Download as
Browse Code »

Commit 63ea40d37514122fdd0f392d877efeb786ab3478

Authored by Rodrigo Souto
1 parent 4891d3e9
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

[comments-refactor-review] Moving edit/update check to a filter

Showing 1 changed file with 13 additions and 17 deletions   Show diff stats
app/controllers/public/comment_controller.rb
  Diff comments   View file @63ea40d
@@ -2,6 +2,8 @@ class CommentController < ApplicationController @@ -2,6 +2,8 @@ class CommentController < ApplicationController
2 2
3 needs_profile 3 needs_profile
4 4
  5 + before_filter :can_update?, :only => [:edit, :update]
  6 +
5 def create 7 def create
6 begin 8 begin
7 @page = profile.articles.find(params[:id]) 9 @page = profile.articles.find(params[:id])
@@ -106,26 +108,10 @@ class CommentController < ApplicationController @@ -106,26 +108,10 @@ class CommentController < ApplicationController
106 end 108 end
107 109
108 def edit 110 def edit
109 - begin  
110 - @comment = profile.comments_received.find(params[:id])  
111 - raise ActiveRecord::RecordNotFound unless @comment.can_be_updated_by?(user) # Not reveal that the comment exists  
112 - rescue ActiveRecord::RecordNotFound  
113 - render_not_found  
114 - return  
115 - end  
116 -  
117 render :partial => "comment_form", :locals => {:comment => @comment, :display_link => params[:reply_of_id].present?, :edition_mode => true, :show_form => true} 111 render :partial => "comment_form", :locals => {:comment => @comment, :display_link => params[:reply_of_id].present?, :edition_mode => true, :show_form => true}
118 end 112 end
119 113
120 def update 114 def update
121 - begin  
122 - @comment = profile.comments_received.find(params[:id])  
123 - raise ActiveRecord::RecordNotFound unless @comment.can_be_updated_by?(user) # Not reveal that the comment exists  
124 - rescue ActiveRecord::RecordNotFound  
125 - render_not_found  
126 - return  
127 - end  
128 -  
129 if @comment.update_attributes(params[:comment]) 115 if @comment.update_attributes(params[:comment])
130 respond_to do |format| 116 respond_to do |format|
131 format.js do 117 format.js do
@@ -149,7 +135,7 @@ class CommentController < ApplicationController @@ -149,7 +135,7 @@ class CommentController < ApplicationController
149 end 135 end
150 end 136 end
151 end 137 end
152 - 138 +
153 def check_actions 139 def check_actions
154 comment = profile.comments_received.find(params[:id]) 140 comment = profile.comments_received.find(params[:id])
155 ids = @plugins.dispatch(:check_comment_actions, comment).collect do |action| 141 ids = @plugins.dispatch(:check_comment_actions, comment).collect do |action|
@@ -165,4 +151,14 @@ class CommentController < ApplicationController @@ -165,4 +151,14 @@ class CommentController < ApplicationController
165 end 151 end
166 helper_method :pass_without_comment_captcha? 152 helper_method :pass_without_comment_captcha?
167 153
  154 + def can_update?
  155 + begin
  156 + @comment = profile.comments_received.find(params[:id])
  157 + raise ActiveRecord::RecordNotFound unless @comment.can_be_updated_by?(user) # Not reveal that the comment exists
  158 + rescue ActiveRecord::RecordNotFound
  159 + render_not_found
  160 + return
  161 + end
  162 + end
  163 +
168 end 164 end