gitlab-org--gitlab-foss/app/controllers/projects/discussions_controller.rb

class Projects::DiscussionsController < Projects::ApplicationController
  before_action :module_enabled
  before_action :merge_request
  before_action :discussion
  before_action :authorize_resolve_discussion!

  def resolve
    Discussions::ResolveService.new(project, current_user, merge_request: merge_request).execute(discussion)

    render json: {
      resolved_by: discussion.resolved_by.try(:name),
      discussion_headline_html: view_to_html_string('discussions/_headline', discussion: discussion)
    }
  end

  def unresolve
    discussion.unresolve!

    render json: {
      discussion_headline_html: view_to_html_string('discussions/_headline', discussion: discussion)
    }
  end

  private

  def merge_request
    @merge_request ||= MergeRequestsFinder.new(current_user, project_id: @project.id).find_by!(iid: params[:merge_request_id])
  end

  def discussion
    @discussion ||= @merge_request.find_diff_discussion(params[:id]) || render_404
  end

  def authorize_resolve_discussion!
    access_denied! unless discussion.can_resolve?(current_user)
  end

  def module_enabled
    render_404 unless @project.feature_available?(:merge_requests, current_user)
  end
end
Add endpoints to resolve diff notes and discussions 2016-07-26 00:43:47 -04:00			`class Projects::DiscussionsController < Projects::ApplicationController`
			`before_action :module_enabled`
			`before_action :merge_request`
			`before_action :discussion`
			`before_action :authorize_resolve_discussion!`

			`def resolve`
Feature: delegate all open discussions to Issue When a merge request can only be merged when all discussions are resolved. This feature allows to easily delegate those discussions to a new issue, while marking them as resolved in the merge request. The user is presented with a new issue, prepared with mentions of all unresolved discussions, including the first unresolved note of the discussion, time and link to the note. When the issue is created, the discussions in the merge request will get a system note directing the user to the newly created issue. 2016-10-26 17:21:50 -04:00			`Discussions::ResolveService.new(project, current_user, merge_request: merge_request).execute(discussion)`
Add 'Resolved all discussions' system note 2016-07-28 22:39:35 -04:00
Added resolved by users name into tooltip 2016-07-26 10:47:19 -04:00			`render json: {`
Updates the text above discussions when resolving notes & discussions 2016-07-27 13:34:04 -04:00			`resolved_by: discussion.resolved_by.try(:name),`
Backend tweaks 2016-07-28 22:09:36 -04:00			`discussion_headline_html: view_to_html_string('discussions/_headline', discussion: discussion)`
Added resolved by users name into tooltip 2016-07-26 10:47:19 -04:00			`}`
Add endpoints to resolve diff notes and discussions 2016-07-26 00:43:47 -04:00			`end`

			`def unresolve`
			`discussion.unresolve!`

Updates the text above discussions when resolving notes & discussions 2016-07-27 13:34:04 -04:00			`render json: {`
Backend tweaks 2016-07-28 22:09:36 -04:00			`discussion_headline_html: view_to_html_string('discussions/_headline', discussion: discussion)`
Updates the text above discussions when resolving notes & discussions 2016-07-27 13:34:04 -04:00			`}`
Add endpoints to resolve diff notes and discussions 2016-07-26 00:43:47 -04:00			`end`

			`private`

			`def merge_request`
Merge branch 'jej-23867-use-mr-finder-instead-of-access-check' into 'security' Replace MR access checks with use of MergeRequestsFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested - [x] :bomb: app/finders/notes_finder.rb:17 - [x] :warning: app/views/layouts/nav/_project.html.haml:80 [`.count`] - [x] :bomb: app/controllers/concerns/creates_commit.rb:84 - [x] :traffic_light: app/controllers/projects/commits_controller.rb:24 - [x] :traffic_light: app/controllers/projects/compare_controller.rb:56 - [x] :vertical_traffic_light: app/controllers/projects/discussions_controller.rb:29 - [x] :white_check_mark: app/controllers/projects/todos_controller.rb:27 - [x] :vertical_traffic_light: app/models/commit.rb:268 - [x] :white_check_mark: lib/gitlab/search_results.rb:71 - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_267_266 Memoize ` merged_merge_request(current_user)` - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_248_247 Expected side effect for `merged_merge_request!`, consider `skip_authorization: true`. - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_269_269 Scary use of unchecked `merged_merge_request?` See merge request !2033 2016-11-29 08:47:43 -05:00			`@merge_request \|\|= MergeRequestsFinder.new(current_user, project_id: @project.id).find_by!(iid: params[:merge_request_id])`
Add endpoints to resolve diff notes and discussions 2016-07-26 00:43:47 -04:00			`end`

			`def discussion`
Store discussion_id on Note for faster discussion lookup. 2016-08-17 13:14:44 -04:00			`@discussion \|\|= @merge_request.find_diff_discussion(params[:id]) \|\| render_404`
Add endpoints to resolve diff notes and discussions 2016-07-26 00:43:47 -04:00			`end`

			`def authorize_resolve_discussion!`
			`access_denied! unless discussion.can_resolve?(current_user)`
			`end`

			`def module_enabled`
Project tools visibility level 2016-08-01 18:31:21 -04:00			`render_404 unless @project.feature_available?(:merge_requests, current_user)`
Add endpoints to resolve diff notes and discussions 2016-07-26 00:43:47 -04:00			`end`
			`end`