gitlab-org--gitlab-foss/app/controllers/issues_controller.rb

class IssuesController < ApplicationController
  before_filter :authenticate_user!
  before_filter :project
  before_filter :module_enabled
  before_filter :issue, only: [:edit, :update, :destroy, :show]
  helper_method :issues_filter

  layout "project"

  # Authorize
  before_filter :add_project_abilities

  # Allow read any issue
  before_filter :authorize_read_issue!

  # Allow write(create) issue
  before_filter :authorize_write_issue!, only: [:new, :create]

  # Allow modify issue
  before_filter :authorize_modify_issue!, only: [:close, :edit, :update]

  # Allow destroy issue
  before_filter :authorize_admin_issue!, only: [:destroy]

  respond_to :js, :html

  def index
    @issues = issues_filtered

    @issues = @issues.page(params[:page]).per(20)

    respond_to do |format|
      format.html # index.html.erb
      format.js
      format.atom { render layout: false }
    end
  end

  def new
    @issue = @project.issues.new(params[:issue])
    respond_with(@issue)
  end

  def edit
    respond_with(@issue)
  end

  def show
    @note = @project.notes.new(noteable: @issue)

    respond_to do |format|
      format.html
      format.js
    end
  end

  def create
    @issue = @project.issues.new(params[:issue])
    @issue.author = current_user
    @issue.save

    respond_to do |format|
      format.html do
        if @issue.valid? 
          redirect_to project_issue_path(@project, @issue)
        else
          render :new
        end
      end
      format.js
    end
  end

  def update
    @issue.update_attributes(params[:issue].merge(author_id_of_changes: current_user.id))

    respond_to do |format|
      format.js
      format.html do 
        if @issue.valid?
          redirect_to [@project, @issue]
        else
          render :edit
        end
      end
    end
  end

  def destroy
    return access_denied! unless can?(current_user, :admin_issue, @issue)

    @issue.destroy

    respond_to do |format|
      format.html { redirect_to project_issues_path }
      format.js { render nothing: true }
    end
  end

  def sort
    return render_404 unless can?(current_user, :admin_issue, @project)

    @issues = @project.issues.where(id: params['issue'])
    @issues.each do |issue|
      issue.position = params['issue'].index(issue.id.to_s) + 1
      issue.save
    end

    render nothing: true
  end

  def search
    terms = params['terms']

    @issues = issues_filtered
    @issues = @issues.where("title LIKE ?", "%#{terms}%") unless terms.blank?
    @issues = @issues.page(params[:page]).per(100)

    render partial: 'issues'
  end

  def bulk_update
    result = IssuesBulkUpdateContext.new(project, current_user, params).execute
    redirect_to :back, notice: "#{result[:count]} issues updated"
  end

  protected

  def issue
    @issue ||= @project.issues.find(params[:id])
  end

  def authorize_modify_issue!
    return render_404 unless can?(current_user, :modify_issue, @issue)
  end

  def authorize_admin_issue!
    return render_404 unless can?(current_user, :admin_issue, @issue)
  end

  def module_enabled
    return render_404 unless @project.issues_enabled
  end

  def issues_filtered
    @issues = case params[:f]
              when issues_filter[:all] then @project.issues
              when issues_filter[:closed] then @project.issues.closed
              when issues_filter[:to_me] then @project.issues.opened.assigned(current_user)
              else @project.issues.opened
              end

    @issues = @issues.tagged_with(params[:label_name]) if params[:label_name].present?
    @issues = @issues.includes(:author, :project).order("updated_at")

    # Filter by specific assignee_id (or lack thereof)?
    if params[:assignee_id].present?
      @issues = @issues.where(assignee_id: (params[:assignee_id] == '0' ? nil : params[:assignee_id]))
    end

    # Filter by specific milestone_id (or lack thereof)?
    if params[:milestone_id].present?
      @issues = @issues.where(milestone_id: (params[:milestone_id] == '0' ? nil : params[:milestone_id]))
    end

    @issues
  end

  def issues_filter
    {
      all: "all",
      closed: "closed",
      to_me: "assigned-to-me",
      open: "open" 
    }
  end
end
init commit 2011-10-08 17:36:38 -04:00			`class IssuesController < ApplicationController`
			`before_filter :authenticate_user!`
clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 09:46:25 -04:00			`before_filter :project`
Issues, MR, Wall can be enabled/disabled per project 2012-02-06 12:40:32 -05:00			`before_filter :module_enabled`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`before_filter :issue, only: [:edit, :update, :destroy, :show]`
Issues tags: refactoring 2012-06-27 16:13:44 -04:00			`helper_method :issues_filter`

project layout 2011-10-28 08:07:58 -04:00			`layout "project"`
init commit 2011-10-08 17:36:38 -04:00
			`# Authorize`
			`before_filter :add_project_abilities`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`# Allow read any issue`
init commit 2011-10-08 17:36:38 -04:00			`before_filter :authorize_read_issue!`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`# Allow write(create) issue`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`before_filter :authorize_write_issue!, only: [:new, :create]`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`# Allow modify issue`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`before_filter :authorize_modify_issue!, only: [:close, :edit, :update]`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`# Allow destroy issue`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`before_filter :authorize_admin_issue!, only: [:destroy]`
init commit 2011-10-08 17:36:38 -04:00
ability to attach branch to issue 2011-11-24 08:08:20 -05:00			`respond_to :js, :html`
init commit 2011-10-08 17:36:38 -04:00
			`def index`
Refactored IssuesController 2012-06-12 04:31:38 -04:00			`@issues = issues_filtered`
init commit 2011-10-08 17:36:38 -04:00
Milestone basic scaffold 2012-04-08 17:28:58 -04:00			`@issues = @issues.page(params[:page]).per(20)`
perfomance fix 2011-11-15 04:09:07 -05:00
init commit 2011-10-08 17:36:38 -04:00			`respond_to do \|format\|`
			`format.html # index.html.erb`
			`format.js`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`format.atom { render layout: false }`
init commit 2011-10-08 17:36:38 -04:00			`end`
			`end`

			`def new`
IssueController#new refactored 2012-09-07 13:59:12 -04:00			`@issue = @project.issues.new(params[:issue])`
init commit 2011-10-08 17:36:38 -04:00			`respond_with(@issue)`
			`end`

			`def edit`
			`respond_with(@issue)`
			`end`

			`def show`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`@note = @project.notes.new(noteable: @issue)`
refactored too 2011-11-04 11:46:51 -04:00
create atom feed for issues 2011-11-11 04:29:58 -05:00			`respond_to do \|format\|`
refactored too 2011-11-04 11:46:51 -04:00			`format.html`
move notes login to one controller 2012-02-24 02:16:06 -05:00			`format.js`
refactored too 2011-11-04 11:46:51 -04:00			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`

			`def create`
			`@issue = @project.issues.new(params[:issue])`
			`@issue.author = current_user`
Notification refactoring 2011-12-17 08:58:35 -05:00			`@issue.save`
init commit 2011-10-08 17:36:38 -04:00
Send author to post hook. Display push activity to dashboard 2012-02-29 15:38:24 -05:00			`respond_to do \|format\|`
Removed class 'small' for some buttons. Fixed issue creation 2012-08-30 13:00:16 -04:00			`format.html do`
			`if @issue.valid?`
			`redirect_to project_issue_path(@project, @issue)`
			`else`
			`render :new`
			`end`
			`end`
Send author to post hook. Display push activity to dashboard 2012-02-29 15:38:24 -05:00			`format.js`
			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`

			`def update`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`@issue.update_attributes(params[:issue].merge(author_id_of_changes: current_user.id))`
init commit 2011-10-08 17:36:38 -04:00
			`respond_to do \|format\|`
			`format.js`
Preparing 591 for merge. Restyled issues & merge requests. Fixed issue edit. 2012-03-25 12:05:24 -04:00			`format.html do`
			`if @issue.valid?`
			`redirect_to [@project, @issue]`
			`else`
			`render :edit`
			`end`
			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`
			`end`

			`def destroy`
security improved 2011-10-17 06:39:03 -04:00			`return access_denied! unless can?(current_user, :admin_issue, @issue)`

init commit 2011-10-08 17:36:38 -04:00			`@issue.destroy`

			`respond_to do \|format\|`
Redirect to issues list after deleting an issue in edit view 2012-01-04 07:47:57 -05:00			`format.html { redirect_to project_issues_path }`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`format.js { render nothing: true }`
init commit 2011-10-08 17:36:38 -04:00			`end`
			`end`
Sortable issues 2011-10-15 12:56:53 -04:00
			`def sort`
Milestone basic scaffold 2012-04-08 17:28:58 -04:00			`return render_404 unless can?(current_user, :admin_issue, @project)`

Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`@issues = @project.issues.where(id: params['issue'])`
Sortable issues 2011-10-15 12:56:53 -04:00			`@issues.each do \|issue\|`
			`issue.position = params['issue'].index(issue.id.to_s) + 1`
			`issue.save`
			`end`

Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`render nothing: true`
Sortable issues 2011-10-15 12:56:53 -04:00			`end`
security improved 2011-10-17 06:39:03 -04:00
Add ability to Search issues 2011-10-22 00:06:38 -04:00			`def search`
If terms are removed show all results for current status 2011-10-25 20:15:11 -04:00			`terms = params['terms']`

Refactored IssuesController 2012-06-12 04:31:38 -04:00			`@issues = issues_filtered`
green specs 2011-11-15 03:13:59 -05:00			`@issues = @issues.where("title LIKE ?", "%#{terms}%") unless terms.blank?`
Refactored IssuesController 2012-06-12 04:31:38 -04:00			`@issues = @issues.page(params[:page]).per(100)`
Add ability to Search issues 2011-10-22 00:06:38 -04:00
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`render partial: 'issues'`
Add ability to Search issues 2011-10-22 00:06:38 -04:00			`end`

Feature: Bulk Issues update 2012-07-27 20:35:24 -04:00			`def bulk_update`
			`result = IssuesBulkUpdateContext.new(project, current_user, params).execute`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`redirect_to :back, notice: "#{result[:count]} issues updated"`
Feature: Bulk Issues update 2012-07-27 20:35:24 -04:00			`end`

clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 09:46:25 -04:00			`protected`
security improved 2011-10-17 06:39:03 -04:00
			`def issue`
			`@issue \|\|= @project.issues.find(params[:id])`
			`end`
Abilities refactoring 2011-12-15 16:57:46 -05:00
			`def authorize_modify_issue!`
Abilities extended. Resources security improved 2012-02-21 17:31:18 -05:00			`return render_404 unless can?(current_user, :modify_issue, @issue)`
Abilities refactoring 2011-12-15 16:57:46 -05:00			`end`

			`def authorize_admin_issue!`
Abilities extended. Resources security improved 2012-02-21 17:31:18 -05:00			`return render_404 unless can?(current_user, :admin_issue, @issue)`
Abilities refactoring 2011-12-15 16:57:46 -05:00			`end`
Issues, MR, Wall can be enabled/disabled per project 2012-02-06 12:40:32 -05:00
			`def module_enabled`
			`return render_404 unless @project.issues_enabled`
			`end`
Refactored IssuesController 2012-06-12 04:31:38 -04:00
			`def issues_filtered`
Issues tags: refactoring 2012-06-27 16:13:44 -04:00			`@issues = case params[:f]`
			`when issues_filter[:all] then @project.issues`
			`when issues_filter[:closed] then @project.issues.closed`
			`when issues_filter[:to_me] then @project.issues.opened.assigned(current_user)`
Refactored IssuesController 2012-06-12 04:31:38 -04:00			`else @project.issues.opened`
			`end`

Issue Labels: Edit, show, index + filter 2012-06-27 14:20:35 -04:00			`@issues = @issues.tagged_with(params[:label_name]) if params[:label_name].present?`
Remove critical status from Issue. Move sort instead 2012-06-27 14:30:35 -04:00			`@issues = @issues.includes(:author, :project).order("updated_at")`
Allow filtering by issues with no assigned milestone Closes #1222 2012-08-13 01:38:00 -04:00
Allow filtering by issues with no assigned... assignee Continues #1222 2012-08-13 20:49:18 -04:00			`# Filter by specific assignee_id (or lack thereof)?`
			`if params[:assignee_id].present?`
			`@issues = @issues.where(assignee_id: (params[:assignee_id] == '0' ? nil : params[:assignee_id]))`
			`end`

Allow filtering by issues with no assigned milestone Closes #1222 2012-08-13 01:38:00 -04:00			`# Filter by specific milestone_id (or lack thereof)?`
			`if params[:milestone_id].present?`
			`@issues = @issues.where(milestone_id: (params[:milestone_id] == '0' ? nil : params[:milestone_id]))`
			`end`
Allow filtering by issues with no assigned... assignee Continues #1222 2012-08-13 20:49:18 -04:00
Refactored IssuesController 2012-06-12 04:31:38 -04:00			`@issues`
			`end`
Issues tags: refactoring 2012-06-27 16:13:44 -04:00
			`def issues_filter`
			`{`
Changed filters to readable one. Styled some stuff 2012-08-30 15:15:34 -04:00			`all: "all",`
			`closed: "closed",`
			`to_me: "assigned-to-me",`
			`open: "open"`
Issues tags: refactoring 2012-06-27 16:13:44 -04:00			`}`
			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`