From 730e31017109994c24db431fde12f575ed5c1467 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 May 2014 09:13:25 +0200 Subject: FlashResponder will automagically add flash messages --- engines/support/app/controllers/tickets_controller.rb | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'engines/support/app') diff --git a/engines/support/app/controllers/tickets_controller.rb b/engines/support/app/controllers/tickets_controller.rb index 99357ab..19663c3 100644 --- a/engines/support/app/controllers/tickets_controller.rb +++ b/engines/support/app/controllers/tickets_controller.rb @@ -23,11 +23,8 @@ class TicketsController < ApplicationController @ticket.comments.last.posted_by = current_user.id @ticket.comments.last.private = false unless admin? @ticket.created_by = current_user.id - if @ticket.save - flash[:notice] = t(:thing_was_successfully_created, :thing => t(:ticket)) - if !logged_in? - flash[:notice] += " " + t(:access_ticket_text, :full_url => ticket_url(@ticket.id)) - end + if @ticket.save && !logged_in? + flash[:success] = t(:access_ticket_text, :full_url => ticket_url(@ticket.id)) end respond_with(@ticket, :location => auto_ticket_path(@ticket)) end @@ -62,10 +59,8 @@ class TicketsController < ApplicationController end if @ticket.changed? and @ticket.save - flash[:notice] = t(:changes_saved) redirect_to_tickets else - flash[:error] = @ticket.errors.full_messages.join(". ") if @ticket.changed? redirect_to auto_ticket_path(@ticket) end end @@ -88,6 +83,10 @@ class TicketsController < ApplicationController @title = t(:tickets) end + def self.responder + Responders::FlashResponder + end + private # -- cgit v1.2.3 From 467dd712a19d48fc653cfc0e58201e6657d2c1f9 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 May 2014 12:30:55 +0200 Subject: split up and refactor TicketController#update close and open actions for plain opening and closing the tickets respond_with so fields are not cleared on invalid update the custom actions are not strictly restful. But adding a subresource felt like too much overhead and is conceptually hard to grasp (so we destroy the openess of the ticket to close it?). --- .../support/app/controllers/tickets_controller.rb | 66 ++++++++++------------ engines/support/app/models/ticket.rb | 2 + .../support/app/views/tickets/_comments.html.haml | 8 +++ .../support/app/views/tickets/_edit_form.html.haml | 7 ++- engines/support/app/views/tickets/edit.html.haml | 5 ++ engines/support/app/views/tickets/show.html.haml | 9 +-- 6 files changed, 50 insertions(+), 47 deletions(-) create mode 100644 engines/support/app/views/tickets/_comments.html.haml create mode 100644 engines/support/app/views/tickets/edit.html.haml (limited to 'engines/support/app') diff --git a/engines/support/app/controllers/tickets_controller.rb b/engines/support/app/controllers/tickets_controller.rb index 19663c3..bb98277 100644 --- a/engines/support/app/controllers/tickets_controller.rb +++ b/engines/support/app/controllers/tickets_controller.rb @@ -5,8 +5,8 @@ class TicketsController < ApplicationController #has_scope :open, :type => boolean before_filter :require_login, :only => [:index] - before_filter :fetch_ticket, :only => [:show, :update, :destroy] - before_filter :require_ticket_access, :only => [:show, :update, :destroy] + before_filter :fetch_ticket, except: [:new, :create, :index] + before_filter :require_ticket_access, except: [:new, :create, :index] before_filter :fetch_user before_filter :set_title @@ -37,33 +37,32 @@ class TicketsController < ApplicationController end end - def update - if params[:button] == 'close' - @ticket.is_open = false - @ticket.save - redirect_to_tickets - elsif params[:button] == 'open' - @ticket.is_open = true - @ticket.save - redirect_to auto_ticket_path(@ticket) - else - @ticket.attributes = cleanup_ticket_params(params[:ticket]) + def close + @ticket.close + @ticket.save + redirect_to redirection_path + end - if params[:button] == 'reply_and_close' - @ticket.close - end + def open + @ticket.reopen + @ticket.save + redirect_to redirection_path + end - if @ticket.comments_changed? - @ticket.comments.last.posted_by = current_user.id - @ticket.comments.last.private = false unless admin? - end + def update + @ticket.attributes = cleanup_ticket_params(params[:ticket]) - if @ticket.changed? and @ticket.save - redirect_to_tickets - else - redirect_to auto_ticket_path(@ticket) - end + if params[:button] == 'reply_and_close' + @ticket.close + end + + if @ticket.comments_changed? + @ticket.comments.last.posted_by = current_user.id + @ticket.comments.last.private = false unless admin? end + + @ticket.save + respond_with @ticket, location: redirection_path end def index @@ -90,19 +89,14 @@ class TicketsController < ApplicationController private # - # redirects to ticket index, if appropriate. - # otherwise, just redirects to @ticket + # ticket index, if appropriate. + # otherwise, just @ticket # - def redirect_to_tickets - if logged_in? - if params[:button] == t(:reply_and_close) - redirect_to auto_tickets_path - else - redirect_to auto_ticket_path(@ticket) - end + def redirection_path + if logged_in? && params[:button] == t(:reply_and_close) + auto_tickets_path else - # if we are not logged in, there is no index to view - redirect_to auto_ticket_path(@ticket) + auto_ticket_path(@ticket) end end diff --git a/engines/support/app/models/ticket.rb b/engines/support/app/models/ticket.rb index bf5df53..161507c 100644 --- a/engines/support/app/models/ticket.rb +++ b/engines/support/app/models/ticket.rb @@ -39,6 +39,8 @@ class Ticket < CouchRest::Model::Base # * valid email address validates :email, :allow_blank => true, :format => /\A(([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,}))?\Z/ + # validates :comments, presence: true + def self.search(options = {}) @selection = TicketSelection.new(options) @selection.tickets diff --git a/engines/support/app/views/tickets/_comments.html.haml b/engines/support/app/views/tickets/_comments.html.haml new file mode 100644 index 0000000..0a3b345 --- /dev/null +++ b/engines/support/app/views/tickets/_comments.html.haml @@ -0,0 +1,8 @@ +%table.table.table-striped.table-bordered + %tbody + = render :partial => 'tickets/comment', :collection => @ticket.comments + %tr + %td.user + = current_user.login || t(:anonymous) + %td.comment + = render 'tickets/new_comment_form' diff --git a/engines/support/app/views/tickets/_edit_form.html.haml b/engines/support/app/views/tickets/_edit_form.html.haml index b8da779..22815f2 100644 --- a/engines/support/app/views/tickets/_edit_form.html.haml +++ b/engines/support/app/views/tickets/_edit_form.html.haml @@ -17,17 +17,18 @@ regarding_user_link = '' end -= simple_form_for @ticket do |f| +- url = url_for([@ticket.is_open? ? :close : :open, @ticket]) += simple_form_for @ticket, url: url do |f| = hidden_ticket_fields %p.first - if @ticket.is_open? %span.label.label-info %b{style: 'padding:10px'}= t(:open) - = f.button :loading, t(:close), value: 'close', class: 'btn-mini' + = f.button :loading, t(:close), class: 'btn-mini' - else %span.label.label-success %b{style: 'padding:10px'}= t(:closed) - = f.button :loading, t(:open), value: 'open', class: 'btn-mini' + = f.button :loading, t(:open), class: 'btn-mini' %span.label.label-clear= t(:created_by_on, :user => created_by, :time => @ticket.created_at.to_s(:short)).html_safe = simple_form_for @ticket do |f| = hidden_ticket_fields diff --git a/engines/support/app/views/tickets/edit.html.haml b/engines/support/app/views/tickets/edit.html.haml new file mode 100644 index 0000000..99afa2a --- /dev/null +++ b/engines/support/app/views/tickets/edit.html.haml @@ -0,0 +1,5 @@ +- @show_navigation = params[:user_id].present? + +.ticket + = render 'tickets/edit_form' + = render 'tickets/comments' diff --git a/engines/support/app/views/tickets/show.html.haml b/engines/support/app/views/tickets/show.html.haml index 4f3c127..99afa2a 100644 --- a/engines/support/app/views/tickets/show.html.haml +++ b/engines/support/app/views/tickets/show.html.haml @@ -2,11 +2,4 @@ .ticket = render 'tickets/edit_form' - %table.table.table-striped.table-bordered - %tbody - = render :partial => 'tickets/comment', :collection => @ticket.comments - %tr - %td.user - = current_user.login || t(:anonymous) - %td.comment - = render 'tickets/new_comment_form' + = render 'tickets/comments' -- cgit v1.2.3 From c10f9311678ff2183443bc03e153b30d3b68ff74 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 May 2014 13:09:59 +0200 Subject: Controller#flash_for instead of FlashResponder FlashResponder added a flash before responding. However at the point of responding objects have already been saved. So there is no way to test if they were changed. Now instead we can call flash_for resource before resource.save and it will add the flash messages only if the resource was actually changed. --- engines/support/app/controllers/tickets_controller.rb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'engines/support/app') diff --git a/engines/support/app/controllers/tickets_controller.rb b/engines/support/app/controllers/tickets_controller.rb index bb98277..7b6a7a0 100644 --- a/engines/support/app/controllers/tickets_controller.rb +++ b/engines/support/app/controllers/tickets_controller.rb @@ -23,10 +23,11 @@ class TicketsController < ApplicationController @ticket.comments.last.posted_by = current_user.id @ticket.comments.last.private = false unless admin? @ticket.created_by = current_user.id + flash_for @ticket if @ticket.save && !logged_in? flash[:success] = t(:access_ticket_text, :full_url => ticket_url(@ticket.id)) end - respond_with(@ticket, :location => auto_ticket_path(@ticket)) + respond_with @ticket, :location => auto_ticket_path(@ticket) end def show @@ -61,6 +62,7 @@ class TicketsController < ApplicationController @ticket.comments.last.private = false unless admin? end + flash_for @ticket @ticket.save respond_with @ticket, location: redirection_path end @@ -82,10 +84,6 @@ class TicketsController < ApplicationController @title = t(:tickets) end - def self.responder - Responders::FlashResponder - end - private # -- cgit v1.2.3 From 560eb039f4778257559395583e1233d052d44127 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 20 May 2014 13:50:32 +0200 Subject: flash_for with_errors option displays error messages --- engines/support/app/controllers/tickets_controller.rb | 2 +- engines/support/app/views/tickets/edit.html.haml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'engines/support/app') diff --git a/engines/support/app/controllers/tickets_controller.rb b/engines/support/app/controllers/tickets_controller.rb index 7b6a7a0..9c1a741 100644 --- a/engines/support/app/controllers/tickets_controller.rb +++ b/engines/support/app/controllers/tickets_controller.rb @@ -62,7 +62,7 @@ class TicketsController < ApplicationController @ticket.comments.last.private = false unless admin? end - flash_for @ticket + flash_for @ticket, with_errors: true @ticket.save respond_with @ticket, location: redirection_path end diff --git a/engines/support/app/views/tickets/edit.html.haml b/engines/support/app/views/tickets/edit.html.haml index 99afa2a..03bda7d 100644 --- a/engines/support/app/views/tickets/edit.html.haml +++ b/engines/support/app/views/tickets/edit.html.haml @@ -1,4 +1,5 @@ - @show_navigation = params[:user_id].present? +- @comment = TicketComment.new .ticket = render 'tickets/edit_form' -- cgit v1.2.3 From 19bce0f114180f355f0df367cf6d21bd957734a6 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 May 2014 14:57:29 +0200 Subject: tickets: structure i18n --- .../support/app/controllers/tickets_controller.rb | 2 +- engines/support/app/helpers/tickets_helper.rb | 14 ++--------- engines/support/app/models/ticket_comment.rb | 5 ++++ .../support/app/views/tickets/_comment.html.haml | 5 ++-- .../support/app/views/tickets/_edit_form.html.haml | 29 +++++++++------------- .../app/views/tickets/_new_comment_form.html.haml | 6 ++--- engines/support/app/views/tickets/_tabs.html.haml | 18 ++++++-------- engines/support/app/views/tickets/index.html.haml | 10 ++++---- engines/support/app/views/tickets/new.html.haml | 2 +- 9 files changed, 39 insertions(+), 52 deletions(-) (limited to 'engines/support/app') diff --git a/engines/support/app/controllers/tickets_controller.rb b/engines/support/app/controllers/tickets_controller.rb index 9c1a741..857d071 100644 --- a/engines/support/app/controllers/tickets_controller.rb +++ b/engines/support/app/controllers/tickets_controller.rb @@ -81,7 +81,7 @@ class TicketsController < ApplicationController protected def set_title - @title = t(:tickets) + @title = t("layouts.title.tickets") end private diff --git a/engines/support/app/helpers/tickets_helper.rb b/engines/support/app/helpers/tickets_helper.rb index 7af50d6..11b02e4 100644 --- a/engines/support/app/helpers/tickets_helper.rb +++ b/engines/support/app/helpers/tickets_helper.rb @@ -35,13 +35,7 @@ module TicketsHelper # def link_to_status(new_status) - if new_status == "open" - label = t(:open_tickets) - elsif new_status == "closed" - label = t(:closed_tickets) - elsif new_status == "all" - label = t(:all_tickets) - end + label = t(:".#{new_status}", cascade: true) link_to label, auto_tickets_path(:open_status => new_status, :sort_order => search_order) end @@ -62,11 +56,7 @@ module TicketsHelper direction = 'desc' end - if order_field == 'updated' - label = t(:updated) - elsif order_field == 'created' - label = t(:created) - end + label = t(:".#{order_field}", cascade: true) link_to auto_tickets_path(:sort_order => order_field + '_at_' + direction, :open_status => search_status) do arrow + label diff --git a/engines/support/app/models/ticket_comment.rb b/engines/support/app/models/ticket_comment.rb index bed5237..2c5df41 100644 --- a/engines/support/app/models/ticket_comment.rb +++ b/engines/support/app/models/ticket_comment.rb @@ -18,6 +18,11 @@ class TicketComment # view :by_body #end + # translations are in the same scope as those of a "proper" couchrest model + def self.i18n_scope + "couchrest" + end + def is_comment_validated? !!posted_by end diff --git a/engines/support/app/views/tickets/_comment.html.haml b/engines/support/app/views/tickets/_comment.html.haml index 778ca13..65ec394 100644 --- a/engines/support/app/views/tickets/_comment.html.haml +++ b/engines/support/app/views/tickets/_comment.html.haml @@ -1,4 +1,5 @@ -- if admin? or !comment.private # only show comment if user is admin or comment is not private +- # only show comment if user is admin or comment is not private +- if admin? or !comment.private %tr %td.user %div @@ -17,4 +18,4 @@ %span.label.label-important = t(:private) %td.comment - = simple_format(comment.body) \ No newline at end of file + = simple_format(comment.body) diff --git a/engines/support/app/views/tickets/_edit_form.html.haml b/engines/support/app/views/tickets/_edit_form.html.haml index 22815f2..522489e 100644 --- a/engines/support/app/views/tickets/_edit_form.html.haml +++ b/engines/support/app/views/tickets/_edit_form.html.haml @@ -23,29 +23,24 @@ %p.first - if @ticket.is_open? %span.label.label-info - %b{style: 'padding:10px'}= t(:open) - = f.button :loading, t(:close), class: 'btn-mini' + %b{style: 'padding:10px'}= t("tickets.status.open") + = f.button :loading, t("tickets.action.close"), class: 'btn-mini' - else %span.label.label-success - %b{style: 'padding:10px'}= t(:closed) - = f.button :loading, t(:open), class: 'btn-mini' - %span.label.label-clear= t(:created_by_on, :user => created_by, :time => @ticket.created_at.to_s(:short)).html_safe + %b{style: 'padding:10px'}= t("tickets.status.closed") + = f.button :loading, t("tickets.action.open"), class: 'btn-mini' + %span.label.label-clear + = t("tickets.created_by_on", user: created_by, time: @ticket.created_at.to_s(:short), cascade: true).html_safe = simple_form_for @ticket do |f| = hidden_ticket_fields - %div= t(:subject) - = f.text_field :subject, :class => 'large full-width' + = f.input :subject, input_html: {:class => 'large full-width'} .row-fluid .span4 - %div= t(:status) - = f.select :is_open, [[t(:open), "true"], [t(:closed), "false"]] + = f.input :is_open, as: :select, collection: [:true, :false], include_blank: false .span4 - %div= t(:email) - = f.text_field :email + = f.input :email .span4 - %div - = t(:regarding_account) - = regarding_user_link - = f.text_field :regarding_user - = f.button :loading, t(:save), :value => 'save' + = f.input :regarding_user, label: Ticket.human_attribute_name(:regarding_user) + regarding_user_link + = f.button :loading - if admin? - = link_to t(:destroy), auto_ticket_path(@ticket), :confirm => t(:are_you_sure), :method => :delete, :class => 'btn' + = link_to t(".destroy", cascade: true), auto_ticket_path(@ticket), :confirm => t("tickets.confirm.destroy.are_you_sure", cascade: true), :method => :delete, :class => 'btn' diff --git a/engines/support/app/views/tickets/_new_comment_form.html.haml b/engines/support/app/views/tickets/_new_comment_form.html.haml index 40c737f..b829b6b 100644 --- a/engines/support/app/views/tickets/_new_comment_form.html.haml +++ b/engines/support/app/views/tickets/_new_comment_form.html.haml @@ -7,7 +7,7 @@ = c.input :body, :label => false, :as => :text, :input_html => {:class => "full-width", :rows=> 5} - if admin? = c.input :private, :as => :boolean, :label => false, :inline_label => true - = f.button :loading, t(:post_reply), class: 'btn-primary', value: 'post_reply' + = f.button :loading, t(".post_reply"), class: 'btn-primary', value: 'post_reply' - if logged_in? && @ticket.is_open - = f.button :loading, t(:reply_and_close), value: 'reply_and_close' - = link_to t(:cancel), auto_tickets_path, :class => :btn + = f.button :loading, t(".reply_and_close"), value: 'reply_and_close' + = link_to t(".cancel"), auto_tickets_path, :class => :btn diff --git a/engines/support/app/views/tickets/_tabs.html.haml b/engines/support/app/views/tickets/_tabs.html.haml index 445a909..7872bb5 100644 --- a/engines/support/app/views/tickets/_tabs.html.haml +++ b/engines/support/app/views/tickets/_tabs.html.haml @@ -3,21 +3,17 @@ -# - unless action?(:new) or action?(:create) %ul.nav.nav-pills.pull-right.slim - %li{:class=> ("active" if search_order.start_with? 'created_at')} - = link_to_order('created') - %li{:class=> ("active" if search_order.start_with? 'updated_at')} - = link_to_order('updated') + - %w(created updated).each do |order| + %li{:class=> ("active" if search_order.start_with? order)} + = link_to_order(order) -# -# STATUS FILTER TABS -# %ul.nav.nav-tabs - if logged_in? - %li{:class => ("active" if search_status == 'open')} - = link_to_status 'open' - %li{:class => ("active" if search_status == 'closed')} - = link_to_status 'closed' - %li{:class => ("active" if search_status == 'all')} - = link_to_status 'all' + - %w(open closed all).each do |status| + %li{:class => ("active" if search_status == status)} + = link_to_status status %li{:class => ("active" if action?(:new) || action?(:create))} - = link_to icon(:plus, :black) + t(:new_ticket), auto_new_ticket_path + = link_to icon(:plus, :black) + t(".new", cascade: true), auto_new_ticket_path diff --git a/engines/support/app/views/tickets/index.html.haml b/engines/support/app/views/tickets/index.html.haml index a4df6e3..526cd6d 100644 --- a/engines/support/app/views/tickets/index.html.haml +++ b/engines/support/app/views/tickets/index.html.haml @@ -5,15 +5,15 @@ %table.table.table-striped.table-bordered %thead %tr - %th= t(:subject) - %th= t(:created) - %th= t(:updated) - %th= t(:voices) + %th= t(".subject") + %th= t(".created") + %th= t(".updated") + %th= t(".voices") %tbody - if @tickets.any? = render @tickets.all - else %tr - %td{:colspan=>4}= t(:none) + %td{:colspan=>4}= t(".none") = paginate @tickets diff --git a/engines/support/app/views/tickets/new.html.haml b/engines/support/app/views/tickets/new.html.haml index 3de5fe9..d3580f9 100644 --- a/engines/support/app/views/tickets/new.html.haml +++ b/engines/support/app/views/tickets/new.html.haml @@ -11,7 +11,7 @@ = f.input :email = f.input :regarding_user = f.simple_fields_for :comments, @comment do |c| - = c.input :body, :label => t(:description), :as => :text, :input_html => {:class => "full-width", :rows=> 5} + = c.input :body, :as => :text, :input_html => {:class => "full-width", :rows=> 5} - if admin? = c.input :private, :as => :boolean, :label => false, :inline_label => true = f.button :wrapped, cancel: (logged_in? ? auto_tickets_path : home_path) -- cgit v1.2.3 From cc59ce53e52bf48d97de16d66012e8309bf98fe8 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 27 May 2014 16:32:50 +0200 Subject: add btn helper for link_to with .btn Also translates the first arg if it's a symbol and adds more btn- classes if given as html_options[:type] --- engines/support/app/views/tickets/_edit_form.html.haml | 2 +- engines/support/app/views/tickets/_new_comment_form.html.haml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'engines/support/app') diff --git a/engines/support/app/views/tickets/_edit_form.html.haml b/engines/support/app/views/tickets/_edit_form.html.haml index 522489e..9adc2cc 100644 --- a/engines/support/app/views/tickets/_edit_form.html.haml +++ b/engines/support/app/views/tickets/_edit_form.html.haml @@ -43,4 +43,4 @@ = f.input :regarding_user, label: Ticket.human_attribute_name(:regarding_user) + regarding_user_link = f.button :loading - if admin? - = link_to t(".destroy", cascade: true), auto_ticket_path(@ticket), :confirm => t("tickets.confirm.destroy.are_you_sure", cascade: true), :method => :delete, :class => 'btn' + = btn t(".destroy", cascade: true), auto_ticket_path(@ticket), confirm: t("tickets.confirm.destroy.are_you_sure", cascade: true), method: :delete diff --git a/engines/support/app/views/tickets/_new_comment_form.html.haml b/engines/support/app/views/tickets/_new_comment_form.html.haml index b829b6b..711421d 100644 --- a/engines/support/app/views/tickets/_new_comment_form.html.haml +++ b/engines/support/app/views/tickets/_new_comment_form.html.haml @@ -10,4 +10,4 @@ = f.button :loading, t(".post_reply"), class: 'btn-primary', value: 'post_reply' - if logged_in? && @ticket.is_open = f.button :loading, t(".reply_and_close"), value: 'reply_and_close' - = link_to t(".cancel"), auto_tickets_path, :class => :btn + = btn t(".cancel"), auto_tickets_path -- cgit v1.2.3 From df1c2438fcfe39edfb46546be8fcee5021f95fc3 Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 28 May 2014 09:26:17 +0200 Subject: destroy_btn helper method --- engines/support/app/views/tickets/_edit_form.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'engines/support/app') diff --git a/engines/support/app/views/tickets/_edit_form.html.haml b/engines/support/app/views/tickets/_edit_form.html.haml index 9adc2cc..889dac2 100644 --- a/engines/support/app/views/tickets/_edit_form.html.haml +++ b/engines/support/app/views/tickets/_edit_form.html.haml @@ -43,4 +43,4 @@ = f.input :regarding_user, label: Ticket.human_attribute_name(:regarding_user) + regarding_user_link = f.button :loading - if admin? - = btn t(".destroy", cascade: true), auto_ticket_path(@ticket), confirm: t("tickets.confirm.destroy.are_you_sure", cascade: true), method: :delete + = destroy_btn t(".destroy", cascade: true), auto_ticket_path(@ticket) -- cgit v1.2.3 From 9e3be686ff2751707369894382293924420830d0 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 29 May 2014 20:11:29 +0200 Subject: fix flash for creating anonymous tickets --- engines/support/app/controllers/tickets_controller.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'engines/support/app') diff --git a/engines/support/app/controllers/tickets_controller.rb b/engines/support/app/controllers/tickets_controller.rb index 857d071..fab26f3 100644 --- a/engines/support/app/controllers/tickets_controller.rb +++ b/engines/support/app/controllers/tickets_controller.rb @@ -25,7 +25,9 @@ class TicketsController < ApplicationController @ticket.created_by = current_user.id flash_for @ticket if @ticket.save && !logged_in? - flash[:success] = t(:access_ticket_text, :full_url => ticket_url(@ticket.id)) + flash[:success] += t 'tickets.access_ticket_text', + full_url: ticket_url(@ticket.id), + default: "" end respond_with @ticket, :location => auto_ticket_path(@ticket) end -- cgit v1.2.3 From 366ff2e7f5ecd44aab1cddfd0a7b73ab7b213e85 Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 3 Jun 2014 01:12:17 -0700 Subject: tickets: fix bug that allow index of other users --- .../support/app/controllers/tickets_controller.rb | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) (limited to 'engines/support/app') diff --git a/engines/support/app/controllers/tickets_controller.rb b/engines/support/app/controllers/tickets_controller.rb index fab26f3..1ccbd16 100644 --- a/engines/support/app/controllers/tickets_controller.rb +++ b/engines/support/app/controllers/tickets_controller.rb @@ -4,10 +4,10 @@ class TicketsController < ApplicationController respond_to :html, :json #has_scope :open, :type => boolean + before_filter :fetch_user before_filter :require_login, :only => [:index] before_filter :fetch_ticket, except: [:new, :create, :index] - before_filter :require_ticket_access, except: [:new, :create, :index] - before_filter :fetch_user + before_filter :require_ticket_access, except: [:new, :create] before_filter :set_title def new @@ -129,14 +129,24 @@ class TicketsController < ApplicationController end def ticket_access? - admin? or - @ticket.created_by.blank? or - current_user.id == @ticket.created_by + admin? or ( + @ticket && + @ticket.created_by.blank? + ) or ( + @ticket && + @ticket.created_by == current_user.id + ) or ( + @ticket.nil? && + @user && + @user.id == current_user.id + ) end def fetch_user if params[:user_id] @user = User.find(params[:user_id]) + else + @user = current_user end end @@ -146,7 +156,7 @@ class TicketsController < ApplicationController def search_options(params) params.merge( :admin_status => params[:user_id] ? 'mine' : 'all', - :user_id => @user ? @user.id : current_user.id, + :user_id => @user.id, :is_admin => admin? ) end -- cgit v1.2.3