class Projects::GroupLinksController < Projects::ApplicationController layout 'project_settings' before_action :authorize_admin_project! before_action :authorize_admin_project_member!, only: [:update] def index redirect_to namespace_project_settings_members_path end def create group = Group.find(params[:link_group_id]) if params[:link_group_id].present? if group return render_404 unless can?(current_user, :read_group, group) Projects::GroupLinks::CreateService.new(project, current_user, group_link_create_params).execute(group) else flash[:alert] = 'Please select a group.' end redirect_to project_project_members_path(project) end def update @group_link = @project.project_group_links.find(params[:id]) @group_link.update_attributes(group_link_params) end def destroy group_link = project.project_group_links.find(params[:id]) ::Projects::GroupLinks::DestroyService.new(project, current_user).execute(group_link) respond_to do |format| format.html do redirect_to project_project_members_path(project), status: 302 end format.js { head :ok } end end protected def group_link_params params.require(:group_link).permit(:group_access, :expires_at) end def group_link_create_params params.permit(:link_group_access, :expires_at) end end