From 049750e5127c3ecc47e711bbc9905281453a20f7 Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Wed, 16 Feb 2022 13:43:24 -0600
Subject: [PATCH] uploads: fix My Uploads page showing Admins uploads for other
 users.

Fix the "My Uploads" page showing Admins all uploads, not just their own
uploads.

Changes the URL of the My Uploads page from /uploads to /users/:id/uploads.
---
 app/controllers/uploads_controller.rb        | 7 +++++--
 app/views/static/site_map.html.erb           | 2 +-
 app/views/upload_media_assets/index.html.erb | 2 +-
 app/views/uploads/_gallery.html.erb          | 2 +-
 app/views/uploads/_secondary_links.html.erb  | 2 +-
 app/views/uploads/_table.html.erb            | 2 +-
 config/routes.rb                             | 1 +
 7 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index 16a40a76b..b7a898dd4 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -30,8 +30,11 @@ class UploadsController < ApplicationController
 
   def index
     @mode = params.fetch(:mode, "table")
-    @defaults = { defaults: { status: "completed" }} if request.format.html?
-    @uploads = authorize Upload.visible(CurrentUser.user).paginated_search(params, count_pages: true, **@defaults.to_h)
+
+    @defaults = {}
+    @defaults[:uploader_id] = params[:user_id]
+    @defaults[:status] = "completed" if request.format.html?
+    @uploads = authorize Upload.visible(CurrentUser.user).paginated_search(params, count_pages: true, defaults: @defaults)
     @uploads = @uploads.includes(:uploader, media_assets: :post, upload_media_assets: { media_asset: :post }) if request.format.html?
 
     respond_with(@uploads, include: { upload_media_assets: { include: :media_asset }})
diff --git a/app/views/static/site_map.html.erb b/app/views/static/site_map.html.erb
index 1c754e014..24e732ded 100644
--- a/app/views/static/site_map.html.erb
+++ b/app/views/static/site_map.html.erb
@@ -8,7 +8,6 @@
         <li><%= link_to_wiki "Help", "help:posts" %></li>
         <li><%= link_to("Listing", posts_path) %></li>
         <li><%= link_to("Upload", new_upload_path) %></li>
-        <li><%= link_to("Upload Listing", uploads_path) %></li>
         <li><%= link_to("Popular", popular_explore_posts_path) %></li>
         <li><%= link_to("Curated", curated_explore_posts_path) %></li>
         <li><%= link_to("Most Viewed", viewed_explore_posts_path) %></li>
@@ -121,6 +120,7 @@
           <% if policy(UserNameChangeRequest).create? %>
             <li><%= link_to "Change name", new_user_name_change_request_path %></li>
           <% end %>
+          <li><%= link_to "Uploads", user_uploads_path(CurrentUser.user) %></li>
           <li><%= link_to "Dmails", dmails_path(search: { folder: "received" }) %></li>
           <li><%= link_to "Favorites", favorites_path %></li>
           <li><%= link_to "Favorite groups", favorite_groups_path %></li>
diff --git a/app/views/upload_media_assets/index.html.erb b/app/views/upload_media_assets/index.html.erb
index c720e9915..bc9bd8b71 100644
--- a/app/views/upload_media_assets/index.html.erb
+++ b/app/views/upload_media_assets/index.html.erb
@@ -5,7 +5,7 @@
 
       <span>
         <strong>Gallery</strong> |
-        <%= link_to "Table", uploads_path(mode: "table") %>
+        <%= link_to "Table", user_uploads_path(CurrentUser.user.id.to_i, mode: "table") %>
       </span>
     </div>
 
diff --git a/app/views/uploads/_gallery.html.erb b/app/views/uploads/_gallery.html.erb
index 30a4c391d..4922f12a0 100644
--- a/app/views/uploads/_gallery.html.erb
+++ b/app/views/uploads/_gallery.html.erb
@@ -3,7 +3,7 @@
 
   <span>
     <strong>Gallery</strong> |
-    <%= link_to "Table", uploads_path(mode: "table") %>
+    <%= link_to "Table", user_uploads_path(CurrentUser.user.id.to_i, mode: "table") %>
   </span>
 </div>
 
diff --git a/app/views/uploads/_secondary_links.html.erb b/app/views/uploads/_secondary_links.html.erb
index 83a72e864..3afca0c7b 100644
--- a/app/views/uploads/_secondary_links.html.erb
+++ b/app/views/uploads/_secondary_links.html.erb
@@ -1,7 +1,7 @@
 <% content_for(:secondary_links) do %>
   <%= subnav_link_to "New Upload", new_upload_path %>
   <%= subnav_link_to "Batch Upload", batch_uploads_path %> |
-  <%= subnav_link_to "My Uploads", uploads_path(mode: "gallery") %>
+  <%= subnav_link_to "My Uploads", user_uploads_path(CurrentUser.user.id.to_i, mode: "gallery") %>
   <%= subnav_link_to "All Uploads", media_assets_path %>
   <%= subnav_link_to "Reverse Image Search", iqdb_queries_path %> |
   <%= subnav_link_to "Help", wiki_page_path("help:upload") %>
diff --git a/app/views/uploads/_table.html.erb b/app/views/uploads/_table.html.erb
index 8fb9e2d4e..9fd6bdd8a 100644
--- a/app/views/uploads/_table.html.erb
+++ b/app/views/uploads/_table.html.erb
@@ -2,7 +2,7 @@
   <h1 class="flex-1">My Uploads</h1>
 
   <span>
-    <%= link_to "Gallery", uploads_path(mode: "gallery") %> |
+    <%= link_to "Gallery", user_uploads_path(CurrentUser.user.id.to_i, mode: "gallery") %> |
     <strong>Table</strong>
   </span>
 </div>
diff --git a/config/routes.rb b/config/routes.rb
index f9bdeb35a..ed0a494f3 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -264,6 +264,7 @@ Rails.application.routes.draw do
     end
     resource :password, only: [:edit, :update]
     resources :api_keys, only: [:new, :create, :edit, :update, :index, :destroy]
+    resources :uploads, only: [:index]
 
     collection do
       get :custom_style