Class: Commontator::CommentsController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Commontator::CommentsController

Defined in:

app/controllers/commontator/comments_controller.rb

Instance Method Summary

• #create ⇒ Object

  POST /threads/1/comments.

• #delete ⇒ Object

  PUT /comments/1/delete.

• #downvote ⇒ Object

  PUT /comments/1/downvote.

• #edit ⇒ Object

  GET /comments/1/edit.

• #new ⇒ Object

  GET /threads/1/comments/new.

• #undelete ⇒ Object

  PUT /comments/1/undelete.

• #unvote ⇒ Object

  PUT /comments/1/unvote.

• #update ⇒ Object

  PUT /comments/1.

• #upvote ⇒ Object

  PUT /comments/1/upvote.

Instance Method Details

#create ⇒ Object

POST /threads/1/comments

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 23

def create
  @comment = Comment.new
  @comment.body = params[:comment].nil? ? nil : params[:comment][:body]
  @comment.thread = @thread
  @comment.creator = @user
  
  raise SecurityTransgression unless @comment.can_be_created_by?(@user)
  
  respond_to do |format|
    if @comment.save
      @thread.subscribe(@user) if @thread.config.auto_subscribe_on_comment
      @thread.add_unread_except_for(@user)
      recipients = @thread.active_subscribers.reject{|s| s == @user}
      SubscriptionsMailer.comment_created(@comment, recipients).deliver \
        unless recipients.empty?

      format.html { redirect_to @thread }
      format.js
    else
      format.html { redirect_to @thread }
      format.js { render :new }
    end
  end
end

#delete ⇒ Object

PUT /comments/1/delete

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 76

def delete
  raise SecurityTransgression unless @comment.can_be_deleted_by?(@user)

  @comment.errors.add(:base, 'This comment has already been deleted.') \
    unless @comment.delete_by(@user)

  respond_to do |format|
    format.html { redirect_to @thread }
    format.js { render :delete }
  end
end

#downvote ⇒ Object

PUT /comments/1/downvote

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 114

def downvote
  raise SecurityTransgression unless @comment.can_be_voted_on_by?(@user)
  
  @comment.downvote_from @user

  respond_to do |format|
    format.html { redirect_to @thread }
    format.js { render :vote }
  end
end

#edit ⇒ Object

GET /comments/1/edit

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 49

def edit
  raise SecurityTransgression unless @comment.can_be_edited_by?(@user)

  respond_to do |format|
    format.html { redirect_to @thread }
    format.js
  end
end

#new ⇒ Object

GET /threads/1/comments/new

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 8

def new
  @comment = Comment.new
  @comment.thread = @thread
  @comment.creator = @user

  raise SecurityTransgression unless @comment.can_be_created_by?(@user)

  respond_to do |format|
    format.html { redirect_to @thread }
    format.js
  end
 
end

#undelete ⇒ Object

PUT /comments/1/undelete

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 89

def undelete
  raise SecurityTransgression unless @comment.can_be_deleted_by?(@user)

  @comment.errors.add(:base, 'This comment is not deleted.') \
    unless @comment.undelete_by(@user)

  respond_to do |format|
    format.html { redirect_to @thread }
    format.js { render :delete }
  end
end

#unvote ⇒ Object

PUT /comments/1/unvote

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 126

def unvote
  raise SecurityTransgression unless @comment.can_be_voted_on_by?(@user)
  
  @comment.unvote :voter => @user

  respond_to do |format|
    format.html { redirect_to @thread }
    format.js { render :vote }
  end
end

#update ⇒ Object

PUT /comments/1

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 59

def update
  raise SecurityTransgression unless @comment.can_be_edited_by?(@user)
  @comment.body = params[:comment].nil? ? nil : params[:comment][:body]
  @comment.editor = @user

  respond_to do |format|
    if @comment.save
      format.html { redirect_to @thread }
      format.js
    else
      format.html { redirect_to @thread }
      format.js { render :edit }
    end
  end
end

#upvote ⇒ Object

PUT /comments/1/upvote

Raises:

• (SecurityTransgression)

# File 'app/controllers/commontator/comments_controller.rb', line 102

def upvote
  raise SecurityTransgression unless @comment.can_be_voted_on_by?(@user)
  
  @comment.upvote_from @user

  respond_to do |format|
    format.html { redirect_to @thread }
    format.js { render :vote }
  end
end