Allow reporting of abusive users to moderators or admins

.rubocop_todo.yml

@@ -67,7 +67,7 @@ Metrics/AbcSize:
 # Offense count: 41
 # Configuration parameters: CountComments, ExcludedMethods.
 Metrics/BlockLength:
-  Max: 240
+  Max: 250
 
 # Offense count: 12
 # Configuration parameters: CountBlocks.

Gemfile

@@ -70,6 +70,9 @@ gem "omniauth-windowslive"
 # Markdown formatting support
 gem "redcarpet"
 
+# For status transitions of Issues
+gem "aasm"
+
 # Load libxml support for XML parsing and generation
 gem "libxml-ruby", ">= 2.0.5", :require => "libxml"
 

Gemfile.lock

@@ -2,6 +2,7 @@ GEM
   remote: https://rubygems.org/
   specs:
     SystemTimer (1.2.3)
+    aasm (4.1.0)
     actioncable (5.1.5)
       actionpack (= 5.1.5)
       nio4r (~> 2.0)
@@ -354,6 +355,7 @@ PLATFORMS
 
 DEPENDENCIES
   SystemTimer (>= 1.1.3)
+  aasm
   actionpack-page_caching
   annotate
   autoprefixer-rails

app/assets/stylesheets/common.scss

@@ -2818,3 +2818,59 @@ input.richtext_title[type="text"] {
     display: none;
   }
 }
+
+.read-reports {
+  background: #eee;
+  opacity: 0.7;
+}
+
+.report-related-block {
+  display:inline-block;
+}
+
+.report-block {
+  width:475px;
+  float:left;
+  margin-right:100px;
+}
+
+.related-reports {
+  width: 280px;
+  float: right;
+
+  ul {
+    padding-left: $lineheight;
+    margin-bottom: 0;
+
+    li {
+      list-style: disc;
+    }
+  }
+}
+
+.issue-comments {
+  width:475px;
+}
+
+.issues-list {
+  td:nth-child(2) {
+    white-space: nowrap;
+  }
+}
+
+.report-disclaimer {
+  background: #fff1f0;
+  color: #d85030;
+  border-color: rgba(216, 80, 48, 0.3);
+  padding: 10px 20px;
+  margin-bottom: $lineheight;
+
+  ul {
+    padding-left: $lineheight;
+    margin-bottom: 0;
+
+    li {
+      list-style: disc;
+    }
+  }
+}

app/controllers/issue_comments_controller.rb

@@ -0,0 +1,37 @@
+class IssueCommentsController < ApplicationController
+  layout "site"
+
+  before_action :authorize_web
+  before_action :require_user
+  before_action :check_permission
+
+  def create
+    @issue = Issue.find(params[:issue_id])
+    comment = @issue.comments.build(issue_comment_params)
+    comment.user = current_user
+    comment.save!
+    notice = t("issues.comment.comment_created")
+    reassign_issue(@issue) if params[:reassign]
+    redirect_to @issue, :notice => notice
+  end
+
+  private
+
+  def issue_comment_params
+    params.require(:issue_comment).permit(:body)
+  end
+
+  def check_permission
+    unless current_user.administrator? || current_user.moderator?
+      flash[:error] = t("application.require_moderator_or_admin.not_a_moderator_or_admin")
+      redirect_to root_path
+    end
+  end
+
+  # This sort of assumes there are only two roles
+  def reassign_issue(issue)
+    role = (Issue::ASSIGNED_ROLES - [issue.assigned_role]).first
+    issue.assigned_role = role
+    issue.save!
+  end
+end

app/controllers/issues_controller.rb

@@ -0,0 +1,91 @@
+class IssuesController < ApplicationController
+  layout "site"
+
+  before_action :authorize_web
+  before_action :require_user
+  before_action :check_permission
+  before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore]
+
+  def index
+    @title = t ".title"
+
+    @issue_types = []
+    @issue_types.concat %w[Note] if current_user.moderator?
+    @issue_types.concat %w[DiaryEntry DiaryComment User] if current_user.administrator?
+
+    @users = User.joins(:roles).where(:user_roles => { :role => current_user.roles.map(&:role) }).distinct
+    @issues = Issue.where(:assigned_role => current_user.roles.map(&:role))
+
+    # If search
+    if params[:search_by_user] && params[:search_by_user].present?
+      @find_user = User.find_by(:display_name => params[:search_by_user])
+      if @find_user
+        @issues = @issues.where(:reported_user_id => @find_user.id)
+      else
+        notice = t("issues.index.user_not_found")
+      end
+    end
+
+    @issues = @issues.where(:status => params[:status][0]) if params[:status] && params[:status][0].present?
+
+    @issues = @issues.where(:reportable_type => params[:issue_type][0]) if params[:issue_type] && params[:issue_type][0].present?
+
+    if params[:last_updated_by] && params[:last_updated_by][0].present?
+      last_updated_by = params[:last_updated_by][0].to_s == "nil" ? nil : params[:last_updated_by][0].to_i
+      @issues = @issues.where(:updated_by => last_updated_by)
+    end
+
+    redirect_to issues_path, :notice => notice if notice
+  end
+
+  def show
+    @read_reports = @issue.read_reports
+    @unread_reports = @issue.unread_reports
+    @comments = @issue.comments
+    @related_issues = @issue.reported_user.issues.where(:assigned_role => current_user.roles.map(&:role)) if @issue.reported_user
+    @new_comment = IssueComment.new(:issue => @issue)
+  end
+
+  # Status Transistions
+  def resolve
+    if @issue.resolve
+      @issue.save!
+      redirect_to @issue, :notice => t("issues.resolved")
+    else
+      render :show
+    end
+  end
+
+  def ignore
+    if @issue.ignore
+      @issue.updated_by = current_user.id
+      @issue.save!
+      redirect_to @issue, :notice => t("issues.ignored")
+    else
+      render :show
+    end
+  end
+
+  def reopen
+    if @issue.reopen
+      @issue.updated_by = current_user.id
+      @issue.save!
+      redirect_to @issue, :notice => t("issues.reopened")
+    else
+      render :show
+    end
+  end
+
+  private
+
+  def find_issue
+    @issue = Issue.find(params[:id])
+  end
+
+  def check_permission
+    unless current_user.administrator? || current_user.moderator?
+      flash[:error] = t("application.require_moderator_or_admin.not_a_moderator_or_admin")
+      redirect_to root_path
+    end
+  end
+end

app/controllers/reports_controller.rb

@@ -0,0 +1,42 @@
+class ReportsController < ApplicationController
+  layout "site"
+
+  before_action :authorize_web
+  before_action :require_user
+
+  def new
+    if required_new_report_params_present?
+      @report = Report.new
+      @report.issue = Issue.find_or_initialize_by(create_new_report_params)
+    else
+      redirect_to root_path, :notice => t("reports.new.missing_params")
+    end
+  end
+
+  def create
+    @report = current_user.reports.new(report_params)
+    @report.issue = Issue.find_or_initialize_by(:reportable_id => params[:report][:issue][:reportable_id], :reportable_type => params[:report][:issue][:reportable_type])
+
+    if @report.save
+      @report.issue.save
+      @report.issue.reopen! unless @report.issue.open?
+      redirect_to helpers.reportable_url(@report.issue.reportable), :notice => t("issues.create.successful_report")
+    else
+      redirect_to new_report_path(:reportable_type => @report.issue.reportable_type, :reportable_id => @report.issue.reportable_id), :notice => t("issues.create.provide_details")
+    end
+  end
+
+  private
+
+  def required_new_report_params_present?
+    create_new_report_params["reportable_id"].present? && create_new_report_params["reportable_type"].present?
+  end
+
+  def create_new_report_params
+    params.permit(:reportable_id, :reportable_type)
+  end
+
+  def report_params
+    params[:report].permit(:details, :category)
+  end
+end

app/helpers/issues_helper.rb

@@ -0,0 +1,27 @@
+module IssuesHelper
+  def reportable_url(reportable)
+    case reportable
+    when DiaryEntry
+      url_for(:controller => reportable.class.name.underscore, :action => :view, :display_name => reportable.user.display_name, :id => reportable.id)
+    when User
+      url_for(:controller => reportable.class.name.underscore, :action => :view, :display_name => reportable.display_name)
+    when DiaryComment
+      url_for(:controller => reportable.diary_entry.class.name.underscore, :action => :view, :display_name => reportable.diary_entry.user.display_name, :id => reportable.diary_entry.id, :anchor => "comment#{reportable.id}")
+    when Note
+      url_for(:controller => :browse, :action => :note, :id => reportable.id)
+    end
+  end
+
+  def reportable_title(reportable)
+    case reportable
+    when DiaryEntry
+      reportable.title
+    when User
+      reportable.display_name
+    when DiaryComment
+      "#{reportable.diary_entry.title}, Comment id ##{reportable.id}"
+    when Note
+      "Note ##{reportable.id}"
+    end
+  end
+end

app/helpers/reports_helper.rb

@@ -0,0 +1,5 @@
+module ReportsHelper
+  def report_link(name, reportable)
+    link_to name, new_report_url(:reportable_id => reportable.id, :reportable_type => reportable.class.name)
+  end
+end