jiang
/
ask
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added new stuff for thank you and security

This commit is contained in:
rulingcom 2025-04-15 18:09:47 +08:00
parent 84fca12445
commit 2db0db7aef
12 changed files with 151 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
app/controllers/admin/ask_acknowledgements_controller.rb
View File

@ -7,15 +7,44 @@ class Admin::AskAcknowledgementsController < OrbitAdminController
end end
def index def index
@ask_acknowledgements = AskAcknowledgement.first || AskAcknowledgement.create @ask_acknowledgements = AskAcknowledgement.where(:category_id.ne => nil).page(params[:page]).per(10)
@url = admin_ask_acknowledgement_path(@ask_acknowledgements)
@categories = @module_app.categories.map{|cat| [cat.title, cat.id.to_s]}
end end
def update def new
@ask_acknowledgements = AskAcknowledgement.first @ask_acknowledgement = AskAcknowledgement.new
@ask_acknowledgements.update_attributes(params.require(:ask_acknowledgement).permit!) cats = @module_app.categories.pluck(:id).map(&:to_s)
used_cats = AskAcknowledgement.pluck(:category_id).compact
unused_cats = cats - used_cats
@categories = @module_app.categories.find(unused_cats).map{|cat| [cat.title, cat.id.to_s]}
end
def edit
@ask_acknowledgement = AskAcknowledgement.find(params[:id])
end
def create
ask_ack = AskAcknowledgement.new(ack_params)
ask_ack.save
redirect_to admin_ask_acknowledgements_path, notice: t('ask.save_success') redirect_to admin_ask_acknowledgements_path, notice: t('ask.save_success')
end end
def update
@ask_acknowledgement = AskAcknowledgement.find(params[:id])
@ask_acknowledgement.update_attributes(ack_params)
redirect_to admin_ask_acknowledgements_path, notice: t('ask.save_success')
end
def destroy
@ask_acknowledgement = AskAcknowledgement.find(params[:id])
@ask_acknowledgement.delete
redirect_to admin_ask_acknowledgements_path, notice: t('ask.delete_success')
end
private
def ack_params
params.require(:ask_acknowledgement).permit!
end
end end

28
app/controllers/admin/asks_controller.rb
View File

@ -608,6 +608,34 @@ class Admin::AsksController < OrbitAdminController
end end
render :json => {:success=>true} render :json => {:success=>true}
end end
def download_file
ask_status_id = params[:ask_status_id]
obj = AskStatusHistory.find(ask_status_id) rescue nil
if obj.nil?
obj = AskFile.find(ask_status_id) rescue nil
end
if !obj.nil? && obj.file.present?
@url = obj.file.url
begin
@path = obj.file.file.file rescue ""
@filename = File.basename(@path)
@ext = @filename.split(".").last
if (current_site.accessibility_mode rescue false)
render "redirect_to_file",:layout=>false
else
user_agent = request.user_agent.downcase
@escaped_file_name = user_agent.match(/(msie|trident)/) ? CGI::escape(@filename) : @filename
send_file(@path, :type=>"application/octet-stream", :filename => @escaped_file_name, :x_sendfile=> true)
end
rescue
redirect_to @url
end
else
render :file => "#{Rails.root}/app/views/errors/404.html", :layout => false, :status => :not_found
end
end
private private
def ask_setting_params(ask_setting,collection_name, except_customs=[]) def ask_setting_params(ask_setting,collection_name, except_customs=[])
param = params.require(collection_name).except("id").permit! param = params.require(collection_name).except("id").permit!

8
app/controllers/asks_controller.rb
View File

@ -481,7 +481,7 @@ class AsksController < ApplicationController
if @must_verify_email if @must_verify_email
redirect_to "#{params[:referer_url]}?method=see_email" redirect_to "#{params[:referer_url]}?method=see_email"
else else
redirect_to "#{params[:referer_url]}?method=thank" redirect_to "#{params[:referer_url]}?method=thank&category=#{params['ask_question']['category_id']}"
end end
else else
redirect_to "#{params[:referer_url]}?method=sorry" redirect_to "#{params[:referer_url]}?method=sorry"
@ -489,9 +489,10 @@ class AsksController < ApplicationController
end end
def thank def thank
acknowledgement = AskAcknowledgement.last acknowledgement = AskAcknowledgement.where(:category_id => params['category']).first rescue nil
content = acknowledgement.nil? ? t('ask.thank_text') : acknowledgement.content
{ {
"acknowledgement" => acknowledgement "content" => content[I18n.locale]
} }
end end
@ -650,6 +651,7 @@ class AsksController < ApplicationController
def create_params def create_params
params.require(:ask_question).permit! params.require(:ask_question).permit!
end end
private private
def cal_form_from_setting(ask_setting,categories,show_categories=false,filter_fields=nil) def cal_form_from_setting(ask_setting,categories,show_categories=false,filter_fields=nil)
is_cat_record = (ask_setting.class == AskCategorySetting) is_cat_record = (ask_setting.class == AskCategorySetting)

4
app/helpers/admin/asks_helper.rb
View File

@ -341,6 +341,10 @@ module Admin::AsksHelper
file_value = value[0] rescue nil file_value = value[0] rescue nil
file_path = value[1] rescue nil file_path = value[1] rescue nil
file_required = v['required']=='true' file_required = v['required']=='true'
if file_path
file_path = file_path.match(%r{/uploads/ask_file/file/([^/]+)/})[1]
file_path = "/#{I18n.locale}/admin/asks/#{file_path}/download"
end
readonly ? (file_path ? "<a href=\"#{file_path}\" title=\"file\">#{file_value}</a>".html_safe : "") : "<div class=\"file-selector\"><label class=\"ui-button\"> readonly ? (file_path ? "<a href=\"#{file_path}\" title=\"file\">#{file_value}</a>".html_safe : "") : "<div class=\"file-selector\"><label class=\"ui-button\">
#{file_field_tag(field_name, {:data => {:src => file_path}, style: "position: absolute;width:0.1em;opacity: 0;padding: 0;border: 0;opacity: 0;left: 50%;top: 0;", :class => 'upload', :required => file_required, value: file_value, accept: ".doc,.docx,.xls,.xlsx,.ppt,.pptx,.txt,.pdf,.jpg,.jpeg,.bmp,.gif,.png,.odf,.ods,.odt", #{file_field_tag(field_name, {:data => {:src => file_path}, style: "position: absolute;width:0.1em;opacity: 0;padding: 0;border: 0;opacity: 0;left: 50%;top: 0;", :class => 'upload', :required => file_required, value: file_value, accept: ".doc,.docx,.xls,.xlsx,.ppt,.pptx,.txt,.pdf,.jpg,.jpeg,.bmp,.gif,.png,.odf,.ods,.odt",
onchange: " onchange: "

16
app/views/admin/ask_acknowledgements/_form.html.erb Normal file
View File

@ -0,0 +1,16 @@
<% if controller.action_name == "new" %>
<div class="control-group">
<%= f.label :content, t('category'), class: 'control-label' %>
<%= f.select :category_id, options_for_select(@categories) %>
</div>
<% end %>
<div class="control-group">
<%= f.label :content, t('ask.acknowledgements'), class: 'control-label' %>
<%= multiple_lang_tag_for_ask(nil,'text_area','content',@ask_acknowledgement.content,{:class=>'ckeditor',placeholder: t('ask.acknowledgements'),rows:10},nil,{'class' => 'controls','style'=>'display: flex;flex-direction: column-reverse;'})
%>
</div>
<div class="form-actions">
<%= f.submit t('submit'), class: 'btn btn-primary' %>
<%= f.button t('cancel'), type: 'button', class: 'btn', onclick: 'history.back();' %>
</div>

16
app/views/admin/ask_acknowledgements/edit.html.erb Normal file
View File

@ -0,0 +1,16 @@
<%
set_input_name_for_ask('ask_acknowledgement')
%>
<style type="text/css">
.tab-content{
display: none;
}
.tab-content.active{
display: block;
}
</style>
<div id="ask-acknowledgements">
<%= form_for @ask_acknowledgement, :url => {:action => "update"}, html: { class: 'form-horizontal' } do |f| %>
<%= render :partial=> "form", locals: {f: f} %>
<% end %>
</div>

49
app/views/admin/ask_acknowledgements/index.html.erb
View File

@ -1,28 +1,23 @@
<% <table class="table main-list">
set_input_name_for_ask('ask_acknowledgement') <thead>
%> <th><%= t("category") %></th>
<style type="text/css"> <th><%= t("_action") %></th>
.tab-content{ </thead>
display: none; <tbody>
} <% @ask_acknowledgements.each do |ask| %>
.tab-content.active{ <tr>
display: block; <td><%= link_to(Category.find(ask.category_id).title, edit_admin_ask_acknowledgement_path(ask)) %></td>
} <td>
</style> <%= link_to 'Delete', admin_ask_acknowledgement_path(ask), method: :delete, data: { confirm: 'Are you sure?'}, :class => "btn btn-danger" %>
<div id="ask-acknowledgements"> </td>
<%= form_for @ask_acknowledgements, url: @url, html: { class: 'form-horizontal' } do |f| %> </tr>
<div class="control-group">
<%= f.label :content, t('category'), class: 'control-label' %>
<%= f.select :category_id, options_for_select(@categories) %>
</div>
<div class="control-group">
<%= f.label :content, t('ask.acknowledgements'), class: 'control-label' %>
<%= multiple_lang_tag_for_ask(nil,'text_area','content',@ask_acknowledgements.content,{:class=>'ckeditor',placeholder: t('ask.acknowledgements'),rows:10},nil,{'class' => 'controls','style'=>'display: flex;flex-direction: column-reverse;'})
%>
</div>
<div class="form-actions">
<%= f.submit t('submit'), class: 'btn btn-primary' %>
<%= f.button t('cancel'), type: 'reset', class: 'btn' %>
</div>
<% end %> <% end %>
</div> </tbody>
</table>
<%=
content_tag :div, class: "bottomnav clearfix" do
content_tag(:div, paginate(@ask_acknowledgements), class: "pagination pagination-centered") +
content_tag(:div, link_to(t(:new_),new_admin_ask_acknowledgement_path, :class=>"btn btn-success"), class: "pull-right")
end
%>

16
app/views/admin/ask_acknowledgements/new.html.erb Normal file
View File

@ -0,0 +1,16 @@
<%
set_input_name_for_ask('ask_acknowledgement')
%>
<style type="text/css">
.tab-content{
display: none;
}
.tab-content.active{
display: block;
}
</style>
<div id="ask-acknowledgements">
<%= form_for @ask_acknowledgement, :url => {:action => "create"}, html: { class: 'form-horizontal' } do |f| %>
<%= render :partial=> "form", locals: {f: f} %>
<% end %>
</div>

2
app/views/admin/asks/_form.html.erb
View File

@ -201,7 +201,7 @@
<%= ask_status_history.comment %> <%= ask_status_history.comment %>
</td> </td>
<td> <td>
<%= link_to(ask_status_history[:file], ask_status_history.file.url) if ask_status_history.file.present? %> <%= link_to(ask_status_history[:file], "/#{I18n.locale}/admin/asks/#{ask_status_history.id.to_s}/download") if ask_status_history.file.present? %>
</td> </td>
<td> <td>
<%= ask_status_history.created_at.strftime("%Y-%m-%d %H:%M:%S") %> <%= ask_status_history.created_at.strftime("%Y-%m-%d %H:%M:%S") %>

2
app/views/asks/_history.html.erb
View File

@ -25,7 +25,7 @@
<%= ask_status_history.comment %> <%= ask_status_history.comment %>
</td> </td>
<td> <td>
<%= link_to(ask_status_history[:file], ask_status_history.file.url) if ask_status_history.file.present? %> <%= link_to(ask_status_history[:file], "/#{I18n.locale}/admin/asks/#{ask_status_history.id.to_s}/download") if ask_status_history.file.present? %>
</td> </td>
<% end %> <% end %>
<td> <td>

8
app/views/asks/thank.html.erb
View File

@ -1,12 +1,8 @@
<% data = action_data %>
<link href="/assets/ask/ask.css" media="screen" rel="stylesheet"> <link href="/assets/ask/ask.css" media="screen" rel="stylesheet">
<div class="form-horizontal"> <div class="form-horizontal">
<h2> <h2>
<% text = AskAcknowledgement.first.content[I18n.locale] rescue t('ask.thank_text') <%= data['content'].html_safe %>
text = t('ask.thank_text') if text.to_s.empty?
%>
<%= text.html_safe %>
<div class="form-actions"> <div class="form-actions">
<a class="btn" href="<%= OrbitHelper.request.path_info %>"><%=t('ask.go_back')%></a> <a class="btn" href="<%= OrbitHelper.request.path_info %>"><%=t('ask.go_back')%></a>
</div> </div>

1
config/routes.rb
View File

@ -64,6 +64,7 @@ Rails.application.routes.draw do
delete 'delete' delete 'delete'
post 'batch_modify_status' post 'batch_modify_status'
get ':id/print', to: 'asks#print' get ':id/print', to: 'asks#print'
get ':ask_status_id/download', to: 'asks#download_file'
get 'export' get 'export'
get 'setting' get 'setting'
get 'backend_table_setting' get 'backend_table_setting'