diff options
| -rw-r--r-- | app/controllers/admin_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 13 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 31 | ||||
| -rw-r--r-- | app/views/request/_after_actions.rhtml | 2 | ||||
| -rw-r--r-- | spec/controllers/request_controller_spec.rb | 12 | ||||
| -rw-r--r-- | spec/views/request/_after_actions.rhtml_spec.rb | 18 | 
6 files changed, 67 insertions, 13 deletions
| diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index d7933b212..d93e68dab 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -28,6 +28,10 @@ class AdminController < ApplicationController          cache_subpath = foi_fragment_cache_all_for_request(info_request)          FileUtils.rm_rf(cache_subpath) +        # Remove any download zips +        download_dir = request_download_zip_dir(info_request) +        FileUtils.rm_rf(download_dir) +          # Remove the database caches of body / attachment text (the attachment text          # one is after privacy rules are applied)          info_request.clear_in_database_caches! diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 3f3c169ae..b707ae878 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -229,6 +229,19 @@ class ApplicationController < ActionController::Base          end      end +    def request_dirs(info_request) +        first_three_digits = info_request.id.to_s()[0..2] +        File.join(first_three_digits.to_s, info_request.id.to_s) +    end + +    def request_download_zip_dir(info_request) +        File.join(download_zip_dir, "download", request_dirs(info_request)) +    end + +    def download_zip_dir() +        File.join(Rails.root, '/cache/zips/') +    end +      # get the local locale      def locale_from_params(*args)        if params[:show_locale] diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 2c95114e6..d8c34c2dd 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -868,22 +868,32 @@ class RequestController < ApplicationController      def download_entire_request          @locale = self.locale_from_params()          PublicBody.with_locale(@locale) do -            info_request = InfoRequest.find_by_url_title!(params[:url_title]) +            @info_request = InfoRequest.find_by_url_title!(params[:url_title]) +            # Test for whole request being hidden or requester-only +            if !@info_request.all_can_view? +                render :template => 'request/hidden', :status => 410 # gone +                return +            end              if authenticated?(                                :web => _("To download the zip file"), -                              :email => _("Then you can download a zip file of {{info_request_title}}.",:info_request_title=>info_request.title), -                              :email_subject => _("Log in to download a zip file of {{info_request_title}}",:info_request_title=>info_request.title) +                              :email => _("Then you can download a zip file of {{info_request_title}}.", +                                           :info_request_title=>@info_request.title), +                              :email_subject => _("Log in to download a zip file of {{info_request_title}}", +                                           :info_request_title=>@info_request.title)                                ) -                updated = Digest::SHA1.hexdigest(info_request.get_last_event.created_at.to_i.to_s + info_request.updated_at.to_i.to_s) -                @url_path = "/download/#{updated[0..1]}/#{updated}/#{params[:url_title]}.zip" -                file_path = File.expand_path(File.join(File.dirname(__FILE__), '../../cache/zips', @url_path)) +                updated = Digest::SHA1.hexdigest(@info_request.get_last_event.created_at.to_i.to_s + @info_request.updated_at.to_i.to_s) +                @url_path = File.join("/download", +                                       request_dirs(@info_request), +                                       updated, +                                       "#{params[:url_title]}.zip") +                file_path = File.expand_path(File.join(download_zip_dir(), @url_path))                  if !File.exists?(file_path)                      FileUtils.mkdir_p(File.dirname(file_path))                      Zip::ZipFile.open(file_path, Zip::ZipFile::CREATE) { |zipfile|                          convert_command = Configuration::html_to_pdf_command                          done = false                          if !convert_command.blank? && File.exists?(convert_command) -                            url = "http://#{Configuration::domain}#{request_url(info_request)}?print_stylesheet=1" +                            url = "http://#{Configuration::domain}#{request_url(@info_request)}?print_stylesheet=1"                              tempfile = Tempfile.new('foihtml2pdf')                              output = AlaveteliExternalCommand.run(convert_command, url, tempfile.path)                              if !output.nil? @@ -892,22 +902,21 @@ class RequestController < ApplicationController                                  }                                  done = true                              else -                                logger.error("Could not convert info request #{info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'") +                                logger.error("Could not convert info request #{@info_request.id} to PDF with command '#{convert_command} #{url} #{tempfile.path}'")                              end                              tempfile.close                          else                              logger.warn("No HTML -> PDF converter found at #{convert_command}")                          end                          if !done -                            @info_request = info_request -                            @info_request_events = info_request.info_request_events +                            @info_request_events = @info_request.info_request_events                              template = File.read(File.join(File.dirname(__FILE__), "..", "views", "request", "simple_correspondence.rhtml"))                              output = ERB.new(template).result(binding)                              zipfile.get_output_stream("correspondence.txt") { |f|                                  f.puts(output)                              }                          end -                        for message in info_request.incoming_messages +                        for message in @info_request.incoming_messages                              attachments = message.get_attachments_for_display                              for attachment in attachments                                  filename = "#{attachment.url_part_number}_#{attachment.display_filename}" diff --git a/app/views/request/_after_actions.rhtml b/app/views/request/_after_actions.rhtml index 580ff0e87..221634549 100644 --- a/app/views/request/_after_actions.rhtml +++ b/app/views/request/_after_actions.rhtml @@ -15,9 +15,11 @@                  <%= link_to _('Update the status of this request'), '#describe_state_form_1' %>              </li>          <% end %> +      <% if @info_request.all_can_view? %>        <li>            <%= link_to _("Download a zip file of all correspondence"), download_entire_request_url(:url_title => @info_request.url_title) %>        </li> +      <% end %>      </ul>      </div>      <% if ! @info_request.is_external? %> diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index 43eca46cd..625bf17e7 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -727,6 +727,16 @@ describe RequestController, "when showing one request" do          describe 'when making a zipfile available' do +            it 'should return a 410 for a request that is hidden' do +                title = 'why_do_you_have_such_a_fancy_dog' +                ir = info_requests(:fancy_dog_request) +                ir.prominence = 'hidden' +                ir.save! +                get :download_entire_request, {:url_title => title}, { :user_id => ir.user.id } +                response.should render_template('request/hidden') +                response.code.should == '410' +            end +              it "should have a different zipfile URL when the request changes" do                  title = 'why_do_you_have_such_a_fancy_dog'                  ir = info_requests(:fancy_dog_request) @@ -765,7 +775,7 @@ describe RequestController, "when showing one request" do                  info_request = info_requests(:external_request)                  get :download_entire_request, { :url_title => info_request.url_title },                                                { :user_id => users(:bob_smith_user) } -                response.location.should have_text(/#{assigns[:url_path]}/) +                response.location.should have_text(/#{assigns[:url_path]}$/)              end          end      end diff --git a/spec/views/request/_after_actions.rhtml_spec.rb b/spec/views/request/_after_actions.rhtml_spec.rb index 5b4734c52..548990c9f 100644 --- a/spec/views/request/_after_actions.rhtml_spec.rb +++ b/spec/views/request/_after_actions.rhtml_spec.rb @@ -13,7 +13,8 @@ describe 'when displaying actions that can be taken with regard to a request' do                                                  :is_external? => false,                                                  :public_body => @mock_body,                                                  :comments_allowed? => true, -                                                :url_title => 'test_request') +                                                :url_title => 'test_request', +                                                :all_can_view? => true)          assigns[:info_request] = @mock_request      end @@ -83,4 +84,19 @@ describe 'when displaying actions that can be taken with regard to a request' do          expect_owner_link('Request an internal review')      end +    describe 'if the request is viewable by all' do + +        it 'should display the link to download the entire request' do +            expect_anyone_link('Download a zip file of all correspondence') +        end +    end + +    describe 'if the request is not viewable by all' do + +        it 'should not  display the link to download the entire request' do +            @mock_request.stub!(:all_can_view?).and_return(false) +            expect_no_anyone_link('Download a zip file of all correspondence') +        end +    end +  end | 
