db/migrate/058_add_anonymous_commenting_fields.rb engine_config/initializers/recaptcha_constants.rb engine_plugins/recaptcha/.gitignore engine_plugins/recaptcha/LICENSE engine_plugins/recaptcha/README.rdoc engine_plugins/recaptcha/Rakefile engine_plugins/recaptcha/init.rb engine_plugins/recaptcha/install.rb engine_plugins/recaptcha/lib/recaptcha.rb engine_plugins/recaptcha/tasks/recaptcha_tasks.rake engine_plugins/recaptcha/test/recaptcha_test.rb engine_plugins/recaptcha/test/verify_recaptcha_test.rb engine_plugins/recaptcha/uninstall.rb @@ -1,5 +1,9 @@ class CommentsController < BaseController before_filter :login_required, :except => [:index] + if AppConfig.allow_anonymous_commenting + skip_before_filter :login_required, :only => [:create] + end + uses_tiny_mce(:options => AppConfig.simple_mce_options, :only => [:index]) cache_sweeper :comment_sweeper, :only => [:create, :destroy] @@ -81,13 +85,15 @@ class CommentsController < BaseController @commentable = Inflector.constantize(Inflector.camelize(params[:commentable_type])).find(params[:commentable_id]) @comment = Comment.new(params[:comment]) @comment.recipient = @commentable.owner - @comment.user_id = current_user.id + + @comment.user_id = current_user.id if current_user + @comment.author_ip = request.remote_ip #save the ip address for everyone, just because respond_to do |format| - if @comment.save + if verify_recaptcha(@comment) && @comment.save @commentable.add_comment @comment - UserNotifier.deliver_comment_notice(@comment) if should_receive_notification(@comment) - deliver_comment_notice_to_previous_commenters(@comment) + UserNotifier.deliver_comment_notice(@comment) if @comment.should_notify_recipient? + @comment.notify_previous_commenters flash.now[:notice] = 'Comment was successfully created.'.l format.html { redirect_to :controller => Inflector.underscore(params[:commentable_type]).pluralize, :action => 'show', :id => params[:commentable_id], :user_id => @comment.recipient.id } @@ -95,7 +101,7 @@ class CommentsController < BaseController render :partial => 'comments/comment.html.haml', :locals => {:comment => @comment, :highlighted => true} } else - flash.now[:error] = :comment_save_error.l_with_args(:error => @comment.errors.full_messages.join(", ")) + flash.now[:error] = :comment_save_error.l_with_args(:error => @comment.errors.full_messages.to_sentence) format.html { redirect_to :controller => Inflector.underscore(params[:commentable_type]).pluralize, :action => 'show', :id => params[:commentable_id] } format.js{ render :inline => flash[:error], :status => 500 @@ -121,18 +127,5 @@ class CommentsController < BaseController end end - protected - - def deliver_comment_notice_to_previous_commenters(comment) - comment.previous_commenters_to_notify.each do |user| - UserNotifier.deliver_follow_up_comment_notice(user, comment) - end - end - - def should_receive_notification(comment) - return false if comment.recipient.eql?(@comment.user) - return false unless comment.recipient.notify_comments? - true - end end \ No newline at end of file app/controllers/comments_controller.rb @@ -1,7 +1,7 @@ require 'pp' class PhotosController < BaseController - before_filter :login_required, :only => [:new, :edit, :update, :destroy, :create, :manage_photos, :swfupload] + before_filter :login_required, :only => [:new, :edit, :update, :destroy, :create, :swfupload] before_filter :find_user, :only => [:new, :edit, :index, :show, :slideshow, :swfupload] before_filter :require_current_user, :only => [:new, :edit, :update, :destroy, :swfupload] @@ -49,15 +49,18 @@ class PhotosController < BaseController end def manage_photos - @user = current_user - cond = Caboose::EZ::Condition.new - cond.user_id == @user.id - if params[:tag_name] - cond.append ['tags.name = ?', params[:tag_name]] + if logged_in? + @user = current_user + cond = Caboose::EZ::Condition.new + cond.user_id == @user.id + if params[:tag_name] + cond.append ['tags.name = ?', params[:tag_name]] + end + + @selected = params[:photo_id] + @pages, @photos = paginate :photos, :order => "created_at DESC", :conditions => cond.to_sql, :include => :tags, :per_page => 10 + end - - @selected = params[:photo_id] - @pages, @photos = paginate :photos, :order => "created_at DESC", :conditions => cond.to_sql, :include => :tags, :per_page => 10 respond_to do |format| format.js end app/controllers/photos_controller.rb @@ -1,4 +1,5 @@ class PostsController < BaseController + include Viewable uses_tiny_mce(:options => AppConfig.default_mce_options, :only => [:new, :edit, :update, :create ]) uses_tiny_mce(:options => AppConfig.simple_mce_options, :only => [:show]) app/controllers/posts_controller.rb @@ -6,7 +6,6 @@ class Comment < ActiveRecord::Base belongs_to :user belongs_to :recipient, :class_name => "User", :foreign_key => "recipient_id" - validates_presence_of :user validates_presence_of :comment validates_presence_of :recipient @@ -14,7 +13,12 @@ class Comment < ActiveRecord::Base before_save :whitelist_attributes - acts_as_activity :user + validates_presence_of :user, :unless => Proc.new{|record| AppConfig.allow_anonymous_commenting } + validates_presence_of :author_email, :unless => Proc.new{|record| record.user } #require email unless logged in + validates_presence_of :author_ip, :unless => Proc.new{|record| record.user} #log ip unless logged in + validates_format_of :author_url, :with => /(^$)|(^(http|https):\/\/[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,5}(([0-9]{1,5})?\/.*)?$)/ix, :unless => Proc.new{|record| record.user } + + acts_as_activity :user, :if => Proc.new{|record| record.user } #don't record an activity if there's no user def self.find_photo_comments_for(user) Comment.find(:all, :conditions => ["recipient_id = ? AND commentable_type = ?", user.id, 'Photo'], :order => 'created_at DESC') @@ -67,7 +71,11 @@ class Comment < ActiveRecord::Base end def title_for_rss - "Comment from #{user.login}" + "Comment from #{username}" + end + + def username + user ? user.login : (author_name.blank? ? 'Anonymous' : author_name) end def self.find_recent(options = {:limit => 5}) @@ -78,6 +86,17 @@ class Comment < ActiveRecord::Base person && (person.admin? || person.eql?(user) || person.eql?(recipient) ) end + def should_notify_recipient? + return false if recipient.eql?(user) + return false unless recipient.notify_comments? + true + end + + def notify_previous_commenters + previous_commenters_to_notify.each do |commenter| + UserNotifier.deliver_follow_up_comment_notice(commenter, self) + end + end protected def whitelist_attributes app/models/comment.rb @@ -28,7 +28,7 @@ class UserNotifier < ActionMailer::Base def comment_notice(comment) @recipients = "#{comment.recipient.email}" setup_sender_info - @subject = "#{comment.user.login} has something to say to you on #{AppConfig.community_name}!" + @subject = "#{comment.username} has something to say to you on #{AppConfig.community_name}!" @sent_on = Time.now @body[:url] = comment.generate_commentable_url @body[:user] = comment.recipient @@ -39,7 +39,7 @@ class UserNotifier < ActionMailer::Base def follow_up_comment_notice(user, comment) @recipients = "#{user.email}" setup_sender_info - @subject = "#{comment.user.login} has commented on a #{comment.commentable_type} that you also commented on. [#{AppConfig.community_name}]" + @subject = "#{comment.username} has commented on a #{comment.commentable_type} that you also commented on. [#{AppConfig.community_name}]" @sent_on = Time.now @body[:url] = comment.generate_commentable_url @body[:user] = user app/models/user_notifier.rb @@ -1,25 +1,39 @@ -.hentry{:id => "comment_#{comment.id}"} - .vcard.author - %h5= link_to image_tag(comment.user.avatar_photo_url(:thumb), :height => '50', :width => '50', :alt => "#{comment.user.login}"), user_path(comment.user), :rel => 'bookmark', :class => 'photo', :title => "#{comment.user.login}'s profile" - %ul - %li.fn - = link_to comment.user.login, user_path(comment.user), :class => 'url' - %li.update - %a{"href"=>"#{comment.generate_commentable_url}", "rel"=>"bookmark"} - %abbr.published{"title"=>"#{comment.created_at}"} - = comment.created_at.strftime("%B %d, %Y") - %li.addfriend - %a{"href"=>"#"} - ="Add as friend".l - -if ( comment.can_be_deleted_by(current_user) ) - %li.delete=link_to_remote("Delete".l, {:url => comment_path(comment.commentable_type, comment.commentable_id, comment), :method => :delete, 500 => 'alert(\'Sorry, there was a server error\'); return false', :success => visual_effect(:fade, "comment_#{comment.id}"), :confirm => "Are you sure you want to permanently delete this comment"} ) - - / vcard - .entry-content= comment.comment - / entry-content -/ ends hentry +-if comment.user + .hentry{:id => "comment_#{comment.id}"} + .vcard.author + %h5= link_to image_tag(comment.user.avatar_photo_url(:thumb), :height => '50', :width => '50', :alt => "#{comment.user.login}"), user_path(comment.user), :rel => 'bookmark', :class => 'photo', :title => "#{comment.user.login}'s profile" + %ul + %li.fn + = link_to comment.user.login, user_path(comment.user), :class => 'url' + %li.update + %a{"href"=>"#{comment.generate_commentable_url}", "rel"=>"bookmark"} + %abbr.published{"title"=>"#{comment.created_at}"} + = comment.created_at.strftime("%B %d, %Y") + %li.addfriend + %a{"href"=>"#"}="Add as friend".l + -if ( comment.can_be_deleted_by(current_user) ) + %li.delete=link_to_remote("Delete".l, {:url => comment_path(comment.commentable_type, comment.commentable_id, comment), :method => :delete, 500 => 'alert(\'Sorry, there was a server error\'); return false', :success => visual_effect(:fade, "comment_#{comment.id}"), :confirm => "Are you sure you want to permanently delete this comment"} ) + .entry-content= comment.comment + +-else + .hentry{:id => "comment_#{comment.id}"} + .vcard.author + %h5 + %a{:href => '#', :rel => 'bookmark', :class => 'photo', :onclick => 'return false;'} + = image_tag(AppConfig.photo['missing_thumb'], :height => '50', :width => '50') + %ul + %li.fn + =link_to_unless(comment.author_url.blank?, h(comment.username), h(comment.author_url)){ h(comment.username) } + %li.update + %a{"href"=>"#{comment.generate_commentable_url}", "rel"=>"bookmark"} + %abbr.published{"title"=>"#{comment.created_at}"} + = comment.created_at.strftime("%B %d, %Y") + -if ( comment.can_be_deleted_by(current_user) ) + %li.delete=link_to_remote("Delete".l, {:url => comment_path(comment.commentable_type, comment.commentable_id, comment), :method => :delete, 500 => 'alert(\'Sorry, there was a server error\'); return false', :success => visual_effect(:fade, "comment_#{comment.id}"), :confirm => "Are you sure you want to permanently delete this comment"} ) + .entry-content= comment.comment - highlighted ||= nil - if highlighted %script{"type"=>"text/javascript"} =visual_effect :highlight, "comment_#{comment.id}", :duration => 1 + app/views/comments/_comment.html.haml @@ -1,4 +1,4 @@ -- if current_user +- if current_user || AppConfig.allow_anonymous_commenting %script{"type"=>"text/javascript"} function scrollToNewestComment(){ loc = document.location.toString(); @@ -11,10 +11,28 @@ document.location.href = loc; } .errors - - form_remote_for(:comment, :loading => "$$('div#comments div.errors')[0].innerHTML = ''; $('comment_spinner').show();", :before => "tinyMCE.activeEditor.save();", :url => comments_url(Inflector.underscore(commentable.class), commentable.id ), 500 => "$$('div#comments div.errors')[0].innerHTML = request.responseText; return false;", :success => "new Insertion.#{commentable.class.to_s.eql?('User') ? 'After': 'After' }('newest_comment', request.responseText); tinyMCE.activeEditor.setContent(\'\'); scrollToNewestComment();", :complete => "$('comment_spinner').hide();", :html => {:class => "MainForm"}) do |f| + - form_remote_for(:comment, :loading => "$$('div#comments div.errors')[0].innerHTML = ''; $('comment_spinner').show();", :before => "tinyMCE.activeEditor.save();", :url => comments_url(Inflector.underscore(commentable.class), commentable.id ), 500 => "$$('div#comments div.errors')[0].update(request.responseText);new Effect.Highlight($$('div#comments div.errors')[0]); return false;", :success => "new Insertion.#{commentable.class.to_s.eql?('User') ? 'After': 'After' }('newest_comment', request.responseText); tinyMCE.activeEditor.setContent(\'\'); scrollToNewestComment();", :complete => "$('comment_spinner').hide(); if($('dynamic_recaptcha')){Recaptcha.create('#{AppConfig.recaptcha_pub_key}', $('dynamic_recaptcha') )}", :html => {:class => "MainForm"}) do |f| %label %em="(2000 character limit)".l :comment_character_limit = text_area :comment, :comment, {:size => "86x5", :class => "rich_text_editor"} + + -unless logged_in? + .right{:style => 'margin-top:2em;'}= recaptcha_tags :ajax => true + + %label{"for"=>"comment[author_name"} + ="Name:".l + %em="(#{'Optional'.l})" + = f.text_field :author_name, :size => 35 + %label{"for"=>"comment[author_email"} + ="#{'E-mail'.l}:" + %em="(#{"Required; won't be shown on site".l})" + = f.text_field :author_email, :size => 35 + %label{"for"=>"comment[author_email"} + ="Web site (include http://):".l + %em="(#{'Optional'.l})" + = f.text_field :author_url, :size => 35 + + %p = submit_tag "Add Comment".l = image_tag 'spinner.gif', :plugin => "community_engine", :style => 'display:none;', :id => 'comment_spinner' app/views/comments/_comment_form.html.haml @@ -1 +1,5 @@ -page.replace_html :dynamic_images_list, :partial => 'manage_photos', :locals => { :photos => @photos } \ No newline at end of file +if logged_in? + page.replace_html :dynamic_images_list, :partial => 'manage_photos', :locals => { :photos => @photos } +else + page << "mcTabs.displayTab('general_tab','general_panel'); $('dynamic_select_tab').hide(); $('image_upload_form').up('fieldset').hide();" +end \ No newline at end of file app/views/photos/manage_photos.rjs @@ -1,6 +1,6 @@ Hey <%= @user.login %>! -<%= @commenter.login %> has something to say about you! Use this link to see: +<%= @comment.username %> has something to say about you! Use this link to see: <%= @url %> app/views/user_notifier/comment_notice.rhtml @@ -1,6 +1,6 @@ Hey <%= @user.login %>! -<%= @commenter.login %> has added a comment to a <%= @comment.commentable_type %> +<%= @comment.username %> has added a comment to a <%= @comment.commentable_type %> that you commented on. Use this link to check it out: <%= @url %> app/views/user_notifier/follow_up_comment_notice.rhtml @@ -12,7 +12,7 @@ AppConfig.default_mce_options = { :cleanup_on_startup => true, :convert_fonts_to_spans => true, :theme_advanced_resize_horizontal => false, - :theme_advanced_buttons1 => %w{bold italic underline separator justifyleft justifycenter justifyright indent outdent separator bullist numlist separator link unlink image media separator undo redo help code}, + :theme_advanced_buttons1 => %w{bold italic underline separator justifyleft justifycenter justifyright indent outdent separator bullist numlist separator link unlink image media separator undo redo code}, :theme_advanced_buttons2 => [], :theme_advanced_buttons3 => [], :plugins => %w{media preview curblyadvimage inlinepopups safari}, @@ -33,7 +33,7 @@ AppConfig.simple_mce_options = { :theme_advanced_statusbar_location => "bottom", :editor_deselector => "mceNoEditor", :theme_advanced_resize_horizontal => false, - :theme_advanced_buttons1 => %w{bold italic underline separator bullist numlist separator link unlink image separator help}, + :theme_advanced_buttons1 => %w{bold italic underline separator bullist numlist separator link unlink image}, :theme_advanced_buttons2 => [], :theme_advanced_buttons3 => [], :plugins => %w{inlinepopups safari curblyadvimage} engine_config/initializers/mce_options.rb @@ -17,7 +17,7 @@ all_users_tagged: All users tagged {tag_name} #en: comments_count: "{count} pluralize{{count}, comment}" comments_count: "{count} pluralize{{count}, comment}" #en: comment_save_error: Your comment couldn't be saved. -comment_save_error: "Your comment couldn't be saved." +comment_save_error: "Your comment couldn't be saved. {error}" #en: community_tagline: CommunityEngine Rocks! community_tagline: CommunityEngine Rocks! #en: create: Create lang/ui/en-US.yml @@ -76,6 +76,15 @@ class CommentsControllerTest < Test::Unit::TestCase end assert_response :redirect end + + def test_should_create_post_comment_anonymously + AppConfig.allow_anonymous_commenting = true + assert_difference Comment, :count, 1 do + create_post_comment(:comment => {:author_email => 'foor@bar.com'}) + end + assert_response :redirect + end + def test_should_destroy_post_comment login_as :quentin test/functional/comments_controller_test.rb 81e1e33a373f0ba910c01b53f4d7e42a8be95df5 Bruno Bornsztein bruno@otis.local http://github.com/bborn/communityengine/commit/c88f1b54bb227270bab96dd8ccfcbe6968879c5d c88f1b54bb227270bab96dd8ccfcbe6968879c5d 2008-08-21T12:11:09-07:00 2008-08-21T12:11:09-07:00 added support for anonymous commenting and recaptcha for comments b83ecb18f5971757d2eb997acd03a86e52e7c31c Bruno Bornsztein bruno@otis.local