From cc869d5dc101ea1175e308d8532064f06072d08b Mon Sep 17 00:00:00 2001 From: Andrew8xx8 Date: Sat, 23 Mar 2013 22:14:37 +0400 Subject: [PATCH] Private field added to snippet --- .../projects/snippets_controller.rb | 92 +++++++++++++++++++ .../20130323174317_add_private_to_snippets.rb | 5 + db/schema.rb | 3 +- 3 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 app/controllers/projects/snippets_controller.rb create mode 100644 db/migrate/20130323174317_add_private_to_snippets.rb diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb new file mode 100644 index 00000000000..a2e22a670a3 --- /dev/null +++ b/app/controllers/projects/snippets_controller.rb @@ -0,0 +1,92 @@ +class SnippetsController < ProjectResourceController + before_filter :module_enabled + before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw] + + # Allow read any snippet + before_filter :authorize_read_snippet! + + # Allow write(create) snippet + before_filter :authorize_write_snippet!, only: [:new, :create] + + # Allow modify snippet + before_filter :authorize_modify_snippet!, only: [:edit, :update] + + # Allow destroy snippet + before_filter :authorize_admin_snippet!, only: [:destroy] + + respond_to :html + + def index + @snippets = @project.snippets.fresh.non_expired + end + + def new + @snippet = @project.snippets.new + end + + def create + @snippet = @project.snippets.new(params[:snippet]) + @snippet.author = current_user + @snippet.save + + if @snippet.valid? + redirect_to [@project, @snippet] + else + respond_with(@snippet) + end + end + + def edit + end + + def update + @snippet.update_attributes(params[:snippet]) + + if @snippet.valid? + redirect_to [@project, @snippet] + else + respond_with(@snippet) + end + end + + def show + @note = @project.notes.new(noteable: @snippet) + @target_type = :snippet + @target_id = @snippet.id + end + + def destroy + return access_denied! unless can?(current_user, :admin_snippet, @snippet) + + @snippet.destroy + + redirect_to project_snippets_path(@project) + end + + def raw + send_data( + @snippet.content, + type: "text/plain", + disposition: 'inline', + filename: @snippet.file_name + ) + end + + protected + + def snippet + @snippet ||= @project.snippets.find(params[:id]) + end + + def authorize_modify_snippet! + return render_404 unless can?(current_user, :modify_snippet, @snippet) + end + + def authorize_admin_snippet! + return render_404 unless can?(current_user, :admin_snippet, @snippet) + end + + def module_enabled + return render_404 unless @project.snippets_enabled + end +end diff --git a/db/migrate/20130323174317_add_private_to_snippets.rb b/db/migrate/20130323174317_add_private_to_snippets.rb new file mode 100644 index 00000000000..427b530464d --- /dev/null +++ b/db/migrate/20130323174317_add_private_to_snippets.rb @@ -0,0 +1,5 @@ +class AddPrivateToSnippets < ActiveRecord::Migration + def change + add_column :snippets, :private, :boolean + end +end diff --git a/db/schema.rb b/db/schema.rb index e4349ac4bf7..a48b85c153e 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20130318212250) do +ActiveRecord::Schema.define(:version => 20130323174317) do create_table "events", :force => true do |t| t.string "target_type" @@ -190,6 +190,7 @@ ActiveRecord::Schema.define(:version => 20130318212250) do t.datetime "updated_at", :null => false t.string "file_name" t.datetime "expires_at" + t.boolean "private" end add_index "snippets", ["created_at"], :name => "index_snippets_on_created_at"