From 7e6fdfc403c4c35052d5432a844bf9855e217db7 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 19 Sep 2013 17:19:21 +0100 Subject: Add a select_authorities action. --- app/controllers/request_controller.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index d982bd391..70151f43f 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -43,6 +43,9 @@ class RequestController < ApplicationController medium_cache end + def select_authorities + end + def show if !AlaveteliConfiguration::varnish_host.blank? # If varnish is set up to accept PURGEs, then cache for a -- cgit v1.2.3 From d75607f15efe0886ee008c4425b824b485e612bc Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Mon, 23 Sep 2013 14:23:01 +0100 Subject: Handle not enabled, no user, unauthorised user. --- app/controllers/request_controller.rb | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 70151f43f..11e85764a 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -44,6 +44,20 @@ class RequestController < ApplicationController end def select_authorities + if !AlaveteliConfiguration::allow_batch_requests + raise RouteNotFound.new("Page not enabled") + end + if !authenticated?( + :web => _("To make a batch request"), + :email => _("Then you can make a batch request"), + :email_subject => _("Make a batch request"), + :user_name => "a user who has been authorised to make batch requests") + # do nothing - as "authenticated?" has done the redirect to signin page for us + return + end + if !@user.can_make_batch_requests? + return render_hidden('request/batch_not_allowed') + end end def show @@ -674,7 +688,7 @@ class RequestController < ApplicationController end if !incoming_message.user_can_view?(authenticated_user) @incoming_message = incoming_message # used by view - return render_hidden_message + return render_hidden('request/hidden_correspondence') end # Is this a completely public request that we can cache attachments for # to be served up without authentication? @@ -888,19 +902,10 @@ class RequestController < ApplicationController private - def render_hidden - respond_to do |format| - response_code = 403 # forbidden - format.html{ render :template => 'request/hidden', :status => response_code } - format.any{ render :nothing => true, :status => response_code } - end - false - end - - def render_hidden_message + def render_hidden(template='request/hidden') respond_to do |format| response_code = 403 # forbidden - format.html{ render :template => 'request/hidden_correspondence', :status => response_code } + format.html{ render :template => template, :status => response_code } format.any{ render :nothing => true, :status => response_code } end false -- cgit v1.2.3 From 6c824047da0f5aa98e6ca08cf3aae391c5225efe Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Tue, 3 Dec 2013 10:15:42 +0000 Subject: Add template for select_authorities Should retain a list of selected public bodies across searches. --- app/controllers/request_controller.rb | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 11e85764a..feac94b92 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -58,6 +58,17 @@ class RequestController < ApplicationController if !@user.can_make_batch_requests? return render_hidden('request/batch_not_allowed') end + if !params[:public_body_query].nil? + @search_bodies = perform_search_typeahead(params[:public_body_query], PublicBody) + end + if !params[:public_body_ids].nil? + if !params[:remove_public_body_ids].nil? + body_ids = params[:public_body_ids] - params[:remove_public_body_ids] + else + body_ids = params[:public_body_ids] + end + @public_bodies = PublicBody.where({:id => body_ids}).all + end end def show -- cgit v1.2.3 From ad8772fde14c57f05e2585c8c02034e053a86319 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Tue, 3 Dec 2013 09:43:32 +0000 Subject: Add new_batch action Give it basic access control, and add some conditionals to the 'new' template around bits that use @info_request.public_body so that they render something different if @batch is assigned. --- app/controllers/request_controller.rb | 38 +++++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 15 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index feac94b92..99b47a0c7 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -11,7 +11,7 @@ require 'open-uri' class RequestController < ApplicationController before_filter :check_read_only, :only => [ :new, :show_response, :describe_state, :upload_response ] protect_from_forgery :only => [ :new, :show_response, :describe_state, :upload_response ] # See ActionController::RequestForgeryProtection for details - + before_filter :check_batch_requests_and_user_allowed, :only => [ :select_authorities, :new_batch ] MAX_RESULTS = 500 PER_PAGE = 25 @@ -44,20 +44,6 @@ class RequestController < ApplicationController end def select_authorities - if !AlaveteliConfiguration::allow_batch_requests - raise RouteNotFound.new("Page not enabled") - end - if !authenticated?( - :web => _("To make a batch request"), - :email => _("Then you can make a batch request"), - :email_subject => _("Make a batch request"), - :user_name => "a user who has been authorised to make batch requests") - # do nothing - as "authenticated?" has done the redirect to signin page for us - return - end - if !@user.can_make_batch_requests? - return render_hidden('request/batch_not_allowed') - end if !params[:public_body_query].nil? @search_bodies = perform_search_typeahead(params[:public_body_query], PublicBody) end @@ -197,6 +183,12 @@ class RequestController < ApplicationController end end + def new_batch + @batch = true + @info_request = InfoRequest.new + render :action => 'new' + end + # Page new form posts to def new # All new requests are of normal_sort @@ -988,6 +980,22 @@ class RequestController < ApplicationController "request/similar/#{info_request.id}/#{locale}" end + def check_batch_requests_and_user_allowed + if !AlaveteliConfiguration::allow_batch_requests + raise RouteNotFound.new("Page not enabled") + end + if !authenticated?( + :web => _("To make a batch request"), + :email => _("Then you can make a batch request"), + :email_subject => _("Make a batch request"), + :user_name => "a user who has been authorised to make batch requests") + # do nothing - as "authenticated?" has done the redirect to signin page for us + return + end + if !@user.can_make_batch_requests? + return render_hidden('request/batch_not_allowed') + end + end end -- cgit v1.2.3 From bc080e7e8bcab015cedd1c17208490239f97fb77 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Tue, 24 Sep 2013 19:03:25 +0100 Subject: Isolate code for preparing to display the compose interface. Reuse it for the batch request page. --- app/controllers/request_controller.rb | 118 +++++++++++++++++++--------------- 1 file changed, 67 insertions(+), 51 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 99b47a0c7..d47e986b0 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -185,8 +185,10 @@ class RequestController < ApplicationController def new_batch @batch = true - @info_request = InfoRequest.new - render :action => 'new' + if params[:submitted_new_request].nil? || params[:reedit] + return render_new_compose(batch=true) + end + end # Page new form posts to @@ -233,55 +235,7 @@ class RequestController < ApplicationController render :template => 'user/rate_limited' return end - - params[:info_request] = { } if !params[:info_request] - - # Read parameters in - first the public body (by URL name or id) - if params[:url_name] - if params[:url_name].match(/^[0-9]+$/) - params[:info_request][:public_body] = PublicBody.find(params[:url_name]) - else - public_body = PublicBody.find_by_url_name_with_historic(params[:url_name]) - raise ActiveRecord::RecordNotFound.new("None found") if public_body.nil? # XXX proper 404 - params[:info_request][:public_body] = public_body - end - elsif params[:public_body_id] - params[:info_request][:public_body] = PublicBody.find(params[:public_body_id]) - # Explicitly load the association as this isn't done automatically in newer Rails versions - elsif params[:info_request][:public_body_id] - params[:info_request][:public_body] = PublicBody.find(params[:info_request][:public_body_id]) - end - if !params[:info_request][:public_body] - # compulsory to have a body by here, or go to front page which is start of process - redirect_to frontpage_url - return - end - - # ... next any tags or other things - params[:info_request][:title] = params[:title] if params[:title] - params[:info_request][:tag_string] = params[:tags] if params[:tags] - - @info_request = InfoRequest.new(params[:info_request]) - params[:info_request_id] = @info_request.id - params[:outgoing_message] = {} if !params[:outgoing_message] - params[:outgoing_message][:body] = params[:body] if params[:body] - params[:outgoing_message][:default_letter] = params[:default_letter] if params[:default_letter] - params[:outgoing_message][:info_request] = @info_request - @outgoing_message = OutgoingMessage.new(params[:outgoing_message]) - @outgoing_message.set_signature_name(@user.name) if !@user.nil? - - if @info_request.public_body.is_requestable? - render :action => 'new' - else - if @info_request.public_body.not_requestable_reason == 'bad_contact' - render :action => 'new_bad_contact' - else - # if not requestable because defunct or not_apply, redirect to main page - # (which doesn't link to the /new/ URL) - redirect_to public_body_url(@info_request.public_body) - end - end - return + return render_new_compose(batch=false) end # See if the exact same request has already been submitted @@ -997,5 +951,67 @@ class RequestController < ApplicationController end end + def render_new_compose(batch) + + params[:info_request] = { } if !params[:info_request] + + # Read parameters in + unless batch + # first the public body (by URL name or id) + if params[:url_name] + if params[:url_name].match(/^[0-9]+$/) + params[:info_request][:public_body] = PublicBody.find(params[:url_name]) + else + public_body = PublicBody.find_by_url_name_with_historic(params[:url_name]) + raise ActiveRecord::RecordNotFound.new("None found") if public_body.nil? # XXX proper 404 + params[:info_request][:public_body] = public_body + end + elsif params[:public_body_id] + params[:info_request][:public_body] = PublicBody.find(params[:public_body_id]) + # Explicitly load the association as this isn't done automatically in newer Rails versions + elsif params[:info_request][:public_body_id] + params[:info_request][:public_body] = PublicBody.find(params[:info_request][:public_body_id]) + end + if !params[:info_request][:public_body] + # compulsory to have a body by here, or go to front page which is start of process + redirect_to frontpage_url + return + end + end + + # ... next any tags or other things + params[:info_request][:title] = params[:title] if params[:title] + params[:info_request][:tag_string] = params[:tags] if params[:tags] + + @info_request = InfoRequest.new(params[:info_request]) + if batch + @info_request.is_batch_request_template = true + end + params[:info_request_id] = @info_request.id + params[:outgoing_message] = {} if !params[:outgoing_message] + params[:outgoing_message][:body] = params[:body] if params[:body] + params[:outgoing_message][:default_letter] = params[:default_letter] if params[:default_letter] + params[:outgoing_message][:info_request] = @info_request + @outgoing_message = OutgoingMessage.new(params[:outgoing_message]) + @outgoing_message.set_signature_name(@user.name) if !@user.nil? + + if batch + render :action => 'new' + else + if @info_request.public_body.is_requestable? + render :action => 'new' + else + if @info_request.public_body.not_requestable_reason == 'bad_contact' + render :action => 'new_bad_contact' + else + # if not requestable because defunct or not_apply, redirect to main page + # (which doesn't link to the /new/ URL) + redirect_to public_body_url(@info_request.public_body) + end + end + end + return + end + end -- cgit v1.2.3 From acb186466b20172a6804f86f8a082f148ec50fc6 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Tue, 24 Sep 2013 19:23:12 +0100 Subject: Create template and outgoing message Add validation, preview as in single request creation. Add comments noting further work to be done in this action. --- app/controllers/request_controller.rb | 78 +++++++++++++++++++++++++++-------- 1 file changed, 60 insertions(+), 18 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index d47e986b0..52f62d58d 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -184,11 +184,51 @@ class RequestController < ApplicationController end def new_batch + + # TODO: Check that have at least one public body in public_bodies param + + # TODO: Pass public bodies list through new and preview template forms + + # TODO: I don't think batch requesters should be subject to rate limits, + # but I do think we should probably check for double submission of batch + # requests as we do in 'new' for ordinary requests with find_by_existing_request + + # TODO: Decide if we make batch requesters describe their undescribed requests + # before being able to make a new batch request + + # TODO: Add logic for checking if the user is banned + @batch = true if params[:submitted_new_request].nil? || params[:reedit] return render_new_compose(batch=true) end + @info_request = InfoRequest.new(params[:info_request]) + @info_request.is_batch_request_template = true + @outgoing_message = OutgoingMessage.new(params[:outgoing_message].merge({ + :status => 'ready', + :message_type => 'initial_request', + :what_doing => 'normal_sort' + })) + @info_request.outgoing_messages << @outgoing_message + @outgoing_message.info_request = @info_request + @info_request.user = authenticated_user + if !@info_request.valid? + # TODO: add in code from 'new' for removing spurious extra + # "Outgoing messages is invalid" message - move to model? + render :action => 'new' + return + end + + # Show preview page, if it is a preview + if params[:preview].to_i == 1 + return render_new_preview + end + + # TODO: create info requests and associated outgoing messages from this + # template request, and send those that can be sent, giving messages about bodies + # that are no longer requestable + end # Page new form posts to @@ -272,24 +312,7 @@ class RequestController < ApplicationController # Show preview page, if it is a preview if params[:preview].to_i == 1 - message = "" - if @outgoing_message.contains_email? - if @user.nil? - message += _("

You do not need to include your email in the request in order to get a reply, as we will ask for it on the next screen (details).

", :url => (help_privacy_path+"#email_address").html_safe); - else - message += _("

You do not need to include your email in the request in order to get a reply (details).

", :url => (help_privacy_path+"#email_address").html_safe); - end - message += _("

We recommend that you edit your request and remove the email address. - If you leave it, the email address will be sent to the authority, but will not be displayed on the site.

") - end - if @outgoing_message.contains_postcode? - message += _("

Your request contains a postcode. Unless it directly relates to the subject of your request, please remove any address as it will appear publicly on the Internet.

"); - end - if not message.empty? - flash.now[:error] = message.html_safe - end - render :action => 'preview' - return + return render_new_preview end if user_exceeded_limit @@ -1013,5 +1036,24 @@ class RequestController < ApplicationController return end + def render_new_preview + message = "" + if @outgoing_message.contains_email? + if @user.nil? + message += _("

You do not need to include your email in the request in order to get a reply, as we will ask for it on the next screen (details).

", :url => (help_privacy_path+"#email_address").html_safe); + else + message += _("

You do not need to include your email in the request in order to get a reply (details).

", :url => (help_privacy_path+"#email_address").html_safe); + end + message += _("

We recommend that you edit your request and remove the email address. + If you leave it, the email address will be sent to the authority, but will not be displayed on the site.

") + end + if @outgoing_message.contains_postcode? + message += _("

Your request contains a postcode. Unless it directly relates to the subject of your request, please remove any address as it will appear publicly on the Internet.

"); + end + if not message.empty? + flash.now[:error] = message.html_safe + end + render :action => 'preview' + end end -- cgit v1.2.3 From 0aba4dcbcb19be2c2c66e40f051ae9c4e0283b6e Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Wed, 23 Oct 2013 11:19:13 +0100 Subject: Require at least one public body in the params. --- app/controllers/request_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 52f62d58d..5a4ec58a0 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -184,9 +184,9 @@ class RequestController < ApplicationController end def new_batch - - # TODO: Check that have at least one public body in public_bodies param - + if params[:public_body_ids].blank? + redirect_to select_authorities_path and return + end # TODO: Pass public bodies list through new and preview template forms # TODO: I don't think batch requesters should be subject to rate limits, -- cgit v1.2.3 From d9c42b52789743b6687c49d8457ec5ed1a8b21e3 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Wed, 23 Oct 2013 11:51:04 +0100 Subject: Pass public bodies list through forms. --- app/controllers/request_controller.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 5a4ec58a0..d56b5d245 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -187,7 +187,6 @@ class RequestController < ApplicationController if params[:public_body_ids].blank? redirect_to select_authorities_path and return end - # TODO: Pass public bodies list through new and preview template forms # TODO: I don't think batch requesters should be subject to rate limits, # but I do think we should probably check for double submission of batch -- cgit v1.2.3 From b97cf2f206ae9aea778db2a10132fa68aeaa764b Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Wed, 23 Oct 2013 14:58:02 +0100 Subject: Batch users don't have a daily limit. It doesn't make logical sense that they would. However I am preserving the ability to make batch requests as a separate thing from not having a daily limit - I think batch sending requires a (perhaps marginally) bigger level of trust. --- app/controllers/request_controller.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index d56b5d245..718a8aada 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -188,8 +188,7 @@ class RequestController < ApplicationController redirect_to select_authorities_path and return end - # TODO: I don't think batch requesters should be subject to rate limits, - # but I do think we should probably check for double submission of batch + # TODO: I do think we should probably check for double submission of batch # requests as we do in 'new' for ordinary requests with find_by_existing_request # TODO: Decide if we make batch requesters describe their undescribed requests -- cgit v1.2.3 From 539041a4404cb918b5d87ce3b858a20fba09f35a Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 24 Oct 2013 11:45:19 +0100 Subject: Handle a banned user making batch requests. --- app/controllers/request_controller.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 718a8aada..e249bbe5c 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -194,7 +194,11 @@ class RequestController < ApplicationController # TODO: Decide if we make batch requesters describe their undescribed requests # before being able to make a new batch request - # TODO: Add logic for checking if the user is banned + + if !authenticated_user.can_file_requests? + @details = authenticated_user.can_fail_html + render :template => 'user/banned' and return + end @batch = true if params[:submitted_new_request].nil? || params[:reedit] -- cgit v1.2.3 From 857128b465cf345756bbeabbccdc673921090210 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 24 Oct 2013 12:04:49 +0100 Subject: Remove extra 'is invalid' error message. This duplicates what's done in the new action, but I can't currently think of a way of sharing functionality that doesn't seem overly complex and/or risky. --- app/controllers/request_controller.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index e249bbe5c..821fcb74a 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -216,8 +216,10 @@ class RequestController < ApplicationController @outgoing_message.info_request = @info_request @info_request.user = authenticated_user if !@info_request.valid? - # TODO: add in code from 'new' for removing spurious extra - # "Outgoing messages is invalid" message - move to model? + # We don't want the error "Outgoing messages is invalid", as in this + # case the list of errors will also contain a more specific error + # describing the reason it is invalid. + @info_request.errors.delete(:outgoing_messages) render :action => 'new' return end -- cgit v1.2.3 From cf11b959899d54cf3c7f4e018f11c2c89c83d4af Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 24 Oct 2013 16:00:10 +0100 Subject: Simple code for the happy path Create the batch and associate new requests with it, send the outgoing messages, and redirect to a page for the new batch. --- app/controllers/request_controller.rb | 40 ++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 19 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 821fcb74a..eac142fac 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -205,16 +205,11 @@ class RequestController < ApplicationController return render_new_compose(batch=true) end - @info_request = InfoRequest.new(params[:info_request]) + @info_request = InfoRequest.create_from_attributes(params[:info_request], + params[:outgoing_message], + authenticated_user) + @outgoing_message = @info_request.outgoing_messages.first @info_request.is_batch_request_template = true - @outgoing_message = OutgoingMessage.new(params[:outgoing_message].merge({ - :status => 'ready', - :message_type => 'initial_request', - :what_doing => 'normal_sort' - })) - @info_request.outgoing_messages << @outgoing_message - @outgoing_message.info_request = @info_request - @info_request.user = authenticated_user if !@info_request.valid? # We don't want the error "Outgoing messages is invalid", as in this # case the list of errors will also contain a more specific error @@ -229,10 +224,21 @@ class RequestController < ApplicationController return render_new_preview end - # TODO: create info requests and associated outgoing messages from this - # template request, and send those that can be sent, giving messages about bodies + # TODO: give messages about bodies # that are no longer requestable - + @info_request_batch = InfoRequestBatch.create!(:title => params[:info_request][:title], + :user => authenticated_user) + @public_bodies = PublicBody.where({:id => params[:public_body_ids]}).all + @public_bodies.each do |public_body| + info_request = InfoRequest.create_from_attributes(params[:info_request], + params[:outgoing_message], + authenticated_user) + info_request.public_body_id = public_body.id + info_request.info_request_batch = @info_request_batch + info_request.save! + info_request.outgoing_messages.first.send_message + end + redirect_to info_request_batch_path(@info_request_batch) end # Page new form posts to @@ -289,13 +295,9 @@ class RequestController < ApplicationController @existing_request = InfoRequest.find_by_existing_request(params[:info_request][:title], params[:info_request][:public_body_id], params[:outgoing_message][:body]) # Create both FOI request and the first request message - @info_request = InfoRequest.new(params[:info_request]) - @outgoing_message = OutgoingMessage.new(params[:outgoing_message].merge({ - :status => 'ready', - :message_type => 'initial_request' - })) - @info_request.outgoing_messages << @outgoing_message - @outgoing_message.info_request = @info_request + @info_request = InfoRequest.create_from_attributes(params[:info_request], + params[:outgoing_message]) + @outgoing_message = @info_request.outgoing_messages.first # Maybe we lost the address while they're writing it if !@info_request.public_body.is_requestable? -- cgit v1.2.3 From 4b2e3ef0b6f5b881597242a4afe1404415256f3b Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 24 Oct 2013 16:19:22 +0100 Subject: Make method names for finding existing objects clearer They're not finding by the existing object, they're finding an existing object. --- app/controllers/request_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index eac142fac..047fc7acf 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -189,7 +189,7 @@ class RequestController < ApplicationController end # TODO: I do think we should probably check for double submission of batch - # requests as we do in 'new' for ordinary requests with find_by_existing_request + # requests as we do in 'new' for ordinary requests with find_existing # TODO: Decide if we make batch requesters describe their undescribed requests # before being able to make a new batch request @@ -292,7 +292,7 @@ class RequestController < ApplicationController # XXX this check should theoretically be a validation rule in the # model, except we really want to pass @existing_request to the view so # it can link to it. - @existing_request = InfoRequest.find_by_existing_request(params[:info_request][:title], params[:info_request][:public_body_id], params[:outgoing_message][:body]) + @existing_request = InfoRequest.find_existing(params[:info_request][:title], params[:info_request][:public_body_id], params[:outgoing_message][:body]) # Create both FOI request and the first request message @info_request = InfoRequest.create_from_attributes(params[:info_request], -- cgit v1.2.3 From ce262657761c1c47c47e2f6cc7bf683543ebbdb7 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 24 Oct 2013 17:03:52 +0100 Subject: Add check for double submission. --- app/controllers/request_controller.rb | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 047fc7acf..ccf824e75 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -188,13 +188,9 @@ class RequestController < ApplicationController redirect_to select_authorities_path and return end - # TODO: I do think we should probably check for double submission of batch - # requests as we do in 'new' for ordinary requests with find_existing - # TODO: Decide if we make batch requesters describe their undescribed requests # before being able to make a new batch request - if !authenticated_user.can_file_requests? @details = authenticated_user.can_fail_html render :template => 'user/banned' and return @@ -205,12 +201,18 @@ class RequestController < ApplicationController return render_new_compose(batch=true) end + # Check for double submission of batch + @existing_batch = InfoRequestBatch.find_existing(authenticated_user, + params[:info_request][:title], + params[:outgoing_message][:body], + params[:public_body_ids]) + @info_request = InfoRequest.create_from_attributes(params[:info_request], params[:outgoing_message], authenticated_user) @outgoing_message = @info_request.outgoing_messages.first @info_request.is_batch_request_template = true - if !@info_request.valid? + if !@existing_batch.nil? || !@info_request.valid? # We don't want the error "Outgoing messages is invalid", as in this # case the list of errors will also contain a more specific error # describing the reason it is invalid. @@ -227,6 +229,7 @@ class RequestController < ApplicationController # TODO: give messages about bodies # that are no longer requestable @info_request_batch = InfoRequestBatch.create!(:title => params[:info_request][:title], + :body => params[:outgoing_message][:body], :user => authenticated_user) @public_bodies = PublicBody.where({:id => params[:public_body_ids]}).all @public_bodies.each do |public_body| -- cgit v1.2.3 From 0fdfad30f1232458ffcd624c893387ce300b49bb Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 24 Oct 2013 18:07:48 +0100 Subject: Notices for success and errors. --- app/controllers/request_controller.rb | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index ccf824e75..b9be333c8 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -232,14 +232,35 @@ class RequestController < ApplicationController :body => params[:outgoing_message][:body], :user => authenticated_user) @public_bodies = PublicBody.where({:id => params[:public_body_ids]}).all + unrequestable = [] @public_bodies.each do |public_body| - info_request = InfoRequest.create_from_attributes(params[:info_request], - params[:outgoing_message], - authenticated_user) - info_request.public_body_id = public_body.id - info_request.info_request_batch = @info_request_batch - info_request.save! - info_request.outgoing_messages.first.send_message + if public_body.is_requestable? + info_request = InfoRequest.create_from_attributes(params[:info_request], + params[:outgoing_message], + authenticated_user) + info_request.public_body_id = public_body.id + info_request.info_request_batch = @info_request_batch + info_request.save! + info_request.outgoing_messages.first.send_message + else + unrequestable << public_body.name + end + end + + flash[:notice] = _("

Your {{law_used_full}} requests have been sent!

+

We will email you when there is a response to any of them, or after {{late_number_of_days}} working days if the authorities still haven't + replied by then.

+

If you write about these requests (for example in a forum or a blog) please link to this page.

", + :law_used_full=>@info_request.law_used_full, + :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) + if ! unrequestable.empty? + error_messages = [] + error_messages << _('Unfortunately, we do not have a working address for {{public_body_names}}.', + :public_body_names => unrequestable.join(",")) + error_messages << _('You may be able to find one on their website, or by phoning them up and asking. If you manage + to find one, then please send it to us.', + :help_url => help_contact_path) + flash[:error] = error_messages.map{ |message| "

#{message}

"}.join(" ").html_safe end redirect_to info_request_batch_path(@info_request_batch) end -- cgit v1.2.3 From b68c23074b7849b30e8f96ea024ec14ec4b8f324 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Mon, 28 Oct 2013 11:41:43 +0000 Subject: Add a rudimentary view for an info request batch. --- app/controllers/request_controller.rb | 2 -- 1 file changed, 2 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index b9be333c8..e516501d4 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -226,8 +226,6 @@ class RequestController < ApplicationController return render_new_preview end - # TODO: give messages about bodies - # that are no longer requestable @info_request_batch = InfoRequestBatch.create!(:title => params[:info_request][:title], :body => params[:outgoing_message][:body], :user => authenticated_user) -- cgit v1.2.3 From 97b7bc835eaa59da76c50db2c3105e4adcf89a8d Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Mon, 28 Oct 2013 12:03:52 +0000 Subject: Move creation of batch to InfoRequestBatch. --- app/controllers/request_controller.rb | 28 +++++++--------------------- 1 file changed, 7 insertions(+), 21 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index e516501d4..e00483df8 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -226,35 +226,21 @@ class RequestController < ApplicationController return render_new_preview end - @info_request_batch = InfoRequestBatch.create!(:title => params[:info_request][:title], - :body => params[:outgoing_message][:body], - :user => authenticated_user) - @public_bodies = PublicBody.where({:id => params[:public_body_ids]}).all - unrequestable = [] - @public_bodies.each do |public_body| - if public_body.is_requestable? - info_request = InfoRequest.create_from_attributes(params[:info_request], - params[:outgoing_message], - authenticated_user) - info_request.public_body_id = public_body.id - info_request.info_request_batch = @info_request_batch - info_request.save! - info_request.outgoing_messages.first.send_message - else - unrequestable << public_body.name - end - end - + batch_results = InfoRequestBatch.create_batch!(params[:info_request], + params[:outgoing_message], + params[:public_body_ids], + authenticated_user) + @info_request_batch = batch_results[:batch] flash[:notice] = _("

Your {{law_used_full}} requests have been sent!

We will email you when there is a response to any of them, or after {{late_number_of_days}} working days if the authorities still haven't replied by then.

If you write about these requests (for example in a forum or a blog) please link to this page.

", :law_used_full=>@info_request.law_used_full, :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) - if ! unrequestable.empty? + if ! batch_results[:unrequestable].empty? error_messages = [] error_messages << _('Unfortunately, we do not have a working address for {{public_body_names}}.', - :public_body_names => unrequestable.join(",")) + :public_body_names => batch_results[:unrequestable].map{|body| body.name}.join(",")) error_messages << _('You may be able to find one on their website, or by phoning them up and asking. If you manage to find one, then please send it to us.', :help_url => help_contact_path) -- cgit v1.2.3 From c9f34235a0c249b8c99f895c0ffc50ccbfe20f99 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Tue, 3 Dec 2013 09:44:12 +0000 Subject: Raise limit on results to 1000. Seems like you have to specify a limit with xapian. We'll probably want to document the limit somewhere on this page. --- app/controllers/request_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index e00483df8..a5f333128 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -45,7 +45,7 @@ class RequestController < ApplicationController def select_authorities if !params[:public_body_query].nil? - @search_bodies = perform_search_typeahead(params[:public_body_query], PublicBody) + @search_bodies = perform_search_typeahead(params[:public_body_query], PublicBody, 1000) end if !params[:public_body_ids].nil? if !params[:remove_public_body_ids].nil? -- cgit v1.2.3 From 433b03ec0c4bbf0dd024e1c96fad62ac36e4ab4f Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Thu, 31 Oct 2013 18:05:46 +0000 Subject: Javascript enhancements. Add or remove all buttons, ajax search as you type. --- app/controllers/request_controller.rb | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index a5f333128..bcee7d9f8 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -47,13 +47,25 @@ class RequestController < ApplicationController if !params[:public_body_query].nil? @search_bodies = perform_search_typeahead(params[:public_body_query], PublicBody, 1000) end - if !params[:public_body_ids].nil? - if !params[:remove_public_body_ids].nil? - body_ids = params[:public_body_ids] - params[:remove_public_body_ids] - else - body_ids = params[:public_body_ids] + respond_to do |format| + format.html do + if !params[:public_body_ids].nil? + if !params[:remove_public_body_ids].nil? + body_ids = params[:public_body_ids] - params[:remove_public_body_ids] + else + body_ids = params[:public_body_ids] + end + @public_bodies = PublicBody.where({:id => body_ids}).all + end + end + format.json do + if @search_bodies + render :json => @search_bodies.results.map{ |result| {:name => result[:model].name, + :id => result[:model].id } } + else + render :json => [] + end end - @public_bodies = PublicBody.where({:id => body_ids}).all end end -- cgit v1.2.3 From d0127de6aad534cd7ec6244ca7f000aeed8a9756 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Tue, 26 Nov 2013 16:29:50 +0000 Subject: Add list of bodies batch request will be sent to. --- app/controllers/request_controller.rb | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index bcee7d9f8..bef3575cc 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -209,6 +209,12 @@ class RequestController < ApplicationController end @batch = true + + I18n.with_locale(@locale) do + @public_bodies = PublicBody.where({:id => params[:public_body_ids]}). + includes(:translations). + order('public_body_translations.name').all + end if params[:submitted_new_request].nil? || params[:reedit] return render_new_compose(batch=true) end -- cgit v1.2.3 From 51c80db7a35a41fbbab9b28e86a5d60166791b4c Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Wed, 27 Nov 2013 12:03:28 +0000 Subject: Split the creation of a batch and the associated requests. We're going to want to actually create and send the requests later. --- app/controllers/request_controller.rb | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index bef3575cc..2bf1a2c0c 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -244,11 +244,12 @@ class RequestController < ApplicationController return render_new_preview end - batch_results = InfoRequestBatch.create_batch!(params[:info_request], - params[:outgoing_message], - params[:public_body_ids], - authenticated_user) - @info_request_batch = batch_results[:batch] + @info_request_batch = InfoRequestBatch.create!(:title => params[:info_request][:title], + :body => params[:outgoing_message][:body], + :public_bodies => @public_bodies, + :user => authenticated_user ) + + batch_results = @info_request_batch.create_batch! flash[:notice] = _("

Your {{law_used_full}} requests have been sent!

We will email you when there is a response to any of them, or after {{late_number_of_days}} working days if the authorities still haven't replied by then.

-- cgit v1.2.3 From e95b95e78891e2c0e7e0307464637b38ed8b5a4d Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Wed, 27 Nov 2013 17:44:35 +0000 Subject: Update notices for offline sending. --- app/controllers/request_controller.rb | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 2bf1a2c0c..b3522ac54 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -247,24 +247,14 @@ class RequestController < ApplicationController @info_request_batch = InfoRequestBatch.create!(:title => params[:info_request][:title], :body => params[:outgoing_message][:body], :public_bodies => @public_bodies, - :user => authenticated_user ) - - batch_results = @info_request_batch.create_batch! - flash[:notice] = _("

Your {{law_used_full}} requests have been sent!

-

We will email you when there is a response to any of them, or after {{late_number_of_days}} working days if the authorities still haven't + :user => authenticated_user) + flash[:notice] = _("

Your {{law_used_full}} requests will be sent shortly!

+

We will email you when they have been sent. + We will also email you when there is a response to any of them, or after {{late_number_of_days}} working days if the authorities still haven't replied by then.

If you write about these requests (for example in a forum or a blog) please link to this page.

", :law_used_full=>@info_request.law_used_full, :late_number_of_days => AlaveteliConfiguration::reply_late_after_days) - if ! batch_results[:unrequestable].empty? - error_messages = [] - error_messages << _('Unfortunately, we do not have a working address for {{public_body_names}}.', - :public_body_names => batch_results[:unrequestable].map{|body| body.name}.join(",")) - error_messages << _('You may be able to find one on their website, or by phoning them up and asking. If you manage - to find one, then please send it to us.', - :help_url => help_contact_path) - flash[:error] = error_messages.map{ |message| "

#{message}

"}.join(" ").html_safe - end redirect_to info_request_batch_path(@info_request_batch) end -- cgit v1.2.3 From 54670c8fb3755a2de768b96edbba449a45402151 Mon Sep 17 00:00:00 2001 From: Louise Crow Date: Tue, 28 Jan 2014 10:41:04 +0000 Subject: Preserve whitespace in strings for translation. Otherwise they get marked as fuzzy in .po files and lose their existing translations. --- app/controllers/request_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers/request_controller.rb') diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index b3522ac54..391670715 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -1068,7 +1068,7 @@ class RequestController < ApplicationController message += _("

You do not need to include your email in the request in order to get a reply (details).

", :url => (help_privacy_path+"#email_address").html_safe); end message += _("

We recommend that you edit your request and remove the email address. - If you leave it, the email address will be sent to the authority, but will not be displayed on the site.

") + If you leave it, the email address will be sent to the authority, but will not be displayed on the site.

") end if @outgoing_message.contains_postcode? message += _("

Your request contains a postcode. Unless it directly relates to the subject of your request, please remove any address as it will appear publicly on the Internet.

"); -- cgit v1.2.3