aboutsummaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/controllers/admin_controller.rb2
-rw-r--r--app/controllers/admin_request_controller.rb23
-rw-r--r--app/controllers/application_controller.rb3
-rw-r--r--app/controllers/request_controller.rb15
-rw-r--r--app/models/foi_attachment.rb23
-rw-r--r--app/models/info_request.rb6
-rw-r--r--app/views/request/show.rhtml42
7 files changed, 77 insertions, 37 deletions
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
index d8fda9c01..08528f8a8 100644
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@@ -36,7 +36,7 @@ class AdminController < ApplicationController
# also force a search reindexing (so changed text reflected in search)
info_request.reindex_request_events
- # and remove from varnsi
+ # and remove from varnish
info_request.purge_in_cache
end
diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb
index ae4bb511a..0b58a95e5 100644
--- a/app/controllers/admin_request_controller.rb
+++ b/app/controllers/admin_request_controller.rb
@@ -28,8 +28,8 @@ class AdminRequestController < AdminController
@info_request = InfoRequest.find(params[:id])
# XXX is this *really* the only way to render a template to a
# variable, rather than to the response?
- vars = OpenStruct.new(:name_to => @info_request.user_name,
- :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'),
+ vars = OpenStruct.new(:name_to => @info_request.user_name,
+ :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'),
:info_request => @info_request, :reason => params[:reason],
:info_request_url => 'http://' + MySociety::Config.get('DOMAIN') + request_url(@info_request),
:site_name => site_name)
@@ -81,6 +81,8 @@ class AdminRequestController < AdminController
:old_handle_rejected_responses => old_handle_rejected_responses, :handle_rejected_responses => @info_request.handle_rejected_responses,
:old_tag_string => old_tag_string, :tag_string => @info_request.tag_string
})
+ # expire cached files
+ expire_for_request(@info_request)
flash[:notice] = 'Request successfully updated.'
redirect_to request_admin_url(@info_request)
else
@@ -95,7 +97,8 @@ class AdminRequestController < AdminController
url_title = @info_request.url_title
@info_request.fully_destroy
-
+ # expire cached files
+ expire_for_request(@info_request)
flash[:notice] = "Request #{url_title} has been completely destroyed. Email of user who made request: " + user.email
redirect_to admin_url('request/list')
end
@@ -166,7 +169,8 @@ class AdminRequestController < AdminController
@incoming_message.fully_destroy
@incoming_message.info_request.log_event("destroy_incoming",
{ :editor => admin_http_auth_user(), :deleted_incoming_message_id => incoming_message_id })
-
+ # expire cached files
+ expire_for_request(@info_request)
flash[:notice] = 'Incoming message successfully destroyed.'
redirect_to request_admin_url(@info_request)
end
@@ -174,6 +178,7 @@ class AdminRequestController < AdminController
def redeliver_incoming
incoming_message = IncomingMessage.find(params[:redeliver_incoming_message_id])
message_ids = params[:url_title].split(",").each {|x| x.strip}
+ previous_request = incoming_message.info_request
destination_request = nil
ActiveRecord::Base.transaction do
for m in message_ids
@@ -184,7 +189,7 @@ class AdminRequestController < AdminController
end
if destination_request.nil?
flash[:error] = "Failed to find destination request '" + m + "'"
- return redirect_to request_admin_url(incoming_message.info_request)
+ return redirect_to request_admin_url(previous_request)
end
raw_email_data = incoming_message.raw_email.data
@@ -201,6 +206,8 @@ class AdminRequestController < AdminController
flash[:notice] = "Message has been moved to request(s). Showing the last one:"
end
+ # expire cached files
+ expire_for_request(previous_request)
incoming_message.fully_destroy
end
redirect_to request_admin_url(destination_request)
@@ -344,14 +351,14 @@ class AdminRequestController < AdminController
explanation = params[:explanation]
info_request = InfoRequest.find(params[:id])
info_request.prominence = "requester_only"
-
+
info_request.log_event("hide", {
:editor => admin_http_auth_user(),
:reason => params[:reason],
:subject => subject,
:explanation => explanation
})
-
+
info_request.set_described_state(params[:reason])
info_request.save!
@@ -360,6 +367,8 @@ class AdminRequestController < AdminController
subject,
params[:explanation]
)
+ # expire cached files
+ expire_for_request(info_request)
flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name))
redirect_to request_admin_url(info_request)
end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 11f21025c..40fa018aa 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -206,13 +206,16 @@ class ApplicationController < ActionController::Base
foi_cache_path = File.expand_path(File.join(File.dirname(__FILE__), '../../cache'))
return File.join(foi_cache_path, path)
end
+
def foi_fragment_cache_exists?(key_path)
return File.exists?(key_path)
end
+
def foi_fragment_cache_read(key_path)
logger.info "Reading from fragment cache #{key_path}"
return File.read(key_path)
end
+
def foi_fragment_cache_write(key_path, content)
FileUtils.mkdir_p(File.dirname(key_path))
logger.info "Writing to fragment cache #{key_path}"
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 7f42eeb7e..b28252ce4 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -313,7 +313,7 @@ class RequestController < ApplicationController
# case the list of errors will also contain a more specific error
# describing the reason it is invalid.
@info_request.errors.delete("outgoing_messages")
-
+
render :action => 'new'
return
end
@@ -659,6 +659,11 @@ class RequestController < ApplicationController
@info_request = incoming_message.info_request # used by view
render :template => 'request/hidden', :status => 410 # gone
end
+ # Is this a completely public request that we can cache attachments for
+ # to be served up without authentication?
+ if incoming_message.info_request.all_can_view?
+ @files_can_be_cached = true
+ end
end
def report_request
@@ -668,7 +673,7 @@ class RequestController < ApplicationController
:email => _("Then you can report the request '{{title}}'", :title => info_request.title),
:email_subject => _("Report an offensive or unsuitable request")
)
-
+
if !info_request.attention_requested
info_request.set_described_state('attention_requested', @user)
info_request.attention_requested = true # tells us if attention has ever been requested
@@ -689,6 +694,7 @@ class RequestController < ApplicationController
key = params.merge(:only_path => true)
key_path = foi_fragment_cache_path(key)
if foi_fragment_cache_exists?(key_path)
+ logger.info("Reading cache for #{key_path}")
raise PermissionDenied.new("Directory listing not allowed") if File.directory?(key_path)
cached = foi_fragment_cache_read(key_path)
response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream'
@@ -703,7 +709,10 @@ class RequestController < ApplicationController
# various fragment cache functions using Ruby Marshall to write the file
# which adds a header, so isnt compatible with images that have been
# extracted elsewhere from PDFs)
- foi_fragment_cache_write(key_path, response.body)
+ if @files_can_be_cached == true
+ logger.info("Writing cache for #{key_path}")
+ foi_fragment_cache_write(key_path, response.body)
+ end
end
end
end
diff --git a/app/models/foi_attachment.rb b/app/models/foi_attachment.rb
index 9bbf0988f..a40898aef 100644
--- a/app/models/foi_attachment.rb
+++ b/app/models/foi_attachment.rb
@@ -1,3 +1,5 @@
+# encoding: UTF-8
+
# == Schema Information
# Schema version: 114
#
@@ -14,8 +16,6 @@
# hexdigest :string(32)
#
-# encoding: UTF-8
-
# models/foi_attachment.rb:
# An attachment to an email (IncomingMessage)
#
@@ -315,14 +315,21 @@ class FoiAttachment < ActiveRecord::Base
tempfile.print self.body
tempfile.flush
+ html = nil
if self.content_type == 'application/pdf'
- html = AlaveteliExternalCommand.run("pdftohtml", "-nodrm", "-zoom", "1.0", "-stdout", "-enc", "UTF-8", "-noframes", tempfile.path)
+ # We set a timeout here, because pdftohtml can spiral out of control
+ # on some PDF files and we don’t want to crash the whole server.
+ html = AlaveteliExternalCommand.run("pdftohtml", "-nodrm", "-zoom", "1.0", "-stdout", "-enc", "UTF-8", "-noframes", tempfile.path, :timeout => 30)
elsif self.content_type == 'application/rtf'
- html = AlaveteliExternalCommand.run("unrtf", "--html", tempfile.path)
- elsif self.has_google_docs_viewer?
- html = '' # force error and using Google docs viewer
- else
- raise "No HTML conversion available for type " + self.content_type
+ html = AlaveteliExternalCommand.run("unrtf", "--html", tempfile.path, :timeout => 120)
+ end
+
+ if html.nil?
+ if self.has_google_docs_viewer?
+ html = '' # force error and using Google docs viewer
+ else
+ raise "No HTML conversion available for type " + self.content_type
+ end
end
tempfile.close
diff --git a/app/models/info_request.rb b/app/models/info_request.rb
index dfaa524b2..a7d09401b 100644
--- a/app/models/info_request.rb
+++ b/app/models/info_request.rb
@@ -1036,6 +1036,12 @@ public
return true
end
+ # Is this request visible to everyone?
+ def all_can_view?
+ return true if ['normal', 'backpage'].include?(self.prominence)
+ return false
+ end
+
def indexed_by_search?
if self.prominence == 'backpage' || self.prominence == 'hidden' || self.prominence == 'requester_only'
return false
diff --git a/app/views/request/show.rhtml b/app/views/request/show.rhtml
index a7760ab19..b4795fc21 100644
--- a/app/views/request/show.rhtml
+++ b/app/views/request/show.rhtml
@@ -27,6 +27,7 @@
<div id="left_column">
<h1><%=h(@info_request.title)%></h1>
+
<% if !@info_request.is_external? && @info_request.user.profile_photo %>
<p class="user_photo_on_request">
<img src="<%= get_profile_photo_url(:url_name => @info_request.user.url_name) %>" alt="">
@@ -43,49 +44,54 @@
:public_body_link => public_body_link(@info_request.public_body),
:public_body_admin_url => public_body_admin_url(@info_request.public_body)) %>
<% else %>
+
+
<%= _('{{user}} made this {{law_used_full}} request',:user=>@info_request.user.nil? ? @info_request.user_name : user_link(@info_request.user), :law_used_full=>h(@info_request.law_used_full)) %>
- <%= _('to {{public_body}}',:public_body=>public_body_link(@info_request.public_body)) %>
+ <%= _('to {{public_body}}',:public_body=>public_body_link(@info_request.public_body)) %>
+
<% end %>
</p>
<p id="request_status" class="request_icon_line icon_<%= @info_request.calculate_status %>">
<% if @info_request.awaiting_description %>
<% if @is_owning_user %>
- <%= _('Please <strong>answer the question above</strong> so we know whether the ')%>
+ <%= _('Please <strong>answer the question above</strong> so we know whether the ')%>
<%= MySociety::Format.fancy_pluralize(@new_responses_count, 'recent response contains', 'recent responses contain') %> <%= _('useful information.') %>
<% else %>
<%= _('This request has an <strong>unknown status</strong>.') %>
<% if @old_unclassified %>
- <%= _('We\'re waiting for someone to read') %>
+ <%= _('We\'re waiting for someone to read') %>
<%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %>
<%= _('and update the status accordingly. Perhaps <strong>you</strong> might like to help out by doing that?') %>
<% else %>
<%= _('We\'re waiting for') %>
- <%= user_link_for_request(@info_request) %> <%= _('to read') %>
- <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %>
+
+ <%= user_link_for_request(@info_request) %> <%= _('to read') %>
+ <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %>
+
<%= _('and update the status.') %>
<% end %>
<% end %>
<% elsif @status == 'waiting_response' %>
- <%= _('Currently <strong>waiting for a response</strong> from {{public_body_link}}, they must respond promptly and', :public_body_link=> public_body_link(@info_request.public_body)) %>
+ <%= _('Currently <strong>waiting for a response</strong> from {{public_body_link}}, they must respond promptly and', :public_body_link=> public_body_link(@info_request.public_body)) %>
<% if @info_request.public_body.is_school? %>
<%= _('in term time') %>
<% else %>
- <%= _('normally') %>
+ <%= _('normally') %>
<% end %>
<%= _('no later than') %> <strong><%= simple_date(@info_request.date_response_required_by) %></strong>
(<%= link_to _("details"), "/help/requesting#quickly_response" %>).
<% elsif @status == 'waiting_response_overdue' %>
<%= _('Response to this request is <strong>delayed</strong>.') %>
- <%= _('By law, {{public_body_link}} should normally have responded <strong>promptly</strong> and',:public_body_link=>public_body_link(@info_request.public_body)) %>
+ <%= _('By law, {{public_body_link}} should normally have responded <strong>promptly</strong> and',:public_body_link=>public_body_link(@info_request.public_body)) %>
<% if @info_request.public_body.is_school? %>
- <%= _('in term time') %>
+ <%= _('in term time') %>
<% end %>
<%= _('by') %> <strong><%= simple_date(@info_request.date_response_required_by) %></strong>
- (<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>)
+ (<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>)
<% elsif @status == 'waiting_response_very_overdue' %>
- <%= _('Response to this request is <strong>long overdue</strong>.') %>
- <%= _('By law, under all circumstances, {{public_body_link}} should have responded by now',:public_body_link => public_body_link(@info_request.public_body)) %>
+ <%= _('Response to this request is <strong>long overdue</strong>.') %>
+ <%= _('By law, under all circumstances, {{public_body_link}} should have responded by now',:public_body_link => public_body_link(@info_request.public_body)) %>
(<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>).
<%= _('You can <strong>complain</strong> by') %>
<%= link_to _("requesting an internal review"), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup" %>.
@@ -99,25 +105,25 @@
<%= _('The request was <strong>partially successful</strong>.') %>
<% elsif @status == 'waiting_clarification' %>
<% if @is_owning_user %>
- <%=h @info_request.public_body.name %> <%= _('is <strong>waiting for your clarification</strong>.') %>
+ <%=h @info_request.public_body.name %> <%= _('is <strong>waiting for your clarification</strong>.') %>
<%= _('Please') %>
<%= link_to _("send a follow up message"), respond_to_last_url(@info_request) + '#followup' %>.
<% else %>
- <%= _('The request is <strong>waiting for clarification</strong>.') %>
- <%= _('If you are {{user_link}}, please',:user_link=>user_link_for_request(@info_request)) %>
+ <%= _('The request is <strong>waiting for clarification</strong>.') %>
+ <%= _('If you are {{user_link}}, please',:user_link=>user_link_for_request(@info_request)) %>
<%= link_to _("sign in"), signin_url(:r => request.request_uri) %> <%= _('to send a follow up message.') %>
<% end %>
<% elsif @status == 'gone_postal' %>
<%= _('The authority would like to / has <strong>responded by post</strong> to this request.') %>
<% elsif @status == 'internal_review' %>
- <%= _('Waiting for an <strong>internal review</strong> by {{public_body_link}} of their handling of this request.',:public_body_link=>public_body_link(@info_request.public_body)) %>
+ <%= _('Waiting for an <strong>internal review</strong> by {{public_body_link}} of their handling of this request.',:public_body_link=>public_body_link(@info_request.public_body)) %>
<% elsif @status == 'error_message' %>
<%= _('There was a <strong>delivery error</strong> or similar, which needs fixing by the {{site_name}} team.', :site_name=>site_name) %>
<% elsif @status == 'requires_admin' %>
<%= _('This request has had an unusual response, and <strong>requires attention</strong> from the {{site_name}} team.', :site_name=>site_name) %>
<% elsif @status == 'user_withdrawn' %>
- <%= _('This request has been <strong>withdrawn</strong> by the person who made it.
- There may be an explanation in the correspondence below.') %>
+ <%= _('This request has been <strong>withdrawn</strong> by the person who made it.
+ There may be an explanation in the correspondence below.') %>
<% elsif @status == 'attention_requested' %>
<%= _('This request has been <strong>reported</strong> as needing administrator attention (perhaps because it is vexatious, or a request for personal information)') %>
<% elsif @status == 'vexatious' %>
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-04 09:58:29 +0000