From d1ebc620655bc657772964605df058b3d67c4297 Mon Sep 17 00:00:00 2001
From: Robin Ward <robin.ward@gmail.com>
Date: Sat, 23 Sep 2017 10:39:58 -0400
Subject: [PATCH] The ability to display errors on flagging actions.

---
 .../admin/models/flagged-post.js.es6          |  7 +++---
 .../templates/components/flagged-post.hbs     |  4 +++
 .../stylesheets/common/admin/flagging.scss    |  1 +
 app/controllers/admin/flags_controller.rb     | 25 +++++++++++++++++--
 app/controllers/application_controller.rb     | 19 ++++++++------
 app/jobs/scheduled/auto_queue_handler.rb      |  2 +-
 lib/discourse.rb                              |  7 ++++--
 7 files changed, 50 insertions(+), 15 deletions(-)

diff --git a/app/assets/javascripts/admin/models/flagged-post.js.es6 b/app/assets/javascripts/admin/models/flagged-post.js.es6
index 9dee23c2615..acd3a0e0dfe 100644
--- a/app/assets/javascripts/admin/models/flagged-post.js.es6
+++ b/app/assets/javascripts/admin/models/flagged-post.js.es6
@@ -1,6 +1,7 @@
 import { ajax } from 'discourse/lib/ajax';
 import Post from 'discourse/models/post';
 import computed from 'ember-addons/ember-computed-decorators';
+import { popupAjaxError } from 'discourse/lib/ajax-error';
 
 export default Post.extend({
 
@@ -52,15 +53,15 @@ export default Post.extend({
   },
 
   disagreeFlags() {
-    return ajax('/admin/flags/disagree/' + this.id, { type: 'POST', cache: false });
+    return ajax('/admin/flags/disagree/' + this.id, { type: 'POST', cache: false }).catch(popupAjaxError);
   },
 
   deferFlags(deletePost) {
-    return ajax('/admin/flags/defer/' + this.id, { type: 'POST', cache: false, data: { delete_post: deletePost } });
+    return ajax('/admin/flags/defer/' + this.id, { type: 'POST', cache: false, data: { delete_post: deletePost } }).catch(popupAjaxError);
   },
 
   agreeFlags(actionOnPost) {
-    return ajax('/admin/flags/agree/' + this.id, { type: 'POST', cache: false, data: { action_on_post: actionOnPost } });
+    return ajax('/admin/flags/agree/' + this.id, { type: 'POST', cache: false, data: { action_on_post: actionOnPost } }).catch(popupAjaxError);
   },
 
   postHidden: Ember.computed.alias('hidden'),
diff --git a/app/assets/javascripts/admin/templates/components/flagged-post.hbs b/app/assets/javascripts/admin/templates/components/flagged-post.hbs
index 39350d12d15..75150b5c20b 100644
--- a/app/assets/javascripts/admin/templates/components/flagged-post.hbs
+++ b/app/assets/javascripts/admin/templates/components/flagged-post.hbs
@@ -153,5 +153,9 @@
         {{/unless}}
       </div>
     {{/if}}
+    {{plugin-outlet
+      name="flagged-post-below-controls"
+      tagName=""
+      args=(hash flaggedPost=flaggedPost canAct=canAct)}}
   </div>
 </div>
diff --git a/app/assets/stylesheets/common/admin/flagging.scss b/app/assets/stylesheets/common/admin/flagging.scss
index 59b4e8e820b..9165885e527 100644
--- a/app/assets/stylesheets/common/admin/flagging.scss
+++ b/app/assets/stylesheets/common/admin/flagging.scss
@@ -34,6 +34,7 @@
     }
 
     .flagged-post-contents {
+      width: 100%;
       word-wrap: break-word;
       .d-icon {
         display: inline-block;
diff --git a/app/controllers/admin/flags_controller.rb b/app/controllers/admin/flags_controller.rb
index a14809476ff..702479e82a7 100644
--- a/app/controllers/admin/flags_controller.rb
+++ b/app/controllers/admin/flags_controller.rb
@@ -60,8 +60,16 @@ class Admin::FlagsController < Admin::AdminController
 
   def agree
     params.permit(:id, :action_on_post)
-
     post = Post.find(params[:id])
+
+    DiscourseEvent.trigger(
+      :before_staff_flag_action,
+      type: 'agree',
+      post: post,
+      action_on_post: params[:action_on_post],
+      user: current_user
+    )
+
     post_action_type = PostAction.post_action_type_for_post(post.id)
 
     keep_post = params[:action_on_post] == "keep"
@@ -85,6 +93,13 @@ class Admin::FlagsController < Admin::AdminController
     params.permit(:id)
     post = Post.find(params[:id])
 
+    DiscourseEvent.trigger(
+      :before_staff_flag_action,
+      type: 'disagree',
+      post: post,
+      user: current_user
+    )
+
     PostAction.clear_flags!(post, current_user)
 
     post.unhide!
@@ -96,8 +111,14 @@ class Admin::FlagsController < Admin::AdminController
     params.permit(:id, :delete_post)
     post = Post.find(params[:id])
 
-    PostAction.defer_flags!(post, current_user, params[:delete_post])
+    DiscourseEvent.trigger(
+      :before_staff_flag_action,
+      type: 'defer',
+      post: post,
+      user: current_user
+    )
 
+    PostAction.defer_flags!(post, current_user, params[:delete_post])
     PostDestroyer.new(current_user, post).destroy if params[:delete_post]
 
     render body: nil
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fb587cd83d9..6ec126ac1b4 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -114,7 +114,7 @@ class ApplicationController < ActionController::Base
   rescue_from Discourse::NotLoggedIn do |e|
     raise e if Rails.env.test?
     if (request.format && request.format.json?) || request.xhr? || !request.get?
-      rescue_discourse_actions(:not_logged_in, 403, true)
+      rescue_discourse_actions(:not_logged_in, 403, include_ember: true)
     else
       rescue_discourse_actions(:not_found, 404)
     end
@@ -140,16 +140,21 @@ class ApplicationController < ActionController::Base
     rescue_discourse_actions(:not_found, 404)
   end
 
-  rescue_from Discourse::InvalidAccess do
-    rescue_discourse_actions(:invalid_access, 403, true)
+  rescue_from Discourse::InvalidAccess do |e|
+    rescue_discourse_actions(
+      :invalid_access,
+      403,
+      include_ember: true,
+      custom_message: e.custom_message
+    )
   end
 
   rescue_from Discourse::ReadOnly do
     render_json_error I18n.t('read_only_mode_enabled'), type: :read_only, status: 503
   end
 
-  def rescue_discourse_actions(type, status_code, include_ember = false)
-
+  def rescue_discourse_actions(type, status_code, opts = nil)
+    opts ||= {}
     show_json_errors = (request.format && request.format.json?) ||
                        (request.xhr?) ||
                        ((params[:external_id] || '').ends_with? '.json')
@@ -160,9 +165,9 @@ class ApplicationController < ActionController::Base
         return render status: status_code, layout: false, text: (status_code == 404 || status_code == 410) ? build_not_found_page(status_code) : I18n.t(type)
       end
 
-      render_json_error I18n.t(type), type: type, status: status_code
+      render_json_error I18n.t(opts[:custom_message] || type), type: type, status: status_code
     else
-      render html: build_not_found_page(status_code, include_ember ? 'application' : 'no_ember')
+      render html: build_not_found_page(status_code, opts[:include_ember] ? 'application' : 'no_ember')
     end
   end
 
diff --git a/app/jobs/scheduled/auto_queue_handler.rb b/app/jobs/scheduled/auto_queue_handler.rb
index 40d6f811e7e..6e201b06cec 100644
--- a/app/jobs/scheduled/auto_queue_handler.rb
+++ b/app/jobs/scheduled/auto_queue_handler.rb
@@ -11,7 +11,7 @@ module Jobs
       guardian = Guardian.new(Discourse.system_user)
 
       # Flags
-      flags = FlagQuery.flagged_post_actions('active')
+      flags = FlagQuery.flagged_post_actions(filter: 'active')
         .where('post_actions.created_at < ?', SiteSetting.auto_handle_queued_age.to_i.days.ago)
 
       Post.where(id: flags.pluck(:post_id).uniq).each do |post|
diff --git a/lib/discourse.rb b/lib/discourse.rb
index b2c068d828d..dfcc1a90bd6 100644
--- a/lib/discourse.rb
+++ b/lib/discourse.rb
@@ -63,9 +63,12 @@ module Discourse
 
   # When they don't have permission to do something
   class InvalidAccess < StandardError
-    attr_reader :obj
-    def initialize(msg = nil, obj = nil)
+    attr_reader :obj, :custom_message
+    def initialize(msg = nil, obj = nil, opts = nil)
       super(msg)
+
+      opts ||= {}
+      @custom_message = opts[:custom_message] if opts[:custom_message]
       @obj = obj
     end
   end