gitlab-org--gitlab-foss/app/controllers/groups/application_controller.rb

class Groups::ApplicationController < ApplicationController
  layout 'group'

  skip_before_action :authenticate_user!
  before_action :group

  private

  def group
    unless @group
      id = params[:group_id] || params[:id]
      @group = Group.find_by_full_path(id)

      unless @group && can?(current_user, :read_group, @group)
        @group = nil

        if current_user.nil?
          authenticate_user!
        else
          render_404
        end
      end
    end

    @group
  end

  def group_projects
    @projects ||= GroupProjectsFinder.new(group).execute(current_user)
  end

  def authorize_admin_group!
    unless can?(current_user, :admin_group, group)
      return render_404
    end
  end

  def authorize_admin_group_member!
    unless can?(current_user, :admin_group_member, group)
      return render_403
    end
  end
end
group controller refactoring 2015-03-12 11:08:48 -04:00			`class Groups::ApplicationController < ApplicationController`
Add helpers for header title and sidebar, and move setting those from controllers to layouts. 2015-05-01 04:39:11 -04:00			`layout 'group'`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00
			`skip_before_action :authenticate_user!`
Refactor global and group milestones logic Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:20:48 -05:00			`before_action :group`
group controller refactoring 2015-03-12 11:08:48 -04:00
			`private`
Refactor global and group milestones logic Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:20:48 -05:00
			`def group`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`unless @group`
			`id = params[:group_id] \|\| params[:id]`
Add nested groups support on data level * add parent_id field to namespaces table to store relation with nested groups * create routes table to keep information about full path of every group and project * project/group lookup by full path from routes table Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2016-10-31 07:00:53 -04:00			`@group = Group.find_by_full_path(id)`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00
			`unless @group && can?(current_user, :read_group, @group)`
			`@group = nil`
Refactor global and group milestones logic Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:20:48 -05:00
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`if current_user.nil?`
			`authenticate_user!`
			`else`
			`render_404`
			`end`
Move group members index from `/members` to `/group_members`. 2015-03-13 11:27:51 -04:00			`end`
			`end`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00
			`@group`
			`end`

			`def group_projects`
			`@projects \|\|= GroupProjectsFinder.new(group).execute(current_user)`
Move group members index from `/members` to `/group_members`. 2015-03-13 11:27:51 -04:00			`end`
Refactor global and group milestones logic Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:20:48 -05:00
group controller refactoring 2015-03-12 11:08:48 -04:00			`def authorize_admin_group!`
Rename manage_group ability to admin_group for consistency with project. 2015-04-10 08:39:10 -04:00			`unless can?(current_user, :admin_group, group)`
group controller refactoring 2015-03-12 11:08:48 -04:00			`return render_404`
			`end`
			`end`
Refactor global and group milestones logic Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:20:48 -05:00
Use before_actions 2015-07-31 08:15:49 -04:00			`def authorize_admin_group_member!`
			`unless can?(current_user, :admin_group_member, group)`
			`return render_403`
			`end`
			`end`
group controller refactoring 2015-03-12 11:08:48 -04:00			`end`