Merge pull request #4961 from Zauberstuhl/report_feature_issue_4959

Do not try to render post/comment report which does not exist
author: Jonne Haß <me@jhass.eu> 2014-05-16 18:10:06 +0400
committer: Jonne Haß <me@jhass.eu> 2014-05-16 18:10:06 +0400
commit: 9e2c914a1bba4ac11854980f94414cb52e8ea8c4 (patch)
tree: 12d8eaea4f237a77e5f50c143409bb2d888a227f
parent: 01381ddf25b8cd7eb7720049b06ad23f6985e5f1 (diff)
parent: 8170ef8363e8db5427a8d24a0f47bf2142e9875a (diff)
6 files changed, 38 insertions, 10 deletions
diff --git a/app/assets/stylesheets/report.css.scss b/app/assets/stylesheets/report.css.scss
index 2ee1789e7..d964b55cd 100644
--- a/app/assets/stylesheets/report.css.scss
+++ b/app/assets/stylesheets/report.css.scss
@@ -5,6 +5,9 @@
     span {
       display: block;
     }
+    span.text {
+      padding-bottom: 1em;
+    }
   }
   .options {
     float: right;
diff --git a/app/helpers/report_helper.rb b/app/helpers/report_helper.rb
index 370981314..10509ccfd 100644
--- a/app/helpers/report_helper.rb
+++ b/app/helpers/report_helper.rb
@@ -4,13 +4,14 @@
 
 module ReportHelper
   def report_content(id, type)
-    raw case type
-      when 'post'
-        t('report.post_label', title: link_to(post_page_title(Post.find_by_id(id)), post_path(id)))
-      when 'comment'
-        # comment_message is not html_safe. To prevent
-        # cross-site-scripting we have to escape html
-        t('report.comment_label', data: h(comment_message(Comment.find_by_id(id))))
+    if type == 'post' && !(post = Post.find_by_id(id)).nil?
+      raw t('report.post_label', title: link_to(post_page_title(post), post_path(id)))
+    elsif type == 'comment' && !(comment = Comment.find_by_id(id)).nil?
+      # comment_message is not html_safe. To prevent
+      # cross-site-scripting we have to escape html
+      raw t('report.comment_label', data: h(comment_message(comment)))
+    else
+      raw t('report.not_found')
     end
   end
 end
diff --git a/app/models/report.rb b/app/models/report.rb
index 6ee562293..36356c48f 100644
--- a/app/models/report.rb
+++ b/app/models/report.rb
@@ -6,6 +6,7 @@ class Report < ActiveRecord::Base
   validates :text, presence: true
 
   validate :entry_does_not_exist, :on => :create
+  validate :post_or_comment_does_exist, :on => :create
 
   belongs_to :user
   belongs_to :post
@@ -19,6 +20,12 @@ class Report < ActiveRecord::Base
     end
   end
 
+  def post_or_comment_does_exist
+    if Post.find_by_id(item_id).nil? && Comment.find_by_id(item_id).nil?
+      errors[:base] << 'Post or comment was already deleted or doesn\'t exists.'
+    end
+  end
+
   def destroy_reported_item
     if item_type == 'post'
       delete_post
diff --git a/app/views/report/index.html.haml b/app/views/report/index.html.haml
index b5026c643..1268c56c7 100644
--- a/app/views/report/index.html.haml
+++ b/app/views/report/index.html.haml
@@ -8,7 +8,7 @@
     - @reports.each do |r|
       - username = User.find_by_id(r.user_id).username
       %div.content
-        %span
+        %span.text
           = report_content(r.item_id, r.item_type)
         %span
           = raw t('report.reported_label', person: link_to(username, user_profile_path(username)))
diff --git a/config/locales/diaspora/en.yml b/config/locales/diaspora/en.yml
index 5fc467451..44ac3630e 100644
--- a/config/locales/diaspora/en.yml
+++ b/config/locales/diaspora/en.yml
@@ -894,6 +894,7 @@ en:
     review_link: "Mark as reviewed"
     delete_link: "Delete item"
     confirm_deletion: "Are you sure to delete the item?"
+    not_found: "<u>The post/comment was not found. It seams that it was deleted by the user!</u>"
     status:
       marked: "The report was marked as reviewed"
       destroyed: "The post was destroyed"
diff --git a/spec/models/report_spec.rb b/spec/models/report_spec.rb
index 82d5d8603..3595a6a1a 100644
--- a/spec/models/report_spec.rb
+++ b/spec/models/report_spec.rb
@@ -25,11 +25,27 @@ describe Report do
 
   describe '#validation' do
     it 'validates that post ID is required' do
-      @user.reports.build(:item_type => 'post', :text => 'blub').should_not be_valid
+      report = @valid_post_report
+      report.delete(:item_id)
+      @user.reports.build(report).should_not be_valid
     end
     
     it 'validates that post type is required' do
-      @user.reports.build(:item_id => 666, :text => 'blub').should_not be_valid
+      report = @valid_post_report
+      report.delete(:item_type)
+      @user.reports.build(report).should_not be_valid
+    end
+
+    it 'validates that post does exist' do
+      report = @valid_post_report
+      report[:item_id] = 666;
+      @user.reports.build(report).should_not be_valid
+    end
+
+    it 'validates that comment does exist' do
+      report = @valid_comment_report
+      report[:item_id] = 666;
+      @user.reports.build(report).should_not be_valid
     end
 
     it 'validates that entry does not exist' do
author	Jonne Haß <me@jhass.eu>	2014-05-16 18:10:06 +0400
committer	Jonne Haß <me@jhass.eu>	2014-05-16 18:10:06 +0400
commit	9e2c914a1bba4ac11854980f94414cb52e8ea8c4 (patch)
tree	12d8eaea4f237a77e5f50c143409bb2d888a227f
parent	01381ddf25b8cd7eb7720049b06ad23f6985e5f1 (diff)
parent	8170ef8363e8db5427a8d24a0f47bf2142e9875a (diff)