added new stuff for thank you and security

2025-04-15 18:09:47 +08:00 · 2025-04-15 18:09:47 +08:00 · 2db0db7aef
parent 84fca12445
commit 2db0db7aef
12 changed files with 151 additions and 48 deletions
--- a/app/controllers/admin/ask_acknowledgements_controller.rb
+++ b/app/controllers/admin/ask_acknowledgements_controller.rb
@ -7,15 +7,44 @@ class Admin::AskAcknowledgementsController < OrbitAdminController
  end
  def index
-    @ask_acknowledgements = AskAcknowledgement.first || AskAcknowledgement.create
+    @ask_acknowledgements = AskAcknowledgement.where(:category_id.ne => nil).page(params[:page]).per(10)
    @url = admin_ask_acknowledgement_path(@ask_acknowledgements)
    @categories = @module_app.categories.map{|cat| [cat.title, cat.id.to_s]}
  end
-  def update
+  def new
-    @ask_acknowledgements = AskAcknowledgement.first
+    @ask_acknowledgement = AskAcknowledgement.new
-    @ask_acknowledgements.update_attributes(params.require(:ask_acknowledgement).permit!)
+    cats = @module_app.categories.pluck(:id).map(&:to_s)
    used_cats = AskAcknowledgement.pluck(:category_id).compact
    unused_cats = cats - used_cats
    @categories = @module_app.categories.find(unused_cats).map{|cat| [cat.title, cat.id.to_s]}
  end
  def edit
    @ask_acknowledgement = AskAcknowledgement.find(params[:id])
  end
  def create
    ask_ack = AskAcknowledgement.new(ack_params)
    ask_ack.save
    redirect_to admin_ask_acknowledgements_path, notice: t('ask.save_success')
  end
  def update
    @ask_acknowledgement = AskAcknowledgement.find(params[:id])
    @ask_acknowledgement.update_attributes(ack_params)
    redirect_to admin_ask_acknowledgements_path, notice: t('ask.save_success')
  end
  def destroy
    @ask_acknowledgement = AskAcknowledgement.find(params[:id])
    @ask_acknowledgement.delete
    redirect_to admin_ask_acknowledgements_path, notice: t('ask.delete_success')
  end
  private
  def ack_params
    params.require(:ask_acknowledgement).permit!
  end
 end
--- a/app/controllers/admin/asks_controller.rb
+++ b/app/controllers/admin/asks_controller.rb
@ -221,7 +221,7 @@ class Admin::AsksController < OrbitAdminController
  def get_category_setting_field
    @default_ask_setting = AskSetting.first
    ask_setting = AskCategorySetting.find(params['id'])
-    render partial: 'category_setting_field',locals: {ask_setting: ask_setting} 
+    render partial: 'category_setting_field',locals: {ask_setting: ask_setting}
  end
  def category_print_setting_delete
    print_setting = AskCategoryPrintSetting.find(params['id'])
@ -378,7 +378,7 @@ class Admin::AsksController < OrbitAdminController
      if !file.blank?
        if v['type']=='image'
          all_to_save += [[k,AskImage.new(file: file,ask_question_id: @ask_question.id)]]
-        else 
+        else
          all_to_save += [[k,AskFile.new(file: file,ask_question_id: @ask_question.id)]]
        end
      else
@ -608,12 +608,40 @@ class Admin::AsksController < OrbitAdminController
    end
    render :json => {:success=>true}
  end
  def download_file
 		ask_status_id = params[:ask_status_id]
 		obj = AskStatusHistory.find(ask_status_id) rescue nil
    if obj.nil?
      obj = AskFile.find(ask_status_id) rescue nil
    end
 		if !obj.nil? && obj.file.present?
 			@url = obj.file.url
 			begin
 				@path = obj.file.file.file rescue ""
 				@filename = File.basename(@path)
 				@ext = @filename.split(".").last
        if (current_site.accessibility_mode rescue false)
          render "redirect_to_file",:layout=>false
        else
          user_agent = request.user_agent.downcase
          @escaped_file_name = user_agent.match(/(msie|trident)/) ? CGI::escape(@filename) : @filename
          send_file(@path, :type=>"application/octet-stream", :filename => @escaped_file_name, :x_sendfile=> true)
        end
 			rescue
 				redirect_to @url
 			end
 		else
 			render :file => "#{Rails.root}/app/views/errors/404.html", :layout => false, :status => :not_found
 		end
 	end
  private
    def ask_setting_params(ask_setting,collection_name, except_customs=[])
      param = params.require(collection_name).except("id").permit!
      param_clone = param.clone
      param_clone['default_setting'].each { |k, v| param_clone['default_setting'][k] = (v == 'true'? true : false) if param_clone['default_setting'][k].class==String}
-      param_clone['default_setting_required'].each { |k, v| param_clone['default_setting_required'][k] = (v == 'true'? true : false) if param_clone['default_setting_required'][k].class==String} 
+      param_clone['default_setting_required'].each { |k, v| param_clone['default_setting_required'][k] = (v == 'true'? true : false) if param_clone['default_setting_required'][k].class==String}
      param_clone.delete('custom_fields')
      param_clone.delete('email_regex') unless collection_name == 'ask_setting'
      ask_setting.custom_fields_will_change!
--- a/app/controllers/asks_controller.rb
+++ b/app/controllers/asks_controller.rb
@ -481,7 +481,7 @@ class AsksController < ApplicationController
      if @must_verify_email
        redirect_to "#{params[:referer_url]}?method=see_email"
      else
-        redirect_to "#{params[:referer_url]}?method=thank"
+        redirect_to "#{params[:referer_url]}?method=thank&category=#{params['ask_question']['category_id']}"
      end
    else
      redirect_to "#{params[:referer_url]}?method=sorry"
@ -489,9 +489,10 @@ class AsksController < ApplicationController
  end
  def thank
-    acknowledgement = AskAcknowledgement.last
+    acknowledgement = AskAcknowledgement.where(:category_id => params['category']).first rescue nil
    content = acknowledgement.nil? ? t('ask.thank_text') : acknowledgement.content
    {
-      "acknowledgement" => acknowledgement
+      "content" => content[I18n.locale]
    }
  end
@ -650,6 +651,7 @@ class AsksController < ApplicationController
  def create_params
    params.require(:ask_question).permit!
  end
  private
    def cal_form_from_setting(ask_setting,categories,show_categories=false,filter_fields=nil)
      is_cat_record = (ask_setting.class == AskCategorySetting)
--- a/app/helpers/admin/asks_helper.rb
+++ b/app/helpers/admin/asks_helper.rb
@ -341,6 +341,10 @@ module Admin::AsksHelper
        file_value = value[0] rescue nil
        file_path = value[1] rescue nil
        file_required = v['required']=='true'
        if file_path
          file_path = file_path.match(%r{/uploads/ask_file/file/([^/]+)/})[1]
          file_path = "/#{I18n.locale}/admin/asks/#{file_path}/download"
        end
        readonly ? (file_path ? "<a href=\"#{file_path}\" title=\"file\">#{file_value}</a>".html_safe : "") : "<div class=\"file-selector\"><label class=\"ui-button\">
                                #{file_field_tag(field_name, {:data => {:src => file_path}, style: "position: absolute;width:0.1em;opacity: 0;padding: 0;border: 0;opacity: 0;left: 50%;top: 0;", :class => 'upload', :required => file_required, value: file_value, accept: ".doc,.docx,.xls,.xlsx,.ppt,.pptx,.txt,.pdf,.jpg,.jpeg,.bmp,.gif,.png,.odf,.ods,.odt",
                                onchange: "
--- a/app/views/admin/ask_acknowledgements/_form.html.erb
+++ b/app/views/admin/ask_acknowledgements/_form.html.erb
@ -0,0 +1,16 @@
 <% if controller.action_name == "new" %>
  <div class="control-group">
    <%= f.label :content, t('category'), class: 'control-label' %>
    <%= f.select :category_id, options_for_select(@categories) %>
  </div>
 <% end %>
 <div class="control-group">
  <%= f.label :content, t('ask.acknowledgements'), class: 'control-label' %>
  <%= multiple_lang_tag_for_ask(nil,'text_area','content',@ask_acknowledgement.content,{:class=>'ckeditor',placeholder: t('ask.acknowledgements'),rows:10},nil,{'class' => 'controls','style'=>'display: flex;flex-direction: column-reverse;'})
  %>
 </div>
 <div class="form-actions">
  <%= f.submit t('submit'), class: 'btn btn-primary' %>
  <%= f.button t('cancel'), type: 'button', class: 'btn', onclick: 'history.back();' %>
 </div>
--- a/app/views/admin/ask_acknowledgements/edit.html.erb
+++ b/app/views/admin/ask_acknowledgements/edit.html.erb
@ -0,0 +1,16 @@
 <%
  set_input_name_for_ask('ask_acknowledgement')
 %>
 <style type="text/css">
  .tab-content{
    display: none;
  }
  .tab-content.active{
    display: block;
  }
 </style>
 <div id="ask-acknowledgements">
  <%= form_for @ask_acknowledgement, :url => {:action => "update"}, html: { class: 'form-horizontal' } do |f| %>
    <%= render :partial=> "form", locals: {f: f} %>
  <% end %>
 </div>
--- a/app/views/admin/ask_acknowledgements/index.html.erb
+++ b/app/views/admin/ask_acknowledgements/index.html.erb
@ -1,28 +1,23 @@
-<%
+<table class="table main-list">
-  set_input_name_for_ask('ask_acknowledgement')
+  <thead>
-%>
+    <th><%= t("category") %></th>
-<style type="text/css">
+    <th><%= t("_action") %></th>
-  .tab-content{
+  </thead>
-    display: none;
+  <tbody>
-  }
+    <% @ask_acknowledgements.each do |ask| %>
-  .tab-content.active{
+      <tr>
-    display: block;
+        <td><%= link_to(Category.find(ask.category_id).title, edit_admin_ask_acknowledgement_path(ask)) %></td>
-  }
+        <td>
-</style>
+          <%= link_to 'Delete', admin_ask_acknowledgement_path(ask), method: :delete, data: { confirm: 'Are you sure?'}, :class => "btn btn-danger" %>
-<div id="ask-acknowledgements">
+        </td>
-  <%= form_for @ask_acknowledgements, url:  @url, html: { class: 'form-horizontal' } do |f| %>
+      </tr>
-    <div class="control-group">
+    <% end %>
-      <%= f.label :content, t('category'), class: 'control-label' %>
+  </tbody>
-      <%= f.select :category_id, options_for_select(@categories) %>
+</table>
-    </div>
+
-    <div class="control-group">
+<%=
-      <%= f.label :content, t('ask.acknowledgements'), class: 'control-label' %>
+  content_tag :div, class: "bottomnav clearfix" do
-      <%= multiple_lang_tag_for_ask(nil,'text_area','content',@ask_acknowledgements.content,{:class=>'ckeditor',placeholder: t('ask.acknowledgements'),rows:10},nil,{'class' => 'controls','style'=>'display: flex;flex-direction: column-reverse;'})
+    content_tag(:div, paginate(@ask_acknowledgements), class: "pagination pagination-centered") +
-      %>
+    content_tag(:div, link_to(t(:new_),new_admin_ask_acknowledgement_path, :class=>"btn btn-success"), class: "pull-right")
-    </div>
+  end
-    <div class="form-actions">
+%>
      <%= f.submit t('submit'), class: 'btn btn-primary' %>
      <%= f.button t('cancel'), type: 'reset', class: 'btn' %>
    </div>
  <% end %>
 </div>
--- a/app/views/admin/ask_acknowledgements/new.html.erb
+++ b/app/views/admin/ask_acknowledgements/new.html.erb
@ -0,0 +1,16 @@
 <%
  set_input_name_for_ask('ask_acknowledgement')
 %>
 <style type="text/css">
  .tab-content{
    display: none;
  }
  .tab-content.active{
    display: block;
  }
 </style>
 <div id="ask-acknowledgements">
  <%= form_for @ask_acknowledgement, :url => {:action => "create"}, html: { class: 'form-horizontal' } do |f| %>
    <%= render :partial=> "form", locals: {f: f} %>
  <% end %>
 </div>
--- a/app/views/admin/asks/_form.html.erb
+++ b/app/views/admin/asks/_form.html.erb
@ -201,7 +201,7 @@
                    <%= ask_status_history.comment %>
                  </td>
                  <td>
-                    <%= link_to(ask_status_history[:file], ask_status_history.file.url) if ask_status_history.file.present? %>
+                    <%= link_to(ask_status_history[:file], "/#{I18n.locale}/admin/asks/#{ask_status_history.id.to_s}/download") if ask_status_history.file.present? %>
                  </td>
                  <td>
                    <%= ask_status_history.created_at.strftime("%Y-%m-%d %H:%M:%S") %>
--- a/app/views/asks/_history.html.erb
+++ b/app/views/asks/_history.html.erb
@ -25,7 +25,7 @@
            <%= ask_status_history.comment %>
          </td>
          <td>
-            <%= link_to(ask_status_history[:file], ask_status_history.file.url) if ask_status_history.file.present? %>
+            <%= link_to(ask_status_history[:file], "/#{I18n.locale}/admin/asks/#{ask_status_history.id.to_s}/download") if ask_status_history.file.present? %>
          </td>
        <% end %>
        <td>
--- a/app/views/asks/thank.html.erb
+++ b/app/views/asks/thank.html.erb
@ -1,12 +1,8 @@
-
+<% data = action_data %>
 <link href="/assets/ask/ask.css" media="screen" rel="stylesheet">
 <div class="form-horizontal">
 	<h2>
-    <%  text = AskAcknowledgement.first.content[I18n.locale] rescue t('ask.thank_text')
+    <%= data['content'].html_safe %>
        text = t('ask.thank_text') if text.to_s.empty?
    %>
    <%= text.html_safe %>
    <div class="form-actions">
        <a class="btn" href="<%= OrbitHelper.request.path_info %>"><%=t('ask.go_back')%></a>
    </div>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -64,6 +64,7 @@ Rails.application.routes.draw do
 					delete 'delete'
 					post 'batch_modify_status'
 					get ':id/print', to: 'asks#print'
 					get ':ask_status_id/download', to: 'asks#download_file'
 					get 'export'
 					get 'setting'
 					get 'backend_table_setting'