liquid_feedback_frontend
view app/main/opinion/_action/update.lua @ 9:0ee1e0c42d4c
Version beta5
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
| author | bsw |
|---|---|
| date | Mon Jan 04 12:00:00 2010 +0100 (2010-01-04) |
| parents | 8d91bccab0bf |
| children | 6a12fb7e4963 |
line source
1 local member_id = app.session.member.id
3 local suggestion_id = param.get("suggestion_id", atom.integer)
5 local opinion = Opinion:by_pk(member_id, suggestion_id)
7 local suggestion = Suggestion:by_id(suggestion_id)
9 if not suggestion then
10 slot.put_into("error", _"This suggestion has been meanwhile deleted")
11 return false
12 end
14 -- TODO important m1 selectors returning result _SET_!
15 local issue = suggestion.initiative:get_reference_selector("issue"):for_share():single_object_mode():exec()
17 if issue.closed then
18 slot.put_into("error", _"This issue is already closed.")
19 return false
20 elseif issue.fully_frozen then
21 slot.put_into("error", _"Voting for this issue has already begun.")
22 return false
23 end
27 if param.get("delete") then
28 if opinion then
29 opinion:destroy()
30 end
31 slot.put_into("notice", _"Your opinion has been deleted")
32 return
33 end
35 if not opinion then
36 opinion = Opinion:new()
37 opinion.member_id = member_id
38 opinion.suggestion_id = suggestion_id
39 opinion.fulfilled = false
40 end
42 local degree = param.get("degree", atom.number)
43 local fulfilled = param.get("fulfilled", atom.boolean)
45 if degree ~= nil then
46 opinion.degree = degree
47 end
49 if fulfilled ~= nil then
50 opinion.fulfilled = fulfilled
51 end
53 opinion:save()
55 slot.put_into("notice", _"Your opinion has been updated")