2016-08-01 12:09:41 -04:00
|
|
|
class Projects::BoardsController < Projects::ApplicationController
|
2016-08-08 18:03:41 -04:00
|
|
|
before_action :authorize_read_board!, only: [:show]
|
|
|
|
|
2016-08-01 12:09:41 -04:00
|
|
|
def show
|
2016-08-02 20:49:26 -04:00
|
|
|
board = Boards::CreateService.new(project, current_user).execute
|
2016-08-01 12:31:58 -04:00
|
|
|
|
2016-08-01 12:09:41 -04:00
|
|
|
respond_to do |format|
|
|
|
|
format.html
|
2016-08-09 18:13:08 -04:00
|
|
|
format.json { render json: board.lists.as_json(only: [:id, :list_type, :position], methods: [:title], include: { label: { only: [:id, :title, :description, :color, :priority] } }) }
|
2016-08-01 12:09:41 -04:00
|
|
|
end
|
|
|
|
end
|
2016-08-08 18:03:41 -04:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def authorize_read_board!
|
|
|
|
unless can?(current_user, :read_board, project)
|
|
|
|
respond_to do |format|
|
|
|
|
format.html { return access_denied! }
|
|
|
|
format.json { return render_403 }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-08-01 12:09:41 -04:00
|
|
|
end
|