| @@ -1,36 +1,37 | |||||
| 1 | class CommentsController < ApplicationController |
|
1 | class CommentsController < ApplicationController | |
| 2 | default_search_scope :news |
|
2 | default_search_scope :news | |
| 3 | model_object News |
|
3 | model_object News | |
| 4 | before_filter :find_model_object |
|
4 | before_filter :find_model_object | |
| 5 | before_filter :find_project_from_association |
|
5 | before_filter :find_project_from_association | |
| 6 | before_filter :authorize |
|
6 | before_filter :authorize | |
| 7 |
|
7 | |||
| 8 | verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed } |
|
8 | verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed } | |
| 9 | def create |
|
9 | def create | |
| 10 |
@comment = Comment.new |
|
10 | @comment = Comment.new | |
|
|
11 | @comment.safe_attributes = params[:comment] | |||
| 11 | @comment.author = User.current |
|
12 | @comment.author = User.current | |
| 12 | if @news.comments << @comment |
|
13 | if @news.comments << @comment | |
| 13 | flash[:notice] = l(:label_comment_added) |
|
14 | flash[:notice] = l(:label_comment_added) | |
| 14 | end |
|
15 | end | |
| 15 |
|
16 | |||
| 16 | redirect_to :controller => 'news', :action => 'show', :id => @news |
|
17 | redirect_to :controller => 'news', :action => 'show', :id => @news | |
| 17 | end |
|
18 | end | |
| 18 |
|
19 | |||
| 19 | verify :method => :delete, :only => :destroy, :render => {:nothing => true, :status => :method_not_allowed } |
|
20 | verify :method => :delete, :only => :destroy, :render => {:nothing => true, :status => :method_not_allowed } | |
| 20 | def destroy |
|
21 | def destroy | |
| 21 | @news.comments.find(params[:comment_id]).destroy |
|
22 | @news.comments.find(params[:comment_id]).destroy | |
| 22 | redirect_to :controller => 'news', :action => 'show', :id => @news |
|
23 | redirect_to :controller => 'news', :action => 'show', :id => @news | |
| 23 | end |
|
24 | end | |
| 24 |
|
25 | |||
| 25 | private |
|
26 | private | |
| 26 |
|
27 | |||
| 27 | # ApplicationController's find_model_object sets it based on the controller |
|
28 | # ApplicationController's find_model_object sets it based on the controller | |
| 28 | # name so it needs to be overriden and set to @news instead |
|
29 | # name so it needs to be overriden and set to @news instead | |
| 29 | def find_model_object |
|
30 | def find_model_object | |
| 30 | super |
|
31 | super | |
| 31 | @news = @object |
|
32 | @news = @object | |
| 32 | @comment = nil |
|
33 | @comment = nil | |
| 33 | @news |
|
34 | @news | |
| 34 | end |
|
35 | end | |
| 35 |
|
36 | |||
| 36 | end |
|
37 | end | |
| @@ -1,23 +1,26 | |||||
| 1 | # Redmine - project management software |
|
1 | # Redmine - project management software | |
| 2 | # Copyright (C) 2006-2011 Jean-Philippe Lang |
|
2 | # Copyright (C) 2006-2011 Jean-Philippe Lang | |
| 3 | # |
|
3 | # | |
| 4 | # This program is free software; you can redistribute it and/or |
|
4 | # This program is free software; you can redistribute it and/or | |
| 5 | # modify it under the terms of the GNU General Public License |
|
5 | # modify it under the terms of the GNU General Public License | |
| 6 | # as published by the Free Software Foundation; either version 2 |
|
6 | # as published by the Free Software Foundation; either version 2 | |
| 7 | # of the License, or (at your option) any later version. |
|
7 | # of the License, or (at your option) any later version. | |
| 8 | # |
|
8 | # | |
| 9 | # This program is distributed in the hope that it will be useful, |
|
9 | # This program is distributed in the hope that it will be useful, | |
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 12 | # GNU General Public License for more details. |
|
12 | # GNU General Public License for more details. | |
| 13 | # |
|
13 | # | |
| 14 | # You should have received a copy of the GNU General Public License |
|
14 | # You should have received a copy of the GNU General Public License | |
| 15 | # along with this program; if not, write to the Free Software |
|
15 | # along with this program; if not, write to the Free Software | |
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|
16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |
| 17 |
|
17 | |||
| 18 | class Comment < ActiveRecord::Base |
|
18 | class Comment < ActiveRecord::Base | |
|
|
19 | include Redmine::SafeAttributes | |||
| 19 | belongs_to :commented, :polymorphic => true, :counter_cache => true |
|
20 | belongs_to :commented, :polymorphic => true, :counter_cache => true | |
| 20 | belongs_to :author, :class_name => 'User', :foreign_key => 'author_id' |
|
21 | belongs_to :author, :class_name => 'User', :foreign_key => 'author_id' | |
| 21 |
|
22 | |||
| 22 | validates_presence_of :commented, :author, :comments |
|
23 | validates_presence_of :commented, :author, :comments | |
|
|
24 | ||||
|
|
25 | safe_attributes 'comments' | |||
| 23 | end |
|
26 | end | |
General Comments 0
You need to be logged in to leave comments.
Login now