Added authorization + issues dashboard

app/assets/stylesheets/common.scss

@@ -2739,3 +2739,8 @@ input.richtext_title[type="text"] {
     display: none;
   }
 }
+
+.read-reports {
+  background: #eee;
+  opacity: 0.7;
+}

app/controllers/issues_controller.rb

@@ -1,6 +1,8 @@
 class IssuesController < ApplicationController
   layout "site"
 
+  before_action :authorize_web
+  before_action :check_permission, only: [:index, :show, :resolve,:open,:ignore]
   before_action :find_issue, only: [:show, :resolve, :reopen, :ignore]
 
   def index
@@ -71,6 +73,13 @@ class IssuesController < ApplicationController
       @issue = Issue.find(params[:id])
     end
 
+    def check_permission
+      unless @user.administrator?
+        flash[:error] = t("application.require_admin.not_an_admin")
+        redirect_to root_path
+      end
+    end
+
     def create_new_issue_params
       params.permit(:reportable_id, :reportable_type, :user_id)
     end
@@ -80,6 +89,6 @@ class IssuesController < ApplicationController
     end
 
     def report_params
-      params[:report].permit(:details)
+      params[:report].permit(:details, :user_id)
     end
 end

app/helpers/issues_helper.rb

@@ -1,2 +1,25 @@
 module IssuesHelper
+
+	def reportable_url(reportable)
+		class_name = reportable.class.name
+		case class_name
+		when "DiaryEntry"
+			link_to reportable.title,	:controller => reportable.class.name.underscore,
+																:action => :view,
+																:display_name => reportable.user.display_name,
+																:id => reportable.id
+		when "User"
+			link_to reportable.display_name,	:controller => reportable.class.name.underscore,
+																				:action => "view",
+																				:display_name => reportable.diary_entry.user.display_name
+		when "DiaryComment"
+			link_to "#{reportable.diary_entry.title} Comment id ##{reportable.id}",	:controller => reportable.diary_entry.class.name.underscore,
+					                                                                   	:action => :view,
+					                                                                   	:display_name => reportable.diary_entry.user.display_name,
+					                                                                   	:id => reportable.id
+
+		else
+			nil
+		end
+	end
 end

app/models/issue.rb

@@ -2,7 +2,7 @@ class Issue < ActiveRecord::Base
 	belongs_to :reportable, :polymorphic => true
 	has_many :reports
 	validates :reportable_id, :uniqueness => { :scope => [ :reportable_type ] }
-	belongs_to :user_id
+	belongs_to :user
 
 	# Check if more statuses are needed
 	enum status: %w( open ignored resolved )

app/models/user.rb

@@ -26,6 +26,9 @@ class User < ActiveRecord::Base
 
   has_many :roles, :class_name => "UserRole"
 
+  has_many :issues
+  has_many :reports
+
   scope :visible, -> { where(:status => %w(pending active confirmed)) }
   scope :active, -> { where(:status => %w(active confirmed)) }
   scope :identifiable, -> { where(:data_public => true) }

app/views/diary_entry/_diary_entry.html.erb

@@ -31,6 +31,8 @@
       <%= link_to t('diary_entry.diary_entry.edit_link'), :action => 'edit', :display_name => diary_entry.user.display_name, :id => diary_entry.id %>
     <% end %>
 
+      <li><%= link_to 'Report', new_issue_url(reportable_id: diary_entry.id, reportable_type: diary_entry.class.name, user: diary_entry.user.id) %></li>
+
     <%= if_administrator(:li) do %>
       <%= link_to t('diary_entry.diary_entry.hide_link'), hide_diary_entry_path(:display_name => diary_entry.user.display_name, :id => diary_entry.id), :method => :post, :data => { :confirm => t('diary_entry.diary_entry.confirm') } %>
     <% end %>

app/views/issues/_reports.html.erb

@@ -0,0 +1,11 @@
+<% reports.each do |report| %>
+	<div class="reports">
+		<div class="display:inline">
+			<%= user_thumbnail report.user %>
+			<%= report.details %>
+		</div>
+		<span class="deemphasize"><%= raw(t('Reported by:',:link_user => (link_to h(report.user.display_name), :controller => :user, :action => :view, :display_name => report.user.display_name), :comment_created_at => link_to(l(report.created_at,:format => :friendly)))) %>
+		on <%= l report.created_at.to_datetime, :format => :long %> </span>
+	</div>
+	<hr>
+<% end %>

app/views/issues/index.html.erb

@@ -1,2 +1,36 @@
-<h1>Issues#index</h1>
-<p>Find me in app/views/issues/index.html.erb</p>
+<p id= "notice"><%= notice %></p>
+
+<% content_for :heading do %>
+	<h1>List of existing Issues:</h1>
+<% end %>
+
+<table>
+	<thead>
+		<tr>
+			<tr>
+				<td style="text-align:center"><b> # </b> </td>
+				<td style="text-align:center"><b>Issue Type </b></td>
+				<td style="text-align:center"><b> Status </b></td>
+				<td style="text-align:center"><b> Number of Reports</b></td>
+				<td style="text-align:center"><b> Link to instance </b></td>
+				<td style="text-align:center"><b> Reported User </b></td>
+				<td style="text-align:center"></td>
+			</tr>
+		</tr>
+	</thead>
+	<tbody>
+		<% @issues.each do |issue| %>
+			<tr>
+				<td style="text-align:center">Issue #<%= issue.id %> </td>
+				<td style="text-align:center"> <%= issue.reportable_type %></td>
+				<td style="text-align:center"><span class="count-number"> <strong><%= issue.status %></strong></span> </td>
+				<td style="text-align:center"><%= issue.reports.count %></td>
+				<td style="text-align:center"> <%= reportable_url(issue.reportable) %></td>
+				<td style="text-align:center"><%= link_to issue.user.display_name , :controller => :user, :action => :view,:display_name => issue.user.display_name %></td>
+				<td style="text-align:center"><%= link_to "Show Issue", issue %></td>
+			</tr>
+		<% end %>
+	</tbody>
+</table>
+
+

app/views/issues/show.html.erb

@@ -1,2 +1,29 @@
-<h1>Issues#show</h1>
-<p>Find me in app/views/issues/show.html.erb</p>
+<% content_for :heading do %>
+	<h2> Issue #<%= @issue.id %> <br/> <span class="count-number">Status: <strong><%= @issue. status %></strong></span></h2>
+	<p>Issue against: <%= reportable_url(@issue.reportable) %></p>
+	<p>Issue type: <%= @issue.reportable_type %></p>
+	<p class="deemphasize">
+		<small>
+			<%= @issue.reports.count %> reports | First reported: <%= l @issue.created_at.to_date, :format => :long %> | <%= "Last resolved at #{l(@issue.resolved_at.to_datetime, :format =>:long)}" if @issue.resolved? %>
+		</small>
+	</p>
+	<p><%= link_to "Resolve", resolve_issue_url(@issue), :method => :post if @issue.may_resolve? %></p>
+	<p><%= link_to "Ignore", ignore_issue_url(@issue), :method => :post if @issue.may_ignore? %></p>
+	<p><%= link_to "Reopen", reopen_issue_url(@issue), :method => :post if @issue.may_reopen? %></p>
+<% end %>
+
+<h3>Reports under this issue:</h3>
+
+<% if @read_reports.present? %>
+	<div class="read-reports">
+		<h4>Read Reports:</h4>
+		<%= render 'reports',reports: @read_reports %>
+	</div>
+<% end %>	
+
+<% if @unread_reports.any? %>
+	<div class="unread-reports">
+		<h4>New Reports:</h4>
+		<%= render 'reports',reports: @unread_reports %>
+	</div>
+<% end %>	

config/locales/en-GB.yml

@@ -1675,6 +1675,8 @@ en-GB:
     require_cookies:
       cookies_needed: You appear to have cookies disabled - please enable cookies
         in your browser before continuing.
+    require_admin:
+      not_an_admin: You need to be an admin to perform that action.
     require_moderator:
       not_a_moderator: You need to be a moderator to perform that action.
     setup_user_auth:

config/locales/en.yml

@@ -1624,6 +1624,8 @@ en:
   application:
     require_cookies:
       cookies_needed: "You appear to have cookies disabled - please enable cookies in your browser before continuing."
+    require_admin:
+      not_an_admin: You need to be an admin to perform that action.
     require_moderator:
       not_a_moderator: "You need to be a moderator to perform that action."
     setup_user_auth: