gitlab-org--gitlab-foss/app/controllers/issues_controller.rb

class IssuesController < ApplicationController
  before_filter :authenticate_user!
  before_filter :project
  before_filter :issue, :only => [:edit, :update, :destroy, :show]
  layout "project"

  # Authorize
  before_filter :add_project_abilities

  # Allow read any issue
  before_filter :authorize_read_issue!

  # Allow write(create) issue
  before_filter :authorize_write_issue!, :only => [:new, :create]

  # Allow modify issue
  before_filter :authorize_modify_issue!, :only => [:close, :edit, :update, :sort]

  # Allow destroy issue
  before_filter :authorize_admin_issue!, :only => [:destroy]

  respond_to :js, :html

  def index
    @issues = case params[:f].to_i
              when 1 then @project.issues
              when 2 then @project.issues.closed
              when 3 then @project.issues.opened.assigned(current_user)
              else @project.issues.opened
              end

    @issues = @issues.includes(:author, :project)

    respond_to do |format|
      format.html # index.html.erb
      format.js
      format.atom { render :layout => false }
    end
  end

  def new
    @issue = @project.issues.new
    respond_with(@issue)
  end

  def edit
    respond_with(@issue)
  end

  def show
    @notes = @issue.notes.inc_author.order("created_at DESC").limit(20)
    @note = @project.notes.new(:noteable => @issue)

    @commits = if @issue.branch_name && @project.repo.heads.map(&:name).include?(@issue.branch_name)
                 @project.repo.commits_between("master", @issue.branch_name)
               else 
                 []
               end


    respond_to do |format|
      format.html
      format.js { respond_with_notes }
    end
  end

  def create
    @issue = @project.issues.new(params[:issue])
    @issue.author = current_user
    @issue.save

    respond_with(@issue)
  end

  def update
    @issue.update_attributes(params[:issue])

    respond_to do |format|
      format.js
      format.html { redirect_to [@project, @issue]}
    end
  end

  def destroy
    return access_denied! unless can?(current_user, :admin_issue, @issue)

    @issue.destroy

    respond_to do |format|
      format.html { redirect_to project_issues_path }
      format.js { render :nothing => true }
    end
  end

  def sort
    @issues = @project.issues.where(:id => params['issue'])
    @issues.each do |issue|
      issue.position = params['issue'].index(issue.id.to_s) + 1
      issue.save
    end

    render :nothing => true
  end

  def search
    terms = params['terms']

    @project  = Project.find(params['project'])
    @issues   = case params[:status].to_i
                  when 1 then @project.issues
                  when 2 then @project.issues.closed
                  when 3 then @project.issues.opened.assigned(current_user)
                  else @project.issues.opened
                end

    @issues = @issues.where("title LIKE ?", "%#{terms}%") unless terms.blank?

    render :partial => 'issues'
  end

  protected

  def issue
    @issue ||= @project.issues.find(params[:id])
  end

  def authorize_modify_issue!
    can?(current_user, :modify_issue, @issue) || 
      @issue.assignee == current_user
  end

  def authorize_admin_issue!
    can?(current_user, :admin_issue, @issue)
  end
end
init commit 2011-10-08 17:36:38 -04:00			`class IssuesController < ApplicationController`
			`before_filter :authenticate_user!`
clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 09:46:25 -04:00			`before_filter :project`
security improved 2011-10-17 06:39:03 -04:00			`before_filter :issue, :only => [:edit, :update, :destroy, :show]`
project layout 2011-10-28 08:07:58 -04:00			`layout "project"`
init commit 2011-10-08 17:36:38 -04:00
			`# Authorize`
			`before_filter :add_project_abilities`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`# Allow read any issue`
init commit 2011-10-08 17:36:38 -04:00			`before_filter :authorize_read_issue!`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`# Allow write(create) issue`
			`before_filter :authorize_write_issue!, :only => [:new, :create]`

			`# Allow modify issue`
			`before_filter :authorize_modify_issue!, :only => [:close, :edit, :update, :sort]`

			`# Allow destroy issue`
			`before_filter :authorize_admin_issue!, :only => [:destroy]`
init commit 2011-10-08 17:36:38 -04:00
ability to attach branch to issue 2011-11-24 08:08:20 -05:00			`respond_to :js, :html`
init commit 2011-10-08 17:36:38 -04:00
			`def index`
			`@issues = case params[:f].to_i`
Add critical status to issues 2011-10-25 00:34:02 -04:00			`when 1 then @project.issues`
init commit 2011-10-08 17:36:38 -04:00			`when 2 then @project.issues.closed`
			`when 3 then @project.issues.opened.assigned(current_user)`
			`else @project.issues.opened`
			`end`

perfomance fix 2011-11-15 04:09:07 -05:00			`@issues = @issues.includes(:author, :project)`

init commit 2011-10-08 17:36:38 -04:00			`respond_to do \|format\|`
			`format.html # index.html.erb`
			`format.js`
create atom feed for issues 2011-11-11 04:29:58 -05:00			`format.atom { render :layout => false }`
init commit 2011-10-08 17:36:38 -04:00			`end`
			`end`

			`def new`
			`@issue = @project.issues.new`
			`respond_with(@issue)`
			`end`

			`def edit`
			`respond_with(@issue)`
			`end`

			`def show`
perfomance fix 2011-11-15 04:09:07 -05:00			`@notes = @issue.notes.inc_author.order("created_at DESC").limit(20)`
init commit 2011-10-08 17:36:38 -04:00			`@note = @project.notes.new(:noteable => @issue)`
refactored too 2011-11-04 11:46:51 -04:00
ability to attach branch to issue 2011-11-24 08:08:20 -05:00			`@commits = if @issue.branch_name && @project.repo.heads.map(&:name).include?(@issue.branch_name)`
			`@project.repo.commits_between("master", @issue.branch_name)`
			`else`
			`[]`
			`end`


create atom feed for issues 2011-11-11 04:29:58 -05:00			`respond_to do \|format\|`
refactored too 2011-11-04 11:46:51 -04:00			`format.html`
fixed notes loading/paging 2011-11-05 07:59:43 -04:00			`format.js { respond_with_notes }`
refactored too 2011-11-04 11:46:51 -04:00			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`

			`def create`
			`@issue = @project.issues.new(params[:issue])`
			`@issue.author = current_user`
Notification refactoring 2011-12-17 08:58:35 -05:00			`@issue.save`
init commit 2011-10-08 17:36:38 -04:00
			`respond_with(@issue)`
			`end`

			`def update`
			`@issue.update_attributes(params[:issue])`

			`respond_to do \|format\|`
			`format.js`
			`format.html { redirect_to [@project, @issue]}`
			`end`
			`end`

			`def destroy`
security improved 2011-10-17 06:39:03 -04:00			`return access_denied! unless can?(current_user, :admin_issue, @issue)`

init commit 2011-10-08 17:36:38 -04:00			`@issue.destroy`

			`respond_to do \|format\|`
Redirect to issues list after deleting an issue in edit view 2012-01-04 07:47:57 -05:00			`format.html { redirect_to project_issues_path }`
clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 09:46:25 -04:00			`format.js { render :nothing => true }`
init commit 2011-10-08 17:36:38 -04:00			`end`
			`end`
Sortable issues 2011-10-15 12:56:53 -04:00
			`def sort`
fix issue sorting 2011-10-15 14:08:38 -04:00			`@issues = @project.issues.where(:id => params['issue'])`
Sortable issues 2011-10-15 12:56:53 -04:00			`@issues.each do \|issue\|`
			`issue.position = params['issue'].index(issue.id.to_s) + 1`
			`issue.save`
			`end`

			`render :nothing => true`
			`end`
security improved 2011-10-17 06:39:03 -04:00
Add ability to Search issues 2011-10-22 00:06:38 -04:00			`def search`
If terms are removed show all results for current status 2011-10-25 20:15:11 -04:00			`terms = params['terms']`

			`@project = Project.find(params['project'])`
			`@issues = case params[:status].to_i`
			`when 1 then @project.issues`
			`when 2 then @project.issues.closed`
			`when 3 then @project.issues.opened.assigned(current_user)`
			`else @project.issues.opened`
			`end`

green specs 2011-11-15 03:13:59 -05:00			`@issues = @issues.where("title LIKE ?", "%#{terms}%") unless terms.blank?`
Add ability to Search issues 2011-10-22 00:06:38 -04:00
			`render :partial => 'issues'`
			`end`

clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 09:46:25 -04:00			`protected`
security improved 2011-10-17 06:39:03 -04:00
			`def issue`
			`@issue \|\|= @project.issues.find(params[:id])`
			`end`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`def authorize_modify_issue!`
			`can?(current_user, :modify_issue, @issue) \|\|`
			`@issue.assignee == current_user`
			`end`

			`def authorize_admin_issue!`
			`can?(current_user, :admin_issue, @issue)`
			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`