Updated user_target autocomplete regex, removed unnecessary permission check

2017-06-12 21:40:33 +02:00
parent 895e56ff06
commit 32231e4eea
5 changed files with 43 additions and 16 deletions
--- a/app/assets/javascripts/editor.js
+++ b/app/assets/javascripts/editor.js
@@ -88,5 +88,45 @@ $(function() {
  }], {
    debounce: 300
  });
+  $('.md_editor .field_container_user .editor_field').textcomplete([{
+    // match up to 2 words (everything except some special characters)
+    // each word can have up to 16 characters (up to 32 total)
+    // words must be separated by a single space
+    match: /(^|\s)([^!"§$%&\/()=?.,;+*@\s]{1,16})$/,
+    search: function (text, callback, match) {
+      console.log("Searching " + text);
+      text = text.toLowerCase();
+      $.ajax("/users/suggestions", {
+        type: "post",
+        data: {name: text},
+        dataType: "json",
+        headers: {
+          "X-CSRF-Token": $('meta[name="csrf-token"]').attr("content")
+        },
+        success: function(data) {
+          callback(data);
+        },
+        error: function(xhr, status, err) {
+          console.error(err);
+          callback([]);
+        }
+      });
+    },
+    template: function(user) {
+      var name = user[0];
+      var ign  = user[1];
+      if (name != ign) {
+        return name + " <small>(" + ign + ")</small>";
+      } else {
+        return ign;
+      }
+    },
+    cache: true,
+    replace: function (word) {
+      return "$1" + word[1] + " ";
+    }
+  }], {
+    debounce: 300
+  });

-});
+});
--- a/app/assets/stylesheets/.style.css.scss.swp
+++ b/app/assets/stylesheets/.style.css.scss.swp
--- a/app/assets/stylesheets/style.css.scss
+++ b/app/assets/stylesheets/style.css.scss
@@ -481,7 +481,6 @@ blockquote p {
    }
  }
  .field_container_user {
-    position: relative;
    .editor_field {
    }
  }
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -1,7 +1,5 @@
 class MessagesController < ApplicationController

-  before_filter :check_permission, only: :destroy
-
  def index
    if current_user
      @messages = Message.where(user_target: current_user).page(params[:page])
@@ -67,19 +65,9 @@ class MessagesController < ApplicationController
  end

  def message_params(add = [])
-    params[:message][:user_target_id] = User.find_by(ign: params[:message][:user_target].gsub(/[@ ]/,"")).try(:id)
+    params[:message][:user_target_id] = User.find_by(ign: params[:message][:user_target].strip).try(:id)
    params[:message][:user_sender_id] = User.find_by(ign: params[:message][:user_sender]).id

    params.require(:message).permit([:text, :user_target_id, :user_sender_id])
  end
-
-  private
-
-  def check_permission
-    @message = Message.find(params[:id])
-    unless @message.user_target == current_user
-      flash[:alert] = "You are not allowed to view this message"
-      redirect_to home_statics_path
-    end
-  end
 end
--- a/app/views/application/_md_editor_user.html.erb
+++ b/app/views/application/_md_editor_user.html.erb
@@ -2,7 +2,7 @@
  <div class="field_container_user">
    <% options = (defined?(options) && options || {}) %>
    <% options[:class] = "#{options[:class]} editor_field" %>
-    <% options[:placeholder] ||= "Enter user's name. prefix with \"@\" to get suggestions." %>
+    <% options[:placeholder] ||= "Enter user's name." %>
    <%= text_field_tag name, content, options %>
  </div>
 </div>