app/controllers/user_blocks_controller.rb

   1 class UserBlocksController < ApplicationController
   2   layout "site"
   3
   4   before_action :authorize_web
   5   before_action :set_locale
   6
   7   authorize_resource
   8
   9   before_action :lookup_user, :only => [:new, :create, :blocks_on, :blocks_by]
  10   before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke]
  11   before_action :require_valid_params, :only => [:create, :update]
  12   before_action :check_database_readable
  13   before_action :check_database_writable, :only => [:create, :update, :revoke]
  14
  15   def index
  16     @params = params.permit
  17     @user_blocks_pages, @user_blocks = paginate(:user_blocks,
  18                                                 :include => [:user, :creator, :revoker],
  19                                                 :order => "user_blocks.ends_at DESC",
  20                                                 :per_page => 20)
  21   end
  22
  23   def show
  24     if current_user && current_user == @user_block.user
  25       @user_block.needs_view = false
  26       @user_block.save!
  27     end
  28   end
  29
  30   def new
  31     @user_block = UserBlock.new
  32   end
  33
  34   def edit
  35     params[:user_block_period] = ((@user_block.ends_at - Time.now.getutc) / 1.hour).ceil.to_s
  36   end
  37
  38   def create
  39     if @valid_params
  40       @user_block = UserBlock.new(
  41         :user => @user,
  42         :creator => current_user,
  43         :reason => params[:user_block][:reason],
  44         :ends_at => Time.now.getutc + @block_period.hours,
  45         :needs_view => params[:user_block][:needs_view]
  46       )
  47
  48       if @user_block.save
  49         flash[:notice] = t(".flash", :name => @user.display_name)
  50         redirect_to @user_block
  51       else
  52         render :action => "new"
  53       end
  54     else
  55       redirect_to new_user_block_path(:display_name => params[:display_name])
  56     end
  57   end
  58
  59   def update
  60     if @valid_params
  61       if @user_block.creator != current_user
  62         flash[:error] = t(".only_creator_can_edit")
  63         redirect_to :action => "edit"
  64       elsif @user_block.update(
  65         :ends_at => Time.now.getutc + @block_period.hours,
  66         :reason => params[:user_block][:reason],
  67         :needs_view => params[:user_block][:needs_view]
  68       )
  69         flash[:notice] = t(".success")
  70         redirect_to(@user_block)
  71       else
  72         render :action => "edit"
  73       end
  74     else
  75       redirect_to edit_user_block_path(:id => params[:id])
  76     end
  77   end
  78
  79   ##
  80   # revokes the block, setting the end_time to now
  81   def revoke
  82     if request.post? && params[:confirm] && @user_block.revoke!(current_user)
  83       flash[:notice] = t ".flash"
  84       redirect_to(@user_block)
  85     end
  86   end
  87
  88   ##
  89   # shows a list of all the blocks on the given user
  90   def blocks_on
  91     @params = params.permit(:display_name)
  92     @user_blocks_pages, @user_blocks = paginate(:user_blocks,
  93                                                 :include => [:user, :creator, :revoker],
  94                                                 :conditions => { :user_id => @user.id },
  95                                                 :order => "user_blocks.ends_at DESC",
  96                                                 :per_page => 20)
  97   end
  98
  99   ##
 100   # shows a list of all the blocks by the given user.
 101   def blocks_by
 102     @params = params.permit(:display_name)
 103     @user_blocks_pages, @user_blocks = paginate(:user_blocks,
 104                                                 :include => [:user, :creator, :revoker],
 105                                                 :conditions => { :creator_id => @user.id },
 106                                                 :order => "user_blocks.ends_at DESC",
 107                                                 :per_page => 20)
 108   end
 109
 110   private
 111
 112   ##
 113   # ensure that there is a "user_block" instance variable
 114   def lookup_user_block
 115     @user_block = UserBlock.find(params[:id])
 116   rescue ActiveRecord::RecordNotFound
 117     render :action => "not_found", :status => :not_found
 118   end
 119
 120   ##
 121   # check that the input parameters are valid, setting an instance
 122   # variable if not. note that this doesn't do any redirection, as it's
 123   # called before two different actions, each of which should redirect
 124   # to a different place.
 125   def require_valid_params
 126     @block_period = params[:user_block_period].to_i
 127     @valid_params = false
 128
 129     if UserBlock::PERIODS.exclude?(@block_period)
 130       flash[:error] = t("user_blocks.filter.block_period")
 131
 132     elsif @user_block && !@user_block.active?
 133       flash[:error] = t("user_blocks.filter.block_expired")
 134
 135     else
 136       @valid_params = true
 137     end
 138   end
 139 end