2013-06-23 16:47:22 +00:00
|
|
|
class Projects::NotesController < Projects::ApplicationController
|
2017-04-27 10:41:26 +00:00
|
|
|
include NotesActions
|
2016-05-25 19:07:36 +00:00
|
|
|
include ToggleAwardEmoji
|
|
|
|
|
|
2015-04-16 12:03:37 +00:00
|
|
|
before_action :authorize_read_note!
|
2015-06-26 14:44:21 +00:00
|
|
|
before_action :authorize_create_note!, only: [:create]
|
2016-08-12 21:24:09 +00:00
|
|
|
before_action :authorize_resolve_note!, only: [:resolve, :unresolve]
|
2011-10-08 21:36:38 +00:00
|
|
|
|
2017-04-27 10:41:26 +00:00
|
|
|
#
|
|
|
|
|
# This is a fix to make spinach feature tests passing:
|
|
|
|
|
# Controller actions are returned from AbstractController::Base and methods of parent classes are
|
|
|
|
|
# excluded in order to return only specific controller related methods.
|
|
|
|
|
# That is ok for the app (no :create method in ancestors)
|
|
|
|
|
# but fails for tests because there is a :create method on FactoryGirl (one of the ancestors)
|
|
|
|
|
#
|
|
|
|
|
# see https://github.com/rails/rails/blob/v4.2.7/actionpack/lib/abstract_controller/base.rb#L78
|
|
|
|
|
#
|
2011-10-08 21:36:38 +00:00
|
|
|
def create
|
2017-04-27 10:41:26 +00:00
|
|
|
super
|
2013-06-25 22:46:07 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def delete_attachment
|
2013-12-25 20:32:23 +00:00
|
|
|
note.remove_attachment!
|
|
|
|
|
note.update_attribute(:attachment, nil)
|
2013-06-25 22:46:07 +00:00
|
|
|
|
|
|
|
|
respond_to do |format|
|
2016-03-16 01:16:25 +00:00
|
|
|
format.js { head :ok }
|
2013-06-25 22:46:07 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-07-04 14:00:39 +00:00
|
|
|
def resolve
|
2016-07-26 04:43:47 +00:00
|
|
|
return render_404 unless note.resolvable?
|
|
|
|
|
|
|
|
|
|
note.resolve!(current_user)
|
|
|
|
|
|
2016-08-15 23:45:23 +00:00
|
|
|
MergeRequests::ResolvedDiscussionNotificationService.new(project, current_user).execute(note.noteable)
|
2016-08-04 00:16:37 +00:00
|
|
|
|
2016-07-29 02:09:36 +00:00
|
|
|
discussion = note.discussion
|
2016-07-27 17:34:04 +00:00
|
|
|
|
2016-07-26 14:47:19 +00:00
|
|
|
render json: {
|
2016-07-27 17:34:04 +00:00
|
|
|
resolved_by: note.resolved_by.try(:name),
|
2016-07-29 02:09:36 +00:00
|
|
|
discussion_headline_html: (view_to_html_string('discussions/_headline', discussion: discussion) if discussion)
|
2016-07-26 14:47:19 +00:00
|
|
|
}
|
2016-07-04 14:00:39 +00:00
|
|
|
end
|
|
|
|
|
|
2016-07-26 04:43:47 +00:00
|
|
|
def unresolve
|
|
|
|
|
return render_404 unless note.resolvable?
|
|
|
|
|
|
|
|
|
|
note.unresolve!
|
|
|
|
|
|
2016-07-29 02:09:36 +00:00
|
|
|
discussion = note.discussion
|
2016-07-27 17:34:04 +00:00
|
|
|
|
|
|
|
|
render json: {
|
2016-07-29 02:09:36 +00:00
|
|
|
discussion_headline_html: (view_to_html_string('discussions/_headline', discussion: discussion) if discussion)
|
2016-07-27 17:34:04 +00:00
|
|
|
}
|
2016-07-05 16:27:07 +00:00
|
|
|
end
|
|
|
|
|
|
2013-12-25 20:32:23 +00:00
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def note
|
|
|
|
|
@note ||= @project.notes.find(params[:id])
|
|
|
|
|
end
|
2016-05-25 19:07:36 +00:00
|
|
|
alias_method :awardable, :note
|
2013-12-25 20:32:23 +00:00
|
|
|
|
2017-04-27 10:41:26 +00:00
|
|
|
def finder_params
|
|
|
|
|
params.merge(last_fetched_at: last_fetched_at)
|
2013-12-25 20:32:23 +00:00
|
|
|
end
|
2014-06-26 13:49:22 +00:00
|
|
|
|
2017-08-30 14:57:50 +00:00
|
|
|
def authorize_admin_note!
|
|
|
|
|
return access_denied! unless can?(current_user, :admin_note, note)
|
|
|
|
|
end
|
|
|
|
|
|
2016-07-26 04:43:47 +00:00
|
|
|
def authorize_resolve_note!
|
|
|
|
|
return access_denied! unless can?(current_user, :resolve_note, note)
|
|
|
|
|
end
|
2017-08-30 14:57:50 +00:00
|
|
|
|
|
|
|
|
def authorize_create_note!
|
2017-09-01 12:03:57 +00:00
|
|
|
return unless noteable.lockable?
|
2017-11-14 09:02:39 +00:00
|
|
|
|
2017-08-30 14:57:50 +00:00
|
|
|
access_denied! unless can?(current_user, :create_note, noteable)
|
|
|
|
|
end
|
2011-10-08 21:36:38 +00:00
|
|
|
end
|
