cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merged 17256:18123 from trunk.

Browse source
This commit is contained in:
Tom Hughes 2009-10-13 20:06:24 +00:00
commit ef40b61ff4
231 changed files with 34089 additions and 18123 deletions
Download patch file Download diff file Expand all files Collapse all files

54
app/controllers/amf_controller.rb
View file

@ -178,6 +178,7 @@ class AmfController < ApplicationController
amf_handle_error("'startchangeset'",nil,nil) do
user = getuser(usertoken)
if !user then return -1,"You are not logged in, so Potlatch can't write any changes to the database." end
unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
# close previous changeset and add comment
if closeid
@ -221,23 +222,43 @@ class AmfController < ApplicationController
end
lang = request.compatible_language_from(getlocales)
(real_lang, localised) = getlocalized(lang)
begin
# if not, try the browser language
localised = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/localised/#{lang}/localised.yaml"))
rescue
# fall back to hardcoded English text
localised = ""
end
# Tell Potlatch what language it's using
localised["__potlatch_locale"] = real_lang
# Get help from i18n but delete it so we won't pass it around
# twice for nothing
help = localised["help_html"]
localised.delete("help_html")
begin
help = File.read("#{RAILS_ROOT}/config/potlatch/localised/#{lang}/help.html")
rescue
help = File.read("#{RAILS_ROOT}/config/potlatch/localised/en/help.html")
end
return POTLATCH_PRESETS+[localised,help]
end
def getlocalized(lang)
# What we end up actually using. Reported in Potlatch's created_by=* string
loaded_lang = 'en'
# Load English defaults
en = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/locales/en.yml"))["en"]
if lang == 'en'
return [real_lang, en]
else
# Use English as a fallback
begin
other = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/locales/#{lang}.yml"))[lang]
loaded_lang = lang
rescue
other = en
end
# We have to return a flat list and some of the keys won't be
# translated (probably)
return [loaded_lang, en.merge(other)]
end
end
##
# Find all the ways, POI nodes (i.e. not part of ways), and relations
# in a given bounding box. Nodes are returned in full; ways and relations
@ -460,7 +481,8 @@ class AmfController < ApplicationController
def findgpx(searchterm, usertoken)
amf_handle_error_with_timeout("'findgpx'" ,nil,nil) do
user = getuser(usertoken)
if !uid then return -1,"You must be logged in to search for GPX traces.",[] end
if !user then return -1,"You must be logged in to search for GPX traces.",[] end
unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked'),[] end
gpxs = []
if searchterm.to_i>0 then
@ -526,6 +548,7 @@ class AmfController < ApplicationController
amf_handle_error("'putrelation' #{relid}" ,'relation',relid) do
user = getuser(usertoken)
if !user then return -1,"You are not logged in, so the relation could not be saved." end
unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end
tags = strip_non_xml_chars tags
@ -613,6 +636,7 @@ class AmfController < ApplicationController
user = getuser(usertoken)
if !user then return -1,"You are not logged in, so the way could not be saved." end
unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
if pointlist.length < 2 then return -2,"Server error - way is only #{points.length} points long." end
if !tags_ok(attributes) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end
attributes = strip_non_xml_chars attributes
@ -717,6 +741,7 @@ class AmfController < ApplicationController
amf_handle_error("'putpoi' #{id}", 'node',id) do
user = getuser(usertoken)
if !user then return -1,"You are not logged in, so the point could not be saved." end
unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end
tags = strip_non_xml_chars tags
@ -799,6 +824,7 @@ class AmfController < ApplicationController
amf_handle_error("'deleteway' #{way_id}" ,'way',id) do
user = getuser(usertoken)
unless user then return -1,"You are not logged in, so the way could not be deleted." end
unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
way_id = way_id.to_i
nodeversions = {}
@ -871,7 +897,7 @@ class AmfController < ApplicationController
end
def getlocales
Dir.glob("#{RAILS_ROOT}/config/potlatch/localised/*").collect { |f| File.basename(f) }
Dir.glob("#{RAILS_ROOT}/config/potlatch/locales/*").collect { |f| File.basename(f, ".yml") }
end
##

19
app/controllers/application_controller.rb
View file

@ -39,6 +39,19 @@ class ApplicationController < ActionController::Base
end
end
##
# require the user to have cookies enabled in their browser
def require_cookies
if request.cookies["_osm_session"].to_s == ""
if params[:cookie_test].nil?
redirect_to params.merge(:cookie_test => "true")
return false
else
@notice = t 'application.require_cookies.cookies_needed'
end
end
end
# Utility methods to make the controller filter methods easier to read and write.
def require_allow_read_prefs
require_capability(:allow_read_prefs)
@ -78,6 +91,12 @@ class ApplicationController < ActionController::Base
@user = User.authenticate(:username => username, :password => passwd) # basic auth
end
end
# check if the user has been banned
unless @user.nil? or @user.active_blocks.empty?
# NOTE: need slightly more helpful message than this.
render :text => t('application.setup_user_auth.blocked'), :status => :forbidden
end
end
def authorize(realm='Web Password', errormessage="Couldn't authenticate you")

23
app/controllers/changeset_controller.rb
View file

@ -206,7 +206,7 @@ class ChangesetController < ApplicationController
# create the conditions that the user asked for. some or all of
# these may be nil.
conditions = conditions_bbox(params['bbox'])
conditions = cond_merge conditions, conditions_user(params['user'])
conditions = cond_merge conditions, conditions_user(params['user'], params['display_name'])
conditions = cond_merge conditions, conditions_time(params['time'])
conditions = cond_merge conditions, conditions_open(params['open'])
conditions = cond_merge conditions, conditions_closed(params['closed'])
@ -352,12 +352,23 @@ private
##
# restrict changesets to those by a particular user
def conditions_user(user)
unless user.nil?
# user input checking, we don't have any UIDs < 1
raise OSM::APIBadUserInput.new("invalid user ID") if user.to_i < 1
def conditions_user(user, name)
unless user.nil? and name.nil?
# shouldn't provide both name and UID
raise OSM::APIBadUserInput.new("provide either the user ID or display name, but not both") if user and name
# use either the name or the UID to find the user which we're selecting on.
u = if name.nil?
# user input checking, we don't have any UIDs < 1
raise OSM::APIBadUserInput.new("invalid user ID") if user.to_i < 1
u = User.find(user.to_i)
else
u = User.find_by_display_name(name)
end
# make sure we found a user
raise OSM::APINotFoundError.new if u.nil?
u = User.find(user.to_i)
# should be able to get changesets of public users only, or
# our own changesets regardless of public-ness.
unless u.data_public?

2
app/controllers/geocoder_controller.rb
View file

@ -77,7 +77,7 @@ class GeocoderController < ApplicationController
data = response.split(/\s*,\s+/) # lat,long,town,state,zip
@results.push({:lat => data[0], :lon => data[1],
:zoom => APP_CONFIG['postcode_zoom'],
:prefix => "#{data[2]}, #{data[3]}, ",
:prefix => "#{data[2]}, #{data[3]},",
:name => data[4]})
end

61
app/controllers/trace_controller.rb
View file

@ -11,7 +11,8 @@ class TraceController < ApplicationController
before_filter :check_api_writable, :only => [:api_create]
before_filter :require_allow_read_gpx, :only => [:api_details, :api_data]
before_filter :require_allow_write_gpx, :only => [:api_create]
around_filter :api_call_handle_error, :only => [:api_details, :api_data, :api_create]
# Counts and selects pages of GPX traces for various criteria (by user, tags, public etc.).
# target_user - if set, specifies the user to fetch traces for. if not set will fetch all traces
def list(target_user = nil, action = "list")
@ -128,8 +129,11 @@ class TraceController < ApplicationController
if params[:trace]
logger.info(params[:trace][:gpx_file].class.name)
if params[:trace][:gpx_file].respond_to?(:read)
do_create(params[:trace][:gpx_file], params[:trace][:tagstring],
params[:trace][:description], params[:trace][:visibility])
begin
do_create(params[:trace][:gpx_file], params[:trace][:tagstring],
params[:trace][:description], params[:trace][:visibility])
rescue
end
if @trace.id
logger.info("id is #{@trace.id}")
@ -293,12 +297,16 @@ class TraceController < ApplicationController
if request.post?
tags = params[:tags] || ""
description = params[:description] || ""
visibility = params[:visibility] || false
visibility = params[:visibility]
if params[:public] && !visibility
visibility = "public"
if visibility.nil?
if params[:public] && params[:public].to_i.nonzero?
visibility = "public"
else
visibility = "private"
end
end
if params[:file].respond_to?(:read)
do_create(params[:file], tags, description, visibility)
@ -341,20 +349,35 @@ private
:timestamp => Time.now.getutc
})
# Save the trace object
if @trace.save
# Rename the temporary file to the final name
FileUtils.mv(filename, @trace.trace_name)
Trace.transaction do
begin
# Save the trace object
@trace.save!
# Clear the inserted flag to make the import daemon load the trace
@trace.inserted = false
@trace.save!
else
# Remove the file as we have failed to update the database
FileUtils.rm_f(filename)
# Rename the temporary file to the final name
FileUtils.mv(filename, @trace.trace_name)
rescue Exception => ex
# Remove the file as we have failed to update the database
FileUtils.rm_f(filename)
# Pass the exception on
raise
end
begin
# Clear the inserted flag to make the import daemon load the trace
@trace.inserted = false
@trace.save!
rescue Exception => ex
# Remove the file as we have failed to update the database
FileUtils.rm_f(@trace.trace_name)
# Pass the exception on
raise
end
end
# Finally save the user's preferred previacy level
# Finally save the user's preferred privacy level
if pref = @user.preferences.find(:first, :conditions => {:k => "gps.trace.visibility"})
pref.v = visibility
pref.save

156
app/controllers/user_blocks_controller.rb Normal file
View file

@ -0,0 +1,156 @@
class UserBlocksController < ApplicationController
layout 'site'
before_filter :authorize_web
before_filter :set_locale
before_filter :require_user, :only => [:new, :create, :edit, :update, :revoke]
before_filter :require_moderator, :only => [:create, :update, :revoke]
before_filter :lookup_this_user, :only => [:new, :create, :blocks_on, :blocks_by]
before_filter :lookup_user_block, :only => [:show, :edit, :update, :revoke]
before_filter :require_valid_params, :only => [:create, :update]
before_filter :check_database_readable
before_filter :check_database_writable, :only => [:create, :update, :revoke]
def index
@user_blocks_pages, @user_blocks = paginate(:user_blocks,
:include => [:user, :creator, :revoker],
:order => "user_blocks.ends_at DESC",
:per_page => 20)
end
def show
if @user and @user.id == @user_block.user_id
@user_block.needs_view = false
@user_block.save!
end
end
def new
@user_block = UserBlock.new
end
def edit
params[:user_block_period] = ((@user_block.ends_at - Time.now.getutc) / 1.hour).ceil.to_s
end
def create
unless @valid_params
redirect_to :action => "new"
return
end
@user_block = UserBlock.new(:user_id => @this_user.id,
:creator_id => @user.id,
:reason => params[:user_block][:reason],
:ends_at => Time.now.getutc() + @block_period.hours,
:needs_view => params[:user_block][:needs_view])
if @user_block.save
flash[:notice] = t('user_block.create.flash', :name => @this_user.display_name)
redirect_to @user_block
else
render :action => "new"
end
end
def update
unless @valid_params
redirect_to :action => "edit"
return
end
if @user_block.creator_id != @user.id
flash[:notice] = t('user_block.update.only_creator_can_edit')
redirect_to :action => "edit"
return
end
if @user_block.update_attributes({ :ends_at => Time.now.getutc() + @block_period.hours,
:reason => params[:user_block][:reason],
:needs_view => params[:user_block][:needs_view] })
flash[:notice] = t('user_block.update.success')
redirect_to(@user_block)
else
render :action => "edit"
end
end
##
# revokes the block, setting the end_time to now
def revoke
if params[:confirm]
if @user_block.revoke! @user
flash[:notice] = t'user_block.revoke.flash'
redirect_to(@user_block)
end
end
end
##
# shows a list of all the blocks on the given user
def blocks_on
@user_blocks_pages, @user_blocks = paginate(:user_blocks,
:include => [:user, :creator, :revoker],
:conditions => {:user_id => @this_user.id},
:order => "user_blocks.ends_at DESC",
:per_page => 20)
end
##
# shows a list of all the blocks by the given user.
def blocks_by
@user_blocks_pages, @user_blocks = paginate(:user_blocks,
:include => [:user, :creator, :revoker],
:conditions => {:creator_id => @this_user.id},
:order => "user_blocks.ends_at DESC",
:per_page => 20)
end
private
##
# require that the user is a moderator, or fill out a helpful error message
# and return them to the blocks index.
def require_moderator
unless @user.moderator?
flash[:notice] = t('user_block.filter.not_a_moderator')
redirect_to :action => 'index'
end
end
##
# ensure that there is a "this_user" instance variable
def lookup_this_user
@this_user = User.find_by_display_name(params[:display_name])
rescue ActiveRecord::RecordNotFound
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name] unless @this_user
end
##
# ensure that there is a "user_block" instance variable
def lookup_user_block
@user_block = UserBlock.find(params[:id])
rescue ActiveRecord::RecordNotFound
render :action => "not_found", :status => :not_found
end
##
# check that the input parameters are valid, setting an instance
# variable if not. note that this doesn't do any redirection, as it's
# called before two different actions, each of which should redirect
# to a different place.
def require_valid_params
@block_period = params[:user_block_period].to_i
@valid_params = false
if !UserBlock::PERIODS.include?(@block_period)
flash[:notice] = t('user_block.filter.block_period')
elsif @user_block and !@user_block.active?
flash[:notice] = t('user_block.filter.block_expired')
else
@valid_params = true
end
end
end

113
app/controllers/user_controller.rb
View file

@ -1,5 +1,5 @@
class UserController < ApplicationController
layout 'site'
layout 'site', :except => :api_details
before_filter :authorize, :only => [:api_details, :api_gpx_files]
before_filter :authorize_web, :except => [:api_details, :api_gpx_files]
@ -10,6 +10,9 @@ class UserController < ApplicationController
before_filter :check_api_readable, :only => [:api_details, :api_gpx_files]
before_filter :require_allow_read_prefs, :only => [:api_details]
before_filter :require_allow_read_gpx, :only => [:api_gpx_files]
before_filter :require_cookies, :only => [:login, :confirm]
before_filter :require_administrator, :only => [:activate, :deactivate, :hide, :unhide, :delete]
before_filter :lookup_this_user, :only => [:activate, :deactivate, :hide, :unhide, :delete]
filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation
@ -142,9 +145,28 @@ class UserController < ApplicationController
end
def login
if params[:user] and session[:user].nil?
email_or_display_name = params[:user][:email]
pass = params[:user][:password]
user = User.authenticate(:username => email_or_display_name, :password => pass)
if user
session[:user] = user.id
elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true)
@notice = t 'user.login.account not active'
else
@notice = t 'user.login.auth failure'
end
end
if session[:user]
# The user is logged in already, if the referer param exists, redirect them to that
if params[:referer]
# The user is logged in, if the referer param exists, redirect them to that
# unless they've also got a block on them, in which case redirect them to
# the block so they can clear it.
user = User.find(session[:user])
block = user.blocked_on_view
if block
redirect_to block, :referrer => params[:referrer]
elsif params[:referer]
redirect_to params[:referer]
else
redirect_to :controller => 'site', :action => 'index'
@ -153,25 +175,6 @@ class UserController < ApplicationController
end
@title = t 'user.login.title'
if params[:user]
email_or_display_name = params[:user][:email]
pass = params[:user][:password]
user = User.authenticate(:username => email_or_display_name, :password => pass)
if user
session[:user] = user.id
if params[:referer]
redirect_to params[:referer]
else
redirect_to :controller => 'site', :action => 'index'
end
return
elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true)
@notice = t 'user.login.account not active'
else
@notice = t 'user.login.auth failure'
end
end
end
def logout
@ -245,10 +248,6 @@ class UserController < ApplicationController
redirect_to :controller => 'user', :action => 'view', :display_name => @user.display_name
end
def api_details
render :text => @user.to_xml.to_s, :content_type => "text/xml"
end
def api_gpx_files
doc = OSM::API.new.get_xml_doc
@user.traces.each do |trace|
@ -258,9 +257,10 @@ class UserController < ApplicationController
end
def view
@this_user = User.find_by_display_name(params[:display_name], :conditions => {:visible => true})
@this_user = User.find_by_display_name(params[:display_name])
if @this_user
if @this_user and
(@this_user.visible? or (@user and @user.administrator?))
@title = @this_user.display_name
else
@title = t 'user.no_such_user.title'
@ -270,7 +270,7 @@ class UserController < ApplicationController
end
def make_friend
if params[:display_name]
if params[:display_name]
name = params[:display_name]
new_friend = User.find_by_display_name(name, :conditions => {:visible => true})
friend = Friend.new
@ -292,7 +292,7 @@ class UserController < ApplicationController
end
def remove_friend
if params[:display_name]
if params[:display_name]
name = params[:display_name]
friend = User.find_by_display_name(name, :conditions => {:visible => true})
if @user.is_friends_with?(friend)
@ -305,4 +305,57 @@ class UserController < ApplicationController
redirect_to :controller => 'user', :action => 'view'
end
end
##
# activate a user, allowing them to log in
def activate
@this_user.update_attributes(:active => true)
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
##
# deactivate a user, preventing them from logging in
def deactivate
@this_user.update_attributes(:active => false)
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
##
# hide a user, marking them as logically deleted
def hide
@this_user.update_attributes(:visible => false)
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
##
# unhide a user, clearing the logically deleted flag
def unhide
@this_user.update_attributes(:visible => true)
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
##
# delete a user, marking them as deleted and removing personal data
def delete
@this_user.delete
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
private
##
# require that the user is a administrator, or fill out a helpful error message
# and return them to the user page.
def require_administrator
unless @user.administrator?
flash[:notice] = t('user.filter.not_an_administrator')
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
end
##
# ensure that there is a "this_user" instance variable
def lookup_this_user
@this_user = User.find_by_display_name(params[:display_name])
rescue ActiveRecord::RecordNotFound
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name] unless @this_user
end
end

83
app/controllers/user_roles_controller.rb Normal file
View file

@ -0,0 +1,83 @@
class UserRolesController < ApplicationController
layout 'site'
before_filter :authorize_web
before_filter :require_user
before_filter :lookup_this_user
before_filter :require_administrator
before_filter :require_valid_role
before_filter :not_in_role, :only => [:grant]
before_filter :in_role, :only => [:revoke]
around_filter :setup_nonce
def grant
@this_user.roles.create(:role => @role, :granter_id => @user.id)
redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
end
def revoke
UserRole.delete_all({:user_id => @this_user.id, :role => @role})
redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
end
private
def require_administrator
unless @user.administrator?
flash[:notice] = t'user_role.filter.not_an_administrator'
redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
end
end
##
# ensure that there is a "this_user" instance variable
def lookup_this_user
@this_user = User.find_by_display_name(params[:display_name])
rescue ActiveRecord::RecordNotFound
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name] unless @this_user
end
##
# the random nonce here which isn't predictable, making an CSRF
# procedure much, much more difficult. setup the nonce. if the given
# nonce matches the session nonce then yield into the actual method.
# otherwise, just sets up the nonce for the form.
def setup_nonce
if params[:nonce] and params[:nonce] == session[:nonce]
@nonce = params[:nonce]
yield
else
@nonce = OAuth::Helper.generate_nonce
session[:nonce] = @nonce
render
end
end
##
# require that the given role is valid. the role is a URL
# parameter, so should always be present.
def require_valid_role
@role = params[:role]
unless UserRole::ALL_ROLES.include?(@role)
flash[:notice] = t('user_role.filter.not_a_role', :role => @role)
redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
end
end
##
# checks that the user doesn't already have this role
def not_in_role
if @this_user.has_role? @role
flash[:notice] = t('user_role.filter.already_has_role', :role => @role)
redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
end
end
##
# checks that the user already has this role
def in_role
unless @this_user.has_role? @role
flash[:notice] = t('user_role.filter.doesnt_have_role', :role => @role)
redirect_to :controller => 'user', :action => 'view', :display_name => @this_user.display_name
end
end
end

2
app/controllers/way_controller.rb
View file

@ -67,7 +67,7 @@ class WayController < ApplicationController
user_display_name_cache = {}
doc = OSM::API.new.get_xml_doc
way.nodes.each do |node|
way.nodes.uniq.each do |node|
if node.visible
doc.root << node.to_xml_node(changeset_cache, user_display_name_cache)
end

28
app/helpers/application_helper.rb
View file

@ -10,4 +10,32 @@ module ApplicationHelper
def atom_link_to(*args)
return link_to(image_tag("RSS.gif", :size => "16x16", :border => 0), Hash[*args], { :class => "rsssmall" });
end
def javascript_strings
js = ""
js << "<script type='text/javascript'>\n"
js << "i18n_strings = new Array();\n"
js << javascript_strings_for_key("javascripts")
js << "</script>\n"
return js
end
private
def javascript_strings_for_key(key)
js = ""
value = t(key, :locale => "en")
if value.is_a?(String)
js << "i18n_strings['#{key}'] = '" << escape_javascript(t(key)) << "';\n"
else
value.each_key do |k|
js << javascript_strings_for_key("#{key}.#{k}")
end
end
return js
end
end

4
app/helpers/browse_helper.rb
View file

@ -8,7 +8,9 @@ module BrowseHelper
if version
name = t 'printable_name.with_version', :id => name, :version => object.version.to_s
end
if object.tags.include? 'name'
if object.tags.include? "name:#{I18n.locale}"
name = t 'printable_name.with_name', :name => object.tags["name:#{I18n.locale}"].to_s, :id => name
elsif object.tags.include? 'name'
name = t 'printable_name.with_name', :name => object.tags['name'].to_s, :id => name
end
return name

1
app/helpers/geocoder_helper.rb
View file

@ -5,6 +5,7 @@ module GeocoderHelper
html_options[:href] = "?mlat=#{result[:lat]}&mlon=#{result[:lon]}&zoom=#{result[:zoom]}"
html = ""
html << result[:prefix] if result[:prefix]
html << " " if result[:prefix] and result[:name]
html << link_to_function(result[:name],"setPosition(#{result[:lat]}, #{result[:lon]}, #{result[:zoom]})", html_options) if result[:name]
html << result[:suffix] if result[:suffix]
return html

20
app/helpers/user_blocks_helper.rb Normal file
View file

@ -0,0 +1,20 @@
module UserBlocksHelper
##
# returns a translated string representing the status of the
# user block (i.e: whether it's active, what the expiry time is)
def block_status(block)
if block.active?
if block.needs_view?
I18n.t('user_block.helper.until_login')
else
I18n.t('user_block.helper.time_future', :time => distance_of_time_in_words_to_now(block.ends_at))
end
else
# the max of the last update time or the ends_at time is when this block finished
# either because the user viewed the block (updated_at) or it expired or was
# revoked (ends_at)
last_time = [block.ends_at, block.updated_at].max
I18n.t('user_block.helper.time_past', :time => distance_of_time_in_words_to_now(last_time))
end
end
end

16
app/models/language.rb
View file

@ -3,6 +3,22 @@ class Language < ActiveRecord::Base
has_many :diary_entries, :foreign_key => 'language'
def self.load(file)
Language.transaction do
YAML.load(File.read(file)).each do |k,v|
begin
Language.update(k, :english_name => v["english"], :native_name => v["native"])
rescue ActiveRecord::RecordNotFound
Language.create do |l|
l.code = k
l.english_name = v["english"]
l.native_name = v["native"]
end
end
end
end
end
def name
name = english_name
name += " (#{native_name})" unless native_name.nil?

2
app/models/trace.rb
View file

@ -26,7 +26,7 @@ class Trace < ActiveRecord::Base
def tagstring=(s)
if s.include? ','
self.tags = s.split(/\s*,\s*/).collect {|tag|
self.tags = s.split(/\s*,\s*/).select {|tag| tag !~ /^\s*$/}.collect {|tag|
tt = Tracetag.new
tt.tag = tag
tt

30
app/models/user.rb
View file

@ -14,6 +14,9 @@ class User < ActiveRecord::Base
has_many :client_applications
has_many :oauth_tokens, :class_name => "OauthToken", :order => "authorized_at desc", :include => [:client_application]
has_many :active_blocks, :class_name => "UserBlock", :conditions => ['user_blocks.ends_at > \'#{Time.now.getutc.xmlschema(5)}\' or user_blocks.needs_view']
has_many :roles, :class_name => "UserRole"
validates_presence_of :email, :display_name
validates_confirmation_of :email#, :message => ' addresses must match'
validates_confirmation_of :pass_crypt#, :message => ' must match the confirmation password'
@ -33,7 +36,7 @@ class User < ActiveRecord::Base
file_column :image, :magick => { :geometry => "100x100>" }
def after_initialize
self.creation_time = Time.now.getutc if self.creation_time.nil?
self.creation_time = Time.now.getutc unless self.attribute_present?(:creation_time)
end
def encrypt_password
@ -125,6 +128,31 @@ class User < ActiveRecord::Base
return false
end
##
# returns true if the user has the moderator role, false otherwise
def moderator?
has_role? 'moderator'
end
##
# returns true if the user has the administrator role, false otherwise
def administrator?
has_role? 'administrator'
end
##
# returns true if the user has the requested role
def has_role?(role)
roles.any? { |r| r.role == role }
end
##
# returns the first active block which would require users to view
# a message, or nil if there are none.
def blocked_on_view
active_blocks.detect { |b| b.needs_view? }
end
def delete
self.active = false
self.display_name = "user_#{self.id}"

35
app/models/user_block.rb Normal file
View file

@ -0,0 +1,35 @@
class UserBlock < ActiveRecord::Base
validate :moderator_permissions
belongs_to :user, :class_name => "User", :foreign_key => :user_id
belongs_to :creator, :class_name => "User", :foreign_key => :creator_id
belongs_to :revoker, :class_name => "User", :foreign_key => :revoker_id
PERIODS = APP_CONFIG['user_block_periods']
##
# returns true if the block is currently active (i.e: the user can't
# use the API).
def active?
needs_view or ends_at > Time.now.getutc
end
##
# revokes the block, allowing the user to use the API again. the argument
# is the user object who is revoking the ban.
def revoke!(revoker)
update_attributes({ :ends_at => Time.now.getutc(),
:revoker_id => revoker.id,
:needs_view => false })
end
private
##
# validate that only moderators are allowed to change the
# block. this should be caught and dealt with in the controller,
# but i've also included it here just in case.
def moderator_permissions
errors.add_to_base(I18n.t('user_block.model.non_moderator_update')) if creator_id_changed? and !creator.moderator?
errors.add_to_base(I18n.t('user_block.model.non_moderator_revoke')) unless revoker_id.nil? or revoker.moderator?
end
end

8
app/models/user_role.rb Normal file
View file

@ -0,0 +1,8 @@
class UserRole < ActiveRecord::Base
belongs_to :user
ALL_ROLES = ['administrator', 'moderator']
validates_inclusion_of :role, :in => ALL_ROLES
validates_uniqueness_of :role, :scope => :user_id
end

7
app/views/browse/_common_details.html.erb
View file

@ -20,4 +20,11 @@
<td><%= link_to common_details.changeset_id, :action => :changeset, :id => common_details.changeset_id %></td>
</tr>
<% if common_details.changeset.tags['comment'] %>
<tr>
<th><%= t 'browse.common_details.changeset_comment' %></th>
<td><%= auto_link(h(common_details.changeset.tags['comment'])) %></td>
</tr>
<% end %>
<%= render :partial => "tag_details", :object => common_details %>

2
app/views/browse/_tag.html.erb
View file

@ -1,3 +1,3 @@
<tr>
<td><%= h(tag[0]) %> = <%= sanitize(auto_link(tag[1])) %></td>
<td><%= h(tag[0]) %> = <%= auto_link(h(tag[1])) %></td>
</tr>

1
app/views/browse/not_found.html.erb
View file

@ -3,6 +3,7 @@
'node' => I18n.t('browse.not_found.type.node'),
'way' => I18n.t('browse.not_found.type.way'),
'relation' => I18n.t('browse.not_found.type.relation'),
'changeset' => I18n.t('browse.not_found.type.changeset'),
};
%>
<p><%= t'browse.not_found.sorry', :type=> browse_not_found_type[@type] , :id => params[:id] %></p>

20
app/views/browse/start.rjs
View file

@ -262,7 +262,7 @@ page << <<EOJ
// Link, for viewing in the tab
var link = document.createElement("a");
link.href = "/browse/" + type + "/" + feature.osm_id;
var name = feature.attributes.name || feature.osm_id;
var name = featureName(feature);
link.appendChild(document.createTextNode(name));
link.feature = feature;
link.onclick = OpenLayers.Function.bind(viewFeatureLink, link);
@ -466,8 +466,20 @@ page << <<EOJ
}
}
function featureName(feature) {
if (feature.attributes['name:#{I18n.locale}']) {
return feature.attributes['name:#{I18n.locale}'];
} else if (feature.attributes.name) {
return feature.attributes.name;
} else {
return feature.osm_id;
}
}
function featureNameSelect(feature) {
if (feature.attributes.name) {
if (feature.attributes['name:#{I18n.locale}']) {
return feature.attributes['name:#{I18n.locale}'];
} else if (feature.attributes.name) {
return feature.attributes.name;
} else if (featureType(feature) == "node") {
return i18n("#{I18n.t('browse.start_rjs.object_list.selected.type.node')}", { id: feature.osm_id });
@ -477,7 +489,9 @@ page << <<EOJ
}
function featureNameHistory(feature) {
if (feature.attributes.name) {
if (feature.attributes['name:#{I18n.locale}']) {
return feature.attributes['name:#{I18n.locale}'];
} else if (feature.attributes.name) {
return feature.attributes.name;
} else if (featureType(feature) == "node") {
return i18n("#{I18n.t('browse.start_rjs.object_list.history.type.node')}", { id: feature.osm_id });

4
app/views/changeset/_changeset.html.erb
View file

@ -12,7 +12,7 @@
<td class="<%= cl %> date">
<% if changeset.closed_at > DateTime.now %> <%= t'changeset.changeset.still_editing' %>
<% else %><%= l changeset.closed_at, :format => :short %><% end %>
<% else %><%= l changeset.closed_at, :format => :long %><% end %>
</td>
@ -28,7 +28,7 @@
<td class="<%= cl %> comment">
<% if changeset.tags['comment'] %>
<%= h(changeset.tags['comment']) %>
<%= auto_link(h(changeset.tags['comment'])) %>
<% else %>
<%= t'changeset.changeset.no_comment' %>
<% end %>

4
app/views/changeset/_changeset_paging_nav.html.erb
View file

@ -7,5 +7,7 @@ if (current_page.first_item < current_page.last_item) # if more than 1 changeset
%>-<%= current_page.last_item %><%
end %>
<%= t'changeset.changeset_paging_nav.of'%> <%= @edit_pages.item_count %>)
| <%= pagination_links_each(@edit_pages, {}) { |n| link_to(n, params.merge({ :page => n })) } %>
<% if @edit_pages.page_count > 1 %>
| <%= pagination_links_each(@edit_pages, {}) { |n| link_to(n, params.merge({ :page => n })) } %>
<% end %>
</p>

2
app/views/changeset/list.atom.builder
View file

@ -68,7 +68,7 @@ atom_feed(:language => I18n.locale, :schema_date => 2009,
td.table :cellpadding => "0" do |table|
changeset.tags.sort.each do |tag|
table.tr do |tr|
tr.td "#{h(tag[0])} = #{sanitize(auto_link(tag[1]))}"
tr.td << "#{h(tag[0])} = #{auto_link(h(tag[1]))}"
end
end
end

1
app/views/layouts/site.html.erb
View file

@ -2,6 +2,7 @@
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<%= I18n.locale %>" lang="<%= I18n.locale %>" dir="<%= t'html.dir' %>">
<head>
<meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0"/>
<%= javascript_strings %>
<%= javascript_include_tag 'prototype' %>
<%= javascript_include_tag 'site' %>
<!--[if lt IE 7]><%= javascript_include_tag 'pngfix' %><![endif]--> <!-- thanks, microsoft! -->

2
app/views/message/new.html.erb
View file

@ -1,4 +1,4 @@
<h2><%= t'message.new.send_message_to', :name => h(@to_user.display_name) %></h2>
<h2><%= t'message.new.send_message_to', :name => link_to(h(@to_user.display_name), {:controller => 'user', :action => 'view', :display_name => @to_user.display_name}) %></h2>
<%= error_messages_for 'message' %>

2
app/views/message/outbox.html.erb
View file

@ -1,6 +1,6 @@
<h2><%= t'message.outbox.my_inbox', :inbox_link => link_to(t('message.outbox.inbox'), url_for(:controller => "user", :action => "inbox", :id => @user.display_name)) %>/<%= t'message.outbox.outbox' %></h2>
<p><%= t'message.outbox.you_have_sent_messages', :sent_count => @user.sent_messages.size %>
<p><%= t'message.outbox.you_have_sent_messages', :count => @user.sent_messages.size %>
<% if @user.sent_messages.size > 0 %>
<div id="messages">

9
app/views/site/edit.html.erb
View file

@ -65,7 +65,7 @@ zoom='14' if zoom.nil?
window.onbeforeunload=function() {
if (!changesaved) {
return "<%= t 'site.edit.potlatch_unsaved_changes' %>";
return '<%= escape_javascript(t('site.edit.potlatch_unsaved_changes')) %>';
}
}
@ -78,9 +78,10 @@ zoom='14' if zoom.nil?
fo.addVariable('token','<%= session[:token] %>');
if (lat) { fo.addVariable('lat',lat); }
if (lon) { fo.addVariable('long',lon); }
<% if params['gpx'] %>fo.addVariable('gpx' ,'<%= h(params['gpx'] ) %>');<% end %>
<% if params['way'] %>fo.addVariable('way' ,'<%= h(params['way'] ) %>');<% end %>
<% if params['node'] %>fo.addVariable('node','<%= h(params['node']) %>');<% end %>
<% if params['gpx'] %>fo.addVariable('gpx' ,'<%= h(params['gpx'] ) %>');<% end %>
<% if params['way'] %>fo.addVariable('way' ,'<%= h(params['way'] ) %>');<% end %>
<% if params['node'] %>fo.addVariable('node' ,'<%= h(params['node'] ) %>');<% end %>
<% if params['tileurl'] %>fo.addVariable('custombg','<%= h(params['tileurl']) %>');<% end %>
fo.write("map");
}

2
app/views/user/_friend_map.html.erb
View file

@ -54,7 +54,7 @@
near_icon.url = OpenLayers.Util.getImagesLocation() + "marker-green.png";;
var i = nearest.length;
while( i-- ) {
var description = '<%= t 'user.friend_map.nearby mapper'%><a href="/user/'+nearest[i].display_name+'">'+nearest[i].display_name+'</a>'
var description = i18n('<%= t 'user.friend_map.nearby mapper'%>', { nearby_user: '<a href="/user/'+nearest[i].display_name+'">'+nearest[i].display_name+'</a>' });
var nearmarker = addMarkerToMap(new OpenLayers.LonLat(nearest[i].home_lon, nearest[i].home_lat), near_icon.clone(), description);
}

23
app/views/user/api_details.builder Normal file
View file

@ -0,0 +1,23 @@
xml.instruct! :xml, :version => "1.0"
xml.osm("version" => API_VERSION, "generator" => GENERATOR) do
xml.tag! "user", :id => @user.id,
:display_name => @user.display_name,
:account_created => @user.creation_time.xmlschema do
if @user.description
xml.tag! "description", @user.description
end
if @user.home_lat and @user.home_lon
xml.tag! "home", :lat => @user.home_lat,
:lon => @user.home_lon,
:zoom => @user.home_zoom
end
if @user.image
xml.tag! "img", :href => (url_for_file_column(@user, "image", :absolute => true))
end
if @user.languages
xml.tag! "languages" do
@user.languages.split(",") { |lang| xml.tag! "lang", lang }
end
end
end
end

49
app/views/user/view.html.erb
View file

@ -1,4 +1,15 @@
<h2><%= h(@this_user.display_name) %></h2>
<h2><%= h(@this_user.display_name) %>
<% UserRole::ALL_ROLES.each do |role| %>
<% if @user and @user.administrator? %>
<% if @this_user.has_role? role %>
<%= link_to(image_tag("roles/#{role}.png", :size => "20x20", :border => 0, :alt => t("user.view.role.revoke.#{role}"), :title => t("user.view.role.revoke.#{role}")), :controller => 'user_roles', :action => 'revoke', :display_name => @this_user.display_name, :role => role) %>
<% else %>
<%= link_to(image_tag("roles/blank_#{role}.png", :size => "20x20", :border => 0, :alt => t("user.view.role.grant.#{role}"), :title => t("user.view.role.grant.#{role}")), :controller => 'user_roles', :action => 'grant', :display_name => @this_user.display_name, :role => role) %>
<% end %>
<% elsif @this_user.has_role? role %>
<%= image_tag("roles/#{role}.png", :size => "20x20", :border => 0, :alt => t("user.view.role.#{role}"), :title => t("user.view.role.#{role}")) %>
<% end %>
<% end %></h2>
<div id="userinformation">
<% if @user and @this_user.id == @user.id %>
<!-- Displaying user's own profile page -->
@ -7,6 +18,10 @@
| <%= link_to t('user.view.my edits'), :controller => 'changeset', :action => 'list', :display_name => @user.display_name %>
| <%= link_to t('user.view.my traces'), :controller => 'trace', :action=>'mine' %>
| <%= link_to t('user.view.my settings'), :controller => 'user', :action => 'account', :display_name => @user.display_name %>
| <%= link_to t('user.view.blocks on me'), :controller => 'user_blocks', :action => 'blocks_on', :display_name => @user.display_name %>
<% if @user and @user.moderator? %>
| <%= link_to t('user.view.blocks by me'), :controller => 'user_blocks', :action => 'blocks_by', :display_name => @user.display_name %>
<% end %>
<% else %>
<!-- Displaying another user's profile page -->
<%= link_to t('user.view.send message'), :controller => 'message', :action => 'new', :display_name => @this_user.display_name %>
@ -18,15 +33,37 @@
<% else %>
<%= link_to t('user.view.add as friend'), :controller => 'user', :action => 'make_friend', :display_name => @this_user.display_name %>
<% end %>
| <%= link_to t('user.view.block_history'), :controller => 'user_blocks', :action => 'blocks_on', :display_name => @this_user.display_name %>
<% if @this_user.moderator? %>
| <%= link_to t('user.view.moderator_history'), :controller => 'user_blocks', :action => 'blocks_by', :display_name => @this_user.display_name %>
<% end %>
<% if @user and @user.moderator? %>
| <%= link_to t('user.view.create_block'), :controller => 'user_blocks', :action => 'new', :display_name => @this_user.display_name %>
<% end %>
<% end %>
<% if @user and @user.administrator? %>
<br/>
<% if @this_user.active? %>
<%= link_to t('user.view.deactivate_user'), {:controller => 'user', :action => 'deactivate', :display_name => @this_user.display_name}, {:confirm => t('user.view.confirm')} %>
<% else %>
<%= link_to t('user.view.activate_user'), {:controller => 'user', :action => 'activate', :display_name => @this_user.display_name}, {:confirm => t('user.view.confirm')} %>
<% end %>
<% if @this_user.visible? %>
| <%= link_to t('user.view.hide_user'), {:controller => 'user', :action => 'hide', :display_name => @this_user.display_name}, {:confirm => t('user.view.confirm')} %>
| <%= link_to t('user.view.delete_user'), {:controller => 'user', :action => 'delete', :display_name => @this_user.display_name}, {:confirm => t('user.view.confirm')} %>
<% else %>
| <%= link_to t('user.view.unhide_user'), {:controller => 'user', :action => 'unhide', :display_name => @this_user.display_name}, {:confirm => t('user.view.confirm')} %>
<% end %>
<% end %>
</div>
<% if @this_user != nil %>
<P>
<b><%= t 'user.view.mapper since' %></b><%= l @this_user.creation_time %> <%= t 'user.view.ago', :time_in_words_ago => time_ago_in_words(@this_user.creation_time) %>
</P>
<p><b><%= t 'user.view.mapper since' %></b> <%= l @this_user.creation_time %> <%= t 'user.view.ago', :time_in_words_ago => time_ago_in_words(@this_user.creation_time) %></p>
<% if @user and @user.administrator? %>
<p><b><%= t 'user.view.email address' %></b> <%= @this_user.email %></p>
<p><b><%= t 'user.view.created from' %></b> <%= @this_user.creation_ip %></p>
<% end %>
<h3><%= t 'user.view.user image heading' %></h3>
<% if @this_user.image %>
<%= image_tag url_for_file_column(@this_user, "image") %>

24
app/views/user_blocks/_block.html.erb Normal file
View file

@ -0,0 +1,24 @@
<tr>
<% c1 = cycle('table0', 'table1') %>
<% if show_user_name %>
<td class="<%= c1 %>"><%= link_to h(block.user.display_name), :controller => 'user', :action => 'view', :display_name => block.user.display_name %></td>
<% end %>
<% if show_creator_name %>
<td class="<%= c1 %>"><%= link_to h(block.creator.display_name), :controller => 'user', :action => 'view', :display_name => block.creator.display_name %></td>
<% end %>
<td class="<%= c1 %>"><%=h truncate(block.reason) %></td>
<td class="<%= c1 %>"><%=h block_status(block) %></td>
<td class="<%= c1 %>">
<% if block.revoker_id.nil? %>
<%= t('user_block.partial.not_revoked') %>
<% else %>
<%= link_to h(block.revoker.display_name), :controller => 'user', :action => 'view', :display_name => block.revoker.display_name %>
<% end %>
</td>
<td class="<%= c1 %>"><%= link_to t('user_block.partial.show'), block %></td>
<td class="<%= c1 %>"><% if @user and @user.id == block.creator_id and block.active? %><%= link_to t('user_block.partial.edit'), edit_user_block_path(block) %><% end %></td>
<% if show_revoke_link %>
<td class="<%= c1 %>"><% if block.active? %><%= link_to t('user_block.partial.revoke'), block, :confirm => t('user_block.partial.confirm'), :action => :revoke %><% end %></td>
<% end %>
</tr>

19
app/views/user_blocks/_blocks.html.erb Normal file
View file

@ -0,0 +1,19 @@
<table id="block_list" cellpadding="3">
<tr>
<% if show_user_name %>
<th><%= t'user_block.partial.display_name' %></th>
<% end %>
<% if show_creator_name %>
<th><%= t'user_block.partial.creator_name' %></th>
<% end %>
<th><%= t'user_block.partial.reason' %></th>
<th><%= t'user_block.partial.status' %></th>
<th><%= t'user_block.partial.revoker_name' %></th>
<th></th>
<th></th>
<% if show_revoke_link %>
<th></th>
<% end %>
</tr>
<%= render :partial => 'block', :locals => {:show_revoke_link => show_revoke_link, :show_user_name => show_user_name, :show_creator_name => show_creator_name }, :collection => @user_blocks %>
</table>

8
app/views/user_blocks/blocks_by.html.erb Normal file
View file

@ -0,0 +1,8 @@
<% @title = t('user_block.blocks_by.title', :name => h(@this_user.display_name)) %>
<h1><%= t('user_block.blocks_by.heading', :name => link_to(h(@this_user.display_name), {:controller => 'user', :action => 'view', :display_name => @this_user.display_name})) %></h1>
<% unless @user_blocks.empty? %>
<%= render :partial => 'blocks', :locals => { :show_revoke_link => (@user and @user.moderator?), :show_user_name => true, :show_creator_name => false } %>
<% else %>
<p><%= t "user_block.blocks_by.empty", :name => h(@this_user.display_name) %></p>
<% end %>

8
app/views/user_blocks/blocks_on.html.erb Normal file
View file

@ -0,0 +1,8 @@
<% @title = t('user_block.blocks_on.title', :name => h(@this_user.display_name)) %>
<h1><%= t('user_block.blocks_on.heading', :name => link_to(h(@this_user.display_name), {:controller => 'user', :action => 'view', :display_name => @this_user.display_name})) %></h1>
<% unless @user_blocks.empty? %>
<%= render :partial => 'blocks', :locals => { :show_revoke_link => (@user and @user.moderator?), :show_user_name => false, :show_creator_name => true } %>
<% else %>
<p><%= t "user_block.blocks_on.empty", :name => h(@this_user.display_name) %></p>
<% end %>

28
app/views/user_blocks/edit.html.erb Normal file
View file

@ -0,0 +1,28 @@
<% @title = t 'user_block.edit.title', :name => h(@user_block.user.display_name) %>
<h1><%= t('user_block.edit.title',
:name => link_to(
h(@user_block.user.display_name),
{:controller => 'user', :action => 'view', :display_name => @user_block.user.display_name})) %></h1>
<% form_for(@user_block) do |f| %>
<%= f.error_messages %>
<p>
<%= f.label :reason, t('user_block.edit.reason', :name => h(@user_block.user.display_name)) %><br />
<%= f.text_area :reason, :cols => 80, :rows => 5 %>
</p>
<p>
<%= label_tag 'user_block_period', t('user_block.edit.period') %><br />
<%= select_tag('user_block_period', options_for_select(UserBlock::PERIODS.collect { |h| [t('user_block.period', :count => h), h.to_s] }, params[:user_block_period])) %>
</p>
<p>
<%= f.check_box :needs_view %>
<%= f.label :needs_view, t('user_block.edit.needs_view') %>
</p>
<p>
<%= f.submit t('user_block.edit.submit') %>
</p>
<% end %>
<%= link_to t('user_block.edit.show'), @user_block %> |
<%= link_to t('user_block.edit.back'), user_blocks_path %>

8
app/views/user_blocks/index.html.erb Normal file
View file

@ -0,0 +1,8 @@
<% @title = t('user_block.index.title') %>
<h1><%= t('user_block.index.heading') %></h1>
<% unless @user_blocks.empty? %>
<%= render :partial => 'blocks', :locals => { :show_revoke_link => (@user and @user.moderator?), :show_user_name => true, :show_creator_name => true } %>
<% else %>
<p><%= t "user_block.index.empty" %></p>
<% end %>

28
app/views/user_blocks/new.html.erb Normal file
View file

@ -0,0 +1,28 @@
<% @title = t 'user_block.new.title', :name => h(@this_user.display_name) %>
<h1><%= t('user_block.new.heading',
:name => link_to(
h(@this_user.display_name),
{:controller => 'user', :action => 'view', :display_name => @this_user.display_name})) %></h1>
<% form_for(@user_block) do |f| %>
<%= f.error_messages %>
<p>
<%= f.label :reason, t('user_block.new.reason', :name => @this_user.display_name) %><br />
<%= f.text_area :reason, :cols => 80, :rows => 5 %>
</p>
<p>
<%= label_tag 'user_block_period', t('user_block.new.period') %><br />
<%= select_tag('user_block_period', options_for_select(UserBlock::PERIODS.collect { |h| [t('user_block.period', :count => h), h.to_s] }, params[:user_block_period] )) %>
</p>
<p>
<%= f.check_box :needs_view %>
<%= f.label :needs_view, t('user_block.new.needs_view') %>
</p>
<p>
<%= hidden_field_tag 'display_name', @this_user.display_name %>
<%= f.submit t('user_block.new.submit') %>
</p>
<% end %>
<%= link_to t('user_block.new.back'), user_blocks_path %>

3
app/views/user_blocks/not_found.html.erb Normal file
View file

@ -0,0 +1,3 @@
<p><%= t'user_block.not_found.sorry', :id => params[:id] %></p>
<%= link_to t('user_block.not_found.back'), user_blocks_path %>

32
app/views/user_blocks/revoke.html.erb Normal file
View file

@ -0,0 +1,32 @@
<% @title = t('user_block.revoke.title',
:block_on => h(@user_block.user.display_name),
:block_by => h(@user_block.creator.display_name)) %>
<h1><%= t('user_block.revoke.heading',
:block_on => link_to(
h(@user_block.user.display_name),
{:controller => 'user', :action => 'view', :display_name => @user_block.user.display_name}),
:block_by => link_to(
h(@user_block.creator.display_name),
{:controller => 'user', :action => 'view', :display_name => @user_block.creator.display_name})) %></h1>
<% if @user_block.ends_at > Time.now %>
<p><b>
<%= t('user_block.revoke.time_future', :time => distance_of_time_in_words_to_now(@user_block.ends_at)) %>
</b></p>
<% form_for :revoke, :url => { :action => "revoke" } do |f| %>
<%= f.error_messages %>
<p>
<%= check_box_tag 'confirm', 'yes' %>
<%= label_tag 'confirm', t('user_block.revoke.confirm') %>
</p>
<p>
<%= submit_tag t('user_block.revoke.revoke') %>
</p>
<% end %>
<% else %>
<p>
<%= t('user_block.revoke.past', :time => distance_of_time_in_words_to_now(@user_block.ends_at)) %>
</p>
<% end %>

34
app/views/user_blocks/show.html.erb Normal file
View file

@ -0,0 +1,34 @@
<% @title = t('user_block.show.title',
:block_on => @user_block.user.display_name,
:block_by => @user_block.creator.display_name) %>
<h1><%= t('user_block.show.heading',
:block_on => link_to(
h(@user_block.user.display_name),
{:controller => 'user', :action => 'view', :display_name => @user_block.user.display_name}),
:block_by => link_to(
h(@user_block.creator.display_name),
{:controller => 'user', :action => 'view', :display_name => @user_block.creator.display_name})) %></h1>
<% if @user_block.revoker %>
<p>
<b><%= t'user_block.show.revoker' %></b>
<%= link_to h(@user_block.revoker.display_name), :controller => 'user', :action => 'view', :display_name => @user_block.revoker.display_name %>
</p>
<% end %>
<p><b><%= t'user_block.show.status' %></b>: <%= block_status(@user_block) %></p>
<p>
<b><%= t'user_block.show.reason' %></b>
<%=h @user_block.reason %>
</p>
<% if @user_block.ends_at > Time.now.getutc %>
<% if @user and @user.id == @user_block.creator_id %>
<%= link_to t('user_block.show.edit'), edit_user_block_path(@user_block) %> |
<% end %>
<% if @user and @user.moderator? %>
<%= link_to(t('user_block.show.revoke'),{:controller => 'user_blocks', :action => 'revoke', :id => @user_block.id}) %> |
<% end %>
<% end %>
<%= link_to t('user_block.show.back'), user_blocks_path %>

7
app/views/user_roles/grant.html.erb Normal file
View file

@ -0,0 +1,7 @@
<% form_tag request.request_uri do %>
<%= hidden_field_tag 'nonce', @nonce %>
<% @title = t('user_role.grant.heading') %>
<h1><%= t('user_role.grant.heading') %></h1>
<p><%= t('user_role.grant.are_you_sure', :name => params[:display_name], :role => params[:role]) %></p>
<p><%= submit_tag t('user_role.grant.confirm') %></p>
<% end %>

7
app/views/user_roles/revoke.html.erb Normal file
View file

@ -0,0 +1,7 @@
<% form_tag request.request_uri do %>
<%= hidden_field_tag 'nonce', @nonce %>
<% @title = t('user_role.revoke.heading') %>
<h1><%= t('user_role.revoke.heading') %></h1>
<p><%= t('user_role.revoke.are_you_sure', :name => params[:display_name], :role => params[:role]) %></p>
<p><%= submit_tag t'user_role.revoke.confirm' %></p>
<% end %>