Allow users to delete their own accounts

[rails.git] / app / controllers / issues_controller.rb
diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb

index 96e68573e8e8297421f83de57f583494e2cb9145..5940389397ca76e8b7b6d9a524a76d9df41185c0 100644 (file)
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -3,8 +3,9 @@ class IssuesController < ApplicationController
  
    before_action :authorize_web
    before_action :set_locale
  
    before_action :authorize_web
    before_action :set_locale
-  before_action :require_user
-  before_action :check_permission
+
+  authorize_resource
+
    before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore]
  
    def index
    before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore]
  
    def index
@@ -15,10 +16,10 @@ class IssuesController < ApplicationController
      @issue_types.concat %w[DiaryEntry DiaryComment User] if current_user.administrator?
  
      @users = User.joins(:roles).where(:user_roles => { :role => current_user.roles.map(&:role) }).distinct
      @issue_types.concat %w[DiaryEntry DiaryComment User] if current_user.administrator?
  
      @users = User.joins(:roles).where(:user_roles => { :role => current_user.roles.map(&:role) }).distinct
-    @issues = Issue.where(:assigned_role => current_user.roles.map(&:role))
+    @issues = Issue.visible_to(current_user)
  
      # If search
  
      # If search
-    if params[:search_by_user] && params[:search_by_user].present?
+    if params[:search_by_user]&.present?
        @find_user = User.find_by(:display_name => params[:search_by_user])
        if @find_user
          @issues = @issues.where(:reported_user_id => @find_user.id)
        @find_user = User.find_by(:display_name => params[:search_by_user])
        if @find_user
          @issues = @issues.where(:reported_user_id => @find_user.id)
@@ -28,11 +29,11 @@ class IssuesController < ApplicationController
        end
      end
  
        end
      end
  
-    @issues = @issues.where(:status => params[:status]) if params[:status] && params[:status].present?
+    @issues = @issues.where(:status => params[:status]) if params[:status]&.present?
  
  
-    @issues = @issues.where(:reportable_type => params[:issue_type]) if params[:issue_type] && params[:issue_type].present?
+    @issues = @issues.where(:reportable_type => params[:issue_type]) if params[:issue_type]&.present?
  
  
-    if params[:last_updated_by] && params[:last_updated_by].present?
+    if params[:last_updated_by]&.present?
        last_updated_by = params[:last_updated_by].to_s == "nil" ? nil : params[:last_updated_by].to_i
        @issues = @issues.where(:updated_by => last_updated_by)
      end
        last_updated_by = params[:last_updated_by].to_s == "nil" ? nil : params[:last_updated_by].to_i
        @issues = @issues.where(:updated_by => last_updated_by)
      end
@@ -46,9 +47,10 @@ class IssuesController < ApplicationController
      @new_comment = IssueComment.new(:issue => @issue)
    end
  
      @new_comment = IssueComment.new(:issue => @issue)
    end
  
-  # Status Transistions
+  # Status Transitions
    def resolve
      if @issue.resolve
    def resolve
      if @issue.resolve
+      @issue.updated_by = current_user.id
        @issue.save!
        redirect_to @issue, :notice => t(".resolved")
      else
        @issue.save!
        redirect_to @issue, :notice => t(".resolved")
      else
@@ -79,13 +81,8 @@ class IssuesController < ApplicationController
    private
  
    def find_issue
    private
  
    def find_issue
-    @issue = Issue.find(params[:id])
-  end
-
-  def check_permission
-    unless current_user.administrator? || current_user.moderator?
-      flash[:error] = t("application.require_moderator_or_admin.not_a_moderator_or_admin")
-      redirect_to root_path
-    end
+    @issue = Issue.visible_to(current_user).find(params[:id])
+  rescue ActiveRecord::RecordNotFound
+    redirect_to :controller => "errors", :action => "not_found"
    end
  end
    end
  end