app/controllers/diary_comments_controller.rb

   1 # frozen_string_literal: true
   2
   3 class DiaryCommentsController < ApplicationController
   4   layout :site_layout
   5
   6   before_action :authorize_web
   7   before_action :set_locale
   8   before_action :check_database_readable
   9
  10   authorize_resource
  11
  12   before_action :check_database_writable
  13
  14   allow_thirdparty_images :only => :create
  15
  16   def create
  17     @diary_entry = DiaryEntry.find(params[:id])
  18     @comments = @diary_entry.visible_comments
  19     @diary_comment = @diary_entry.comments.build(comment_params)
  20     @diary_comment.user = current_user
  21     if @diary_comment.save
  22
  23       # Notify current subscribers of the new comment
  24       DiaryCommentNotifier.with(:record => @diary_comment).deliver_later
  25
  26       # Add the commenter to the subscribers if necessary
  27       @diary_entry.subscriptions.create(:user => current_user) unless @diary_entry.subscribers.exists?(current_user.id)
  28
  29       redirect_to diary_entry_path(@diary_entry.user, @diary_entry, :anchor => "comment#{@diary_comment.id}")
  30     else
  31       render :action => "new"
  32     end
  33   rescue ActiveRecord::RecordNotFound
  34     render "diary_entries/no_such_entry", :status => :not_found
  35   end
  36
  37   def hide
  38     comment = DiaryComment.find(params[:comment])
  39     comment.update(:visible => false)
  40     redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
  41   end
  42
  43   def unhide
  44     comment = DiaryComment.find(params[:comment])
  45     comment.update(:visible => true)
  46     redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
  47   end
  48
  49   private
  50
  51   ##
  52   # return permitted diary comment parameters
  53   def comment_params
  54     params.expect(:diary_comment => [:body])
  55   end
  56 end