Merge pull request #4961 from Zauberstuhl/report_feature_issue_4959

Do not try to render post/comment report which does not exist
2014-05-16 16:10:06 +02:00 · 2014-05-16 16:10:06 +02:00 · 9e2c914a1b
commit 9e2c914a1b
parent 01381ddf25 8170ef8363
6 changed files with 38 additions and 10 deletions
--- a/app/assets/stylesheets/report.css.scss
+++ b/app/assets/stylesheets/report.css.scss
@ -5,6 +5,9 @@
    span {
      display: block;
    }
+    span.text {
+      padding-bottom: 1em;
+    }
  }
  .options {
    float: right;
--- a/app/helpers/report_helper.rb
+++ b/app/helpers/report_helper.rb
@ -4,13 +4,14 @@

 module ReportHelper
  def report_content(id, type)
-    raw case type
-      when 'post'
-        t('report.post_label', title: link_to(post_page_title(Post.find_by_id(id)), post_path(id)))
-      when 'comment'
-        # comment_message is not html_safe. To prevent
-        # cross-site-scripting we have to escape html
-        t('report.comment_label', data: h(comment_message(Comment.find_by_id(id))))
+    if type == 'post' && !(post = Post.find_by_id(id)).nil?
+      raw t('report.post_label', title: link_to(post_page_title(post), post_path(id)))
+    elsif type == 'comment' && !(comment = Comment.find_by_id(id)).nil?
+      # comment_message is not html_safe. To prevent
+      # cross-site-scripting we have to escape html
+      raw t('report.comment_label', data: h(comment_message(comment)))
+    else
+      raw t('report.not_found')
    end
  end
 end
--- a/app/models/report.rb
+++ b/app/models/report.rb
@ -6,6 +6,7 @@ class Report < ActiveRecord::Base
  validates :text, presence: true

  validate :entry_does_not_exist, :on => :create
+  validate :post_or_comment_does_exist, :on => :create

  belongs_to :user
  belongs_to :post
@ -19,6 +20,12 @@ class Report < ActiveRecord::Base
    end
  end

+  def post_or_comment_does_exist
+    if Post.find_by_id(item_id).nil? && Comment.find_by_id(item_id).nil?
+      errors[:base] << 'Post or comment was already deleted or doesn\'t exists.'
+    end
+  end
+
  def destroy_reported_item
    if item_type == 'post'
      delete_post
--- a/app/views/report/index.html.haml
+++ b/app/views/report/index.html.haml
@ -8,7 +8,7 @@
    - @reports.each do |r|
      - username = User.find_by_id(r.user_id).username
      %div.content
-        %span
+        %span.text
          = report_content(r.item_id, r.item_type)
        %span
          = raw t('report.reported_label', person: link_to(username, user_profile_path(username)))
--- a/config/locales/diaspora/en.yml
+++ b/config/locales/diaspora/en.yml
@ -894,6 +894,7 @@ en:
    review_link: "Mark as reviewed"
    delete_link: "Delete item"
    confirm_deletion: "Are you sure to delete the item?"
+    not_found: "<u>The post/comment was not found. It seams that it was deleted by the user!</u>"
    status:
      marked: "The report was marked as reviewed"
      destroyed: "The post was destroyed"
--- a/spec/models/report_spec.rb
+++ b/spec/models/report_spec.rb
@ -25,11 +25,27 @@ describe Report do

  describe '#validation' do
    it 'validates that post ID is required' do
-      @user.reports.build(:item_type => 'post', :text => 'blub').should_not be_valid
+      report = @valid_post_report
+      report.delete(:item_id)
+      @user.reports.build(report).should_not be_valid
    end
    
    it 'validates that post type is required' do
-      @user.reports.build(:item_id => 666, :text => 'blub').should_not be_valid
+      report = @valid_post_report
+      report.delete(:item_type)
+      @user.reports.build(report).should_not be_valid
+    end
+
+    it 'validates that post does exist' do
+      report = @valid_post_report
+      report[:item_id] = 666;
+      @user.reports.build(report).should_not be_valid
+    end
+
+    it 'validates that comment does exist' do
+      report = @valid_comment_report
+      report[:item_id] = 666;
+      @user.reports.build(report).should_not be_valid
    end

    it 'validates that entry does not exist' do