From 8a7d7199206473fee5ed53caaa7d78f0efd693d2 Mon Sep 17 00:00:00 2001 From: jomo Date: Tue, 17 Jun 2014 21:19:15 +0200 Subject: [PATCH] add notification settings, fix comment edit permissions --- app/controllers/comments_controller.rb | 4 +- app/controllers/users_controller.rb | 10 +++- app/models/comment.rb | 14 ++--- app/models/threadreply.rb | 6 +-- app/views/users/edit.html.erb | 5 +- app/views/users/edit_notifications.html.erb | 51 ++++++++++++++++++ config/routes.rb | 1 + ...0140617183755_add_mail_settings_to_user.rb | 9 ++++ db/schema.rb | 52 ++++++++++--------- 9 files changed, 114 insertions(+), 38 deletions(-) create mode 100644 app/views/users/edit_notifications.html.erb create mode 100644 db/migrate/20140617183755_add_mail_settings_to_user.rb diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index 48fabf6..53e4b84 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -4,7 +4,7 @@ class CommentsController < ApplicationController def edit @comment = Comment.find(params[:id]) - if mod? || @comment.author.is?(current_user) + if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user) else flash[:alert] = "You are not allowed to edit this comment" redirect_to @comment.blogpost @@ -49,7 +49,7 @@ class CommentsController < ApplicationController def destroy @comment = Comment.find(params[:id]) - if mod? || @comment.author.is?(current_user) + if (mod? && current_user.role >= @comment.author.role) || @comment.author.is?(current_user) if @comment.destroy flash[:notice] = "Comment deleted!" else diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 3c86391..f8c8899 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -204,6 +204,14 @@ class UsersController < ApplicationController end end + def edit_notifications + @user = User.find(params[:id]) + unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin? + flash[:alert] = "You are not allowed to edit this user's notification settings!" + redirect_to @user + end + end + def edit_login @user = User.find(params[:id]) unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin? @@ -267,7 +275,7 @@ class UsersController < ApplicationController end def user_params(add = []) - a = [:ign, :email, :password, :password_confirmation] + add + a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention] + add params.require(:user).permit(a) end end \ No newline at end of file diff --git a/app/models/comment.rb b/app/models/comment.rb index 616ed06..e56dc9d 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -31,13 +31,13 @@ class Comment < ActiveRecord::Base def send_new_comment_mail userids = [] - # thread + replies - posts = blogpost.comments.to_a - posts << blogpost # if thread.author.send_own_post_comment_mail (TODO) - posts.each do |post| - # don't send mail to the author, don't send to banned/disabled users - if post.author != author && post.author.normal? && post.author.confirmed? # && - userids << post.author.id # && post.author.send_commented_comment_mail (TODO) + # post + comments + comments = blogpost.comments.to_a + comments << blogpost if blogpost.author.mail_own_blogpost_comment? + comments.each do |comment| + # don't send mail to the author of this comment, don't send to banned/disabled users + if comment.author != author && comment.author.normal? && comment.author.confirmed? # && + userids << comment.author.id if comment.author.mail_other_blogpost_comment? end end # making sure we don't send multiple mails to the same user diff --git a/app/models/threadreply.rb b/app/models/threadreply.rb index 901c957..d9a2fd0 100644 --- a/app/models/threadreply.rb +++ b/app/models/threadreply.rb @@ -37,11 +37,11 @@ class Threadreply < ActiveRecord::Base # thread + replies posts = thread.replies.to_a - posts << thread # if thread.author.send_own_thread_reply_mail (TODO) + posts << thread if thread.author.mail_own_thread_reply? posts.each do |post| - # don't send mail to the author, don't send to banned/disabled users + # don't send mail to the author of this reply, don't send to banned/disabled users if post.author != author && post.author.normal? && post.author.confirmed? # && - userids << post.author.id # && post.author.send_replied_reply_mail (TODO) + userids << post.author.id if post.author.mail_other_thread_reply? end end # making sure we don't send multiple mails to the same user diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb index 4071f93..4851970 100644 --- a/app/views/users/edit.html.erb +++ b/app/views/users/edit.html.erb @@ -68,7 +68,10 @@

<%= f.submit "Save profile", class: "btn blue left", disabled: (!@user.confirmed? && @user.is?(current_user)) %>

-

<%= link_to "Edit login details", edit_login_user_path(@user), class: "btn blue right" %>

+

+ <%= link_to "Edit login details", edit_login_user_path(@user), class: "btn blue right" %> + <%= link_to "Notification settings", edit_notifications_user_path(@user), class: "btn blue right" %> +

<% if !@user.confirmed? %> diff --git a/app/views/users/edit_notifications.html.erb b/app/views/users/edit_notifications.html.erb new file mode 100644 index 0000000..f08281c --- /dev/null +++ b/app/views/users/edit_notifications.html.erb @@ -0,0 +1,51 @@ +<% title "Edit Notification Settings: #{@user.name}" %> + +<%= link_to @user.name, @user %> → Edit Notification Settings +

Edit Notification Settings

+ + +<%= form_for @user do |f| %> +

Email me when someone...

+ + + + + + + + + + + + + + + + + + + + + + + +
replies to my thread + <%= f.check_box :mail_own_thread_reply %> +
replies to a thread I already replied to + <%= f.check_box :mail_other_thread_reply %> +
+ comments my blog post
+ (Currently used for staff only) + 		+ <%= f.check_box :mail_own_blogpost_comment %> +
comments a blog post I already commented + <%= f.check_box :mail_other_blogpost_comment %> +
+ mentions me in a thread or comment
+ (Not yet implemented) + 		+ <%= f.check_box :mail_mention %> +
+

<%= f.submit "Save changes", class: "btn blue left" %>

+
+<% end %> \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index 8ad1ba4..4820151 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -17,6 +17,7 @@ Redstoner::Application.routes.draw do member do get 'confirm' get 'edit_login' + get 'edit_notifications' put 'update_login' end end diff --git a/db/migrate/20140617183755_add_mail_settings_to_user.rb b/db/migrate/20140617183755_add_mail_settings_to_user.rb new file mode 100644 index 0000000..231cc3a --- /dev/null +++ b/db/migrate/20140617183755_add_mail_settings_to_user.rb @@ -0,0 +1,9 @@ +class AddMailSettingsToUser < ActiveRecord::Migration + def change + add_column :users, :mail_own_thread_reply, :boolean, default: true + add_column :users, :mail_other_thread_reply, :boolean, default: true + add_column :users, :mail_own_blogpost_comment, :boolean, default: true + add_column :users, :mail_other_blogpost_comment, :boolean, default: true + add_column :users, :mail_mention, :boolean, default: true + end +end diff --git a/db/schema.rb b/db/schema.rb index 1b2af8f..caaa7d9 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,15 +11,15 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 11) do +ActiveRecord::Schema.define(version: 20140617183755) do create_table "blogposts", force: true do |t| t.string "title" t.text "content" t.integer "user_author_id" t.integer "user_editor_id" - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false end create_table "comments", force: true do |t| @@ -27,8 +27,8 @@ ActiveRecord::Schema.define(version: 11) do t.integer "user_author_id" t.integer "user_editor_id" t.integer "blogpost_id" - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false end create_table "forumgroups", force: true do |t| @@ -54,8 +54,8 @@ ActiveRecord::Schema.define(version: 11) do t.integer "user_author_id" t.integer "user_editor_id" t.integer "forum_id" - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false end create_table "info", force: true do |t| @@ -63,10 +63,9 @@ ActiveRecord::Schema.define(version: 11) do t.text "content" end - create_table "register_tokens", force: true do |t| - t.string "uuid", limit: 32, null: false - t.string "token", limit: 6, null: false - t.string "email", null: false + create_table "register_tokens", primary_key: "uuid", force: true do |t| + t.string "token", limit: 6, null: false + t.string "email", null: false end create_table "roles", force: true do |t| @@ -77,8 +76,8 @@ ActiveRecord::Schema.define(version: 11) do create_table "sessions", force: true do |t| t.string "session_id", null: false t.text "data" - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false end add_index "sessions", ["session_id"], name: "index_sessions_on_session_id", using: :btree @@ -89,30 +88,35 @@ ActiveRecord::Schema.define(version: 11) do t.integer "user_author_id" t.integer "user_editor_id" t.integer "forumthread_id" - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false end create_table "users", force: true do |t| - t.string "uuid", null: false - t.string "name", null: false - t.string "password_digest", null: false - t.string "ign", null: false - t.string "email", null: false + t.string "uuid", null: false + t.string "name", null: false + t.string "password_digest", null: false + t.string "ign", null: false + t.string "email", null: false t.text "about" t.string "last_ip" t.string "skype" - t.boolean "skype_public", default: false + t.boolean "skype_public", default: false t.string "youtube" t.string "youtube_channelname" t.string "twitter" - t.boolean "donor", default: false + t.boolean "donor", default: false t.string "email_token" - t.boolean "confirmed", default: false + t.boolean "confirmed", default: false t.datetime "last_seen" - t.integer "role_id", null: false + t.integer "role_id", default: 3, null: false t.datetime "created_at" t.datetime "updated_at" + t.boolean "mail_own_thread_reply", default: true + t.boolean "mail_other_thread_reply", default: true + t.boolean "mail_own_blogpost_comment", default: true + t.boolean "mail_other_blogpost_comment", default: true + t.boolean "mail_mention", default: true end end