gitlab-org--gitlab-foss/app/controllers/projects/notes_controller.rb

class Projects::NotesController < Projects::ApplicationController
  # Authorize
  before_filter :authorize_read_note!
  before_filter :authorize_write_note!, only: [:create]
  before_filter :authorize_admin_note!, only: [:update, :destroy]

  def index
    current_fetched_at = Time.now.to_i
    @notes = NotesFinder.new.execute(project, current_user, params)

    notes_json = { notes: [], last_fetched_at: current_fetched_at }

    @notes.each do |note|
      notes_json[:notes] << {
        id: note.id,
        html: note_to_html(note)
      }
    end

    render json: notes_json
  end

  def create
    @note = Notes::CreateService.new(project, current_user, params[:note]).execute

    respond_to do |format|
      format.json { render_note_json(@note) }
      format.html { redirect_to :back }
    end
  end

  def update
    note.update_attributes(params[:note])
    note.reset_events_cache

    respond_to do |format|
      format.json { render_note_json(note) }
      format.html { redirect_to :back }
    end
  end

  def destroy
    note.destroy
    note.reset_events_cache

    respond_to do |format|
      format.js { render nothing: true }
    end
  end

  def delete_attachment
    note.remove_attachment!
    note.update_attribute(:attachment, nil)

    respond_to do |format|
      format.js { render nothing: true }
    end
  end

  def preview
    render text: view_context.markdown(params[:note])
  end

  private

  def note
    @note ||= @project.notes.find(params[:id])
  end

  def note_to_html(note)
    render_to_string(
      "projects/notes/_note",
      layout: false,
      formats: [:html],
      locals: { note: note }
    )
  end

  def note_to_discussion_html(note)
    render_to_string(
      "projects/notes/_diff_notes_with_reply",
      layout: false,
      formats: [:html],
      locals: { notes: [note] }
    )
  end

  def note_to_discussion_with_diff_html(note)
    return unless note.for_diff_line?

    render_to_string(
      "projects/notes/_discussion",
      layout: false,
      formats: [:html],
      locals: { discussion_notes: [note] }
    )
  end

  def render_note_json(note)
    render json: {
      id: note.id,
      discussion_id: note.discussion_id,
      html: note_to_html(note),
      discussion_html: note_to_discussion_html(note),
      discussion_with_diff_html: note_to_discussion_with_diff_html(note)
    }
  end

  def authorize_admin_note!
    return access_denied! unless can?(current_user, :admin_note, note)
  end
end
Move projects controllers/views in Projects module 2013-06-23 12:47:22 -04:00			`class Projects::NotesController < Projects::ApplicationController`
init commit 2011-10-08 17:36:38 -04:00			`# Authorize`
Abilities refactoring 2011-12-15 16:57:46 -05:00			`before_filter :authorize_read_note!`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`before_filter :authorize_write_note!, only: [:create]`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`before_filter :authorize_admin_note!, only: [:update, :destroy]`
init commit 2011-10-08 17:36:38 -04:00
move notes login to one controller 2012-02-24 02:16:06 -05:00			`def index`
Serialize last_fetched_at as a string with seconds 2014-04-28 06:42:01 -04:00			`current_fetched_at = Time.now.to_i`
Move services for collecting items to Finders Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-02-25 12:15:08 -05:00			`@notes = NotesFinder.new.execute(project, current_user, params)`
Add discussions for merge requests to notes controller 2012-10-29 10:56:17 -04:00
Pass last_fetched_at for notes to javascript 2014-04-28 06:21:49 -04:00			`notes_json = { notes: [], last_fetched_at: current_fetched_at }`
Make notes for merge requests include commit notes and add helpers 2012-10-10 06:06:30 -04:00
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`@notes.each do \|note\|`
			`notes_json[:notes] << {`
			`id: note.id,`
			`html: note_to_html(note)`
			`}`
Drop rjs from Notes#index Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-29 07:46:40 -05:00			`end`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00
			`render json: notes_json`
move notes login to one controller 2012-02-24 02:16:06 -05:00			`end`

init commit 2011-10-08 17:36:38 -04:00			`def create`
Remove NotesObserver 2014-06-17 15:09:01 -04:00			`@note = Notes::CreateService.new(project, current_user, params[:note]).execute`
init commit 2011-10-08 17:36:38 -04:00
			`respond_to do \|format\|`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`format.json { render_note_json(@note) }`
			`format.html { redirect_to :back }`
init commit 2011-10-08 17:36:38 -04:00			`end`
			`end`

Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`def update`
			`note.update_attributes(params[:note])`
			`note.reset_events_cache`
init commit 2011-10-08 17:36:38 -04:00
			`respond_to do \|format\|`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`format.json { render_note_json(note) }`
			`format.html { redirect_to :back }`
init commit 2011-10-08 17:36:38 -04:00			`end`
			`end`

Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`def destroy`
			`note.destroy`
			`note.reset_events_cache`
Added update and delete_attachment actions to note controller 2013-06-25 18:46:07 -04:00
			`respond_to do \|format\|`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`format.js { render nothing: true }`
Added update and delete_attachment actions to note controller 2013-06-25 18:46:07 -04:00			`end`
			`end`

			`def delete_attachment`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`note.remove_attachment!`
			`note.update_attribute(:attachment, nil)`
Added update and delete_attachment actions to note controller 2013-06-25 18:46:07 -04:00
			`respond_to do \|format\|`
			`format.js { render nothing: true }`
			`end`
			`end`

render notes preview on server-side 2012-08-08 05:25:24 -04:00			`def preview`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`render text: view_context.markdown(params[:note])`
render notes preview on server-side 2012-08-08 05:25:24 -04:00			`end`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00
			`private`

			`def note`
			`@note \|\|= @project.notes.find(params[:id])`
			`end`

			`def note_to_html(note)`
			`render_to_string(`
			`"projects/notes/_note",`
			`layout: false,`
			`formats: [:html],`
			`locals: { note: note }`
			`)`
			`end`

			`def note_to_discussion_html(note)`
			`render_to_string(`
			`"projects/notes/_diff_notes_with_reply",`
			`layout: false,`
			`formats: [:html],`
			`locals: { notes: [note] }`
			`)`
			`end`

Improve merge request comments When add diff note on 'Changes' page - and then go to 'Discussions' tab you will not see this discussion unless you reload a page. This commit fixes it by rendering discussion on 'Discussion' page as soon as you submit comment on 'Changes' page Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-24 07:57:59 -04:00			`def note_to_discussion_with_diff_html(note)`
dont render discussion diff unless note is for diff Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-25 03:14:35 -04:00			`return unless note.for_diff_line?`

Improve merge request comments When add diff note on 'Changes' page - and then go to 'Discussions' tab you will not see this discussion unless you reload a page. This commit fixes it by rendering discussion on 'Discussion' page as soon as you submit comment on 'Changes' page Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-24 07:57:59 -04:00			`render_to_string(`
			`"projects/notes/_discussion",`
			`layout: false,`
			`formats: [:html],`
			`locals: { discussion_notes: [note] }`
			`)`
			`end`

Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`def render_note_json(note)`
			`render json: {`
			`id: note.id,`
			`discussion_id: note.discussion_id,`
			`html: note_to_html(note),`
Improve merge request comments When add diff note on 'Changes' page - and then go to 'Discussions' tab you will not see this discussion unless you reload a page. This commit fixes it by rendering discussion on 'Discussion' page as soon as you submit comment on 'Changes' page Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-24 07:57:59 -04:00			`discussion_html: note_to_discussion_html(note),`
			`discussion_with_diff_html: note_to_discussion_with_diff_html(note)`
Switch Notes controller to use json Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-25 15:32:23 -05:00			`}`
			`end`

			`def authorize_admin_note!`
			`return access_denied! unless can?(current_user, :admin_note, note)`
			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`