Fix #4770: Allow flaggers to update flag reason.
This commit is contained in:
@@ -31,4 +31,17 @@ class PostFlagsController < ApplicationController
|
||||
fmt.html { redirect_to post_flags_path(search: { id: @post_flag.id }) }
|
||||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
@post_flag = authorize PostFlag.find(params[:id])
|
||||
respond_with(@post_flag)
|
||||
end
|
||||
|
||||
def update
|
||||
@post_flag = authorize PostFlag.find(params[:id])
|
||||
@post_flag.update(permitted_attributes(@post_flag))
|
||||
respond_with(@post_flag) do |fmt|
|
||||
fmt.html { redirect_to post_path(@post_flag.post) }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,4 +1,12 @@
|
||||
class PostFlagPolicy < ApplicationPolicy
|
||||
def edit?
|
||||
update?
|
||||
end
|
||||
|
||||
def update?
|
||||
unbanned? && record.pending? && record.creator_id == user.id
|
||||
end
|
||||
|
||||
def can_search_flagger?
|
||||
user.is_moderator?
|
||||
end
|
||||
@@ -7,10 +15,14 @@ class PostFlagPolicy < ApplicationPolicy
|
||||
(user.is_moderator? || record.creator_id == user.id) && (record.post&.uploader_id != user.id)
|
||||
end
|
||||
|
||||
def permitted_attributes
|
||||
def permitted_attributes_for_create
|
||||
[:post_id, :reason]
|
||||
end
|
||||
|
||||
def permitted_attributes_for_update
|
||||
[:reason]
|
||||
end
|
||||
|
||||
def api_attributes
|
||||
attributes = super + [:category]
|
||||
attributes -= [:creator_id] unless can_view_flagger?
|
||||
|
||||
@@ -2,6 +2,10 @@
|
||||
<li>
|
||||
<span class="prose"><%= format_text(flag.reason, inline: true) %></span>
|
||||
|
||||
<% if policy(flag).edit? %>
|
||||
(<%= link_to "edit", edit_post_flag_url(flag) %>)
|
||||
<% end %>
|
||||
|
||||
<% if policy(flag).can_view_flagger? %>
|
||||
(<%= link_to_user(flag.creator) %>, <%= time_ago_in_words_tagged(flag.created_at) %>)
|
||||
<% else %>
|
||||
|
||||
15
app/views/post_flags/edit.html.erb
Normal file
15
app/views/post_flags/edit.html.erb
Normal file
@@ -0,0 +1,15 @@
|
||||
<div id="c-post-flags">
|
||||
<div id="a-edit">
|
||||
<h1>Edit Flag</h1>
|
||||
|
||||
<p>
|
||||
Editing flag for <%= link_to "post ##{@post_flag.post_id}", @post_flag.post %>.
|
||||
</p>
|
||||
|
||||
<%= edit_form_for(@post_flag) do |f| %>
|
||||
<%= f.input :reason, as: :dtext, inline: true %>
|
||||
<%= f.button :submit, "Submit" %>
|
||||
<%= dtext_preview_button "post_flag_reason" %>
|
||||
<% end %>
|
||||
</div>
|
||||
</div>
|
||||
Reference in New Issue
Block a user