liquid_feedback_frontend
annotate app/main/opinion/_action/update.lua @ 9:0ee1e0c42d4c
Version beta5
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
| author | bsw |
|---|---|
| date | Mon Jan 04 12:00:00 2010 +0100 (2010-01-04) |
| parents | 8d91bccab0bf |
| children | 6a12fb7e4963 |
| rev | line source |
|---|---|
| bsw/jbe@0 | 1 local member_id = app.session.member.id |
| bsw/jbe@0 | 2 |
| bsw/jbe@0 | 3 local suggestion_id = param.get("suggestion_id", atom.integer) |
| bsw/jbe@0 | 4 |
| bsw/jbe@0 | 5 local opinion = Opinion:by_pk(member_id, suggestion_id) |
| bsw/jbe@0 | 6 |
| bsw/jbe@6 | 7 local suggestion = Suggestion:by_id(suggestion_id) |
| bsw/jbe@6 | 8 |
| bsw/jbe@6 | 9 if not suggestion then |
| bsw/jbe@6 | 10 slot.put_into("error", _"This suggestion has been meanwhile deleted") |
| bsw/jbe@6 | 11 return false |
| bsw/jbe@6 | 12 end |
| bsw/jbe@6 | 13 |
| bsw/jbe@5 | 14 -- TODO important m1 selectors returning result _SET_! |
| bsw/jbe@6 | 15 local issue = suggestion.initiative:get_reference_selector("issue"):for_share():single_object_mode():exec() |
| bsw/jbe@5 | 16 |
| bsw/jbe@5 | 17 if issue.closed then |
| bsw/jbe@5 | 18 slot.put_into("error", _"This issue is already closed.") |
| bsw/jbe@5 | 19 return false |
| bsw/jbe@5 | 20 elseif issue.fully_frozen then |
| bsw/jbe@5 | 21 slot.put_into("error", _"Voting for this issue has already begun.") |
| bsw/jbe@5 | 22 return false |
| bsw/jbe@5 | 23 end |
| bsw/jbe@5 | 24 |
| bsw/jbe@5 | 25 |
| bsw/jbe@5 | 26 |
| bsw@3 | 27 if param.get("delete") then |
| bsw@3 | 28 if opinion then |
| bsw@3 | 29 opinion:destroy() |
| bsw@3 | 30 end |
| bsw@3 | 31 slot.put_into("notice", _"Your opinion has been deleted") |
| bsw/jbe@0 | 32 return |
| bsw/jbe@0 | 33 end |
| bsw/jbe@0 | 34 |
| bsw/jbe@0 | 35 if not opinion then |
| bsw/jbe@0 | 36 opinion = Opinion:new() |
| bsw/jbe@0 | 37 opinion.member_id = member_id |
| bsw/jbe@0 | 38 opinion.suggestion_id = suggestion_id |
| bsw/jbe@0 | 39 opinion.fulfilled = false |
| bsw/jbe@0 | 40 end |
| bsw/jbe@0 | 41 |
| bsw/jbe@0 | 42 local degree = param.get("degree", atom.number) |
| bsw/jbe@0 | 43 local fulfilled = param.get("fulfilled", atom.boolean) |
| bsw/jbe@0 | 44 |
| bsw/jbe@0 | 45 if degree ~= nil then |
| bsw/jbe@0 | 46 opinion.degree = degree |
| bsw/jbe@0 | 47 end |
| bsw/jbe@0 | 48 |
| bsw/jbe@0 | 49 if fulfilled ~= nil then |
| bsw/jbe@0 | 50 opinion.fulfilled = fulfilled |
| bsw/jbe@0 | 51 end |
| bsw/jbe@0 | 52 |
| bsw/jbe@0 | 53 opinion:save() |
| bsw/jbe@0 | 54 |
| bsw/jbe@0 | 55 slot.put_into("notice", _"Your opinion has been updated") |