1 class DiaryEntriesController < ApplicationController
2 layout "site", :except => :rss
4 before_action :authorize_web
5 before_action :set_locale
6 before_action :check_database_readable
10 before_action :lookup_user, :only => [:show, :comments]
11 before_action :check_database_writable, :only => [:new, :create, :edit, :update, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
12 before_action :allow_thirdparty_images, :only => [:new, :create, :edit, :update, :index, :show, :comments]
15 if params[:display_name]
16 @user = User.active.find_by(:display_name => params[:display_name])
19 @title = t ".user_title", :user => @user.display_name
20 @entries = @user.diary_entries
22 render_unknown_user params[:display_name]
25 elsif params[:friends]
27 @title = t ".title_friends"
28 @entries = DiaryEntry.where(:user_id => current_user.friends)
35 @title = t ".title_nearby"
36 @entries = DiaryEntry.where(:user_id => current_user.nearby)
42 @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
45 @title = t ".in_language_title", :language => Language.find(params[:language]).english_name
46 @entries = @entries.where(:language_code => params[:language])
52 @params = params.permit(:display_name, :friends, :nearby, :language)
54 @page = (params[:page] || 1).to_i
57 @entries = @entries.visible unless can? :unhide, DiaryEntry
58 @entries = @entries.order("created_at DESC")
59 @entries = @entries.offset((@page - 1) * @page_size)
60 @entries = @entries.limit(@page_size)
61 @entries = @entries.includes(:user, :language)
65 entries = @user.diary_entries
66 entries = entries.visible unless can? :unhide, DiaryEntry
67 @entry = entries.where(:id => params[:id]).first
69 @title = t ".title", :user => params[:display_name], :title => @entry.title
70 @comments = can?(:unhidecomment, DiaryEntry) ? @entry.comments : @entry.visible_comments
72 @title = t "diary_entries.no_such_entry.title", :id => params[:id]
73 render :action => "no_such_entry", :status => :not_found
80 default_lang = current_user.preferences.where(:k => "diary.default_language").first
81 lang_code = default_lang ? default_lang.v : current_user.preferred_language
82 @diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
84 render :action => "new"
89 @diary_entry = DiaryEntry.find(params[:id])
91 redirect_to diary_entry_path(@diary_entry.user, @diary_entry) if current_user != @diary_entry.user
94 rescue ActiveRecord::RecordNotFound
95 render :action => "no_such_entry", :status => :not_found
99 @title = t "diary_entries.new.title"
101 @diary_entry = DiaryEntry.new(entry_params)
102 @diary_entry.user = current_user
105 default_lang = current_user.preferences.where(:k => "diary.default_language").first
107 default_lang.v = @diary_entry.language_code
110 current_user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
113 # Subscribe user to diary comments
114 @diary_entry.subscriptions.create(:user => current_user)
116 redirect_to :action => "index", :display_name => current_user.display_name
118 render :action => "new"
123 @title = t "diary_entries.edit.title"
124 @diary_entry = DiaryEntry.find(params[:id])
126 if current_user != @diary_entry.user ||
127 (params[:diary_entry] && @diary_entry.update(entry_params))
128 redirect_to diary_entry_path(@diary_entry.user, @diary_entry)
131 render :action => "edit"
133 rescue ActiveRecord::RecordNotFound
134 render :action => "no_such_entry", :status => :not_found
138 @entry = DiaryEntry.find(params[:id])
139 @comments = @entry.visible_comments
140 @diary_comment = @entry.comments.build(comment_params)
141 @diary_comment.user = current_user
142 if @diary_comment.save
144 # Notify current subscribers of the new comment
145 @entry.subscribers.visible.each do |user|
146 UserMailer.diary_comment_notification(@diary_comment, user).deliver_later if current_user != user
149 # Add the commenter to the subscribers if necessary
150 @entry.subscriptions.create(:user => current_user) unless @entry.subscribers.exists?(current_user.id)
152 redirect_to diary_entry_path(@entry.user, @entry)
154 render :action => "show"
156 rescue ActiveRecord::RecordNotFound
157 render :action => "no_such_entry", :status => :not_found
161 diary_entry = DiaryEntry.find(params[:id])
163 diary_entry.subscriptions.create(:user => current_user) unless diary_entry.subscribers.exists?(current_user.id)
165 redirect_to diary_entry_path(diary_entry.user, diary_entry)
166 rescue ActiveRecord::RecordNotFound
167 render :action => "no_such_entry", :status => :not_found
171 diary_entry = DiaryEntry.find(params[:id])
173 diary_entry.subscriptions.where(:user => current_user).delete_all if diary_entry.subscribers.exists?(current_user.id)
175 redirect_to diary_entry_path(diary_entry.user, diary_entry)
176 rescue ActiveRecord::RecordNotFound
177 render :action => "no_such_entry", :status => :not_found
181 if params[:display_name]
182 user = User.active.find_by(:display_name => params[:display_name])
185 @entries = user.diary_entries
186 @title = t("diary_entries.feed.user.title", :user => user.display_name)
187 @description = t("diary_entries.feed.user.description", :user => user.display_name)
188 @link = url_for :action => "index", :display_name => user.display_name, :host => Settings.server_url, :protocol => Settings.server_protocol
194 @entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
196 # Items can't be flagged as deleted in the RSS format.
197 # For the general feeds, allow a delay before publishing, to help spam fighting
198 @entries = @entries.where("created_at < :time", :time => Settings.diary_feed_delay.hours.ago)
201 @entries = @entries.where(:language_code => params[:language])
202 @title = t("diary_entries.feed.language.title", :language_name => Language.find(params[:language]).english_name)
203 @description = t("diary_entries.feed.language.description", :language_name => Language.find(params[:language]).english_name)
204 @link = url_for :action => "index", :language => params[:language], :host => Settings.server_url, :protocol => Settings.server_protocol
206 @title = t("diary_entries.feed.all.title")
207 @description = t("diary_entries.feed.all.description")
208 @link = url_for :action => "index", :host => Settings.server_url, :protocol => Settings.server_protocol
211 @entries = @entries.visible.includes(:user).order("created_at DESC").limit(20)
215 entry = DiaryEntry.find(params[:id])
216 entry.update(:visible => false)
217 redirect_to :action => "index", :display_name => entry.user.display_name
221 entry = DiaryEntry.find(params[:id])
222 entry.update(:visible => true)
223 redirect_to :action => "index", :display_name => entry.user.display_name
227 comment = DiaryComment.find(params[:comment])
228 comment.update(:visible => false)
229 redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
233 comment = DiaryComment.find(params[:comment])
234 comment.update(:visible => true)
235 redirect_to diary_entry_path(comment.diary_entry.user, comment.diary_entry)
239 @title = t ".title", :user => @user.display_name
241 conditions = { :user_id => @user }
243 conditions[:visible] = true unless can? :unhidecomment, DiaryEntry
245 @comment_pages, @comments = paginate(:diary_comments,
246 :conditions => conditions,
247 :order => "created_at DESC",
249 @page = (params[:page] || 1).to_i
255 # return permitted diary entry parameters
257 params.require(:diary_entry).permit(:title, :body, :language_code, :latitude, :longitude)
258 rescue ActionController::ParameterMissing
259 ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
263 # return permitted diary comment parameters
265 params.require(:diary_comment).permit(:body)
269 # decide on a location for the diary entry map
271 if @diary_entry.latitude && @diary_entry.longitude
272 @lon = @diary_entry.longitude
273 @lat = @diary_entry.latitude
275 elsif current_user.home_lat.nil? || current_user.home_lon.nil?
276 @lon = params[:lon] || -0.1
277 @lat = params[:lat] || 51.5
278 @zoom = params[:zoom] || 4
280 @lon = current_user.home_lon
281 @lat = current_user.home_lat