kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app/controllers/projects/issues_controller.rb
Stan Hu 9bfc531ec6 Redirect to a default path if HTTP_REFERER is not set 
Safari 9.0 does not yet honor the HTML5 `origin-when-cross-origin` mode,
and it's possible load balancers/proxies strip the HTTP_REFERER from
the request header. In these cases, default to some default path.

Closes #3122

Closes https://github.com/gitlabhq/gitlabhq/issues/9731
2015-10-20 07:45:48 -07:00

175 lines
4.1 KiB
Ruby
Raw Blame History

class Projects::IssuesController < Projects::ApplicationController
before_action :module_enabled
before_action :issue, only: [:edit, :update, :show, :toggle_subscription]
# Allow read any issue
before_action :authorize_read_issue!
# Allow write(create) issue
before_action :authorize_create_issue!, only: [:new, :create]
# Allow modify issue
before_action :authorize_update_issue!, only: [:edit, :update]
# Allow issues bulk update
before_action :authorize_admin_issues!, only: [:bulk_update]
# Cross-reference merge requests
before_action :closed_by_merge_requests, only: [:show]
respond_to :html
def index
terms = params['issue_search']
@issues = get_issues_collection
if terms.present?
if terms =~ /\A#(\d+)\z/
@issues = @issues.where(iid: $1)
else
@issues = @issues.full_search(terms)
end
end
@issues = @issues.page(params[:page]).per(PER_PAGE)
respond_to do |format|
format.html
format.atom { render layout: false }
format.json do
render json: {
html: view_to_html_string("projects/issues/_issues")
}
end
end
end
def new
params[:issue] ||= ActionController::Parameters.new(
assignee_id: ""
)
@issue = @project.issues.new(issue_params)
respond_with(@issue)
end
def edit
respond_with(@issue)
end
def show
@participants = @issue.participants(current_user)
@note = @project.notes.new(noteable: @issue)
@notes = @issue.notes.with_associations.fresh
@noteable = @issue
respond_with(@issue)
end
def create
@issue = Issues::CreateService.new(project, current_user, issue_params).execute
respond_to do |format|
format.html do
if @issue.valid?
redirect_to issue_path(@issue)
else
render :new
end
end
format.js do |format|
@link = @issue.attachment.url.to_js
end
end
end
def update
@issue = Issues::UpdateService.new(project, current_user, issue_params).execute(issue)
respond_to do |format|
format.js
format.html do
if @issue.valid?
redirect_to issue_path(@issue)
else
render :edit
end
end
format.json do
render json: {
saved: @issue.valid?,
assignee_avatar_url: @issue.assignee.try(:avatar_url)
}
end
end
end
def bulk_update
result = Issues::BulkUpdateService.new(project, current_user, bulk_update_params).execute
redirect_back_or_default(default: { action: 'index' }, options: { notice: "#{result[:count]} issues updated" })
end
def toggle_subscription
@issue.toggle_subscription(current_user)
render nothing: true
end
def closed_by_merge_requests
@closed_by_merge_requests ||= @issue.closed_by_merge_requests(current_user)
end
protected
def issue
@issue ||= begin
@project.issues.find_by!(iid: params[:id])
rescue ActiveRecord::RecordNotFound
redirect_old
end
end
def authorize_update_issue!
return render_404 unless can?(current_user, :update_issue, @issue)
end
def authorize_admin_issues!
return render_404 unless can?(current_user, :admin_issue, @project)
end
def module_enabled
return render_404 unless @project.issues_enabled && @project.default_issues_tracker?
end
# Since iids are implemented only in 6.1
# user may navigate to issue page using old global ids.
#
# To prevent 404 errors we provide a redirect to correct iids until 7.0 release
#
def redirect_old
issue = @project.issues.find_by(id: params[:id])
if issue
redirect_to issue_path(issue)
return
else
raise ActiveRecord::RecordNotFound.new
end
end
def issue_params
params.require(:issue).permit(
:title, :assignee_id, :position, :description,
:milestone_id, :state_event, :task_num, label_ids: []
)
end
def bulk_update_params
params.require(:update).permit(
:issues_ids,
:assignee_id,
:milestone_id,
:state_event
)
end
end
View git blame Copy permalink