before_action :authorize_web
before_action :set_locale
+ before_action :check_database_readable
authorize_resource
before_action :lookup_user, :only => [:show, :comments]
- before_action :check_database_readable
before_action :check_database_writable, :only => [:new, :edit, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
before_action :allow_thirdparty_images, :only => [:new, :edit, :index, :show, :comments]
else
@entries = DiaryEntry.joins(:user).where(:users => { :status => %w[active confirmed] })
+ # Items can't be flagged as deleted in the RSS format.
+ # For the general feeds, allow a delay before publishing, to help spam fighting
+ @entries = @entries.where("created_at < :time", :time => Settings.diary_feed_delay.hours.ago)
+
if params[:language]
@entries = @entries.where(:language_code => params[:language])
@title = t("diary_entries.feed.language.title", :language_name => Language.find(params[:language]).english_name)
@link = url_for :action => "index", :host => Settings.server_url, :protocol => Settings.server_protocol
end
end
-
@entries = @entries.visible.includes(:user).order("created_at DESC").limit(20)
end