X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/d4130bcac83015564f0326457f2bb67d1b5ebab6..f08fb4f30f83288a5d485d422b94c4301c2a86b5:/app/controllers/friendships_controller.rb diff --git a/app/controllers/friendships_controller.rb b/app/controllers/friendships_controller.rb index 75e53368d..7b14f2e82 100644 --- a/app/controllers/friendships_controller.rb +++ b/app/controllers/friendships_controller.rb @@ -1,4 +1,6 @@ class FriendshipsController < ApplicationController + include UserMethods + layout "site" before_action :authorize_web @@ -8,55 +10,52 @@ class FriendshipsController < ApplicationController authorize_resource before_action :check_database_writable, :only => [:make_friend, :remove_friend] + before_action :lookup_friend, :only => [:make_friend, :remove_friend] def make_friend - @new_friend = User.find_by(:display_name => params[:display_name]) - - if @new_friend - if request.post? - friendship = Friendship.new - friendship.befriender = current_user - friendship.befriendee = @new_friend - if current_user.is_friends_with?(@new_friend) - flash[:warning] = t "friendships.make_friend.already_a_friend", :name => @new_friend.display_name - elsif friendship.save - flash[:notice] = t "friendships.make_friend.success", :name => @new_friend.display_name - Notifier.friendship_notification(friendship).deliver_later - else - friendship.add_error(t("friendships.make_friend.failed", :name => @new_friend.display_name)) - end - - if params[:referer] - redirect_to safe_referer(params[:referer]) - else - redirect_to user_path - end + if request.post? + friendship = Friendship.new + friendship.befriender = current_user + friendship.befriendee = @friend + if current_user.friends_with?(@friend) + flash[:warning] = t ".already_a_friend", :name => @friend.display_name + elsif current_user.friendships.where("created_at >= ?", Time.now.utc - 1.hour).count >= current_user.max_friends_per_hour + flash.now[:error] = t ".limit_exceeded" + elsif friendship.save + flash[:notice] = t ".success", :name => @friend.display_name + UserMailer.friendship_notification(friendship).deliver_later + else + friendship.add_error(t(".failed", :name => @friend.display_name)) end - else - render_unknown_user params[:display_name] + + referer = safe_referer(params[:referer]) if params[:referer] + + redirect_to referer || user_path end end def remove_friend - @friend = User.find_by(:display_name => params[:display_name]) - - if @friend - if request.post? - if current_user.is_friends_with?(@friend) - Friendship.where(:befriender => current_user, :befriendee => @friend).delete_all - flash[:notice] = t "friendships.remove_friend.success", :name => @friend.display_name - else - flash[:error] = t "friendships.remove_friend.not_a_friend", :name => @friend.display_name - end - - if params[:referer] - redirect_to safe_referer(params[:referer]) - else - redirect_to user_path - end + if request.post? + if current_user.friends_with?(@friend) + Friendship.where(:befriender => current_user, :befriendee => @friend).delete_all + flash[:notice] = t ".success", :name => @friend.display_name + else + flash[:error] = t ".not_a_friend", :name => @friend.display_name end - else - render_unknown_user params[:display_name] + + referer = safe_referer(params[:referer]) if params[:referer] + + redirect_to referer || user_path end end + + private + + ## + # ensure that there is a "friend" instance variable + def lookup_friend + @friend = User.active.find_by!(:display_name => params[:display_name]) + rescue ActiveRecord::RecordNotFound + render_unknown_user params[:display_name] + end end