X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/7a64ebe98265ff8ad6be5b8be9481661cd824f0f..e8cb7ac8f16987788fb65889b14a7e1446a46da3:/app/controllers/notes_controller.rb diff --git a/app/controllers/notes_controller.rb b/app/controllers/notes_controller.rb index b1dd6d162..690467f0d 100644 --- a/app/controllers/notes_controller.rb +++ b/app/controllers/notes_controller.rb @@ -4,7 +4,7 @@ class NotesController < ApplicationController skip_before_action :verify_authenticity_token, :except => [:mine] before_action :check_api_readable before_action :authorize_web, :only => [:mine] - before_action :setup_user_auth, :only => [:create, :comment] + before_action :setup_user_auth, :only => [:create, :comment, :show] before_action :authorize, :only => [:close, :reopen, :destroy] before_action :require_moderator, :only => [:destroy] before_action :check_api_writable, :only => [:create, :comment, :close, :reopen, :destroy] @@ -211,7 +211,7 @@ class NotesController < ApplicationController # Find the note and check it is valid @note = Note.find(params[:id]) raise OSM::APINotFoundError unless @note - raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? + raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? || (current_user && current_user.moderator?) # Render the result respond_to do |format| @@ -255,15 +255,48 @@ class NotesController < ApplicationController ## # Return a list of notes matching a given string def search - # Check the arguments are sane - raise OSM::APIBadUserInput, "No query string was given" unless params[:q] + # Filter either by the name or the id of the user + if params[:display_name] + @user = User.find_by(:display_name => params[:display_name]) + elsif params[:id] + @user = User.find_by(:id => params[:id]) + end - # Get any conditions that need to be applied - @notes = closed_condition(Note.all) - @notes = @notes.joins(:comments).where("to_tsvector('english', note_comments.body) @@ plainto_tsquery('english', ?)", params[:q]) + if @user + @notes = @user.notes + @notes = closed_condition(@notes) + elsif params[:display_name] || params[:id] + # Return an error message because obviously the user could not be found + raise OSM::APIBadUserInput, "The user could not be found" + else + @notes = closed_condition(Note.all) + end + + # Filter by a given string + if params[:q] + # TODO: why doesn't this work if we want to filter the notes of a given user? + @notes = @notes.joins(:comments).where("to_tsvector('english', note_comments.body) @@ plainto_tsquery('english', ?)", params[:q]) unless params[:display_name] || params[:id] + end + + # Filter by a given start date and an optional end date + if params[:from] + begin + from = Time.parse(params[:from]) + to = if params[:to] + Time.parse(params[:to]) + else + Time.now + end + rescue ArgumentError + # return a more generic error so that everybody knows what is wrong + raise OSM::APIBadUserInput, "The date is in a wrong format" + end + + @notes = @notes.where("(created_at > '#{from}' AND created_at < '#{to}')") + end # Find the notes we want to return - @notes = @notes.order("updated_at DESC").limit(result_limit).preload(:comments) + @notes = @notes.order("updated_at DESC").distinct.limit(result_limit).preload(:comments) # Render the result respond_to do |format| @@ -280,9 +313,9 @@ class NotesController < ApplicationController if params[:display_name] if @user = User.active.find_by(:display_name => params[:display_name]) @params = params.permit(:display_name) - @title = t "note.mine.title", :user => @user.display_name - @heading = t "note.mine.heading", :user => @user.display_name - @description = t "note.mine.subheading", :user => render_to_string(:partial => "user", :object => @user) + @title = t "notes.mine.title", :user => @user.display_name + @heading = t "notes.mine.heading", :user => @user.display_name + @description = t "notes.mine.subheading", :user => render_to_string(:partial => "user", :object => @user) @page = (params[:page] || 1).to_i @page_size = 10 @notes = @user.notes