From cd568eaa38aff2c161ee286a3b6e53883908a673 Mon Sep 17 00:00:00 2001 From: joshua stein Date: Wed, 4 Jul 2012 19:33:12 -0500 Subject: [PATCH] fix deleting/undeleting stories for users and moderators --- app/controllers/application_controller.rb | 2 +- app/controllers/comments_controller.rb | 2 +- app/controllers/stories_controller.rb | 39 ++++++++++++++++++---- app/models/story.rb | 22 +++++++++++-- app/views/comments/_comment.html.erb | 14 ++++---- app/views/stories/_listdetail.html.erb | 40 ++++++++++++++--------- app/views/stories/show.html.erb | 4 +-- 7 files changed, 89 insertions(+), 34 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 9631116..27f89c8 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -30,7 +30,7 @@ class ApplicationController < ActionController::Base def find_stories_for_user_and_tag_and_newest(user, tag = nil, newest = false) stories = [] - conds = [ "is_expired = 0 " ] + conds = [ "is_expired = 0 AND is_moderated = 0 " ] if user && !newest # exclude downvoted items diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index f15faab..f60f229 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -4,7 +4,7 @@ class CommentsController < ApplicationController before_filter :require_logged_in_user, :only => [ :threads ] def create - if !(story = Story.find_by_short_id(params[:story_id])) + if !(story = Story.find_by_short_id(params[:story_id])) || story.is_gone? return render :text => "can't find story", :status => 400 end diff --git a/app/controllers/stories_controller.rb b/app/controllers/stories_controller.rb index 4a07ed3..175b858 100644 --- a/app/controllers/stories_controller.rb +++ b/app/controllers/stories_controller.rb @@ -37,19 +37,29 @@ class StoriesController < ApplicationController end def destroy - @story.is_expired = true + if !@story.is_editable_by_user?(@user) + flash[:error] = "You cannot edit that story." + return redirect_to "/" + end + + if @user.is_admin? && @user.id != @story.user_id + @story.is_moderated = true + else + @story.is_expired = true + end + @story.save(:validate => false) redirect_to @story.comments_url end def edit - @page_title = "Edit Story" - if !@story.is_editable_by_user?(@user) flash[:error] = "You cannot edit that story." return redirect_to "/" end + + @page_title = "Edit Story" end def fetch_url_title @@ -81,7 +91,11 @@ class StoriesController < ApplicationController def show @story = Story.find_by_short_id!(params[:id]) - @page_title = @story.title + if @story.can_be_seen_by_user?(@user) + @page_title = @story.title + else + @page_title = "[Story removed]" + end @comments = Comment.ordered_for_story_or_thread_for_user(@story.id, nil, @user ? @user.id : nil) @@ -143,13 +157,25 @@ class StoriesController < ApplicationController end def undelete + if !(@story.is_editable_by_user?(@user) && + @story.is_undeletable_by_user?(@user)) + flash[:error] = "You cannot edit that story." + return redirect_to "/" + end + @story.is_expired = false + @story.is_moderated = false @story.save(:validate => false) redirect_to @story.comments_url end def update + if !@story.is_editable_by_user?(@user) + flash[:error] = "You cannot edit that story." + return redirect_to "/" + end + @story.is_expired = false if @story.update_attributes(params[:story].except(:url)) @@ -199,9 +225,10 @@ class StoriesController < ApplicationController private def find_story if @user.is_admin? - @story = Story.find_by_short_id(params[:id]) + @story = Story.find_by_short_id(params[:story_id] || params[:id]) else - @story = Story.find_by_user_id_and_short_id(@user.id, params[:id]) + @story = Story.find_by_user_id_and_short_id(@user.id, + (params[:story_id] || params[:id])) end if !@story diff --git a/app/models/story.rb b/app/models/story.rb index 930664c..3d45cc1 100644 --- a/app/models/story.rb +++ b/app/models/story.rb @@ -204,22 +204,38 @@ class Story < ActiveRecord::Base def is_editable_by_user?(user) if user && user.is_admin? - true + return true elsif user && user.id == self.user_id - (Time.now.to_i - self.created_at.to_i < (60 * MAX_EDIT_MINS)) + if self.is_moderated? + return false + else + return (Time.now.to_i - self.created_at.to_i < (60 * MAX_EDIT_MINS)) + end else return false end end def is_undeletable_by_user?(user) - if !user || user.id != self.user_id + if user && (user.is_admin? || user.id == self.user_id) + return true + else + return false + end + end + + def can_be_seen_by_user?(user) + if is_gone? && !(user && (user.is_admin? || user.id == self.user_id)) return false end true end + def is_gone? + is_expired? || is_moderated? + end + def update_comment_count! Keystore.put("story:#{self.id}:comment_count", Comment.where(:story_id => self.id).count) diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb index 44e3d0e..8b45eb0 100644 --- a/app/views/comments/_comment.html.erb +++ b/app/views/comments/_comment.html.erb @@ -35,14 +35,16 @@ class="comment <%= comment.current_vote ? (comment.current_vote[:vote] == 1 ? <% if !comment.previewing %> | - link - | - <% if comment.is_editable_by_user?(@user) %> - edit - <% else %> - reply + + <% if !story.is_gone? %> + | + <% if comment.is_editable_by_user?(@user) %> + edit + <% else %> + reply + <% end %> <% end %> <% if false && defined?(collapsable) && collapsable # XXX %> diff --git a/app/views/stories/_listdetail.html.erb b/app/views/stories/_listdetail.html.erb index 01f3524..5923f7c 100644 --- a/app/views/stories/_listdetail.html.erb +++ b/app/views/stories/_listdetail.html.erb @@ -18,35 +18,45 @@ class="story <%= story.vote == 1 ? "upvoted" : (story.vote == -1 ?
- <%= story.title %> - - - <% story.taggings.each do |tagging| %> - <%= tagging.tag.tag %> - <% end %> - - - <%= story.domain %> + <% if story.can_be_seen_by_user?(@user) %> + <%= story.title %> + <% end %> + <% if story.is_gone? %> + [Story removed by <%= story.is_expired? ? "original submitter" : + "moderator" %>] + <% end %> + <% if story.can_be_seen_by_user?(@user) %> + + <% story.taggings.each do |tagging| %> + <%= tagging.tag.tag %> + <% end %> + + + <%= story.domain %> + + <% end %>
by <%= story.user.username %> <%= time_ago_in_words(story.created_at).gsub(/^about /, "") %> ago - <% if story.is_editable_by_user? @user %> + <% if story.is_editable_by_user?(@user) %> | edit - | - <% if story.is_expired? %> + + <% if story.is_gone? && story.is_undeletable_by_user?(@user) %> + | <%= link_to "undelete", story_undelete_url(story.short_id), :method => :post, :confirm => "Are you sure you want to undelete this story?" %> - <% else %> + <% elsif !story.is_gone? %> + | <%= link_to "delete", story_url(story.short_id), :method => :delete, :confirm => "Are you sure you want to delete this story?" %> <% end %> <% end %> - <% if !story.is_expired? %> + <% if !story.is_gone? %> | <%= (c = story.comment_count) == 0 ? "discuss" : diff --git a/app/views/stories/show.html.erb b/app/views/stories/show.html.erb index e4b5773..49dc6dc 100644 --- a/app/views/stories/show.html.erb +++ b/app/views/stories/show.html.erb @@ -4,14 +4,14 @@
- <% if @story.url.blank? %> + <% if @story.description.present? %>
<%= raw @story.linkified_text %>
<% end %>

- <% if @user && !@story.is_expired? %> + <% if @user && !@story.is_gone? %> <%= render :partial => "comments/commentbox", :locals => { :story => @story, :comment => @comment } %> <% end %>