From 06cc52ffc5e22efeaddf52f106254782d6c0bf6c Mon Sep 17 00:00:00 2001
From: Georg G <nilsding@nilsding.org>
Date: Tue, 3 Feb 2015 17:48:30 +0100
Subject: [PATCH] made these checkboxes work

---
 .../javascripts/moderation/privileges.coffee  | 24 ++++++++++++++
 app/controllers/ajax/moderation_controller.rb | 33 +++++++++++++++++++
 .../ajax/moderation/privilege.json.jbuilder   |  2 ++
 config/routes.rb                              |  3 +-
 4 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 app/assets/javascripts/moderation/privileges.coffee
 create mode 100644 app/views/ajax/moderation/privilege.json.jbuilder

diff --git a/app/assets/javascripts/moderation/privileges.coffee b/app/assets/javascripts/moderation/privileges.coffee
new file mode 100644
index 00000000..6f676851
--- /dev/null
+++ b/app/assets/javascripts/moderation/privileges.coffee
@@ -0,0 +1,24 @@
+($ document).on "click", "input[type=checkbox][name=check-your-privileges]", ->
+  box = $(this)
+  box.attr 'disabled', 'disabled'
+
+  privType = box[0].dataset.type
+  boxChecked = box[0].checked
+
+  $.ajax
+    url: '/ajax/mod/privilege'
+    type: 'POST'
+    data:
+      user: box[0].dataset.user
+      type: privType
+      status: boxChecked
+    success: (data, status, jqxhr) ->
+      if data.success
+        box[0].checked = if data.checked? then data.checked else !boxChecked
+      showNotification data.message, data.success
+    error: (jqxhr, status, error) ->
+      box[0].checked = false
+      console.log jqxhr, status, error
+      showNotification "An error occurred, a developer should check the console for details", false
+    complete: (jqxhr, status) ->
+      box.removeAttr "disabled"
\ No newline at end of file
diff --git a/app/controllers/ajax/moderation_controller.rb b/app/controllers/ajax/moderation_controller.rb
index 32f6895c..2a635651 100644
--- a/app/controllers/ajax/moderation_controller.rb
+++ b/app/controllers/ajax/moderation_controller.rb
@@ -104,4 +104,37 @@ class Ajax::ModerationController < ApplicationController
     @message = "Successfully deleted comment."
     @success = true
   end
+
+  def privilege
+    @status = :err
+    @success = false
+
+    params.require :user
+    params.require :type
+    params.require :status
+
+    status = params[:status] == 'true'
+
+    target_user = User.find_by_screen_name(params[:user])
+
+    @message = "nope!"
+    return unless %w(banned blogger supporter moderator admin).include? params[:type].downcase
+
+    if (%w(supporter moderator admin).include?(params[:type].downcase) and !current_user.admin?) or
+      (params[:type].downcase == 'banned' and target_user.admin?)
+      @status = :nopriv
+      @message = "You'd better check YOUR privileges first!"
+      @success = false
+      return
+    end
+
+    @checked = status
+    target_user.send("#{params[:type]}=", status)
+    target_user.save!
+
+    @message = "Successfully checked this user's #{params[:type]} privilege."
+
+    @status = :okay
+    @success = true
+  end
 end
diff --git a/app/views/ajax/moderation/privilege.json.jbuilder b/app/views/ajax/moderation/privilege.json.jbuilder
new file mode 100644
index 00000000..707cf362
--- /dev/null
+++ b/app/views/ajax/moderation/privilege.json.jbuilder
@@ -0,0 +1,2 @@
+json.partial! 'ajax/shared/status'
+json.checked @checked
\ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb
index 3c2e6050..a8e6fa97 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -12,7 +12,7 @@ Rails.application.routes.draw do
 
   # Moderation panel
   constraints ->(req) { req.env['warden'].authenticate?(scope: :user) &&
-                       (req.env['warden'].user.admin? or req.env['warden'].user.moderator?) } do
+                       (req.env['warden'].user.mod?) } do
     match '/moderation(/:type)', to: 'moderation#index', via: :get, as: :moderation, defaults: {type: 'all'}
     namespace :ajax do
       match '/mod/destroy_report', to: 'moderation#destroy_report', via: :post, as: :mod_destroy_report
@@ -20,6 +20,7 @@ Rails.application.routes.draw do
       match '/mod/destroy_comment', to: 'moderation#destroy_comment', via: :post, as: :mod_destroy_comment
       match '/mod/create_vote', to: 'moderation#vote', via: :post, as: :mod_create_vote
       match '/mod/destroy_vote', to: 'moderation#destroy_vote', via: :post, as: :mod_destroy_vote
+      match '/mod/privilege', to: 'moderation#privilege', via: :post, as: :mod_privilege
     end
   end