) %></p> + <p class="excerpt" onclick="document.location.href='<%=request_path(event.info_request)%>'"><%= excerpt(event.search_text_main(true), "", 200) %></p> </li> <% end %> </ul> <p><strong> <% if @request_events_all_successful %> - <%=link_to _('More successful requests...'), request_list_successful_url %> + <%=link_to _('More successful requests...'), request_list_successful_path %> <% else %> - <%=link_to _('More requests...'), request_list_all_url %> + <%=link_to _('More requests...'), request_list_all_path %> <% end %> </strong></p> </div> diff --git a/app/views/general/_frontpage_search_box.rhtml b/app/views/general/_frontpage_search_box.rhtml index 6de4eae98..890602416 100644 --- a/app/views/general/_frontpage_search_box.rhtml +++ b/app/views/general/_frontpage_search_box.rhtml @@ -4,9 +4,9 @@ <strong>{{number_of_authorities}} authorities</strong>", :number_of_requests => InfoRequest.visible.count, :number_of_authorities => PublicBody.visible.count) %> </h2> -<form id="search_form" method="post" action="/search"> +<form id="search_form" method="post" action="<%= search_redirect_path %>"> <div> - <input id="query" type="text" size="30" name="query"> + <input id="query" type="text" size="30" name="query" title="type your search term here" > <input type="submit" value="<%= _('Search') %>"> </div> </form> diff --git a/app/views/general/_locale_switcher.rhtml b/app/views/general/_locale_switcher.rhtml index 2521b5eb5..d0040bb0d 100644 --- a/app/views/general/_locale_switcher.rhtml +++ b/app/views/general/_locale_switcher.rhtml @@ -5,7 +5,7 @@ <% if possible_locale == I18n.locale.to_s %> <a href="#" class="btn disabled"><%= locale_name(possible_locale) %></a> <% else %> - <a href="<%= locale_switcher(possible_locale, params) %>" class="btn"><%= locale_name(possible_locale) %></a> + <a href="<%= url_for params.merge(:locale => possible_locale) %>" class="btn"><%= locale_name(possible_locale) %></a> <% end %> <% end %> </div> diff --git a/app/views/general/_localised_datepicker.rhtml b/app/views/general/_localised_datepicker.rhtml index 5fdd63644..ec6593ea0 100644 --- a/app/views/general/_localised_datepicker.rhtml +++ b/app/views/general/_localised_datepicker.rhtml @@ -5,11 +5,11 @@ prevText: '<%= _("Prev") %>', nextText: '<%= _("Next") %>', currentText: '<%= _("Today") %>', - monthNames: <%= I18n.translate('date.month_names')[1..-1].to_json %>, - monthNamesShort: <%= I18n.translate('date.abbr_month_names')[1..-1].to_json %>, - dayNames: <%= I18n.translate('date.day_names').to_json %>, - dayNamesShort: <%= I18n.translate('date.abbr_day_names').to_json %>, - dayNamesMin: <%= I18n.translate('date.abbr_day_names').collect{|x| x[0..0]}.to_json %>, + monthNames: <%= raw I18n.translate('date.month_names')[1..-1].to_json %>, + monthNamesShort: <%= raw I18n.translate('date.abbr_month_names')[1..-1].to_json %>, + dayNames: <%= raw I18n.translate('date.day_names').to_json %>, + dayNamesShort: <%= raw I18n.translate('date.abbr_day_names').to_json %>, + dayNamesMin: <%= raw I18n.translate('date.abbr_day_names').collect{|x| x[0..0]}.to_json %>, weekHeader: '<%= _("Wk") %>', dateFormat: '<%= I18n.translate('date.formats.default').sub("%Y", "yy").sub("%m", "mm").sub("%d", "dd").gsub("-", "/") %>'} ); diff --git a/app/views/general/_orglink.rhtml b/app/views/general/_orglink.rhtml index fbe688d85..66002c021 100644 --- a/app/views/general/_orglink.rhtml +++ b/app/views/general/_orglink.rhtml @@ -1,2 +1,2 @@ <%# Put the link to your organisation here, or leave blank %> -<%= link_to image_tag('logo.png'), frontpage_url, :id=>'logo' %> +<%= link_to image_tag('logo.png'), frontpage_path, :id=>'logo' %> diff --git a/app/views/general/_topnav.rhtml b/app/views/general/_topnav.rhtml index 8ef928bba..c7f2cedea 100644 --- a/app/views/general/_topnav.rhtml +++ b/app/views/general/_topnav.rhtml @@ -1,10 +1,10 @@ <div id="topnav"> <ul id="navigation"> - <li class="<%= 'selected' if params[:controller] == 'general' and params[:action] != 'blog' and params[:action] != 'search' %>"><%= link_to _("Home"), frontpage_url %></li> - <li class="<%= 'selected' if params[:controller] == 'request' and ['new', 'select_authority'].include?(params[:action]) %>"><%= link_to _("Make a request"), select_authority_url, :id => 'make-request-link' %></li> - <li class="<%= 'selected' if params[:controller] == 'request' and !['new', 'select_authority'].include?(params[:action]) %>"><%= link_to _("View requests"), request_list_successful_url %></li> - <li class="<%= 'selected' if params[:controller] == 'public_body' %>"><%= link_to _("View authorities"), list_public_bodies_default %></li> - <li class="<%= 'selected' if params[:controller] == 'general' and params[:action] == 'blog' %>"><%= link_to _("Read blog"), blog_url %></li> - <li class="<%= 'selected' if params[:controller] == 'help' %>"><%= link_to _("Help"), help_about_url %></li> + <li class="<%= 'selected' if params[:controller] == 'general' and params[:action] != 'blog' and params[:action] != 'search' %>"><%= link_to _("Home"), frontpage_path %></li> + <li class="<%= 'selected' if params[:controller] == 'request' and ['new', 'select_authority'].include?(params[:action]) %>"><%= link_to _("Make a request"), select_authority_path, :id => 'make-request-link' %></li> + <li class="<%= 'selected' if params[:controller] == 'request' and !['new', 'select_authority'].include?(params[:action]) %>"><%= link_to _("View requests"), request_list_successful_path %></li> + <li class="<%= 'selected' if params[:controller] == 'public_body' %>"><%= link_to _("View authorities"), list_public_bodies_default_path %></li> + <li class="<%= 'selected' if params[:controller] == 'general' and params[:action] == 'blog' %>"><%= link_to _("Read blog"), blog_path %></li> + <li class="<%= 'selected' if params[:controller] == 'help' %>"><%= link_to _("Help"), help_about_path %></li> </ul> </div> diff --git a/app/views/general/blog.rhtml b/app/views/general/blog.rhtml index 5258e9bbd..d42b32282 100644 --- a/app/views/general/blog.rhtml +++ b/app/views/general/blog.rhtml @@ -5,7 +5,7 @@ <div class="act_link"> <h2><%= _("Stay up to date") %></h2> <img src="/images/twitter-16.png" alt="twitter icon" class="twitter-icon"> <a href="https://twitter.com/<%= @twitter_user %>"><%= _("Follow us on twitter") %></a><br/><br/> - <img src="/images/feed-16.png" alt="RSS icon" valign="middle"> <a href="<%= @feed_url %>"><%= _("Subscribe to blog") %></a> + <img src="/images/feed-16.png" alt="RSS icon"> <a href="<%= @feed_url %>"><%= _("Subscribe to blog") %></a> </div> <% if Configuration::twitter_widget_id %> <div id="twitter"> @@ -26,9 +26,9 @@ <p class="subtitle"><%= _("Posted on {{date}} by {{author}}", :date=>simple_date(Time.parse(item['pubDate'][0])), :author=>item['creator']) %></p> <div> <% if item['encoded'] %> - <%= item['encoded'] %> + <%= raw item['encoded'] %> <% elsif item['description'] %> - <%= item['description'] %> + <%= raw item['description'] %> <% end %> </div> <p><em> diff --git a/app/views/general/exception_caught.rhtml b/app/views/general/exception_caught.rhtml index 5f0dfe13d..f8fe4343b 100644 --- a/app/views/general/exception_caught.rhtml +++ b/app/views/general/exception_caught.rhtml @@ -7,8 +7,8 @@ <ul> <li><%= _("Check for mistakes if you typed or copied the address.")%></li> <li><%= _("Search the site to find what you were looking for.")%> - <% form_tag({:controller => "general", :action => "search_redirect"}, {:id => "search_form"}) do %> - <%= text_field_tag 'query', params[:query], { :size => 30 } %> + <% form_tag({:controller => "general", :action => "search_redirect"}, {:id => "search_form" }) do %> + <%= text_field_tag 'query', params[:query], { :size => 30, :title => "type your search term here" } %> <%= submit_tag _("Search") %> <% end %> </li> diff --git a/app/views/general/frontpage.rhtml b/app/views/general/frontpage.rhtml index acc7f4095..6eceb3b28 100644 --- a/app/views/general/frontpage.rhtml +++ b/app/views/general/frontpage.rhtml @@ -1,4 +1,4 @@ -<% view_cache :ttl => 5.minutes.to_i, :tag => I18n.locale do %> +<%# TODO: Cache for 5 minutes %> <div id="frontpage_splash"> <div id="left_column"> <%= render :partial => "frontpage_new_request" %> @@ -17,4 +17,3 @@ <%= render :partial => "frontpage_bodies_list" %> <%= render :partial => "frontpage_requests_list" %> </div> -<% end %> diff --git a/app/views/general/search.rhtml b/app/views/general/search.rhtml index a1f8c8f04..50f9f9286 100644 --- a/app/views/general/search.rhtml +++ b/app/views/general/search.rhtml @@ -37,13 +37,13 @@ <% else %> <% form_tag(request.url, {:method => "get", :id => "search_form"}) do %> <p> - <%= text_field_tag 'query', params[:query], { :size => 40 } %> + <%= text_field_tag 'query', params[:query], { :size => 40, :title => "type your search term here" } %> <%= hidden_field_tag 'sortby', @inputted_sortby %> <% if @bodies %> <%= hidden_field_tag 'bodies', 1 %> <% end %> <%= submit_tag _("Search") %> - <%= link_to(_("Advanced search"), advanced_search_url) %> + <%= link_to(_("Advanced search"), advanced_search_path) %> </p> <div id="common-subfilters"> @@ -56,7 +56,7 @@ ["all", _("everything")]]%> <% for variety, label in labels %> <% if @variety_postfix != variety %> - <%= link_to label, search_url([params[:query], variety, @sort_postfix]) %> + <%= link_to label, search_path([params[:query], variety, @sort_postfix]) %> <% else %> <%= label %> <% end %> @@ -122,9 +122,9 @@ <% if !@query.nil? %> <p id="search_controls"> - <%=link_to_unless @sortby == 'relevant', _("Show most relevant results first"), search_url([params[:query], @variety_postfix, 'relevant'], params) %> + <%=link_to_unless @sortby == 'relevant', _("Show most relevant results first"), search_path([params[:query], @variety_postfix, 'relevant'], params) %> | - <%=link_to_unless @sortby == 'newest', _("Newest results first"), search_url([params[:query], @variety_postfix, 'newest'], params) %> + <%=link_to_unless @sortby == 'newest', _("Newest results first"), search_path([params[:query], @variety_postfix, 'newest'], params) %> <% if @sortby == 'described' %> | <%= _('Recently described results first') %> <% end %> @@ -162,9 +162,9 @@ <%= will_paginate WillPaginate::Collection.new(@page, @bodies_per_page, @xapian_bodies.matches_estimated) %> <% elsif @bodies && !@query.nil? && @xapian_bodies.results.size == 0 && @page == 1 %> <% if @spelling_correction %> - <p id="did_you_mean"><%= _('Did you mean: {{correction}}', :correction => search_link(@spelling_correction, @postfix)) %></p> + <p id="did_you_mean"><%= _('Did you mean: {{correction}}', :correction => search_link(@spelling_correction)) %></p> <% end %> - <p><%= _('<a href="%s">Browse all</a> or <a href="%s">ask us to add one</a>.') % [list_public_bodies_default, help_requesting_path + '#missing_body'] %></p> + <p><%= raw(_('<a href="%s">Browse all</a> or <a href="%s">ask us to add one</a>.') % [list_public_bodies_default_url, help_requesting_path + '#missing_body']) %></p> <% end %> </div> diff --git a/app/views/help/_sidebar.rhtml b/app/views/help/_sidebar.rhtml index 783d35983..2b7ed5647 100644 --- a/app/views/help/_sidebar.rhtml +++ b/app/views/help/_sidebar.rhtml @@ -1,19 +1,19 @@ <div id="right_column_flip"> <h2>Help pages</h2> <ul class="no_bullets"> - <li><%= link_to_unless_current "Introduction", "/help/about" %></li> - <li><%= link_to_unless_current "Making requests", "/help/requesting" %></li> - <li><%= link_to_unless_current "Your privacy", "/help/privacy" %></li> - <li><%= link_to_unless_current "FOI officers", "/help/officers" %></li> - <li><%= link_to_unless_current "About the software", "/help/alaveteli" %></li> - <li><%= link_to_unless_current "Credits", "/help/credits" %></li> - <li><%= link_to_unless_current "Programmers API", "/help/api" %></li> - <li><%= link_to_unless_current "Advanced search", "/advancedsearch" %></li> + <li><%= link_to_unless_current "Introduction", help_about_path %></li> + <li><%= link_to_unless_current "Making requests", help_requesting_path %></li> + <li><%= link_to_unless_current "Your privacy", help_privacy_path %></li> + <li><%= link_to_unless_current "FOI officers", help_officers_path %></li> + <li><%= link_to_unless_current "About the software", help_alaveteli_path %></li> + <li><%= link_to_unless_current "Credits", help_credits_path %></li> + <li><%= link_to_unless_current "Programmers API", help_api_path %></li> + <li><%= link_to_unless_current "Advanced search", advanced_search_path %></li> </ul> <h2 id="contact">Contact us</h2> <p>If your question isn't answered here, or you just wanted to let us know - something about the site, <a href="/help/contact">contact us</a>. + something about the site, <a href="<%= help_contact_path %>">contact us</a>. </p> </div> diff --git a/app/views/help/about.rhtml b/app/views/help/about.rhtml index 9f75cac8b..477f0e750 100644 --- a/app/views/help/about.rhtml +++ b/app/views/help/about.rhtml @@ -41,13 +41,13 @@ </dd> <dt id="updates">How can I keep up with news about WhatDoTheyKnow?<a href="#updates">#</a> </dt> - <dd>We have a <a href="/blog">blog</a> and a <a href="https://twitter.com/whatdotheyknow">twitter feed</a>. + <dd>We have a <a href="<%= blog_path %>">blog</a> and a <a href="https://twitter.com/whatdotheyknow">twitter feed</a>. </dd> </dl> - <p><strong>Next</strong>, read about <a href="/help/requesting">making requests</a> --> + <p><strong>Next</strong>, read about <a href="<%= help_requesting_path %>">making requests</a> --> <div id="hash_link_padding"></div> </div> diff --git a/app/views/help/api.rhtml b/app/views/help/api.rhtml index facddce41..57390d65a 100644 --- a/app/views/help/api.rhtml +++ b/app/views/help/api.rhtml @@ -19,7 +19,7 @@ <dt>Linking to new requests</dt> <dd> <p>To encourage your users to make links to a particular public authority, use URLs of the form - <%= link_to new_request_to_body_url(:url_name => "liverpool_city_council") , new_request_to_body_url(:url_name => "liverpool_city_council") %>. + <%= link_to new_request_to_body_path(:url_name => "liverpool_city_council") , new_request_to_body_path(:url_name => "liverpool_city_council") %>. These are the parameters you can add to those URLs, either in the URL or from a form. <ul> @@ -30,20 +30,20 @@ </ul> </dd> - <dt>RSS (actually, Atom) feeds</h2> + <dt>RSS (actually, Atom) feeds</dt> <dd> <p>There are Atom feeds on most pages which list FOI requests, which you can use to get updates and links in XML format. Find the URL of the Atom feed in - one of these ways: + one of these ways: <ul> <li>Look for the <img src="/images/feed-16.png" alt=""> RSS feed links.</li> - <li>Examine the <tt><link rel="alternate" type="application/atom+xml"></tt> tag in the head of the HTML. </li> - <li>Add <tt>/feed</tt> to the start of another URL. + <li>Examine the <code><link rel="alternate" type="application/atom+xml"></code> tag in the head of the HTML. </li> + <li>Add <code>/feed</code> to the start of another URL. </ul> <p>In particular, even complicated search queries have Atom feeds. You can do all sorts of things with them, such as query by authority, by file - type, by date range, or by status. See the <a href="/search">advanced search + type, by date range, or by status. See the <a href="<%= advanced_search_path %>">advanced search tips</a> for details. </dd> @@ -53,8 +53,8 @@ objects in a structured form. Find them by: </p> <ul> - <li>Adding <tt>.json</tt> to the end of the URL. </li> - <li>Look for the <tt><link rel="alternate" type="application/json"></tt> tag in the head of the HTML. </li> + <li>Adding <code>.json</code> to the end of the URL. </li> + <li>Look for the <code><link rel="alternate" type="application/json"></code> tag in the head of the HTML. </li> </ul> <p>Requests, users and authorities all have JSON versions containing basic @@ -62,18 +62,18 @@ information about the list of events in the feed. </p> </dd> - + <dt>Spreadsheet of all authorities</dt> <dd> <p> A spreadsheet file listing every body in WhatDoTheyKnow is available: - <%= link_to "all-authorities.csv", all_public_bodies_csv_url() %> + <%= link_to "all-authorities.csv", all_public_bodies_csv_path %> </p> </dd> </dl> - <p>Please <a href="/help/contact">contact us</a> if you need an API feature that isn't there yet. It's + <p>Please <a href="<%= help_contact_path %>">contact us</a> if you need an API feature that isn't there yet. It's very much a work in progress, and we do add things when people ask us to.</p> <div id="hash_link_padding"></div> diff --git a/app/views/help/contact.rhtml b/app/views/help/contact.rhtml index 37df68f49..b1b5d4f24 100644 --- a/app/views/help/contact.rhtml +++ b/app/views/help/contact.rhtml @@ -9,13 +9,13 @@ <% if !flash[:notice] %> <h2>Contact an authority to get official information</h2> <ul> - <li><a href="/new">Go here</a> to make a request, in public, for information + <li><a href="<%= new_request_path %>">Go here</a> to make a request, in public, for information from public authorities.</li> <li> Asking for private information about yourself? Please read our - <a href="/help/requesting#data_protection">help page</a>. + <a href="<%= help_requesting_path(:anchor => 'data_protection') %>">help page</a>. </li> </ul> @@ -25,10 +25,10 @@ <% if !flash[:notice] %> <ul> <li> - Please read the <a href="/help/about">help page</a> first, as it may - answer your question quicker. + Please read the <a href="<%= help_about_path %>">help page</a> first, as it may + answer your question quicker. </li> - + <li>We'd love to hear how you've found using this site. Either fill in this form, or send an email to <a href="mailto:<%=@contact_email%>"><%=@contact_email%></a> @@ -46,7 +46,7 @@ <p> <label class="form_label" for="contact_name">Your name:</label> <%= f.text_field :name, :size => 20 %> - (or <%= link_to "sign in", signin_url(:r => request.request_uri) %>) + (or <%= link_to "sign in", signin_path(:r => request.request_uri) %>) </p> <p> @@ -56,25 +56,25 @@ <% end %> <p> - <label class="form_label" for="contact_subject">Subject:</label> + <label class="form_label" for="contact_subject">Subject:</label> <%= f.text_field :subject, :size => 50 %> </p> <p> - <label class="form_label" for="contact_message">Message to website:</label> + <label class="form_label" for="contact_message">Message to website:</label> <%= f.text_area :message, :rows => 10, :cols => 60 %> </p> <% if !@last_request.nil? %> <p> - <label class="form_label" for="contact_message">Include link to request:</label> + <label class="form_label" for="contact_message">Include link to request:</label> <%=request_link(@last_request) %> <%= submit_tag "remove", :name => 'remove' %> </p> <% end %> <% if !@last_body.nil? %> <p> - <label class="form_label" for="contact_message">Include link to authority:</label> + <label class="form_label" for="contact_message">Include link to authority:</label> <%=public_body_link(@last_body) %> <%= submit_tag "remove", :name => 'remove' %> </p> diff --git a/app/views/help/officers.rhtml b/app/views/help/officers.rhtml index 3defec62f..6db706f78 100644 --- a/app/views/help/officers.rhtml +++ b/app/views/help/officers.rhtml @@ -19,13 +19,13 @@ </p> <p>If you have privacy or other concerns, please read the answers below. You might also like to read the <a - href="/help/about">introduction to WhatDoTheyKnow</a> to find out more about what + href="<%= help_about_path %>">introduction to WhatDoTheyKnow</a> to find out more about what the site does from the point of view of a user. You can also search the site to find the authority that you work for, and view the status of any requests made using the site. <p>Finally, we welcome comments and - thoughts from FOI officers, please <a href="/help/contact">get in touch</a>. + thoughts from FOI officers, please <a href="<%= help_contact_path %>">get in touch</a>. </p> </dd> @@ -75,13 +75,13 @@ the authority by email. Any delivery failure messages will automatically appear on the site. You can check the address we're using with the "View FOI email address" link which appears on the page for the authority. <a - href="/help/contact">Contact us</a> if there is a better address we can + href="<%= help_contact_path %>">Contact us</a> if there is a better address we can use.</p> <p>Requests are sometimes not delivered because they are quietly removed by "spam filters" in the IT department of the authority. Authorities can make - sure this doesn't happen by asking their IT departments to "whitelist" + sure this doesn't happen by asking their IT departments to "whitelist" any email from <strong>@whatdotheyknow.com</strong>. - If you <a href="/help/contact">ask us</a> we will resend any request, + If you <a href="<%= help_contact_path %>">ask us</a> we will resend any request, and/or give technical details of delivery so an IT department can chase up what happened to the message. </p> @@ -159,7 +159,7 @@ </li> </ul> - <p>If you're getting really nerdy about all this, read the <a href="http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/timeforcompliance.pdf">detailed ICO guidance</a>. + <p>If you're getting really nerdy about all this, read the <a href="http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/timeforcompliance.pdf">detailed ICO guidance</a>. Meanwhile, remember that the law says authorities must respond <strong>promptly</strong>. That's really what matters.</p> @@ -173,14 +173,14 @@ extension when applying a <strong>public interest test</strong>. Information Commissioner guidance says that it should only be used in "exceptionally complex" cases - (<a href="http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/foi_good_practice_guidance_4.pdf">FOI Good Practice Guidance No. 4</a>). + (<a href="http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/foi_good_practice_guidance_4.pdf">FOI Good Practice Guidance No. 4</a>). WhatDoTheyKnow doesn't specifically handle this case, which is why we use the phrase "should normally have responded by" when the 20 working day time is - exceeded. + exceeded. </p> <p>The same guidance says that, even in exceptionally complex cases, no - Freedom of Information request should take more than <strong>40 working days</strong> + Freedom of Information request should take more than <strong>40 working days</strong> to answer. WhatDoTheyKnow displays requests which are overdue by that much with stronger wording to indicate they are definitely late. </p> @@ -191,7 +191,7 @@ of 40 working days even with the extension (the House of Lords <a href="http://www.publicwhip.org.uk/division.php?date=2000-10-17&number=1&house=lords">voted to remove</a> provision for such a time limit during the initial passage - of the UK Act through Parliament). + of the UK Act through Parliament). </p> </dd> @@ -199,7 +199,7 @@ <dd>Instead of email, you can respond to a request directly from your web browser, including uploading a file. To do this, choose "respond to request" at - the bottom of the request's page. <a href="/help/contact">Contact us</a> if it + the bottom of the request's page. <a href="<%= help_contact_path %>">Contact us</a> if it is too big for even that (more than, say, 50Mb). </dd> @@ -207,39 +207,36 @@ <dd>We consider what officers or servants do in the course of their employment to be public information. We will only remove content in exceptional - circumstances, see our <a href="/help/privacy#takedown">take down policy</a>. + circumstances, see our <a href="<%= help_privacy_path(:anchor => 'takedown') %>">take down policy</a>. </dd> <dt id="mobiles">Do you publish email addresses or mobile phone numbers? <a href="#mobiles">#</a> </dt> <dd><p>To prevent spam, we automatically remove most emails and some mobile numbers from - responses to requests. Please <a href="/help/contact">contact us</a> if we've - missed one. + responses to requests. Please <a href="<%= help_contact_path %>">contact us</a> if we've + missed one. For technical reasons we don't always remove them from attachments, such as certain PDFs.</p> <p>If you need to know what an address was that we've removed, please <a - href="/help/contact">get in touch with us</a>. Occasionally, an email address + href="<%= help_contact_path %>">get in touch with us</a>. Occasionally, an email address forms an important part of a response and we will post it up in an obscured form in an annotation. </dd> - <dt id="copyright"><a name="commercial"></a>What is your policy on copyright of documents?<a href="#copyright">#</a> </dt> + <dt id="copyright"><a id="commercial"></a>What is your policy on copyright of documents?<a href="#copyright">#</a> </dt> <dd>Our Freedom of Information law is "applicant blind", so anyone in the - world can request the same document and get a copy of it. + world can request the same document and get a copy of it. If you think our making a document available on the internet infringes your - copyright, you may <a href="/help/contact">contact us</a> and ask us + copyright, you may <a href="<%= help_contact_path %>">contact us</a> and ask us to take it down. However, to save tax payers' money by preventing duplicate requests, and for good public relations, we'd advise you not to do that. </dd> </dl> - - </dl> - - <p><strong>If you haven't already</strong>, read <a href="/help/about">the introduction</a> --> - <br><strong>Otherwise</strong>, the <a href="/help/credits">credits</a> or the <a href="/help/api">programmers API</a> --> + <p><strong>If you haven't already</strong>, read <a href="<%= help_about_path %>">the introduction</a> --> + <br><strong>Otherwise</strong>, the <a href="<%= help_credits_path %>">credits</a> or the <a href="<%= help_api_path %>">programmers API</a> --> <div id="hash_link_padding"></div> </div> diff --git a/app/views/help/privacy.rhtml b/app/views/help/privacy.rhtml index bec0c8c23..8e5293892 100644 --- a/app/views/help/privacy.rhtml +++ b/app/views/help/privacy.rhtml @@ -10,7 +10,7 @@ <dd><p>We will not disclose your email address to anyone unless we are obliged to by law, or you ask us to. This includes the public authority that you are sending a - request to. They only get to see an email address + request to. They only get to see an email address @whatdotheyknow.com which is specific to that request. </p> <p>If you send a message to another user on the site, then it will reveal your email address to them. You will be told that this is going to happen.</p> @@ -35,7 +35,7 @@ Your name is tangled up with your request, so has to be published as well. It is only fair, as we're going to publish the name of the civil servant who writes the response to your request. Using your real name also helps people - get in touch with you to assist you with your research or to campaign with you. + get in touch with you to assist you with your research or to campaign with you. </p> <p>By law, you must use your real name for the request to be a valid Freedom of Information request. See the next question for alternatives if you do not want @@ -66,16 +66,16 @@ Information Commissioner later about the handling of your request. <ul> <li>Use a different form of your name. The guidance says that "Mr Arthur Thomas Roberts" can make a valid request as "Arthur Roberts", -"A. T. Roberts", or "Mr Roberts", but <strong>not</strong> as "Arthur" or "A.T.R.". +"A. T. Roberts", or "Mr Roberts", but <strong>not</strong> as "Arthur" or "A.T.R.". </li> <li>Women may use their maiden name.</li> <li>In most cases, you may use any name by which you are "widely known and/or is regularly used". <li>Use the name of an organisation, the name of a company, the trading name of a company, or the trading name of a sole trader. -<li>Ask someone else to make the request on your behalf. +<li>Ask someone else to make the request on your behalf. <li>You may, if you are really stuck, ask us to make the request on -your behalf. Please <a href="/help/contact">contact us</a> with +your behalf. Please <a href="<%= help_contact_path %>">contact us</a> with a good reason why you cannot make the request yourself and cannot ask a friend to. We don't have the resources to do this for everyone. </ul> @@ -88,19 +88,19 @@ ask a friend to. We don't have the resources to do this for everyone. <dd> <p>If a public authority asks you for your full, physical address, reply to them saying -that section 8.1.b of the FOI Act asks for an "address for correspondence", -and that the email address you are using is sufficient. +that section 8.1.b of the FOI Act asks for an "address for correspondence", +and that the email address you are using is sufficient. </p> <p> The Ministry of Justice has <a href="http://www.justice.gov.uk/guidance/foi-procedural-what.htm">guidance on this</a> – <em>"As well as hard copy written correspondence, requests that are -transmitted electronically (for example, in emails) are acceptable +transmitted electronically (for example, in emails) are acceptable ... If a request is received by email and no postal address is given, the email address should be treated as the return address." </em> </p> -<p>As if that isn't enough, the Information Commissioner's +<p>As if that isn't enough, the Information Commissioner's <a href="http://www.ico.gov.uk/upload/documents/library/freedom_of_information/practical_application/foi_hints_for_practitioners_handing_foi_and_eir_requests_2008_final.pdf">Hints for Practitioners</a> say <em>"Any correspondence could include a request for information. If it is written (this includes e-mail), legible, gives the name of the applicant, an address for reply (which could be electronic), and includes a description of the information required, then it will fall within the scope of the legislation."</em> </p> @@ -141,10 +141,10 @@ see the section on <a href="#real_name">pseudonyms</a>.</p> <dt id="takedown">Can you take down personal information about me? <a href="#takedown">#</a> </dt> -<dd> +<dd> <p>If you see any personal information about you on the site which you'd like -us to remove or hide, then please <a href="/help/contact">let us know</a>. +us to remove or hide, then please <a href="<%= help_contact_path %>">let us know</a>. Specify exactly what information you believe to be problematic and why, and where it appears on the site.</p> @@ -165,8 +165,8 @@ which outweighs the public interest, and must demonstrate that efforts have been made to conceal the name on the organisation's own website.</p> <p>For all other requests we apply a public interest test to decide -whether information should be removed. -<a href="http://www.statutelaw.gov.uk/content.aspx?ActiveTextDocId=3190650"> Section 32</a> +whether information should be removed. +<a href="http://www.statutelaw.gov.uk/content.aspx?ActiveTextDocId=3190650"> Section 32</a> of the Data Protection Act 1998 permits us to do this, as the material we publish is journalistic. We cannot easily edit many types of attachments (such as PDFs, or Microsoft Word or Excel files), so we will usually ask @@ -177,7 +177,7 @@ that authorities resend these with the personal information removed.</p> </dl> -<p><strong>Learn more</strong> from the help for <a href="/help/officers">FOI officers</a> --> +<p><strong>Learn more</strong> from the help for <a href="<%= help_officers_path %>">FOI officers</a> --> <div id="hash_link_padding"></div> </div> diff --git a/app/views/help/requesting.rhtml b/app/views/help/requesting.rhtml index af8f2e45d..e7cfdd199 100644 --- a/app/views/help/requesting.rhtml +++ b/app/views/help/requesting.rhtml @@ -20,7 +20,7 @@ <li>Don't worry excessively about getting the right authority. If you get it wrong, they ought to advise you who to make the request to instead. </li> - <li>If you've got a thorny case, please <a href="/help/contact">contact us</a> for help.</li> + <li>If you've got a thorny case, please <a href="<%= help_contact_path %>">contact us</a> for help.</li> </ul> </dd> @@ -30,7 +30,7 @@ <dt id="missing_body">You're missing the public authority that I want to request from! <a href="#missing_body">#</a> </dt> <dd> - <p>Please <a href="/help/contact">contact us</a> with the name of the public authority and, + <p>Please <a href="<%= help_contact_path %>">contact us</a> with the name of the public authority and, if you can find it, their contact email address for Freedom of Information requests. </p> <p>If you'd like to help add a whole category of public authority to the site, we'd love @@ -47,11 +47,11 @@ <ul> <li> Those formally subject to the FOI Act</li> - <li> Those formally subject to the Environmental Regulations (a less well + <li> Those formally subject to the Environmental Regulations (a less well defined group)</li> <li> Those which voluntarily comply with the FOI Act</li> <li> Those which aren't subject to the Act but we think should be, on grounds - such as them having significant public responsibilities. + such as them having significant public responsibilities. </li> </ul> @@ -132,7 +132,7 @@ <p>Even if they are not prompt, in nearly all cases they must respond within 20 working days. If you had to clarify your request, or they are a school, or one or two other cases, then they may have more time - (<a href="/help/officers#days">full details</a>). + (<a href="<%= help_officers_path(:anchor => 'days') %>">full details</a>). <p>WhatDoTheyKnow will email you if you don't get a timely response. You can then send the public authority a message to remind them, and tell them if they @@ -158,24 +158,24 @@ checking that they received the request. It was sent to them by email. </li> <li>If they have not received it, the problem is most likely due to - "spam filters". Refer the authority to the measures in the answer - '<a href="/help/officers#spam_problems">I can see a request on WhatDoTheyKnow, but we never got it by email!</a>' - in the FOI officers section of this help. + "spam filters". Refer the authority to the measures in the answer + '<a href="<%= help_officers_path(:anchor => 'spam_problems') %>">I can see a request on WhatDoTheyKnow, but we never got it by email!</a>' + in the FOI officers section of this help. </li> <li>If you're still having no luck, then you can ask for an internal review, and then complain to the Information Commissioner about the authority. - Read our page '<a href="/help/unhappy">Unhappy about the response you got?</a>'. + Read our page '<a href="<%= help_general_path(:action => 'unhappy') %>">Unhappy about the response you got?</a>'. </ul> </dd> <dt id="not_satifised">What if I'm not satisfied with the response? <a href="#not_satifised">#</a> </dt> <dd>If you didn't get the information you asked for, or you didn't get it in time, - then read our page '<a href="/help/unhappy">Unhappy about the response you got?</a>'. + then read our page '<a href="<%= help_general_path(:action => 'unhappy') %>">Unhappy about the response you got?</a>'. </dd> <dt id="reuse">It says I can't re-use the information I got!<a href="#reuse">#</a> </dt> <dd> - <p>Authorities often add legal boilerplate about the + <p>Authorities often add legal boilerplate about the "<a href="http://www.opsi.gov.uk/si/si2005/20051515">Re-Use of Public Sector Information Regulations 2005</a>", which at first glance implies you may not be able do anything with the information. @@ -184,7 +184,7 @@ <p>You can, of course, write articles about the information or summarise it, or quote parts of it. We also think you should feel free to republish the information in full, just as we do, even though in theory you might not be - allowed to do so. See <a href="/help/officers#copyright">our policy on copyright</a>.</p> + allowed to do so. See <a href="<%= help_officers_path(:anchor => 'copyright') %>">our policy on copyright</a>.</p> </dd> @@ -199,7 +199,7 @@ the process is very similar. There are differences around time limits for compliance. See the <a href="http://www.itspublicknowledge.info/nmsruntime/saveasdialog.asp?lID=1858&sID=321">Scottish - Information Commissioner's guidance</a> for details.</p> + Information Commissioner's guidance</a> for details.</p> </dd> <dt id="data_protection">Can I request information about myself? <a href="#data_protection">#</a> </dt> @@ -216,7 +216,7 @@ website) explains how to do this.</p> <p>If you see that somebody has included personal information, perhaps - unwittingly, in a request, please <a href="/help/contact">contact us</a> + unwittingly, in a request, please <a href="<%= help_contact_path %>">contact us</a> immediately so we can remove it.</p> </dd> @@ -228,7 +228,7 @@ to read. </p> <p>You should contact the public authority directly if you would like to make a request in private. If you're interested in buying a system which helps - you manage FOI requests in secret, then <a href="/help/contact">contact us</a>. + you manage FOI requests in secret, then <a href="<%= help_contact_path %>">contact us</a>. </p> </dd> @@ -237,7 +237,7 @@ <dd> <p>Some public authorities, such as <a href="http://www.whatdotheyknow.com/body/south_east_water">South East Water</a>, don't come under the Freedom of Information Act, but do come under another law called - the Environmental Information Regulations (EIR). + the Environmental Information Regulations (EIR). </p> <p>It's a very similar law, so you make a request @@ -250,7 +250,7 @@ <p>You can, of course, request environmental information from other authorities. Just make a Freedom of Information (FOI) request as normal. The authority has a duty to work out if the Environmental Information Regulations - (EIR) is the more appropriate legislation to reply under. + (EIR) is the more appropriate legislation to reply under. </p> </dd> @@ -275,7 +275,7 @@ <dt id="moderation">How do you moderate request annotations? <a href="#moderation">#</a> </dt> - <dd> + <dd> <p>Annotations on WhatDoTheyKnow are to help people get the information they want, or to give them pointers to places they can go to help them act on it. We reserve the right to remove anything else. @@ -286,7 +286,7 @@ </dl> - <p><strong>Next</strong>, read about <a href="/help/privacy">your privacy</a> --> + <p><strong>Next</strong>, read about <a href="<%= help_privacy_path %>">your privacy</a> --> <div id="hash_link_padding"></div> </div> diff --git a/app/views/help/unhappy.rhtml b/app/views/help/unhappy.rhtml index 4f3c67b9e..79e3f8273 100644 --- a/app/views/help/unhappy.rhtml +++ b/app/views/help/unhappy.rhtml @@ -2,7 +2,7 @@ <% if !@info_request.nil? %> -<h1>Unhappy about the response you got +<h1>Unhappy about the response you got to your request '<%=request_link(@info_request) %>'? </h1> <% else %> @@ -29,7 +29,7 @@ to your request '<%=request_link(@info_request) %>'? <p> <% if !@info_request.nil? %> - <%= link_to "Request an internal review", show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup", :class => 'link_button_green' %> and then write a message asking the authority to review your request. + <%= link_to "Request an internal review", show_response_no_followup_path(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup", :class => 'link_button_green' %> and then write a message asking the authority to review your request. <% else %> At the bottom of the relevant request page on <%= site_name %> choose "request an internal review". Then write a message asking for an internal @@ -58,11 +58,11 @@ authority, then <a href="http://www.itspublicknowledge.info/YourRights/HowToApp to the Scottish Information Commissioner</a>. </p> -<p>To make it easier to send the relevant information to the +<p>To make it easier to send the relevant information to the Information Commissioner, either <% if !@info_request.nil? %> - include a link to your request - <strong><%=h main_url(request_url(@info_request)) %></strong> + include a link to your request + <strong><%=h request_url(@info_request) %></strong> <% else %> include a link to your request on <%= site_name %> <% end %> @@ -86,8 +86,8 @@ get the information by <strong>other means...</strong></p> <ul> <li>Make a <strong>new FOI request</strong> for summary information, or for -documentation relating indirectly to matters in your refused request. -<a href="/help/contact">Ask us for ideas</a> if you're stuck.</li> +documentation relating indirectly to matters in your refused request. +<a href="<%= help_contact_path %>">Ask us for ideas</a> if you're stuck.</li> <li>If any <strong>other public authorities</strong> or publicly owned companies are involved, then make FOI requests to them.</li> <li>Write to <strong>your MP</strong> or other politician using <a @@ -95,13 +95,13 @@ href="http://www.writetothem.com">WriteToThem</a> and ask for their help finding the answer. MPs can write directly to ministers or departments, and can ask written questions in the House of Commons. Councillors in local authorities can talk directly to council officers.</li> -<li>Ask <strong>other researchers</strong> who are interested in a similar +<li>Ask <strong>other researchers</strong> who are interested in a similar issue to yours for ideas. You can sometimes find them by browsing this site; contact any registered user from their page. There may be an Internet forum or group that they hang out in. If it is a local matter, use <a -href="http://www.groupsnearyou.com">GroupsNearYou</a> to find such a +href="http://www.groupsnearyou.com">GroupsNearYou</a> to find such a forum.</li> -<li><strong>Start a pledge</strong> on <a href="http://www.pledgebank.com">PledgeBank</a> to get +<li><strong>Start a pledge</strong> on <a href="http://www.pledgebank.com">PledgeBank</a> to get others to act together with you. For example, you could arrange a meeting with staff from the authority. Or you could form a small local campaigns group. </ul> diff --git a/app/views/layouts/admin.rhtml b/app/views/layouts/admin.rhtml index d85eecbf2..a58913892 100644 --- a/app/views/layouts/admin.rhtml +++ b/app/views/layouts/admin.rhtml @@ -1,39 +1,38 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> +<!DOCTYPE html> <html lang="en-gb"> <head> <meta http-equiv="content-type" content="text/html;charset=UTF-8" > <title><%= site_name %> admin<%= @title ? ":" : "" %> <%=@title%></title> - - <%= javascript_include_tag 'jquery.js', 'jquery-ui.min' %> + <%= javascript_include_tag '/javascripts/jquery.js', '/admin/javascripts/jquery-ui.min.js', '/admin/javascripts/bootstrap-collapse', '/admin/javascripts/bootstrap-tab', '/admin/javascripts/admin' %> <%= stylesheet_link_tag 'admin-theme/jquery-ui-1.8.15.custom.css', :rel => 'stylesheet'%> - <%= stylesheet_link_tag 'admin', :title => "Main", :rel => "stylesheet" %> + <%= stylesheet_link_tag "/admin/stylesheets/admin", :title => "Main", :rel => "stylesheet" %> + </head> <body class="admin"> + <div id="main" class="container"> + <%= render :partial => 'admin_general/admin_navbar' %> + <% if flash[:error] %> + <div class="row"> + <div class="span12"> + <div class="alert alert-error"> + <%= flash[:error] %> + </div> + </div> + </div> + <% end %> - <p> - <strong><%= link_to 'Alaveteli', main_url('/') %> admin:</strong> - <%= link_to 'Summary', admin_url("") %> - | <%= link_to 'Timeline', admin_url("timeline") %> - | <%= link_to 'Stats', admin_url("stats") %> - | <%= link_to 'Debug', admin_url("debug") %> - <strong>View:</strong> - <%= link_to 'Authorities', admin_url("body/list") %> - | <%= link_to 'Requests', admin_url("request/list") %> - | <%= link_to 'Users', admin_url("user/list") %> - | <%= link_to 'Tracks', admin_url("track/list") %> - </p> - <%= render :partial => 'general/locale_switcher' %> - - <% if flash[:error] %> - <p id="error"><%= flash[:error] %></p> - <% end %> - - <% if flash[:notice] %> - <p id="notice"><%= flash[:notice] %></p> - <% end %> + <% if flash[:notice] %> + <div class="row"> + <div class="span12"> + <div class="alert alert-info"> + <%= flash[:notice] %> + </div> + </div> + </div> + <% end %> - <%= yield %> - + <%= yield %> + </div> </body> </html> diff --git a/app/views/layouts/contact_mailer.rhtml b/app/views/layouts/contact_mailer.rhtml index 5b8b44402..3cdc75009 100644 --- a/app/views/layouts/contact_mailer.rhtml +++ b/app/views/layouts/contact_mailer.rhtml @@ -1 +1 @@ -<%= MySociety::Format.wrap_email_body_by_paragraphs(yield) %> +<%= raw MySociety::Format.wrap_email_body_by_paragraphs(yield) %> diff --git a/app/views/layouts/default.rhtml b/app/views/layouts/default.rhtml index 29ff209b9..a66b85e02 100644 --- a/app/views/layouts/default.rhtml +++ b/app/views/layouts/default.rhtml @@ -1,6 +1,7 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> +<!DOCTYPE html> <html lang="<%= I18n.locale %>"> <head> + <meta charset="utf-8"> <title> <% if @title %> <%=@title%> - <%= site_name %> @@ -12,8 +13,8 @@ <link rel="shortcut icon" href="/favicon.ico"> <%= render :partial => 'general/stylesheet_includes' %> - <% if session[:using_admin] %> - <%= stylesheet_link_tag "/adminbootstraptheme/stylesheets/admin", :title => "Main", :rel => "stylesheet" %> + <% if is_admin? %> + <%= stylesheet_link_tag "/admin/stylesheets/admin", :title => "Main", :rel => "stylesheet" %> <% end %> <%= javascript_include_tag 'jquery.js', 'jquery-ui.min','jquery.cookie.js', 'general.js' %> @@ -32,7 +33,7 @@ <% end %> <% end %> <% if @has_json %> - <link rel="alternate" type="application/json" title="JSON version of this page" href="<%=h main_url(request.request_uri, '.json') %>"> + <link rel="alternate" type="application/json" title="JSON version of this page" href="<%=h url_for(request.query_parameters.merge(:format => 'json')) %>"> <% end %> <% if @no_crawl %> @@ -63,15 +64,15 @@ </script> <% end %> -<% if session[:using_admin] %> +<% if is_admin? %> <%= render :partial => 'admin_general/admin_navbar' %> <% end %> <% if !@popup_banner.blank? %> <div id="everypage" class="jshide"> - <p style="float:right"><a href="#top" onclick="$.cookie('seen_foi2', 1, { expires: 7, path: '/' }); $('#everypage').hide('slow'); return false;"><%= _('Close') %></a></p> + <p class="popup-close"><a href="#top" onclick="$.cookie('seen_foi2', 1, { expires: 7, path: '/' }); $('#everypage').hide('slow'); return false;"><%= _('Close') %></a></p> <%= @popup_banner %> - <p style="text-align: right"><a href="#top" onclick="$.cookie('seen_foi2', 1, { expires: 7, path: '/' }); $('#everypage').hide('slow'); return false;"><%= _('Close') %></a></p> + <p class="popup-close"><a href="#top" onclick="$.cookie('seen_foi2', 1, { expires: 7, path: '/' }); $('#everypage').hide('slow'); return false;"><%= _('Close') %></a></p> </div> <% end %> @@ -92,17 +93,17 @@ <% end %> - <%= link_to _("Sign out"), signout_url(:r => request.request_uri) %> + <%= link_to _("Sign out"), signout_path(:r => request.request_uri) %> <% else %> - <%= link_to _("Sign in or sign up"), signin_url(:r => request.request_uri) %> + <%= link_to _("Sign in or sign up"), signin_path(:r => request.request_uri) %> <% end %> </div> <% end %> <div id="navigation_search"> - <form id="navigation_search_form" method="post" action="/search"> + <form id="navigation_search_form" method="post" action="<%= search_redirect_path %>"> <p> - <%= text_field_tag 'query', params[:query], { :size => 40, :id => "navigation_search_query" } %> + <%= text_field_tag 'query', params[:query], { :size => 40, :id => "navigation_search_query", :title => "type your search term here" } %> <input id="navigation_search_button" type="submit" value="search"> </p> </form> diff --git a/app/views/layouts/no_chrome.rhtml b/app/views/layouts/no_chrome.rhtml index 74c79b701..120ba6f28 100644 --- a/app/views/layouts/no_chrome.rhtml +++ b/app/views/layouts/no_chrome.rhtml @@ -1,6 +1,7 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> +<!DOCTYPE html> <html lang="<%= I18n.locale %>"> <head> + <meta charset="utf-8"> <title> <% if @title %> <%=@title%> - <%= site_name %> diff --git a/app/views/layouts/outgoing_mailer.rhtml b/app/views/layouts/outgoing_mailer.rhtml index dbb18483f..8bf8ef216 100644 --- a/app/views/layouts/outgoing_mailer.rhtml +++ b/app/views/layouts/outgoing_mailer.rhtml @@ -1 +1 @@ -<%= MySociety::Format.wrap_email_body_by_lines(yield) %> +<%= raw MySociety::Format.wrap_email_body_by_lines(yield) %> diff --git a/app/views/layouts/request_mailer.rhtml b/app/views/layouts/request_mailer.rhtml index 5b8b44402..3cdc75009 100644 --- a/app/views/layouts/request_mailer.rhtml +++ b/app/views/layouts/request_mailer.rhtml @@ -1 +1 @@ -<%= MySociety::Format.wrap_email_body_by_paragraphs(yield) %> +<%= raw MySociety::Format.wrap_email_body_by_paragraphs(yield) %> diff --git a/app/views/layouts/user_mailer.rhtml b/app/views/layouts/user_mailer.rhtml index 5b8b44402..3cdc75009 100644 --- a/app/views/layouts/user_mailer.rhtml +++ b/app/views/layouts/user_mailer.rhtml @@ -1 +1 @@ -<%= MySociety::Format.wrap_email_body_by_paragraphs(yield) %> +<%= raw MySociety::Format.wrap_email_body_by_paragraphs(yield) %> diff --git a/app/views/outgoing_mailer/followup.rhtml b/app/views/outgoing_mailer/followup.rhtml index 7050a295b..049ebc881 100644 --- a/app/views/outgoing_mailer/followup.rhtml +++ b/app/views/outgoing_mailer/followup.rhtml @@ -1,6 +1,6 @@ -<%= @outgoing_message.body.strip %> +<%= raw @outgoing_message.body.strip %> -<%= @outgoing_message.quoted_part_to_append_to_email.strip %> +<%= raw @outgoing_message.quoted_part_to_append_to_email.strip %> ------------------------------------------------------------------- <%= _('Please use this email address for all replies to this request:')%> diff --git a/app/views/outgoing_mailer/initial_request.rhtml b/app/views/outgoing_mailer/initial_request.rhtml index d537a20bc..5c418ecc7 100644 --- a/app/views/outgoing_mailer/initial_request.rhtml +++ b/app/views/outgoing_mailer/initial_request.rhtml @@ -1,4 +1,4 @@ -<%= @outgoing_message.body.strip %> +<%= raw @outgoing_message.body.strip %> ------------------------------------------------------------------- diff --git a/app/views/public_body/_alphabet.rhtml b/app/views/public_body/_alphabet.rhtml index 92674b8aa..46b345c2a 100644 --- a/app/views/public_body/_alphabet.rhtml +++ b/app/views/public_body/_alphabet.rhtml @@ -1,3 +1,3 @@ <% "A".upto("Z") do |l| -%> - <%= link_to_unless (@tag == l), l, list_public_bodies_url(:tag => l.downcase) %> + <%= link_to_unless (@tag == l), l, list_public_bodies_path(:tag => l.downcase) %> <% end %> diff --git a/app/views/public_body/_body_listing_single.rhtml b/app/views/public_body/_body_listing_single.rhtml index b01d2ebb2..d0496fbb8 100644 --- a/app/views/public_body/_body_listing_single.rhtml +++ b/app/views/public_body/_body_listing_single.rhtml @@ -4,7 +4,7 @@ <div class="body_listing"> <span class="head"> - <%= link_to highlight_words(public_body.name, @highlight_words), public_body_url(public_body) %> + <%= link_to highlight_words(public_body.name, @highlight_words), public_body_path(public_body) %> </span> <span class="desc"> <% if !public_body.short_name.empty? || !public_body.notes_without_html.empty? %> @@ -20,7 +20,7 @@ <span class="bottomline"> <%= n_('%d request made.', '%d requests made.', public_body.info_requests.size) % public_body.info_requests.size %> <% if !@include_request_link_in_authority_listing.nil? %> - <%= link_to _("Make your own request"), public_body_url(public_body) %>. + <%= link_to _("Make your own request"), public_body_path(public_body) %>. <% end %> <br> <span class="date_added"> diff --git a/app/views/public_body/_list_sidebar_extra.rhtml b/app/views/public_body/_list_sidebar_extra.rhtml index 6857a7eb5..d3d65fec8 100644 --- a/app/views/public_body/_list_sidebar_extra.rhtml +++ b/app/views/public_body/_list_sidebar_extra.rhtml @@ -1,6 +1,6 @@ <p> - <%= _('<a href="%s">Are we missing a public authority?</a>') % [help_requesting_path + '#missing_body'] %> + <%= raw(_('<a href="%s">Are we missing a public authority?</a>') % [help_requesting_path + '#missing_body']) %> </p> <p> - <%= link_to _('List of all authorities (CSV)'), all_public_bodies_csv_url() %> + <%= link_to _('List of all authorities (CSV)'), all_public_bodies_csv_path %> </p> diff --git a/app/views/public_body/list.rhtml b/app/views/public_body/list.rhtml index 3a64de1f7..ea5cd9613 100644 --- a/app/views/public_body/list.rhtml +++ b/app/views/public_body/list.rhtml @@ -10,7 +10,7 @@ <% for row in PublicBodyCategories::get().with_headings() %> <% if row.instance_of?(Array) %> <li> - <%= link_to_unless (@tag == row[0]), row[1], list_public_bodies_url(:tag => row[0]) %> + <%= link_to_unless (@tag == row[0]), row[1], list_public_bodies_path(:tag => row[0]) %> </li> <% else %> <% if not first_row %> @@ -34,7 +34,7 @@ <% form_tag(list_public_bodies_default_url, :method => "get", :id=>"search_form") do %> <div> - <%= text_field_tag(:public_body_query, params[:public_body_query]) %> + <%= text_field_tag(:public_body_query, params[:public_body_query], { :title => "type your search term here" } ) %> <%= submit_tag(_("Search")) %> </div> <% end %> @@ -43,5 +43,5 @@ <%= render :partial => 'body_listing', :locals => { :public_bodies => @public_bodies } %> <%= will_paginate(@public_bodies) %><br/> - <%= _('<a href="%s">Can\'t find the one you want?</a>') % [help_requesting_path + '#missing_body'] %> + <%= raw _('<a href="%s">Can\'t find the one you want?</a>') % [help_requesting_path + '#missing_body'] %> </div> diff --git a/app/views/public_body/show.rhtml b/app/views/public_body/show.rhtml index e13f9d1c0..df6346e4f 100644 --- a/app/views/public_body/show.rhtml +++ b/app/views/public_body/show.rhtml @@ -4,7 +4,7 @@ <h2><%= _('Follow this authority')%></h2> <% follower_count = TrackThing.count(:all, :conditions => ["public_body_id = ?", @public_body.id]) %> - <p><%= n_("<span id='follow_count'>%d</span> person is following this authority", "<span id='follow_count'>%d</span> people are following this authority", follower_count) % follower_count %></p> + <p><%= raw(n_("<span id='follow_count'>%d</span> person is following this authority", "<span id='follow_count'>%d</span> people are following this authority", follower_count) % follower_count) %></p> <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => false, :location => 'sidebar' } %> <h2><%= _('More about this authority')%></h2> @@ -26,23 +26,23 @@ <% end %> <% end %> <% end %> - <%= link_to _('View FOI email address'), view_public_body_email_url(@public_body.url_name) %><br> - </div> + <%= link_to _('View FOI email address'), view_public_body_email_path(@public_body.url_name) %><br> + </div> <div id="header_left"> <p class="public-body-name-prefix"><%= _("Freedom of information requests to") %></p> <h1><%=h(@public_body.name)%></h1> <p class="subtitle"> - <%=@public_body.type_of_authority(true)%><% if not @public_body.short_name.empty? %>, + <%=@public_body.type_of_authority(true)%><% if not @public_body.short_name.empty? %>, <%= _('also called {{public_body_short_name}}', :public_body_short_name => h(@public_body.short_name))%><% end %> <% if !@user.nil? && @user.admin_page_links? %> - (<%= link_to _("admin"), public_body_admin_url(@public_body) %>) + (<%= link_to _("admin"), admin_body_show_path(@public_body) %>) <% end %> </p> <% if @public_body.has_notes? && (@public_body.is_requestable? || @public_body.not_requestable_reason == 'bad_contact') %> - <p><%= @public_body.notes_as_html %></p> + <p><%= @public_body.notes_as_html.html_safe %></p> <% end %> <% if @public_body.eir_only? %> @@ -58,7 +58,7 @@ <% end %> <%= _('<a class="link_button_green" href="{{url}}">{{text}}</a>', :url=>new_request_to_body_url(:url_name => @public_body.url_name), :text=>_("Start"))%> <% elsif @public_body.has_notes? %> - <%= @public_body.notes_as_html %> + <%= @public_body.notes_as_html.html_safe %> <% elsif @public_body.not_requestable_reason == 'not_apply' %> <%= _('Freedom of Information law does not apply to this authority, so you cannot make a request to it.')%> @@ -99,7 +99,7 @@ <%= @page_desc %> </h2> <a name="results"></a> - + <% if @public_body.info_requests.size > 4 %> <%= render :partial => 'request/request_filter_form' %> <% end %> @@ -120,7 +120,7 @@ <p> <%= _('Only requests made using {{site_name}} are shown.', :site_name => site_name) %></p> <% end %> - <% else %> + <% else %> <% if @public_body.eir_only? %> <h2><%= _('Environmental Information Regulations requests made') %></h2> <% else %> diff --git a/app/views/public_body/view_email.rhtml b/app/views/public_body/view_email.rhtml index 50601069f..3799d227b 100644 --- a/app/views/public_body/view_email.rhtml +++ b/app/views/public_body/view_email.rhtml @@ -25,9 +25,9 @@ <p> <% if @public_body.is_requestable? || @public_body.not_requestable_reason != 'bad_contact' %> - <%= _('If the address is wrong, or you know a better address, please <a href="%s">contact us</a>.')% [help_contact_path]%> + <%= raw _('If the address is wrong, or you know a better address, please <a href="%s">contact us</a>.')% [help_contact_path]%> <% else %> - <%= _(' If you know the address to use, then please <a href="%s">send it to us</a>. + <%= raw _(' If you know the address to use, then please <a href="%s">send it to us</a>. You may be able to find the address on their website, or by phoning them up and asking.')% [help_contact_path] %> <% end %> </p> @@ -35,9 +35,9 @@ <div id="stepwise_make_request_view_email"> <strong> <% if @public_body.eir_only? %> - <%= link_to "Make a new EIR request", new_request_to_body_url(:url_name => @public_body.url_name)%> + <%= link_to "Make a new EIR request", new_request_to_body_path(:url_name => @public_body.url_name)%> <% else %> - <%= link_to "Make a new FOI request", new_request_to_body_url(:url_name => @public_body.url_name)%> + <%= link_to "Make a new FOI request", new_request_to_body_path(:url_name => @public_body.url_name)%> <% end %> to <%= h(@public_body.name) %> </strong> diff --git a/app/views/request/_after_actions.rhtml b/app/views/request/_after_actions.rhtml index 580ff0e87..d3ddb981b 100644 --- a/app/views/request/_after_actions.rhtml +++ b/app/views/request/_after_actions.rhtml @@ -7,7 +7,7 @@ <ul> <% if @info_request.comments_allowed? %> <li> - <%= _('<a href="%s">Add an annotation</a> (to help the requester or others)') % [new_comment_url(:url_title => @info_request.url_title)] %> + <%= raw(_('<a href="%s">Add an annotation</a> (to help the requester or others)') % [new_comment_path(:url_title => @info_request.url_title)]) %> </li> <% end %> <% if @old_unclassified %> @@ -15,9 +15,11 @@ <%= link_to _('Update the status of this request'), '#describe_state_form_1' %> </li> <% end %> + <% if @info_request.all_can_view? %> <li> - <%= link_to _("Download a zip file of all correspondence"), download_entire_request_url(:url_title => @info_request.url_title) %> + <%= link_to _("Download a zip file of all correspondence"), download_entire_request_path(:url_title => @info_request.url_title) %> </li> + <% end %> </ul> </div> <% if ! @info_request.is_external? %> @@ -27,18 +29,18 @@ <li> <% if @last_response.nil? %> - <%= link_to _("Send a followup"), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil) + "#followup" %> + <%= link_to _("Send a followup"), show_response_no_followup_path(:id => @info_request.id, :incoming_message_id => nil) + "#followup" %> <% else %> - <%= link_to _("Write a reply"), show_response_url(:id => @info_request.id, :incoming_message_id => @last_response.id) + "#followup" %> + <%= link_to _("Write a reply"), show_response_path(:id => @info_request.id, :incoming_message_id => @last_response.id) + "#followup" %> <% end %> </li> <% if !@old_unclassified %> <li> - <%= link_to _("Update the status of this request"), request_url(@info_request, :update_status => 1) %> + <%= link_to _("Update the status of this request"), request_path(@info_request, :update_status => 1) %> </li> <% end %> <li> - <%= link_to _("Request an internal review"), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup" %> + <%= link_to _("Request an internal review"), show_response_no_followup_path(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup" %> </li> </ul> </div> @@ -48,7 +50,7 @@ <strong><%= _('{{public_body_name}} only:',:public_body_name=>h(@info_request.public_body.name) ) %> </strong> <ul> <li> - <%= link_to _("Respond to request"), upload_response_url(:url_title => @info_request.url_title) %> + <%= link_to _("Respond to request"), upload_response_path(:url_title => @info_request.url_title) %> </li> </ul> </div> diff --git a/app/views/request/_bubble.rhtml b/app/views/request/_bubble.rhtml index 331c2163e..94498612a 100644 --- a/app/views/request/_bubble.rhtml +++ b/app/views/request/_bubble.rhtml @@ -1,31 +1,31 @@ <div class="correspondence_text"> <% if not attachments.nil? and attachments.size > 0 %> - <div class="attachments"> + <div class="attachments"> <hr class="top"> <% attachments.each do |a| %> <p class="attachment"> - <% - attachment_url = get_attachment_url(:id => incoming_message.info_request_id, - :incoming_message_id => incoming_message.id, :part => a.url_part_number, - :file_name => a.display_filename) - attachment_as_html_url = get_attachment_as_html_url(:id => incoming_message.info_request_id, - :incoming_message_id => incoming_message.id, :part => a.url_part_number, - :file_name => a.display_filename + '.html') + <% + attachment_path = get_attachment_path(:id => incoming_message.info_request_id, + :incoming_message_id => incoming_message.id, :part => a.url_part_number, + :file_name => a.display_filename) + attachment_as_html_path = get_attachment_as_html_path(:id => incoming_message.info_request_id, + :incoming_message_id => incoming_message.id, :part => a.url_part_number, + :file_name => a.display_filename + '.html') %> <% img_filename = "icon_" + a.content_type.sub('/', '_') + "_large.png" full_filename = File.expand_path(File.join(File.dirname(__FILE__), "../../../public/images", img_filename)) if File.exist?(full_filename) %> - <a href="<%=attachment_url%>"><img class="attachment_image" alt="Attachment" src="/images/<%=img_filename%>"></a> + <a href="<%=attachment_path%>"><img class="attachment_image" alt="Attachment" src="/images/<%=img_filename%>"></a> <% else %> - <a href="<%=attachment_url%>"><img class="attachment_image" alt="Attachment" src="/images/icon_unknown.png"></a> + <a href="<%=attachment_path%>"><img class="attachment_image" alt="Attachment" src="/images/icon_unknown.png"></a> <% end %> <strong><%= h a.display_filename %></strong> <br> <%= a.display_size %> - <%= link_to "Download", attachment_url %> - <% if a.has_body_as_html? %> - <%= link_to "View as HTML", attachment_as_html_url %> - <% end %> + <%= link_to "Download", attachment_path %> + <% if a.has_body_as_html? && incoming_message.info_request.all_can_view? %> + <%= link_to "View as HTML", attachment_as_html_path %> + <% end %> <!-- (<%= a.content_type %>) --> <%= a.extra_note %> </p> diff --git a/app/views/request/_correspondence.rhtml b/app/views/request/_correspondence.rhtml index 99c6c7d26..68711b259 100644 --- a/app/views/request/_correspondence.rhtml +++ b/app/views/request/_correspondence.rhtml @@ -21,9 +21,9 @@ if not incoming_message.nil? <p class="event_actions"> <% if !@user.nil? && @user.admin_page_links? %> - <%= link_to "Admin", admin_url("request/show_raw_email/" + incoming_message.raw_email_id.to_s) %> | + <%= link_to "Admin", admin_request_show_raw_email_path(incoming_message.raw_email_id) %> | <% end %> - <%= link_to _("Link to this"), incoming_message_url(incoming_message), :class => "link_to_this" %> + <%= link_to _("Link to this"), incoming_message_path(incoming_message), :class => "link_to_this" %> </p> </div> <% @@ -51,7 +51,7 @@ elsif [ 'sent', 'followup_sent' ].include?(info_request_event.event_type) <% end %> --> - <%= link_to _("Link to this"), outgoing_message_url(outgoing_message), :class => "link_to_this" %> + <%= link_to _("Link to this"), outgoing_message_path(outgoing_message), :class => "link_to_this" %> </p> </div> <% elsif [ 'resent', 'followup_resent' ].include?(info_request_event.event_type) %> diff --git a/app/views/request/_describe_state.rhtml b/app/views/request/_describe_state.rhtml index 5b6004e81..fde1cdfa7 100644 --- a/app/views/request/_describe_state.rhtml +++ b/app/views/request/_describe_state.rhtml @@ -3,7 +3,7 @@ <% form_for(:incoming_message, @info_request, :url => describe_state_url(:id => @info_request.id)) do |f| %> <h2><%= _('What best describes the status of this request now?') %></h2> - <hr> <!------------------------------------------------> + <hr> <h3><%= _('This request is still in progress:') %></h3> <% if @info_request.described_state != 'internal_review' %> <div> @@ -40,7 +40,7 @@ <%= render :partial => 'general/custom_state_transitions_pending', :locals => {:id_suffix => id_suffix } %> - <hr> <!------------------------------------------------> + <hr> <h3><%= _('This particular request is finished:') %></h3> <% if @info_request.described_state == 'internal_review' %> @@ -67,7 +67,7 @@ <%= render :partial => 'general/custom_state_transitions_complete', :locals => {:id_suffix => id_suffix } %> - <hr> <!------------------------------------------------> + <hr> <h3><%= _('Other:') %></h3> <div> diff --git a/app/views/request/_followup.rhtml b/app/views/request/_followup.rhtml index be57ac9ef..bccfccca7 100644 --- a/app/views/request/_followup.rhtml +++ b/app/views/request/_followup.rhtml @@ -1,5 +1,10 @@ <div id="followup"> <% if (incoming_message.nil? || !incoming_message.valid_to_reply_to?) + # TRANSLATORS: This phrase completes the following sentences: + # Request an internal review from... + # Send a public follow up message to... + # Send a public reply to... + # Don't want to address your message to... ? name_for_followup = _("the main FOI contact at {{public_body}}", :public_body => h(OutgoingMailer.name_for_followup(@info_request, nil))) else name_for_followup = h(OutgoingMailer.name_for_followup(@info_request, incoming_message)) @@ -8,30 +13,30 @@ <h1><%= _('Request an internal review from {{person_or_body}}', :person_or_body => name_for_followup) %> </h1> <% elsif incoming_message.nil? || !incoming_message.valid_to_reply_to? %> - <h2><%= _('Send a public follow up message to {{person_or_body}}', :person_or_body => name_for_followup) %> + <h2><%= _('Send a public follow up message to {{person_or_body}}', :person_or_body => name_for_followup) %> </h2> <% else %> - <h2><%= _('Send a public reply to {{person_or_body}}', :person_or_body => name_for_followup) %> + <h2><%= _('Send a public reply to {{person_or_body}}', :person_or_body => name_for_followup) %> </h2> <% end %> <% if @info_request.who_can_followup_to(incoming_message).count > 0 %> <div id="other_recipients"> - <%= _("Don't want to address your message to {{person_or_body}}? You can also write to:", :person_or_body => name_for_followup) %> - <ul> + <%= _("Don't want to address your message to {{person_or_body}}? You can also write to:", :person_or_body => name_for_followup) %> + <ul> <% @info_request.who_can_followup_to(incoming_message).each do |name, email, id| %> <% if id.nil? && !incoming_message.nil? && incoming_message.valid_to_reply_to? %> - <li><%= link_to(_("the main FOI contact address for {{public_body}}", :public_body => name), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil)) %></li> + <li><%= link_to(_("the main FOI contact address for {{public_body}}", :public_body => name), show_response_no_followup_path(:id => @info_request.id, :incoming_message_id => nil)) %></li> <% else %> <% if !id.nil? %> <% if @info_request.public_body.request_email == email %> <% if !incoming_message.nil? %> - <li><%= link_to(_("the main FOI contact address for {{public_body}}", :public_body => name), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil)) %></li> + <li><%= link_to(_("the main FOI contact address for {{public_body}}", :public_body => name), show_response_no_followup_path(:id => @info_request.id, :incoming_message_id => nil)) %></li> <% end %> <% else %> - <li><%= link_to name, show_response_url(:id => @info_request.id, :incoming_message_id => id)%></li> + <li><%= link_to name, show_response_path(:id => @info_request.id, :incoming_message_id => id)%></li> <% end %> <% else %> - <li><%= link_to(_("the main FOI contact address for {{public_body}}", :public_body => name), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil)) %></li> + <li><%= link_to(_("the main FOI contact address for {{public_body}}", :public_body => name), show_response_no_followup_path(:id => @info_request.id, :incoming_message_id => nil)) %></li> <% end %> <% end %> @@ -44,14 +49,14 @@ <% else %> <% if @internal_review %> <p> - <%= _('If you are dissatisfied by the response you got from + <%= raw(_('If you are dissatisfied by the response you got from the public authority, you have the right to - complain (<a href="%s">details</a>).') % "http://foiwiki.com/foiwiki/index.php/Internal_reviews" %> + complain (<a href="%s">details</a>).') % "http://foiwiki.com/foiwiki/index.php/Internal_reviews") %> </p> <% end %> <p> - <%= _('Please <strong>only</strong> write messages directly relating to your request {{request_link}}. If you would like to ask for information that was not in your original request, then <a href="{{new_request_link}}">file a new request</a>.', :request_link=>request_link(@info_request), :new_request_link => new_request_to_body_url(:url_name => @info_request.public_body.url_name)) %> + <%= _('Please <strong>only</strong> write messages directly relating to your request {{request_link}}. If you would like to ask for information that was not in your original request, then <a href="{{new_request_link}}">file a new request</a>.', :request_link=>request_link(@info_request), :new_request_link => new_request_to_body_url(:url_name => @info_request.public_body.url_name)) %> </p> <% status = @info_request.calculate_status %> @@ -60,17 +65,17 @@ by law, the authority should normally have responded <strong>promptly</strong> and') %> <% if @info_request.public_body.is_school? %> - <%= _('in term time') %> + <%= _('in term time') %> <% end %> <%= _('by <strong>{{date}}</strong>',:date=>simple_date(@info_request.date_response_required_by)) %> - (<%= _('<a href="%s">details</a>') % ["#{help_requesting_path}#quickly_response"] %>). - + (<%= raw(_('<a href="%s">details</a>') % ["#{help_requesting_path}#quickly_response"]) %>). + </p> <% elsif status == 'waiting_response_very_overdue' %> <p> <%= _('The response to your request is <strong>long overdue</strong>. You can say that, by law, under all circumstances, the authority should have responded - by now') %> (<%= _('<a href="%s">details</a>') % ["#{help_requesting_path}#quickly_response"] %>). + by now') %> (<%= raw(_('<a href="%s">details</a>') % ["#{help_requesting_path}#quickly_response"]) %>). </p> <% end %> @@ -97,8 +102,8 @@ --> <div> <%= radio_button "outgoing_message", "what_doing", "internal_review", :id => "internal_review" %> - <label for="internal_review"><%= _('I am requesting an <strong>internal review</strong>') %> - <%= _('<a href="%s">what\'s that?</a>') % ["/help/unhappy"] %> + <label for="internal_review"><%= _('I am requesting an <strong>internal review</strong>') %> + <%= raw(_('<a href="%s">what\'s that?</a>') % ["/help/unhappy"]) %> </label> </div> <div> diff --git a/app/views/request/_hidden_correspondence.rhtml b/app/views/request/_hidden_correspondence.rhtml index 0ea6fcddd..0873b312f 100644 --- a/app/views/request/_hidden_correspondence.rhtml +++ b/app/views/request/_hidden_correspondence.rhtml @@ -7,21 +7,21 @@ %> <div class="correspondence" id="incoming-<%=incoming_message.id.to_s%>"> <p> - <%= _('This response has been hidden. See annotations to find out why. - If you are the requester, then you may <a href="%s">sign in</a> to view the response.') % [signin_url(:r => request.request_uri)] %> + <%= raw(_('This response has been hidden. See annotations to find out why. + If you are the requester, then you may <a href="%s">sign in</a> to view the response.') % [signin_url(:r => request.request_uri)]) %> </p> </div> <% elsif [ 'sent', 'followup_sent', 'resent', 'followup_resent' ].include?(info_request_event.event_type) %> <div class="correspondence" id="outgoing-<%=outgoing_message.id.to_s%>"> <p> - <%= _('This outgoing message has been hidden. See annotations to - find out why. If you are the requester, then you may <a href="%s">sign in</a> to view the response.') % [signin_url(:r => request.request_uri)] %> + <%= raw(_('This outgoing message has been hidden. See annotations to + find out why. If you are the requester, then you may <a href="%s">sign in</a> to view the response.') % [signin_url(:r => request.request_uri)]) %> </p> </div> <% elsif info_request_event.event_type == 'comment' %> <div class="comment_in_request" id="comment-<%=comment.id.to_s%>"> - <p><%= _('This comment has been hidden. See annotations to - find out why. If you are the requester, then you may <a href="%s">sign in</a> to view the response.') % [signin_url(:r => request.request_uri)]%> + <p><%= raw(_('This comment has been hidden. See annotations to + find out why. If you are the requester, then you may <a href="%s">sign in</a> to view the response.') % [signin_url(:r => request.request_uri)]) %> </p> </div> <% end %> diff --git a/app/views/request/_request_listing_short_via_event.rhtml b/app/views/request/_request_listing_short_via_event.rhtml index d93a91070..c2f6474a1 100644 --- a/app/views/request/_request_listing_short_via_event.rhtml +++ b/app/views/request/_request_listing_short_via_event.rhtml @@ -3,11 +3,11 @@ end %> <div class="request_short_listing"> - <h3><%= link_to highlight_words(info_request.title, @highlight_words), request_url(info_request) %></h3> + <h3><%= link_to highlight_words(info_request.title, @highlight_words), request_path(info_request) %></h3> <p> -<%= _('To {{public_body_link_absolute}}',:public_body_link_absolute => public_body_link_absolute(info_request.public_body))%> -<%= _('by {{user_link_absolute}}',:user_link_absolute => request_user_link_absolute(info_request))%> +<%= _('To {{public_body_link_absolute}}',:public_body_link_absolute => public_body_link(info_request.public_body))%> +<%= _('by {{user_link_absolute}}',:user_link_absolute => request_user_link(info_request))%> <%= simple_date(info_request.created_at) %> </p> </div> diff --git a/app/views/request/_request_listing_single.rhtml b/app/views/request/_request_listing_single.rhtml index e8c1a393f..56737fd3e 100644 --- a/app/views/request/_request_listing_single.rhtml +++ b/app/views/request/_request_listing_single.rhtml @@ -1,6 +1,6 @@ <div class="request_listing"> <span class="head"> - <%= link_to h(info_request.title), (@play_urls ? request_path(:url_title => info_request.url_title) : request_url(info_request)) %> + <%= link_to h(info_request.title), (@play_urls ? categorise_request_path(:url_title => info_request.url_title) : request_path(info_request)) %> </span> <span class="desc"> <%= excerpt(info_request.initial_request_text, "", 150) %> diff --git a/app/views/request/_request_listing_via_event.rhtml b/app/views/request/_request_listing_via_event.rhtml index ee1cc079a..cc8bae8a9 100644 --- a/app/views/request/_request_listing_via_event.rhtml +++ b/app/views/request/_request_listing_via_event.rhtml @@ -6,13 +6,13 @@ end %> <div class="request_left"> <span class="head"> <% if event.is_incoming_message? %> - <%= link_to highlight_words(info_request.title, @highlight_words), incoming_message_url(event.incoming_message_selective_columns("incoming_messages.id")) %> + <%= link_to highlight_words(info_request.title, @highlight_words), incoming_message_path(event.incoming_message_selective_columns("incoming_messages.id")) %> <% elsif event.is_outgoing_message? and event.event_type == 'followup_sent' %> - <%= link_to highlight_words(info_request.title, @highlight_words), outgoing_message_url(event.outgoing_message) %> + <%= link_to highlight_words(info_request.title, @highlight_words), outgoing_message_path(event.outgoing_message) %> <% elsif event.is_comment? %> - <%= link_to highlight_words(info_request.title, @highlight_words), comment_url(event.comment) %> + <%= link_to highlight_words(info_request.title, @highlight_words), comment_path(event.comment) %> <% else %> - <%= link_to highlight_words(info_request.title, @highlight_words), request_url(info_request) %> + <%= link_to highlight_words(info_request.title, @highlight_words), request_path(info_request) %> <% end %> </span> <div class="requester"> @@ -25,7 +25,7 @@ end %> <%=event.display_status %> <%= _('by {{public_body_name}} to {{info_request_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:date=>simple_date(event.created_at )) %> <% elsif event.event_type == 'comment' %> - <%= _('Request to {{public_body_name}} by {{info_request_user}}. Annotated by {{event_comment_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>user_link_absolute(info_request.user),:event_comment_user=>user_link_absolute(event.comment.user),:date=>simple_date(event.created_at)) %> + <%= _('Request to {{public_body_name}} by {{info_request_user}}. Annotated by {{event_comment_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:event_comment_user=>user_link_absolute(event.comment.user),:date=>simple_date(event.created_at)) %> <% else %> <%# Events of other types will not be indexed: see InfoRequestEvent#indexed_by_search? However, it can happen that we see other types of event transiently here in the period diff --git a/app/views/request/_sidebar.rhtml b/app/views/request/_sidebar.rhtml index 18684943a..af33d31a2 100644 --- a/app/views/request/_sidebar.rhtml +++ b/app/views/request/_sidebar.rhtml @@ -4,7 +4,7 @@ <% follower_count = TrackThing.count(:all, :conditions => ["info_request_id = ?", @info_request.id]) + 1 %> <p><%= n_("There is %d person following this request", "There are %d people following this request", follower_count) % follower_count %></p> - <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => @info_request.user == @user, :location => 'sidebar' } %> + <%= render :partial => 'track/tracking_links', :locals => { :track_thing => @track_thing, :own_request => @info_request.user && @info_request.user == @user, :location => 'sidebar' } %> </div> <% if @info_request.described_state != "attention_requested" %> <h2><%= _('Offensive? Unsuitable?') %></h2> @@ -17,49 +17,55 @@ <% elsif @info_request.prominence == 'requester_only' %> <%# The eccentric formatting of the following string is in order that it be identical to the corresponding string in request/show.rhtml %> - <p><%= _('This request is hidden, so that only you the requester can see it. Please - <a href="%s">contact us</a> if you are not sure why.') % [help_requesting_path] %></p> + <p><%= raw(_('This request is hidden, so that only you the requester can see it. Please + <a href="%s">contact us</a> if you are not sure why.') % [help_requesting_path]) %></p> <% else %> - <p><%= _('This request has been marked for review by the site administrators, who have not hidden it at this time. If you believe it should be hidden, please <a href="%s">contact us</a>.') % [help_requesting_path] %></p> + <p><%= raw(_('This request has been marked for review by the site administrators, who have not hidden it at this time. If you believe it should be hidden, please <a href="%s">contact us</a>.') % [help_requesting_path]) %></p> <% end %> <% else %> <p><%= _('Requests for personal information and vexatious requests are not considered valid for FOI purposes (<a href="/help/about">read more</a>).') %></p> <p><%= _('If you believe this request is not suitable, you can report it for attention by the site administrators') %></p> - <%= link_to _("Report this request"), report_path, :class => "link_button_green", :method => "POST" %> + <%= button_to _("Report this request"), report_path, :class => "link_button_green" %> <% end %> <% end %> <h2><%= _("Act on what you've learnt") %></h2> <div class="act_link"> - <% tweet_link = "https://twitter.com/share?url=#{h(request.url)}&via=#{h(Configuration::twitter_username)}&text='#{h(@info_request.title)}'&related=#{_('alaveteli_foi:The software that runs {{site_name}}', :site_name => h(site_name))}" %> - <%= link_to '<img src="/images/twitter-16.png" alt="twitter icon">', tweet_link %> - <%= link_to _("Tweet this request"), tweet_link %> + <% + # Cast "related" to normal string because html safe string (from rails_xss gem) and CGI::escape + # interact badly with ':' character. Go figure! Might go away in rails 3 + %> + <% link_to "https://twitter.com/share?" + {:url => request.url, :via => Configuration::twitter_username, :text => @info_request.title, :related => _('alaveteli_foi:The software that runs {{site_name}}', :site_name => site_name).to_str}.to_query do %> + <%= image_tag "twitter-16.png", :alt => "twitter icon" %> + <%= _("Tweet this request") %> + <% end %> </div> <div class="act_link"> - <%= link_to '<img src="/images/wordpress.png" alt="" class="rss">', "http://wordpress.com/"%> - <%= link_to _("Start your own blog"), "http://wordpress.com/"%> + <% link_to "http://wordpress.com/" do %> + <%= image_tag "wordpress.png", :class => "rss" %> + <%= _("Start your own blog") %> + <% end %> </div> <%= render :partial => 'request/next_actions' %> - <% view_cache :ttl => 1.day.to_i, :tag => ['similar', @info_request.id, I18n.locale] do %> - <% if !@xapian_similar.nil? && @xapian_similar.results.size > 0 %> + <% # TODO: Cache for 1 day %> + <% if !@xapian_similar.nil? && @xapian_similar.results.size > 0 %> <h2><%= _('Similar requests')%></h2> <% for result in @xapian_similar.results %> <%= render :partial => 'request/request_listing_short_via_event', :locals => { :event => result[:model], :info_request => result[:model].info_request } %> <% end %> <% if @xapian_similar_more %> - <p><%= link_to _("More similar requests"), request_similar_url(@info_request) %></p> + <p><%= link_to _("More similar requests"), similar_request_path(@info_request) %></p> <% end %> <!-- Important terms: <%= @xapian_similar.important_terms.join(" ") %> --> - <% end %> - <% end %> + <% end %> - <p><%= link_to _('Event history details'), request_details_url(@info_request) %></p> + <p><%= link_to _('Event history details'), request_details_path(@info_request) %></p> <!-- this link with this wording is here for legal reasons, discuss with board and our lawyer before changing or removing it --> - <p><small><%= _('<a href="%s">Are you the owner of - any commercial copyright on this page?</a>') % [help_officers_path+"#copyright"] %></small></p> + <p><small><%= raw(_('<a href="%s">Are you the owner of + any commercial copyright on this page?</a>') % [help_officers_path+"#copyright"]) %></small></p> </div> diff --git a/app/views/request/_view_html_prefix.rhtml b/app/views/request/_view_html_prefix.rhtml index b29830ac7..3a9946745 100644 --- a/app/views/request/_view_html_prefix.rhtml +++ b/app/views/request/_view_html_prefix.rhtml @@ -7,6 +7,6 @@ <br>(<%=h @attachment.name_of_content_type %>) </div> <%= _('This is an HTML version of an attachment to the Freedom of Information request')%> - '<%=link_to h(@info_request.title), incoming_message_url(@incoming_message)%>'. + '<%=link_to h(@info_request.title), incoming_message_path(@incoming_message)%>'. </div> diff --git a/app/views/request/_wall_listing.rhtml b/app/views/request/_wall_listing.rhtml index 9cde234c0..4a76b09bf 100644 --- a/app/views/request/_wall_listing.rhtml +++ b/app/views/request/_wall_listing.rhtml @@ -6,13 +6,13 @@ end %> <div class="request_left"> <div class="requester"> <% if event.event_type == 'sent' %> - <%= _('A new request, <em><a href="{{request_url}}">{{request_title}}</a></em>, was sent to {{public_body_name}} by {{info_request_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>user_link_absolute(info_request.user),:date=>simple_date(event.created_at),:request_url=>request_url(info_request),:request_title=>info_request.title) %> + <%= _('A new request, <em><a href="{{request_url}}">{{request_title}}</a></em>, was sent to {{public_body_name}} by {{info_request_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:date=>simple_date(event.created_at),:request_url=>request_path(info_request),:request_title=>info_request.title) %> <% elsif event.event_type == 'followup_sent' %> - <%= _('A <a href="{{request_url}}">follow up</a> to <em>{{request_title}}</em> was sent to {{public_body_name}} by {{info_request_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>user_link_absolute(info_request.user),:date=>simple_date(event.created_at),:request_url=>outgoing_message_url(event.outgoing_message),:request_title=>info_request.title) %> + <%= _('A <a href="{{request_url}}">follow up</a> to <em>{{request_title}}</em> was sent to {{public_body_name}} by {{info_request_user}} on {{date}}.',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:date=>simple_date(event.created_at),:request_url=>outgoing_message_url(event.outgoing_message),:request_title=>info_request.title) %> <% elsif event.event_type == 'response' %> - <%= _('A <a href="{{request_url}}">response</a> to <em>{{request_title}}</em> was sent by {{public_body_name}} to {{info_request_user}} on {{date}}. The request status is: {{request_status}}',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>user_link_absolute(info_request.user),:date=>simple_date(event.created_at),:request_url=>incoming_message_url(event.incoming_message_selective_columns("incoming_messages.id")),:request_title=>info_request.title,:request_status=>info_request.display_status) %> + <%= _('A <a href="{{request_url}}">response</a> to <em>{{request_title}}</em> was sent by {{public_body_name}} to {{info_request_user}} on {{date}}. The request status is: {{request_status}}',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:date=>simple_date(event.created_at),:request_url=>incoming_message_path(event.incoming_message_selective_columns("incoming_messages.id")),:request_title=>info_request.title,:request_status=>info_request.display_status) %> <% elsif event.event_type == 'comment' %> - <%= _('An <a href="{{request_url}}">annotation</a> to <em>{{request_title}}</em> was made by {{event_comment_user}} on {{date}}',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>user_link_absolute(info_request.user),:event_comment_user=>user_link_absolute(event.comment.user),:date=>simple_date(event.created_at),:request_url=>comment_url(event.comment),:request_title=>info_request.title) %> + <%= _('An <a href="{{request_url}}">annotation</a> to <em>{{request_title}}</em> was made by {{event_comment_user}} on {{date}}',:public_body_name=>public_body_link_absolute(info_request.public_body),:info_request_user=>request_user_link_absolute(info_request),:event_comment_user=>user_link_absolute(event.comment.user),:date=>simple_date(event.created_at),:request_url=>comment_url(event.comment),:request_title=>info_request.title) %> <% else %> <%# Events of other types will not be indexed: see InfoRequestEvent#indexed_by_search? However, it can happen that we see other types of event transiently here in the period @@ -22,7 +22,7 @@ end %> </div> </div> <div class="request_right"> - <span class="desc"> + <span class="desc"> <%= highlight_and_excerpt(event.search_text_main(true), @highlight_words, 150) %> </span> </div> diff --git a/app/views/request/details.rhtml b/app/views/request/details.rhtml index d4c63902f..3cb2f5afe 100644 --- a/app/views/request/details.rhtml +++ b/app/views/request/details.rhtml @@ -36,10 +36,10 @@ way authorities use it. Plus you\'ll need to be an elite statistician. Please <% end %> <td> <% if info_request_event.outgoing_message %> - <%= link_to "outgoing", outgoing_message_url(info_request_event.outgoing_message) %> + <%= link_to "outgoing", outgoing_message_path(info_request_event.outgoing_message) %> <% end %> <% if info_request_event.incoming_message %> - <%= link_to "incoming", incoming_message_url(info_request_event.incoming_message) %> + <%= link_to "incoming", incoming_message_path(info_request_event.incoming_message) %> <% end %> </td> </tr> diff --git a/app/views/request/followup_bad.rhtml b/app/views/request/followup_bad.rhtml index 7efa3f826..c892263e6 100644 --- a/app/views/request/followup_bad.rhtml +++ b/app/views/request/followup_bad.rhtml @@ -9,21 +9,21 @@ <% if @reason == 'not_apply' %> <!-- we should never get here, but just in case give a sensible message --> <p><%= _('Freedom of Information law no longer applies to') %> <%=h @info_request.public_body.name %>. - <%= _('From the request page, try replying to a particular message, rather than sending + <%= raw(_('From the request page, try replying to a particular message, rather than sending a general followup. If you need to make a general followup, and know - an email which will go to the right place, please <a href="%s">send it to us</a>.') % [help_contact_path] %> + an email which will go to the right place, please <a href="%s">send it to us</a>.') % [help_contact_path]) %> </p> <% elsif @reason == 'defunct' %> <!-- we should never get here, but just in case give a sensible message --> - <p><%=h @info_request.public_body.name %> <%= _('no longer exists. If you are trying to make + <p><%=h @info_request.public_body.name %> <%= raw(_('no longer exists. If you are trying to make From the request page, try replying to a particular message, rather than sending a general followup. If you need to make a general followup, and know - an email which will go to the right place, please <a href="%s">send it to us</a>.') % [help_contact_path] %> + an email which will go to the right place, please <a href="%s">send it to us</a>.') % [help_contact_path]) %> </p> <% elsif @reason == 'bad_contact' %> - <p><%= _('We do not have a working {{law_used_full}} address for {{public_body_name}}.',:law_used_full=>h(@info_request.law_used_full),:public_body_name=>h(@info_request.public_body.name)) %> <%= _('You may be able to find + <p><%= _('We do not have a working {{law_used_full}} address for {{public_body_name}}.',:law_used_full=>h(@info_request.law_used_full),:public_body_name=>h(@info_request.public_body.name)) %> <%= raw(_('You may be able to find one on their website, or by phoning them up and asking. If you manage - to find one, then please <a href="%s">send it to us</a>.') % [help_contact_path] %> + to find one, then please <a href="%s">send it to us</a>.') % [help_contact_path]) %> </p> <% elsif @reason == 'external' %> <p><%= _("Followups cannot be sent for this request, as it was made externally, and published here by {{public_body_name}} on the requester's behalf.", :public_body_name => h(@info_request.public_body.name)) %> diff --git a/app/views/request/hidden.rhtml b/app/views/request/hidden.rhtml index a4afb63c6..2d038a663 100644 --- a/app/views/request/hidden.rhtml +++ b/app/views/request/hidden.rhtml @@ -6,13 +6,13 @@ <%=@details%> </p> -<p><%= _('The request you have tried to view has been removed. There are +<p><%= raw(_('The request you have tried to view has been removed. There are various reasons why we might have done this, sorry we can\'t be more specific here. Please <a - href="%s">contact us</a> if you have any questions.') % [help_contact_path] %> + href="%s">contact us</a> if you have any questions.') % [help_contact_path]) %> </p> <% if @info_request.prominence == 'requester_only' %> <p> - <%= _('If you are the requester, then you may <a href="%s">sign in</a> to view the request.') % [signin_url(:r => request.request_uri)] %> + <%= raw(_('If you are the requester, then you may <a href="%s">sign in</a> to view the request.') % [signin_url(:r => request.request_uri)]) %> </p> <% end %> diff --git a/app/views/request/list.rhtml b/app/views/request/list.rhtml index 7cbd982f1..062b77c3e 100644 --- a/app/views/request/list.rhtml +++ b/app/views/request/list.rhtml @@ -14,22 +14,21 @@ <div style="clear:both"></div> <div class="results_section"> - <% view_cache :ttl => 5.minutes.to_i, :tag => [@cache_tag] do %> - <% if @list_results.empty? %> - <p> <%= _('No requests of this sort yet.')%></p> - <% else %> - <h2 class="foi_results"><%= _('{{count}} FOI requests found', :count => @matches_estimated) %></h2> - <div class="results_block"> - <% for result in @list_results%> - <% if result.class.to_s == 'InfoRequestEvent' %> - <%= render :partial => 'request/request_listing_via_event', :locals => { :event => result, :info_request => result.info_request } %> - <% else %> - <p><strong><%= _('Unexpected search result type') %> <%=result.class.to_s%></strong></p> - <% end %> - <% end %> - </div> - <% end %> + <% # TODO: Cache for 5 minutes %> + <% if @list_results.empty? %> + <p> <%= _('No requests of this sort yet.')%></p> + <% else %> + <h2 class="foi_results"><%= _('{{count}} FOI requests found', :count => @matches_estimated) %></h2> + <div class="results_block"> + <% for result in @list_results%> + <% if result.class.to_s == 'InfoRequestEvent' %> + <%= render :partial => 'request/request_listing_via_event', :locals => { :event => result, :info_request => result.info_request } %> + <% else %> + <p><strong><%= _('Unexpected search result type') %> <%=result.class.to_s%></strong></p> + <% end %> + <% end %> + </div> + <% end %> - <%= will_paginate WillPaginate::Collection.new(@page, @per_page, @show_no_more_than) %> - <% end %> + <%= will_paginate WillPaginate::Collection.new(@page, @per_page, @show_no_more_than) %> </div> diff --git a/app/views/request/new.rhtml b/app/views/request/new.rhtml index fe4c2067d..4766c981b 100644 --- a/app/views/request/new.rhtml +++ b/app/views/request/new.rhtml @@ -7,26 +7,26 @@ $("#typeahead_response").load("<%=search_ahead_url%>?q="+encodeURI(this.value), function() { // When following links in typeahead results, open new tab/window $("#typeahead_response a").attr("target","_blank"); - + // Update the public body site search link $("#body-site-search-link").attr("href", "http://www.google.com/#q="+encodeURI($("#typeahead_search").val())+ "+site:<%= @info_request.public_body.calculated_home_page %>"); }); })); - + }); </script> <% @title = _("Make an {{law_used_short}} request to '{{public_body_name}}'",:law_used_short=>h(@info_request.law_used_short),:public_body_name=>h(@info_request.public_body.name)) %> <h1><%= _('2. Ask for Information') %></h1> - + <% if @existing_request %> <div class="errorExplanation" id="errorExplanation"><ul> <li> <%= _('{{existing_request_user}} already created the same request on {{date}}. You can either view the <a href="{{existing_request}}">existing request</a>, - or edit the details below to make a new but similar request.',:existing_request_user=>user_or_you_capital_link(@existing_request.user), :date=>simple_date(@existing_request.created_at), :existing_request=>request_url(@existing_request)) %> + or edit the details below to make a new but similar request.',:existing_request_user=>user_or_you_capital_link(@existing_request.user), :date=>simple_date(@existing_request.created_at), :existing_request=>request_path(@existing_request)) %> </li> </ul></div> <% end %> @@ -37,29 +37,29 @@ <div id="request_header"> <div id="request_header_body"> - <label class="form_label" for="info_request_public_body_id"><%= _('To:') %></label> + <label class="form_label"><%= _('To:') %></label> <span id="to_public_body"><%=h(@info_request.public_body.name)%></span> <div class="form_item_note"> <% if @info_request.public_body.info_requests.size > 0 %> - <%= _("Browse <a href='{{url}}'>other requests</a> to '{{public_body_name}}' for examples of how to word your request.", :public_body_name=>h(@info_request.public_body.name), :url=>public_body_url(@info_request.public_body)) %> + <%= _("Browse <a href='{{url}}'>other requests</a> to '{{public_body_name}}' for examples of how to word your request.", :public_body_name=>h(@info_request.public_body.name), :url=>public_body_path(@info_request.public_body)) %> <% else %> <%= _("Browse <a href='{{url}}'>other requests</a> for examples of how to word your request.", :url=>request_list_url) %> <% end %> </div> <% if @info_request.public_body.has_notes? %> - <div id="request_header_text"> + <div id="request_header_text"> <h3><%= _('Special note for this authority!') %></h3> - <p><%= @info_request.public_body.notes_as_html %></p> + <p><%= @info_request.public_body.notes_as_html.html_safe %></p> </div> <% end %> <% if @info_request.public_body.eir_only? %> <h3><%= _('Please ask for environmental information only') %></h3> - <p><%= _('The Freedom of Information Act <strong>does not apply</strong> to') %> <%=h(@info_request.public_body.name)%>. + <p><%= _('The Freedom of Information Act <strong>does not apply</strong> to') %> <%=h(@info_request.public_body.name)%>. <%= _('However, you have the right to request environmental - information under a different law') %> (<a href="/help/requesting#eir">explanation</a>). + information under a different law') %> (<a href="/help/requesting#eir">explanation</a>). <%= _('This covers a very wide spectrum of information about the state of the <strong>natural and built environment</strong>, such as:') %> @@ -79,58 +79,58 @@ <% end %> </div> - <div id="request_header_subject"> + <div id="request_header_subject"> <p> - <label class="form_label" for="typeahead_search"><%= _('Summary:') %></label> + <label class="form_label" for="typeahead_search"><%= _('Summary:') %></label> <%= f.text_field :title, :size => 50, :id =>"typeahead_search" %> </p> <div class="form_item_note"> - (<%= _("a one line summary of the information you are requesting, \n\t\t\te.g.") %> + (<%= _("a one line summary of the information you are requesting, \n\t\t\te.g.") %> <%= render :partial => "summary_suggestion" %>) </div> </div> - + <div id="typeahead_response"> </div> </div> - + <div id="request_advice"> <ul> <li><%= _('Write your request in <strong>simple, precise language</strong>.') %></li> <li><%= _('Ask for <strong>specific</strong> documents or information, this site is not suitable for general enquiries.') %></li> - <li><%= _('Keep it <strong>focused</strong>, you\'ll be more likely to get what you want (<a href="%s">why?</a>).') % [help_requesting_path + '#focused'] %></li> + <li><%= raw(_('Keep it <strong>focused</strong>, you\'ll be more likely to get what you want (<a href="%s">why?</a>).') % [help_requesting_path + '#focused']) %></li> </ul> </div> - <div id="request_form"> + <div id="request_form"> <% fields_for :outgoing_message do |o| %> <p> - <label class="form_label" for="outgoing_message_body"><%= _('Your request:') %></label> + <label class="form_label" for="outgoing_message_body"><%= _('Your request:') %></label> <%= o.text_area :body, :rows => 20, :cols => 60 %> </p> <% end %> - + <% if !@user %> <p class="form_note"> - <%= _('Everything that you enter on this page, including <strong>your name</strong>, + <%= raw(_('Everything that you enter on this page, including <strong>your name</strong>, will be <strong>displayed publicly</strong> on - this website forever (<a href="%s">why?</a>).') % [help_privacy_path+"#public_request"] %> - <%= _('If you are thinking of using a pseudonym, - please <a href="%s">read this first</a>.') % [help_privacy_path+"#real_name"] %> + this website forever (<a href="%s">why?</a>).') % [help_privacy_path+"#public_request"]) %> + <%= raw(_('If you are thinking of using a pseudonym, + please <a href="%s">read this first</a>.') % [help_privacy_path+"#real_name"]) %> </p> <% else %> <p class="form_note"> - <%= _('Everything that you enter on this page + <%= raw(_('Everything that you enter on this page will be <strong>displayed publicly</strong> on - this website forever (<a href="%s">why?</a>).') % [help_privacy_path+"#public_request"] %> + this website forever (<a href="%s">why?</a>).') % [help_privacy_path+"#public_request"]) %> </p> <% end %> - + <p class="form_note"> - <%= _("<strong> Can I request information about myself?</strong>\n" + - "\t\t\t<a href=\"%s\">No! (Click here for details)</a>") % [help_requesting_path+"#data_protection"] %> + <%= raw(_("<strong> Can I request information about myself?</strong>\n" + + "\t\t\t<a href=\"%s\">No! (Click here for details)</a>") % [help_requesting_path+"#data_protection"]) %> </p> - + <div class="form_button"> <%= f.hidden_field(:public_body_id, { :value => @info_request.public_body_id } ) %> <%= hidden_field_tag(:submitted_new_request, 1 ) %> @@ -140,14 +140,14 @@ <% if !@info_request.tag_string.empty? %> <p class="form_note"> - <!-- <label class="form_label" for="info_request_tag_string">Tags:</label> + <!-- <label class="form_label" for="info_request_tag_string">Tags:</label> <%= f.text_field :tag_string, :size => 50 %> --> <%= f.hidden_field(:tag_string) %> <strong>Tags:</strong> <%=h @info_request.tag_string %> </p> <% end %> - + </div> <% end %> diff --git a/app/views/request/new_please_describe.rhtml b/app/views/request/new_please_describe.rhtml index ce80f51f0..ff27405b8 100644 --- a/app/views/request/new_please_describe.rhtml +++ b/app/views/request/new_please_describe.rhtml @@ -13,7 +13,7 @@ if they are successful yet or not.') %> </ul> <p> - <%= _('When you\'re done, <strong>come back here</strong>, <a href="%s">reload this page</a> and file your new request.') % [request.request_uri] %> + <%= raw(_('When you\'re done, <strong>come back here</strong>, <a href="%s">reload this page</a> and file your new request.') % [request.request_uri]) %> </p> <p> diff --git a/app/views/request/preview.rhtml b/app/views/request/preview.rhtml index 45b6a3dc1..8d1fd753e 100644 --- a/app/views/request/preview.rhtml +++ b/app/views/request/preview.rhtml @@ -5,8 +5,8 @@ <h1><%= _('3. Now check your request') %></h1> <ul> <li><%= _('Check you haven\'t included any <strong>personal information</strong>.') %></li> - <li><%= _('Your name, request and any responses will appear in <strong>search engines</strong> - (<a href="%s">details</a>).') % [help_privacy_path+"#public_request"] %> + <li><%= raw(_('Your name, request and any responses will appear in <strong>search engines</strong> + (<a href="%s">details</a>).') % [help_privacy_path+"#public_request"]) %> </li> </ul> @@ -28,8 +28,8 @@ </div> <% end %> - <p><%= _('<strong>Privacy note:</strong> If you want to request private information about - yourself then <a href="%s">click here</a>.') % [help_requesting_path+"#data_protection"] %> + <p><%= raw(_('<strong>Privacy note:</strong> If you want to request private information about + yourself then <a href="%s">click here</a>.') % [help_requesting_path+"#data_protection"]) %> <p> <%= f.hidden_field(:title) %> diff --git a/app/views/request/select_authority.rhtml b/app/views/request/select_authority.rhtml index 1166c3ff9..94e690e64 100644 --- a/app/views/request/select_authority.rhtml +++ b/app/views/request/select_authority.rhtml @@ -33,11 +33,11 @@ <% form_tag({:controller => "request", :action => "select_authority"}, {:id => "search_form", :method => "get"}) do %> <div> <p> - <%= _('First, type in the <strong>name of the UK public authority</strong> you\'d + <%= raw(_('First, type in the <strong>name of the UK public authority</strong> you\'d like information from. <strong>By law, they have to respond</strong> - (<a href="%s#%s">why?</a>).') % [help_about_url, "whybother_them"] %> + (<a href="%s#%s">why?</a>).') % [help_about_path, "whybother_them"]) %> </p> - <%= text_field_tag 'query', params[:query], { :size => 30 } %> + <%= text_field_tag 'query', params[:query], { :size => 30, :title => "type your search term here" } %> <%= hidden_field_tag 'bodies', 1 %> <%= submit_tag _('Search') %> </div> diff --git a/app/views/request/show.rhtml b/app/views/request/show.rhtml index cf1f971d9..ef49ef958 100644 --- a/app/views/request/show.rhtml +++ b/app/views/request/show.rhtml @@ -10,8 +10,8 @@ <% end %> <% if @info_request.prominence == 'requester_only' %> <p id="hidden_request"> - <%= _('This request is hidden, so that only you the requester can see it. Please - <a href="%s">contact us</a> if you are not sure why.') % [help_requesting_path] %> + <%= raw(_('This request is hidden, so that only you the requester can see it. Please + <a href="%s">contact us</a> if you are not sure why.') % [help_requesting_path]) %> </p> <% end %> @@ -22,8 +22,6 @@ </div> <% end %> -<%= render :partial => 'sidebar' %> - <div id="left_column"> <h1><%=h(@info_request.title)%></h1> @@ -39,9 +37,9 @@ :user => @info_request.is_external? ? (@info_request.user_name || _('An anonymous user')) : user_link(@info_request.user), :law_used_full => h(@info_request.law_used_full), :user_admin_link => user_admin_link_for_request(@info_request, _('external'), _('admin')), - :request_admin_url => request_admin_url(@info_request), + :request_admin_url => admin_request_show_url(@info_request), :public_body_link => public_body_link(@info_request.public_body), - :public_body_admin_url => public_body_admin_url(@info_request.public_body)) %> + :public_body_admin_url => admin_body_show_url(@info_request.public_body)) %> <% else %> <%= _('{{user}} made this {{law_used_full}} request',:user=>@info_request.is_external? ? (@info_request.user_name || _('An anonymous user')) : user_link(@info_request.user), :law_used_full=>h(@info_request.law_used_full)) %> <%= _('to {{public_body}}',:public_body=>public_body_link(@info_request.public_body)) %> @@ -82,14 +80,14 @@ <%= _('in term time') %> <% end %> <%= _('by') %> <strong><%= simple_date(@info_request.date_response_required_by) %></strong> - (<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>) + (<%= raw(_('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response']) %>) <% elsif @status == 'waiting_response_very_overdue' %> <%= _('Response to this request is <strong>long overdue</strong>.') %> <%= _('By law, under all circumstances, {{public_body_link}} should have responded by now',:public_body_link => public_body_link(@info_request.public_body)) %> - (<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>). + (<%= raw(_('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response']) %>). <% if !@info_request.is_external? %> <%= _('You can <strong>complain</strong> by') %> - <%= link_to _("requesting an internal review"), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup" %>. + <%= link_to _("requesting an internal review"), show_response_no_followup_path(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup" %>. <% end %> <% elsif @status == 'not_held' %> <%= public_body_link(@info_request.public_body) %> <%= _('<strong>did not have</strong> the information requested.') %> @@ -103,12 +101,12 @@ <% if @is_owning_user && !@info_request.is_external? %> <%=h @info_request.public_body.name %> <%= _('is <strong>waiting for your clarification</strong>.') %> <%= _('Please') %> - <%= link_to _("send a follow up message"), respond_to_last_url(@info_request) + '#followup' %>. + <%= link_to _("send a follow up message"), respond_to_last_path(@info_request) + '#followup' %>. <% else %> <%= _('The request is <strong>waiting for clarification</strong>.') %> <% if !@info_request.is_external? %> <%= _('If you are {{user_link}}, please',:user_link=>user_link_for_request(@info_request)) %> - <%= link_to _("sign in"), signin_url(:r => request.request_uri) %> <%= _('to send a follow up message.') %> + <%= link_to _("sign in"), signin_path(:r => request.request_uri) %> <%= _('to send a follow up message.') %> <% end %> <% end %> <% elsif @status == 'gone_postal' %> @@ -148,3 +146,4 @@ <%= render :partial => 'after_actions' %> </div> +<%= render :partial => 'sidebar' %> diff --git a/app/views/request/show_response.rhtml b/app/views/request/show_response.rhtml index c40b37c3b..ac1f04227 100644 --- a/app/views/request/show_response.rhtml +++ b/app/views/request/show_response.rhtml @@ -26,8 +26,8 @@ <%= _('The authority only has a <strong>paper copy</strong> of the information.') %> </dt> <dd> - <%= _('At the bottom of this page, write a reply to them trying to persuade them to scan it in - (<a href="%s">more details</a>).') % [help_privacy_path + '#postal_answer'] %> + <%= raw(_('At the bottom of this page, write a reply to them trying to persuade them to scan it in + (<a href="%s">more details</a>).') % [help_privacy_path + '#postal_answer']) %> </dd> <dt> diff --git a/app/views/request/similar.rhtml b/app/views/request/similar.rhtml index d9806aeb1..0d53f6919 100644 --- a/app/views/request/similar.rhtml +++ b/app/views/request/similar.rhtml @@ -20,4 +20,4 @@ <% end %> <% end %> -<%= will_paginate WillPaginate::Collection.new(@page, @per_page, @xapian_object.matches_estimated) %> +<%= will_paginate WillPaginate::Collection.new(@page, @per_page, @show_no_more_than) %> diff --git a/app/views/request/upload_response.rhtml b/app/views/request/upload_response.rhtml index bc129426d..675951595 100644 --- a/app/views/request/upload_response.rhtml +++ b/app/views/request/upload_response.rhtml @@ -12,7 +12,7 @@ <h1><%= _('Respond to the FOI request')%> '<%=request_link(@info_request)%>'<% _(' made by ')%><%=user_link(@info_request.user) %></h1> <p> - <%= _('Your response will <strong>appear on the Internet</strong>, <a href="%s">read why</a> and answers to other questions.')% [help_officers_path] %> + <%= raw(_('Your response will <strong>appear on the Internet</strong>, <a href="%s">read why</a> and answers to other questions.') % [help_officers_path]) %> </p> <h2><%= _('Respond by email')%></h2> @@ -27,8 +27,8 @@ <h2><%= _('Respond using the web')%></h2> - <p><%= _('Enter your response below. You may attach one file (use email, or - <a href="%s">contact us</a> if you need more).')% [help_contact_path] %></p> + <p><%= raw(_('Enter your response below. You may attach one file (use email, or + <a href="%s">contact us</a> if you need more).')% [help_contact_path]) %></p> <% form_tag '', :id => 'upload_response_form', :multipart => true do %> <p> diff --git a/app/views/request_game/play.rhtml b/app/views/request_game/play.rhtml index eedf19ca2..d5aa0d00e 100644 --- a/app/views/request_game/play.rhtml +++ b/app/views/request_game/play.rhtml @@ -11,7 +11,7 @@ <tr> <td> <%= c += 1 %>. <td> <td> <%= user_link(classifications.user) %> </td> - <td> <%=pluralize(classifications.cnt, 'request').gsub(" ", " ")%> </td> + <td> <%=pluralize(classifications.cnt, 'request').gsub(" ", " ").html_safe %> </td> </tr> <% end %> </table> @@ -22,7 +22,7 @@ <tr> <td> <%= c += 1 %>. <td> <td> <%= user_link(classifications.user) %> </td> - <td> <%= pluralize(classifications.cnt, 'request').gsub(" ", " ")%> </td> + <td> <%= pluralize(classifications.cnt, 'request').gsub(" ", " ").html_safe %> </td> </tr> <% end %> </table> @@ -36,8 +36,8 @@ information has been provided. Everyone'll be exceedingly grateful.")%></p> <%= render :partial => 'request/request_listing_single', :locals => { :info_request => info_request } %> <% end %> <p id="game_buttons"> -<%= button_to _('I don\'t like these ones — give me some more!'), play_url %> -<%= button_to _('I don\'t want to do any more tidying now!'), stop_url %> +<%= button_to _('I don\'t like these ones — give me some more!'), categorise_play_url %> +<%= button_to _('I don\'t want to do any more tidying now!'), categorise_stop_url %> </p> <p><%= _('Thanks for helping - your work will make it easier for everyone to find successful responses, and maybe even let us make league tables...')%></p> diff --git a/app/views/request_mailer/external_response.rhtml b/app/views/request_mailer/external_response.rhtml index e9858f03f..896054a43 100644 --- a/app/views/request_mailer/external_response.rhtml +++ b/app/views/request_mailer/external_response.rhtml @@ -1 +1 @@ -<%=@body%> +<%= raw @body %> diff --git a/app/views/request_mailer/fake_response.rhtml b/app/views/request_mailer/fake_response.rhtml index e9858f03f..896054a43 100644 --- a/app/views/request_mailer/fake_response.rhtml +++ b/app/views/request_mailer/fake_response.rhtml @@ -1 +1 @@ -<%=@body%> +<%= raw @body %> diff --git a/app/views/request_mailer/new_response.rhtml b/app/views/request_mailer/new_response.rhtml index 083f873b4..672212f20 100644 --- a/app/views/request_mailer/new_response.rhtml +++ b/app/views/request_mailer/new_response.rhtml @@ -1,6 +1,6 @@ <%= _('You have a new response to the {{law_used_full}} request ',:law_used_full=>@info_request.law_used_full)%> -'<%= @info_request.title %>' <%=_('that you made to')%> -<%= @info_request.public_body.name %>. +'<%= raw @info_request.title %>' <%=_('that you made to')%> +<%= raw @info_request.public_body.name %>. <%= _('To view the response, click on the link below.')%> diff --git a/app/views/request_mailer/new_response_reminder_alert.rhtml b/app/views/request_mailer/new_response_reminder_alert.rhtml index 86fc71de7..c196dafe6 100644 --- a/app/views/request_mailer/new_response_reminder_alert.rhtml +++ b/app/views/request_mailer/new_response_reminder_alert.rhtml @@ -3,7 +3,7 @@ <%=@url%> <%= _('Your request was called {{info_request}}. Letting everyone know whether you got the information will help us keep tabs on',:info_request=>@info_request.title)%> -<%= @info_request.public_body.name %>. +<%= raw @info_request.public_body.name %>. -- <%= _('the {{site_name}} team', :site_name=>site_name) %> diff --git a/app/views/request_mailer/overdue_alert.rhtml b/app/views/request_mailer/overdue_alert.rhtml index b8a9ba525..249bf6bb8 100644 --- a/app/views/request_mailer/overdue_alert.rhtml +++ b/app/views/request_mailer/overdue_alert.rhtml @@ -1,4 +1,4 @@ -<%= @info_request.public_body.name %> <%= _('have delayed.')%> +<%= raw @info_request.public_body.name %> <%= _('have delayed.')%> <%= _('They have not replied to your {{law_used_short}} request {{title}} promptly, as normally required by law',:law_used_short=>@info_request.law_used_short,:title=>@info_request.title)%><% if @info_request.public_body.is_school? %> <%=_('during term time')%> <% end %>. diff --git a/app/views/request_mailer/requires_admin.rhtml b/app/views/request_mailer/requires_admin.rhtml index 06a798792..e7ab53c59 100644 --- a/app/views/request_mailer/requires_admin.rhtml +++ b/app/views/request_mailer/requires_admin.rhtml @@ -1,9 +1,9 @@ --------------------------------------------------------------------- -<%=@reported_by.name%> <%= _('has reported an')%> <%=@info_request.law_used_short%> +<%= raw @reported_by.name %> <%= _('has reported an')%> <%= raw @info_request.law_used_short %> <%= _('response as needing administrator attention. Take a look, and reply to this email to let them know what you are going to do about it.')%> -Request '<%=@info_request.title%>': +Request '<%= raw @info_request.title %>': <%= @url %> <%= _('Administration URL:') %> diff --git a/app/views/request_mailer/very_overdue_alert.rhtml b/app/views/request_mailer/very_overdue_alert.rhtml index 6abd198a0..80597473c 100644 --- a/app/views/request_mailer/very_overdue_alert.rhtml +++ b/app/views/request_mailer/very_overdue_alert.rhtml @@ -1,4 +1,4 @@ -<%= @info_request.public_body.name %> <%= _('are long overdue.')%> +<%= raw @info_request.public_body.name %> <%= _('are long overdue.')%> <%= _('They have not replied to your {{law_used_short}} request {{title}}, as required by law',:law_used_short=>@info_request.law_used_short,:title=>@info_request.title)%><% if @info_request.public_body.is_school? %> <%= _('even during holidays')%><% end %>. diff --git a/app/views/track/_tracking_links.rhtml b/app/views/track/_tracking_links.rhtml index 3ba9d15e2..d89c0e4a9 100644 --- a/app/views/track/_tracking_links.rhtml +++ b/app/views/track/_tracking_links.rhtml @@ -14,15 +14,15 @@ <% elsif track_thing %> <div class="feed_link feed_link_<%=location%>"> <% if defined? follower_count && follower_count > 0 %> - <%= link_to _("I like this request"), do_track_url(track_thing), :class => "link_button_green" %> + <%= link_to _("I like this request"), do_track_path(track_thing), :class => "link_button_green" %> <% else %> - <%= link_to _("Follow"), do_track_url(track_thing), :class => "link_button_green" %> + <%= link_to _("Follow"), do_track_path(track_thing), :class => "link_button_green" %> <% end %> </div> <div class="feed_link feed_link_<%=location%>"> - <%= link_to '<img src="/images/feed-16.png" alt="">', do_track_url(track_thing, 'feed') %> - <%= link_to (location == 'sidebar' ? _('RSS feed of updates') : _('RSS feed')), do_track_url(track_thing, 'feed') %> + <%= link_to '<img src="/images/feed-16.png" alt="">'.html_safe, do_track_path(track_thing, 'feed') %> + <%= link_to (location == 'sidebar' ? _('RSS feed of updates') : _('RSS feed')), do_track_path(track_thing, 'feed') %> </div> <% end %> diff --git a/app/views/track/atom_feed.atom.builder b/app/views/track/atom_feed.atom.builder deleted file mode 100644 index d1e9310b8..000000000 --- a/app/views/track/atom_feed.atom.builder +++ /dev/null @@ -1,25 +0,0 @@ -atom_feed do |feed| - feed.title(@track_thing.params[:title_in_rss]) - @highlight_words = @xapian_object.words_to_highlight - - for result in @xapian_object.results - feed.entry(result[:model]) do |entry| - # Get the HTML content from the same partial template as website search does - content = '' - if result[:model].class.to_s == 'InfoRequestEvent' - content += render :partial => 'request/request_listing_via_event', :locals => { :event => result[:model], :info_request => result[:model].info_request } - else - content = "<p><strong>Unknown search result type " + result[:model].class.to_s + "</strong></p>" - end - # Pull out the heading as separate item, from the partial template - content.match(/(<span class="head">\s+<a href="[^>]*">(.*)<\/a>\s+<\/span>)/) - heading = $1 - heading_text = $2 - content.sub!(heading, "") - # Render the atom - entry.title(heading_text, :type => 'html') - entry.content(content, :type => 'html') - end - end -end - diff --git a/app/views/track/atom_feed.atom.erb b/app/views/track/atom_feed.atom.erb new file mode 100644 index 000000000..23c932308 --- /dev/null +++ b/app/views/track/atom_feed.atom.erb @@ -0,0 +1,30 @@ +<?xml version="1.0" encoding="UTF-8"?> +<feed xml:lang="en-US" xmlns="http://www.w3.org/2005/Atom"> + <id>tag:<%= request.host %>,2005:<%= request.fullpath.split(".")[0] %></id> + <link type="text/html" rel="alternate" href="<%= request.protocol + request.host_with_port %>"/> + <link type="application/atom+xml" rel="self" href="<%= request.url %>"/> + <title><%= @track_thing.params[:title_in_rss] %></title> + <% @xapian_object.results.each do |result| %> + <% + # Get the HTML content from the same partial template as website search does + content = '' + if result[:model].class.to_s == 'InfoRequestEvent' + content += render :partial => 'request/request_listing_via_event', :locals => { :event => result[:model], :info_request => result[:model].info_request } + else + content = "<p><strong>Unknown search result type " + result[:model].class.to_s + "</strong></p>" + end + # Pull out the heading as separate item, from the partial template + content.match(/(<span class="head">\s+<a href="[^>]*">(.*)<\/a>\s+<\/span>)/) + heading = $1 + heading_text = $2 + content.sub!(heading, "") + %> + <entry> + <id>tag:<%= request.host %>,2005:<%= result[:model].class %>/<%= result[:model].id %></id> + <published><%= result[:model].created_at.xmlschema %></published> + <link type="text/html" rel="alternate" href="<%= polymorphic_url(result[:model]) %>"/> + <title type="html"><%= heading_text %></title> + <content type="html"><%= content %></content> + </entry> + <% end %> +</feed> diff --git a/app/views/track_mailer/event_digest.rhtml b/app/views/track_mailer/event_digest.rhtml index 2c2e3c957..8dbc7fe06 100644 --- a/app/views/track_mailer/event_digest.rhtml +++ b/app/views/track_mailer/event_digest.rhtml @@ -17,17 +17,17 @@ # e.g. Julian Burgess sent a request to Royal Mail Group (15 May 2008) if event.event_type == 'response' - url = main_url(incoming_message_url(event.incoming_message)) + url = incoming_message_url(event.incoming_message) main_text += _("{{public_body}} sent a response to {{user_name}}", :public_body => event.info_request.public_body.name, :user_name => event.info_request.user_name) elsif event.event_type == 'followup_sent' - url = main_url(outgoing_message_url(event.outgoing_message)) + url = outgoing_message_url(event.outgoing_message) main_text += _("{{user_name}} sent a follow up message to {{public_body}}", :user_name => event.info_request.user_name, :public_body => event.info_request.public_body.name) elsif event.event_type == 'sent' # this is unlikely to happen in real life, but happens in the test code - url = main_url(outgoing_message_url(event.outgoing_message)) + url = outgoing_message_url(event.outgoing_message) main_text += _("{{user_name}} sent a request to {{public_body}}", :user_name => event.info_request.user_name, :public_body => event.info_request.public_body.name) elsif event.event_type == 'comment' - url = main_url(comment_url(event.comment)) + url = comment_url(event.comment) main_text += _("{{user_name}} added an annotation", :user_name => event.comment.user.name) else raise "unknown type in event_digest " + event.event_type @@ -57,7 +57,7 @@ main_text += "\n" end -%><%=main_text%><%= _("Alter your subscription")%> +%><%=raw main_text%><%= _("Alter your subscription")%> ======================= <% _("Please click on the link below to cancel or alter these emails.") %> diff --git a/app/views/user/_show_user_info.rhtml b/app/views/user/_show_user_info.rhtml index 3c229e9ce..305300236 100644 --- a/app/views/user/_show_user_info.rhtml +++ b/app/views/user/_show_user_info.rhtml @@ -4,7 +4,7 @@ <img class="comment_quote" src="/images/quote-marks.png" alt=""> <%= @display_user.get_about_me_for_html_display %> <% if @is_you %> - (<%= link_to _("edit text about you"), set_profile_about_me_url() %>) + (<%= link_to _("edit text about you"), set_profile_about_me_path %>) <% end %> </div> <% end %> @@ -12,9 +12,9 @@ <% if @is_you %> <p id="user_change_password_email"> <% if @display_user.profile_photo %> - <%= link_to _('Change profile photo'), set_profile_photo_url() %> | + <%= link_to _('Change profile photo'), set_profile_photo_path %> | <% end %> - <%= link_to _('Change your password'), signchangepassword_url() %> | - <%= link_to _('Change your email'), signchangeemail_url() %> + <%= link_to _('Change your password'), signchangepassword_path %> | + <%= link_to _('Change your email'), signchangeemail_path %> </p> <% end %> diff --git a/app/views/user/_signin.rhtml b/app/views/user/_signin.rhtml index c4d917991..7db07e4b4 100644 --- a/app/views/user/_signin.rhtml +++ b/app/views/user/_signin.rhtml @@ -18,7 +18,7 @@ </p> <p class="form_note"> - <%= link_to _('Forgotten your password?'), signchangepassword_url + "?pretoken=" + h(params[:token]), :tabindex => 30 %> + <%= link_to _('Forgotten your password?'), signchangepassword_path + "?pretoken=" + h(params[:token]), :tabindex => 30 %> </p> <p class="form_checkbox"> diff --git a/app/views/user/_signup.rhtml b/app/views/user/_signup.rhtml index bbb73e5c6..89ab19b7e 100644 --- a/app/views/user/_signup.rhtml +++ b/app/views/user/_signup.rhtml @@ -10,8 +10,8 @@ <%= text_field 'user_signup', 'email', { :size => 20, :tabindex => 60 } %> </p> <div class="form_item_note"> - <%= _('We will not reveal your email address to anybody unless you or - the law tell us to (<a href="%s">details</a>). ') %[help_privacy_path] %> + <%= raw(_('We will not reveal your email address to anybody unless you or + the law tell us to (<a href="%s">details</a>). ') %[help_privacy_path]) %> </div> <p> @@ -19,11 +19,11 @@ <%= text_field 'user_signup', 'name', { :size => 20, :tabindex => 70, :autocomplete => "off" } %> </p> <div class="form_item_note"> - <%= _('Your <strong>name will appear publicly</strong> + <%= raw(_('Your <strong>name will appear publicly</strong> (<a href="%s">why?</a>) on this website and in search engines. If you are thinking of using a pseudonym, please - <a href="%s">read this first</a>.') % [help_privacy_path+"#public_request", help_privacy_path+"#real_name"] %> + <a href="%s">read this first</a>.') % [help_privacy_path+"#public_request", help_privacy_path+"#real_name"]) %> </div> <p> diff --git a/app/views/user/_user_listing_single.rhtml b/app/views/user/_user_listing_single.rhtml index 53df3a7e8..ed1b95718 100644 --- a/app/views/user/_user_listing_single.rhtml +++ b/app/views/user/_user_listing_single.rhtml @@ -5,14 +5,14 @@ end %> <div class="user_listing"> <% if display_user.profile_photo %> <div class="user_photo_on_search"> - <a href="<%=user_url(display_user)%>"> + <a href="<%=user_path(display_user)%>"> <img src="<%= get_profile_photo_url(:url_name => display_user.url_name) %>" alt=""> </a> </div> <% end %> <span class="head <% if display_user.profile_photo %>no_icon<% end %>"> - <%= link_to highlight_words(display_user.name, @highlight_words), user_url(display_user) %> + <%= link_to highlight_words(display_user.name, @highlight_words), user_path(display_user) %> </span> <span class="bottomline"> diff --git a/app/views/user/no_cookies.rhtml b/app/views/user/no_cookies.rhtml index b5c36b57e..c291367f2 100644 --- a/app/views/user/no_cookies.rhtml +++ b/app/views/user/no_cookies.rhtml @@ -12,11 +12,11 @@ browser. Then press refresh to have another go.')%></p> <p><%= _('If your browser is set to accept cookies and you are seeing this message, then there is probably a fault with our server.')%> -<%= _('Please <a href="%s">get in touch</a> with us so we can fix it.') % [help_contact_path] %> +<%= raw(_('Please <a href="%s">get in touch</a> with us so we can fix it.') % [help_contact_path]) %> <%= _('Let us know what you were doing when this message appeared and your browser and operating system type and version.')%></p> -<p><%= _('If you are still having trouble, please <a href="%s">contact us</a>.') % [help_contact_path] %> +<p><%= raw(_('If you are still having trouble, please <a href="%s">contact us</a>.') % [help_contact_path]) %> </p> diff --git a/app/views/user/set_draft_profile_photo.rhtml b/app/views/user/set_draft_profile_photo.rhtml index b3faba7fc..757498249 100644 --- a/app/views/user/set_draft_profile_photo.rhtml +++ b/app/views/user/set_draft_profile_photo.rhtml @@ -52,7 +52,7 @@ <% end %> <p> - <%= link_to _("Cancel, return to your profile page"), user_url(@user) %> + <%= link_to _("Cancel, return to your profile page"), user_path(@user) %> </p> </div> diff --git a/app/views/user/show.rhtml b/app/views/user/show.rhtml index 12a9d3f74..a3dea619d 100644 --- a/app/views/user/show.rhtml +++ b/app/views/user/show.rhtml @@ -55,7 +55,7 @@ <% else %> <% if @is_you %> <span id="set_photo"> - <%= link_to _('Set your profile photo'), set_profile_photo_url() %> + <%= link_to _('Set your profile photo'), set_profile_photo_path %> </span> <% end %> <% end %> @@ -66,12 +66,12 @@ <p class="subtitle"> <%= _('Joined {{site_name}} in', :site_name=>site_name) %> <%= year_from_date(@display_user.created_at) %> <% if !@user.nil? && @user.admin_page_links? %> - (<%= link_to "admin", user_admin_url(@display_user) %>) + (<%= link_to "admin", admin_user_show_path(@display_user) %>) <% end %> </p> <p> - <%= link_to _('Send message to ') + h(@display_user.name), contact_user_url(:id => @display_user.id) %> + <%= link_to _('Send message to ') + h(@display_user.name), contact_user_path(:id => @display_user.id) %> <% if @is_you %> (<%= _('just to see how it works')%>) <% end %> @@ -97,7 +97,7 @@ <% if not @is_you %> <p id="user_not_logged_in"> - <%= _('<a href="%s">Sign in</a> to change password, subscriptions and more ({{user_name}} only)',:user_name=>h(@display_user.name)) % [signin_url(:r => request.request_uri)]%> + <%= raw(_('<a href="%s">Sign in</a> to change password, subscriptions and more ({{user_name}} only)',:user_name=>h(@display_user.name)) % [signin_url(:r => request.request_uri)]) %> </p> <% end %> </div> @@ -109,7 +109,7 @@ <div id="user_profile_search"> <% form_tag(show_user_url, :method => "get", :id=>"search_form") do %> <div> - <%= text_field_tag(:user_query, params[:user_query]) %> + <%= text_field_tag(:user_query, params[:user_query], {:title => "type your search term here" }) %> <% if @is_you %> <%= submit_tag(_("Search your contributions")) %> <% else %> diff --git a/app/views/user/sign.rhtml b/app/views/user/sign.rhtml index 4704ea95a..6a1979155 100644 --- a/app/views/user/sign.rhtml +++ b/app/views/user/sign.rhtml @@ -1,16 +1,16 @@ + <% if !@post_redirect.nil? && @post_redirect.reason_params[:user_name] %> <% @title = _("Sign in") %> - <div id="sign_alone"> <p id="sign_in_reason"> <% if @post_redirect.reason_params[:web].empty? %> <%= _('Please sign in as ')%><%= link_to h(@post_redirect.reason_params[:user_name]), @post_redirect.reason_params[:user_url] %>. <% else %> - <%= @post_redirect.reason_params[:web] %>, + <%= @post_redirect.reason_params[:web] %>, <%= _('please sign in as ')%><%= link_to h(@post_redirect.reason_params[:user_name]), @post_redirect.reason_params[:user_url] %>. <% end %> - </p> + </p> <% if @post_redirect.post_params["controller"] == "admin_general" %> <p id="superuser_message">Don't have a superuser account yet? <%= link_to "Sign in as the emergency user", @post_redirect.uri + "?emergency=1" %></p> <% end %> @@ -22,7 +22,16 @@ <% else %> <% @title = _('Sign in or make a new account') %> - <div id="sign_together"> + <div id="sign_together"> + <% if !@post_redirect.nil? %> + <p id="sign_in_reason"> + <% if @post_redirect.reason_params[:web].empty? %> + <%= _('Please sign in or make a new account.') %> + <% else %> + <%= _('{{reason}}, please sign in or make a new account.', :reason => @post_redirect.reason_params[:web]) %> + <% end %> + </p> + <% end %> <div id="left_half"> <h1><%= _('Sign in') %></h1> <%= render :partial => 'signin', :locals => { :sign_in_as_existing_user => false } %> diff --git a/app/views/user/wrong_user_unknown_email.rhtml b/app/views/user/wrong_user_unknown_email.rhtml index 77a2ca001..c59c56941 100644 --- a/app/views/user/wrong_user_unknown_email.rhtml +++ b/app/views/user/wrong_user_unknown_email.rhtml @@ -1,8 +1,8 @@ <p id="sign_in_reason"> -<%= @reason_params[:web] %>. <%= _('Unfortunately we don\'t know the FOI +<%= @reason_params[:web] %>. <%= raw(_('Unfortunately we don\'t know the FOI email address for that authority, so we can\'t validate this. -Please <a href="%s">contact us</a> to sort it out.') % [help_contact_path] %> +Please <a href="%s">contact us</a> to sort it out.') % [help_contact_path]) %> </p> diff --git a/app/views/user_mailer/already_registered.rhtml b/app/views/user_mailer/already_registered.rhtml index 59ffcbf94..32c2c7e63 100644 --- a/app/views/user_mailer/already_registered.rhtml +++ b/app/views/user_mailer/already_registered.rhtml @@ -1,10 +1,10 @@ -<%= @name %>, +<%= raw @name %>, <%= _('You just tried to sign up to {{site_name}}, when you already have an account. Your name and password have been left as they previously were. -Please click on the link below.', :site_name=>site_name)%> <%=@reasons[:email]%> +Please click on the link below.', :site_name=>site_name)%> <%=raw @reasons[:email] %> <%=@url%> diff --git a/app/views/user_mailer/changeemail_confirm.rhtml b/app/views/user_mailer/changeemail_confirm.rhtml index ffb9737f7..c73e9486b 100644 --- a/app/views/user_mailer/changeemail_confirm.rhtml +++ b/app/views/user_mailer/changeemail_confirm.rhtml @@ -1,4 +1,4 @@ -<%= @name %>, +<%= raw @name %>, <%= _('Please click on the link below to confirm that you want to change the email address that you use for {{site_name}} diff --git a/app/views/user_mailer/confirm_login.rhtml b/app/views/user_mailer/confirm_login.rhtml index 6f4feff00..fa86dc2b1 100644 --- a/app/views/user_mailer/confirm_login.rhtml +++ b/app/views/user_mailer/confirm_login.rhtml @@ -1,7 +1,7 @@ -<%= @name %>, +<%= raw @name %>, <%= _('Please click on the link below to confirm your email address.')%> -<%=@reasons[:email]%> +<%= raw @reasons[:email] %> <%=@url%> |