community_engine 2.3.1 → 2.3.2

data/app/controllers/comments_controller.rb

@@ -1,6 +1,6 @@
 class CommentsController < BaseController
   before_filter :login_required, :except => [:index, :unsubscribe]
-  before_filter :admin_or_moderator_required, :only => [:delete_selected, :edit, :update]
+  before_filter :admin_or_moderator_required, :only => [:delete_selected, :edit, :update, :approve, :disapprove]
 
   if configatron.allow_anonymous_commenting
     skip_before_filter :verify_authenticity_token, :only => [:create]   #because the auth token might be cached anyway
@@ -28,6 +28,15 @@ class CommentsController < BaseController
     end
   end
 
+  def approve
+    @comment = Comment.find(params[:id])
+    @comment.ham! if !configatron.akismet_key.nil?
+    @comment.role = 'published'
+    @comment.save!
+    respond_to do |format|
+      format.js
+    end
+  end
 
   def index
     commentable_type = get_commentable_type(params[:commentable_type])
@@ -91,17 +100,14 @@ class CommentsController < BaseController
     commentable_type = get_commentable_type(params[:commentable_type])
     @commentable = commentable_type.singularize.constantize.find(params[:commentable_id])
 
-    @comment = Comment.new(params[:comment])
+    @comment = @commentable.comments.new(params[:comment])
 
-    @comment.commentable = @commentable
     @comment.recipient = @commentable.owner
     @comment.user_id = current_user.id if current_user
     @comment.author_ip = request.remote_ip #save the ip address for everyone, just because
 
     respond_to do |format|
       if (logged_in? || verify_recaptcha(@comment)) && @comment.save
-        @comment.send_notifications
-
         flash.now[:notice] = :comment_was_successfully_created.l
         format.html { redirect_to commentable_url(@comment) }
         format.js

data/app/controllers/messages_controller.rb

@@ -23,7 +23,7 @@ class MessagesController < BaseController
   end
   
   def show
-    @message = Message.read(params[:id], current_user)
+    @message = Message.read(params[:id], @user)
     @message_thread = MessageThread.for(@message, (admin? ? @message.recipient : current_user ))
     @reply = Message.new_reply(@user, @message_thread, params)    
   end

data/app/controllers/password_resets_controller.rb

@@ -7,15 +7,15 @@ class PasswordResetsController < BaseController
   end
 
   def create
-    @user = User.find_by_email(params[:email])
+    @user = User.where("lower(email) = ?", params[:email].downcase).first
     if @user
       @user.deliver_password_reset_instructions!
 
-      flash[:info] = :your_password_reset_instructions_have_been_emailed_to_you.l      
+      flash[:notice] = :your_password_reset_instructions_have_been_emailed_to_you.l
 
       redirect_to login_path
     else
-      flash[:error] = :sorry_we_dont_recognize_that_email_address.l      
+      flash[:error] = :sorry_we_dont_recognize_that_email_address.l
 
       render :action => :new
     end
@@ -49,4 +49,4 @@ class PasswordResetsController < BaseController
     end
   end
 
-end
+end

data/app/controllers/sessions_controller.rb

@@ -1,11 +1,11 @@
-# This controller handles the login/logout function of the site.  
+# This controller handles the login/logout function of the site.
 class SessionsController < BaseController
 
   skip_before_filter :store_location, :only => [:new, :create]
 
   def index
     redirect_to :action => "new"
-  end  
+  end
 
   def new
     redirect_to user_path(current_user) and return if current_user
@@ -16,9 +16,8 @@ class SessionsController < BaseController
     @user_session = UserSession.new(:login => params[:email], :password => params[:password], :remember_me => params[:remember_me])
 
     if @user_session.save
+      self.current_user = @user_session.record #if current_user has been called before this, it will ne nil, so we have to make to reset it
 
-      current_user = @user_session.record #if current_user has been called before this, it will ne nil, so we have to make to reset it
-      
       flash[:notice] = :thanks_youre_now_logged_in.l
       redirect_back_or_default(dashboard_user_path(current_user))
     else

data/app/helpers/base_helper.rb

@@ -3,19 +3,23 @@ require 'digest/md5'
 # Methods added to this helper will be available to all templates in the application.
 module BaseHelper
   include ActsAsTaggableOn::TagsHelper
-  
+
   def commentable_url(comment)
-    if comment.commentable_type != "User"
-      polymorphic_url([comment.recipient, comment.commentable])+"#comment_#{comment.id}"
-    else
-      user_url(comment.recipient)+"#comment_#{comment.id}"
+    if comment.recipient && comment.commentable
+      if comment.commentable_type != "User"
+        polymorphic_url([comment.recipient, comment.commentable])+"#comment_#{comment.id}"
+      elsif comment
+        user_url(comment.recipient)+"#comment_#{comment.id}"
+      end
+    elsif comment.commentable
+      polymorphic_url(comment.commentable)+"#comment_#{comment.id}"
     end
   end
-  
+
   def forum_page?
     %w(forums topics sb_posts).include?(controller.controller_name)
   end
-  
+
   def is_current_user_and_featured?(u)
     u && u.eql?(current_user) && u.featured_writer?
   end
@@ -28,20 +32,20 @@ module BaseHelper
     options.collect {|key,val| str << " #{key}=\"#{val}\"" }
     str << '><div class="box_top"></div>'
     str << "\n"
-    
+
     concat(str.html_safe)
     yield(content)
     concat('<br class="clear" /><div class="box_bottom"></div></div>'.html_safe)
   end
-  
+
   def block_to_partial(partial_name, html_options = {}, &block)
     concat(render(:partial => partial_name, :locals => {:body => capture(&block), :html_options => html_options}))
   end
 
   def box(html_options = {}, &block)
     block_to_partial('shared/box', html_options, &block)
-  end  
-    
+  end
+
   def city_cloud(cities, classes)
     max, min = 0, 0
     cities.each { |c|
@@ -62,7 +66,7 @@ module BaseHelper
     string = words[0..(length-1)].join(' ') + (words.length > length ? end_string : '')
     string.html_safe
   end
-  
+
   def truncate_words_with_highlight(text, phrase)
     t = excerpt(text, phrase)
     highlight truncate_words(t, 18), phrase
@@ -75,13 +79,13 @@ module BaseHelper
     if paragraph
       paragraph.to_html + end_string
     else
-      truncate_words(text, 150, end_string) 
+      truncate_words(text, 150, end_string)
     end
   end
 
   def page_title
-    divider = " | ".html_safe    
-    
+    divider = " | ".html_safe
+
     app_base = configatron.community_name
     tagline = " #{divider} #{configatron.community_tagline}"
 		title = app_base
@@ -100,10 +104,10 @@ module BaseHelper
           @canonical_url = user_post_url(@post.user, @post)
         end
       when 'users'
-        if @user && !@user.new_record? && @user.login 
+        if @user && !@user.new_record? && @user.login
           title = @user.login
           title += divider + app_base + tagline
-          @canonical_url = user_url(@user)          
+          @canonical_url = user_url(@user)
         else
           title = :showing_users.l+divider + app_base + tagline
         end
@@ -124,7 +128,7 @@ module BaseHelper
               title = :posts_photos_and_bookmarks.l(:name => @tags.map(&:name).join(', '))
             end
             title += " (#{:related_tags.l}: #{@related_tags.join(', ')})" if @related_tags
-            title += divider + app_base    
+            title += divider + app_base
             @canonical_url = tag_url(URI.escape(URI.escape(@tags_raw), /[\/.?#]/)) if @tags_raw
           else
             title = "Showing tags #{divider} #{app_base} #{tagline}"
@@ -133,15 +137,15 @@ module BaseHelper
         if @category and @category.name
           title = :posts_photos_and_bookmarks.l(:name => @category.name) + divider + app_base + tagline
         else
-          title = :showing_categories.l + divider + app_base + tagline            
+          title = :showing_categories.l + divider + app_base + tagline
         end
       when 'sessions'
-        title = :login.l + divider + app_base + tagline            
+        title = :login.l + divider + app_base + tagline
     end
 
     if @page_title
       title = @page_title + divider + app_base + tagline
-    elsif title == app_base          
+    elsif title == app_base
 		  title = :showing.l + ' ' + controller.controller_name + divider + app_base + tagline
     end
 
@@ -152,11 +156,11 @@ module BaseHelper
 		html = "<span class='friend_request' id='friend_request_#{user.id}'>"
     html += link_to_remote :request_friendship.l,
 				{ :update => "friend_request_#{user.id}",
-					:loading => "$$('span#friend_request_#{user.id} span.spinner')[0].show(); $$('span#friend_request_#{user.id} a.add_friend_btn')[0].hide()", 
+					:loading => "$$('span#friend_request_#{user.id} span.spinner')[0].show(); $$('span#friend_request_#{user.id} a.add_friend_btn')[0].hide()",
 					:complete => visual_effect(:highlight, "friend_request_#{user.id}", :duration => 1),
           500 => "alert('#{escape_javascript(:sorry_there_was_an_error_requesting_friendship.l)}')",
-					:url => hash_for_user_friendships_url(:user_id => current_user.id, :friend_id => user.id), 
-					:method => :post 
+					:url => hash_for_user_friendships_url(:user_id => current_user.id, :friend_id => user.id),
+					:method => :post
 				}, {:class => "add_friend button"}
 		html +=	"<span style='display:none;' class='spinner'>"
 		html += image_tag('spinner.gif')
@@ -167,34 +171,34 @@ module BaseHelper
   def topnav_tab(name, options)
     classes = [options.delete(:class)]
     classes << 'current' if options[:section] && (options.delete(:section).to_a.include?(@section))
-    
+
     string = "<li class='#{classes.join(' ')}'>" + link_to( content_tag(:span, name), options.delete(:url), options) + "</li>"
     string.html_safe
   end
-  
+
   def more_comments_links(commentable)
     html = link_to "&raquo; ".html_safe + :all_comments.l, commentable_comments_url(commentable.class.to_s.tableize, commentable.to_param)
     html += "<br />".html_safe
 		html += link_to "&raquo; ".html_safe + :comments_rss.l, commentable_comments_url(commentable.class.to_s.tableize, commentable.to_param, :format => :rss)
 		html.html_safe
   end
-    
+
   def show_footer_content?
     return true #you can override this in your app
   end
-  
+
   def clippings_link
-    "javascript:(function() {d=document, w=window, e=w.getSelection, k=d.getSelection, x=d.selection, s=(e?e():(k)?k():(x?x.createRange().text:0)), e=encodeURIComponent, document.location='#{home_url}new_clipping?uri='+e(document.location)+'&title='+e(document.title)+'&selection='+e(s);} )();"    
+    "javascript:(function() {d=document, w=window, e=w.getSelection, k=d.getSelection, x=d.selection, s=(e?e():(k)?k():(x?x.createRange().text:0)), e=encodeURIComponent, document.location='#{home_url}new_clipping?uri='+e(document.location)+'&title='+e(document.title)+'&selection='+e(s);} )();"
   end
-  
+
   def paginating_links(paginator, options = {}, html_options = {})
     paginate paginator
-  end  
-  
+  end
+
   def last_active
     session[:last_active] ||= Time.now.utc
   end
-    
+
   def ajax_spinner_for(id, spinner="spinner.gif")
     "<img src='/assets/#{spinner}' style='display:none; vertical-align:middle;' id='#{id.to_s}_spinner'> ".html_safe
   end
@@ -228,7 +232,7 @@ module BaseHelper
     from_time = from_time.to_time if from_time.respond_to?(:to_time)
     to_time = to_time.to_time if to_time.respond_to?(:to_time)
     distance_in_minutes = (((to_time - from_time).abs)/60).round
-      
+
     case distance_in_minutes
       when 0              then :a_few_seconds_ago.l
       when 1..59          then :minutes_ago.l(:count => distance_in_minutes)
@@ -247,33 +251,33 @@ module BaseHelper
       display = I18n.l(date.to_date, :format => :date_ago)
     end
   end
-  
+
   def profile_completeness(user)
     segments = [
       {:val => 2, :action => link_to(:upload_a_profile_photo.l, edit_user_path(user, :anchor => 'profile_details')), :test => !user.avatar.nil? },
-      {:val => 1, :action => link_to(:tell_us_about_yourself.l, edit_user_path(user, :anchor => 'user_description')), :test => !user.description.blank?},      
-      {:val => 2, :action => link_to(:select_your_city.l, edit_user_path(user, :anchor => 'location_chooser')), :test => !user.metro_area.nil? },            
-      {:val => 1, :action => link_to(:tag_yourself.l, edit_user_path(user, :anchor => "user_tags")), :test => user.tags.any?},                  
+      {:val => 1, :action => link_to(:tell_us_about_yourself.l, edit_user_path(user, :anchor => 'user_description')), :test => !user.description.blank?},
+      {:val => 2, :action => link_to(:select_your_city.l, edit_user_path(user, :anchor => 'location_chooser')), :test => !user.metro_area.nil? },
+      {:val => 1, :action => link_to(:tag_yourself.l, edit_user_path(user, :anchor => "user_tags")), :test => user.tags.any?},
       {:val => 1, :action => link_to(:invite_some_friends.l, new_invitation_path), :test => user.invitations.any?}
     ]
-    
+
     completed_score = segments.select{|s| s[:test].eql?(true)}.sum{|s| s[:val]}
     incomplete = segments.select{|s| !s[:test] }
-    
+
     total = segments.sum{|s| s[:val] }
     score = (completed_score.to_f/total.to_f)*100
 
     {:score => score, :incomplete => incomplete, :total => total}
   end
-  
+
 
   def possesive(user)
-    user.gender ? (user.male? ? :his.l : :her.l)  : :their.l    
+    user.gender ? (user.male? ? :his.l : :her.l)  : :their.l
   end
 
   def tiny_mce_init_if_needed
     if !@uses_tiny_mce.blank?
-      tinymce_js = tinymce_javascript(@tiny_mce_configuration)      
+      tinymce_js = tinymce_javascript(@tiny_mce_configuration)
       javascript_tag(tinymce_js)
     end
   end

data/app/models/album.rb

@@ -3,10 +3,10 @@ class Album < ActiveRecord::Base
   belongs_to :user
   validates_presence_of :user_id
   acts_as_activity :user
-  acts_as_commentable
-  validates_presence_of :title  
+  acts_as_moderated_commentable
+  validates_presence_of :title
 
-  attr_accessible :title, :description
+  attr_accessible :title, :description, :user_id
 
   def owner
     self.user

data/app/models/authorization.rb

@@ -14,36 +14,36 @@ class Authorization < ActiveRecord::Base
       create_from_hash(hash, existing_user)
     end
   end
-  
+
   def self.create_from_hash(hash, existing_user = nil)
     create do |authorization|
       authorization.assign_account_info(hash)
       authorization.find_or_create_or_associate_user(existing_user)
-    end    
+    end
   end
-  
-  def self.find_from_hash(hash)    
+
+  def self.find_from_hash(hash)
     find_by_provider_and_uid(hash['provider'], hash['uid'])
   end
 
   def find_or_create_or_associate_user(existing_user = nil)
     if existing_user
       self.user = existing_user
-    elsif self.user 
+    elsif self.user
       self.user
     else
-      self.user = User.find_or_create_from_authorization(self)      
+      self.user = User.find_or_create_from_authorization(self)
     end
   end
-  
-  
+
+
   def allow_destroy?
-    if user.authorizations.count.eql?(1)    
-      errors.add(:base, "You must have at least one authorization provider.") 
-      raise ActiveRecord::Rollback    
+    if user.authorizations.count.eql?(1)
+      errors.add(:base, "You must have at least one authorization provider.")
+      raise ActiveRecord::Rollback
     end
   end
-  
+
   def assign_account_info(auth_hash)
     self.uid                 = auth_hash['uid']
     self.provider            = auth_hash['provider']
@@ -55,6 +55,6 @@ class Authorization < ActiveRecord::Base
       self.access_token        = auth_hash['credentials']['token']
       self.access_token_secret = auth_hash['credentials']['secret']
     end
-  end  
+  end
 
-end
+end

data/app/models/clipping.rb

@@ -1,6 +1,6 @@
 class Clipping < ActiveRecord::Base
 
-  acts_as_commentable
+  acts_as_moderated_commentable
   belongs_to :user
   validates_presence_of :user
   validates_presence_of :url
@@ -10,20 +10,20 @@ class Clipping < ActiveRecord::Base
   validates_associated :image
   validates_presence_of :image
   after_save :save_image
-  
+
   has_one  :image, :as => :attachable, :class_name => "ClippingImage", :dependent => :destroy
   has_many :favorites, :as => :favoritable, :dependent => :destroy
-  
+
   acts_as_taggable
   acts_as_activity :user
 
   attr_accessible :user, :url, :description, :image_url
-    
-  scope :recent, :order => 'clippings.created_at DESC'    
-    
-    
+
+  scope :recent, :order => 'clippings.created_at DESC'
+
+
   def self.find_related_to(clipping, options = {})
-    options.reverse_merge!({:limit => 8, 
+    options.reverse_merge!({:limit => 8,
         :order => 'created_at DESC',
         :conditions => [ 'clippings.id != ?', clipping.id ]
     })
@@ -42,17 +42,17 @@ class Clipping < ActiveRecord::Base
     self.user.clippings.order('created_at DESC').where('created_at < ?', self.created_at).first
   end
   def next_clipping
-    self.user.clippings.where('created_at > ?', self.created_at).order('created_at ASC').first    
+    self.user.clippings.where('created_at > ?', self.created_at).order('created_at ASC').first
   end
 
   def owner
     self.user
   end
-  
+
   def image_uri(size = '')
     image && image.asset.url(size) || image_url
   end
-  
+
   def title_for_rss
     description.empty? ? created_at.to_formatted_s(:long) : description
   end
@@ -61,7 +61,7 @@ class Clipping < ActiveRecord::Base
     f = Favorite.find_by_user_or_ip_address(self, user, remote_ip)
     return f
   end
-  
+
   def add_image
     begin
       clipping_image = ClippingImage.new
@@ -72,7 +72,7 @@ class Clipping < ActiveRecord::Base
       nil
     end
   end
-  
+
   def save_image
     if valid? && image
       image.attachable = self