From f2f3fbb1f19ad3cb26a3623d7af3d90e1f7a7caa Mon Sep 17 00:00:00 2001 From: Andy Allan Date: Wed, 5 Jun 2019 15:29:47 +0200 Subject: [PATCH] Allow administrators to unhide diary entries, if they wish --- app/abilities/ability.rb | 2 +- app/controllers/diary_entries_controller.rb | 6 ++++ app/views/diary_entries/_diary_entry.html.erb | 6 +++- config/locales/en.yml | 1 + config/routes.rb | 1 + .../diary_entries_controller_test.rb | 31 +++++++++++++++++++ 6 files changed, 45 insertions(+), 2 deletions(-) diff --git a/app/abilities/ability.rb b/app/abilities/ability.rb index 1106d843e..a663dc4be 100644 --- a/app/abilities/ability.rb +++ b/app/abilities/ability.rb @@ -51,7 +51,7 @@ class Ability end if user.administrator? - can [:hide, :hidecomment], [DiaryEntry, DiaryComment] + can [:hide, :unhide, :hidecomment], [DiaryEntry, DiaryComment] can [:index, :show, :resolve, :ignore, :reopen], Issue can :create, IssueComment can [:set_status, :delete, :index], User diff --git a/app/controllers/diary_entries_controller.rb b/app/controllers/diary_entries_controller.rb index 1e113e09f..41be0f7ea 100644 --- a/app/controllers/diary_entries_controller.rb +++ b/app/controllers/diary_entries_controller.rb @@ -214,6 +214,12 @@ class DiaryEntriesController < ApplicationController redirect_to :action => "index", :display_name => entry.user.display_name end + def unhide + entry = DiaryEntry.find(params[:id]) + entry.update(:visible => true) + redirect_to :action => "index", :display_name => entry.user.display_name + end + def hidecomment comment = DiaryComment.find(params[:comment]) comment.update(:visible => false) diff --git a/app/views/diary_entries/_diary_entry.html.erb b/app/views/diary_entries/_diary_entry.html.erb index fc1cca66e..50b49c37f 100644 --- a/app/views/diary_entries/_diary_entry.html.erb +++ b/app/views/diary_entries/_diary_entry.html.erb @@ -39,7 +39,11 @@ <% if current_user && current_user.administrator? %>
  • - <%= link_to t(".hide_link"), hide_diary_entry_path(:display_name => diary_entry.user.display_name, :id => diary_entry.id), :method => :post, :data => { :confirm => t(".confirm") } %> + <% if diary_entry.visible %> + <%= link_to t(".hide_link"), hide_diary_entry_path(:display_name => diary_entry.user.display_name, :id => diary_entry.id), :method => :post, :data => { :confirm => t(".confirm") } %> + <% else %> + <%= link_to t(".unhide_link"), unhide_diary_entry_path(:display_name => diary_entry.user.display_name, :id => diary_entry.id), :method => :post, :data => { :confirm => t(".confirm") } %> + <% end %>
    • <% end %> diff --git a/config/locales/en.yml b/config/locales/en.yml index 516dad37a..b4cfad091 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -331,6 +331,7 @@ en: other: "%{count} comments" edit_link: Edit this entry hide_link: Hide this entry + unhide_link: Unhide this entry confirm: Confirm report: Report this entry diary_comment: diff --git a/config/routes.rb b/config/routes.rb index 63ce06167..994d08550 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -234,6 +234,7 @@ OpenStreetMap::Application.routes.draw do end post "/user/:display_name/diary/:id/newcomment" => "diary_entries#comment", :id => /\d+/ post "/user/:display_name/diary/:id/hide" => "diary_entries#hide", :id => /\d+/, :as => :hide_diary_entry + post "/user/:display_name/diary/:id/unhide" => "diary_entries#unhide", :id => /\d+/, :as => :unhide_diary_entry post "/user/:display_name/diary/:id/hidecomment/:comment" => "diary_entries#hidecomment", :id => /\d+/, :comment => /\d+/, :as => :hide_diary_comment post "/user/:display_name/diary/:id/subscribe" => "diary_entries#subscribe", :as => :diary_entry_subscribe, :id => /\d+/ post "/user/:display_name/diary/:id/unsubscribe" => "diary_entries#unsubscribe", :as => :diary_entry_unsubscribe, :id => /\d+/ diff --git a/test/controllers/diary_entries_controller_test.rb b/test/controllers/diary_entries_controller_test.rb index 71684c65e..6011de9ab 100644 --- a/test/controllers/diary_entries_controller_test.rb +++ b/test/controllers/diary_entries_controller_test.rb @@ -85,6 +85,10 @@ class DiaryEntriesControllerTest < ActionController::TestCase { :path => "/user/username/diary/1/hide", :method => :post }, { :controller => "diary_entries", :action => "hide", :display_name => "username", :id => "1" } ) + assert_routing( + { :path => "/user/username/diary/1/unhide", :method => :post }, + { :controller => "diary_entries", :action => "unhide", :display_name => "username", :id => "1" } + ) assert_routing( { :path => "/user/username/diary/1/hidecomment/2", :method => :post }, { :controller => "diary_entries", :action => "hidecomment", :display_name => "username", :id => "1", :comment => "2" } @@ -750,6 +754,33 @@ class DiaryEntriesControllerTest < ActionController::TestCase assert_equal false, DiaryEntry.find(diary_entry.id).visible end + def test_unhide + user = create(:user) + + # Try without logging in + diary_entry = create(:diary_entry, :user => user, :visible => false) + post :unhide, + :params => { :display_name => user.display_name, :id => diary_entry.id } + assert_response :forbidden + assert_equal false, DiaryEntry.find(diary_entry.id).visible + + # Now try as a normal user + post :unhide, + :params => { :display_name => user.display_name, :id => diary_entry.id }, + :session => { :user => user } + assert_response :redirect + assert_redirected_to :controller => :errors, :action => :forbidden + assert_equal false, DiaryEntry.find(diary_entry.id).visible + + # Finally try as an administrator + post :unhide, + :params => { :display_name => user.display_name, :id => diary_entry.id }, + :session => { :user => create(:administrator_user) } + assert_response :redirect + assert_redirected_to :action => :index, :display_name => user.display_name + assert_equal true, DiaryEntry.find(diary_entry.id).visible + end + def test_hidecomment user = create(:user) administrator_user = create(:administrator_user) -- 2.43.2