allow disabling public invitation requests through a setting

2014-10-03 17:16:15 -05:00 · 2014-10-03 17:16:15 -05:00 · 5497fbd7bb
parent b7ede71b31
commit 5497fbd7bb
3 changed files with 29 additions and 12 deletions
--- a/app/controllers/invitations_controller.rb
+++ b/app/controllers/invitations_controller.rb
@ -3,7 +3,12 @@ class InvitationsController < ApplicationController
    :except => [ :build, :create_by_request, :confirm_email ]

  def build
-    @invitation_request = InvitationRequest.new
+    if Rails.application.allow_invitation_requests?
+      @invitation_request = InvitationRequest.new
+    else
+      flash[:error] = "Public invitation requests are not allowed."
+      return redirect_to "/login"
+    end
  end

  def index
@ -19,7 +24,7 @@ class InvitationsController < ApplicationController
    ir.is_verified = true
    ir.save!

-    flash[:success] = "Your invitiation request has been validated and " <<
+    flash[:success] = "Your invitation request has been validated and " <<
      "will now be shown to other logged-in users."
    return redirect_to "/invitations/request"
  end
@ -48,17 +53,21 @@ class InvitationsController < ApplicationController
  end

  def create_by_request
-    @invitation_request = InvitationRequest.new(
-      params.require(:invitation_request).permit(:name, :email, :memo))
+    if Rails.application.allow_invitation_requests?
+      @invitation_request = InvitationRequest.new(
+        params.require(:invitation_request).permit(:name, :email, :memo))

-    @invitation_request.ip_address = request.remote_ip
+      @invitation_request.ip_address = request.remote_ip

-    if @invitation_request.save
-      flash[:success] = "You have been e-mailed a confirmation to " <<
-        params[:invitation_request][:email].to_s << "."
-      return redirect_to "/invitations/request"
+      if @invitation_request.save
+        flash[:success] = "You have been e-mailed a confirmation to " <<
+          params[:invitation_request][:email].to_s << "."
+        return redirect_to "/invitations/request"
+      else
+        render :action => :build
+      end
    else
-      render :action => :build
+      return redirect_to "/login"
    end
  end

--- a/app/views/login/index.html.erb
+++ b/app/views/login/index.html.erb
@ -26,8 +26,12 @@
    <p>
    Not a user yet?  Signup is by invitation only to combat spam and increase
    accountability.  If you know <a href="/u/">a current user</a> of the site,
-    ask them for an invitation or <a href="/invitations/request">request one
-    publicly</a>.
+    ask them for an
+    <% if Rails.application.allow_invitation_requests? %>
+      invitation or <a href="/invitations/request">request one publicly</a>.
+    <% else %>
+      invitation.
+    <% end %>
    </p>

    <% if @referer.present? %>
--- a/config/application.rb
+++ b/config/application.rb
@ -42,6 +42,10 @@ end
 # define site name and domain to be used globally, can be overridden in
 # config/initializers/production.rb
 class << Rails.application
+  def allow_invitation_requests?
+    true
+  end
+
  def domain
    "lobste.rs"
  end