From a12d270667df81d81f641c88fd924cd5fd99edfd Mon Sep 17 00:00:00 2001 From: francis Date: Tue, 30 Jun 2009 14:28:25 +0000 Subject: Use caching that allows pre-authentication. Add test code for hidden requests. Make super users able to view hidden requests. --- app/controllers/admin_controller.rb | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) (limited to 'app/controllers/admin_controller.rb') diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index 5810b4b04..9ca891bf2 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: admin_controller.rb,v 1.25 2009-06-23 13:52:25 francis Exp $ +# $Id: admin_controller.rb,v 1.26 2009-06-30 14:28:25 francis Exp $ class AdminController < ApplicationController @@ -18,22 +18,20 @@ class AdminController < ApplicationController # Expire cached attachment files for a request def expire_for_request(info_request) - # So is using latest censor rules - info_request.reload - - # clear out cached entries - for incoming_message in info_request.incoming_messages - for attachment in incoming_message.get_attachments_for_display - expire_page :controller => 'request', :action => "get_attachment", :id => info_request.id, - :incoming_message_id => incoming_message.id, - :part => attachment.url_part_number, :file_name => attachment.display_filename - expire_page :controller => 'request', :action => "get_attachment_as_html", :id => info_request.id, - :incoming_message_id => incoming_message.id, - :part => attachment.url_part_number, :file_name => attachment.display_filename - end - end + # Clear out cached entries - use low level expire_fragment, even though + # we are clearing results from caches_action, for several reasons: + # * We can't use expire_action here, as doesn't seem to be + # compatible with the :only_path we used in the caches_action + # call. + # * expire_fragment lets us use a regular expression which is + # simpler than having to get all the parameters right for the + # path, and calling for HTML version vs. raw attachment version. + # * Regular expression means we cope properly with filenames + # changed by censor rules, which change the URL. + # * It's also possible to load a file with any name by changing + # the URL, the regular expression makes sure the cache is + # cleared even if someone did that. + expire_fragment /views\/request\/#{info_request.id}.*/ end - - end -- cgit v1.2.3