gitlab-org--gitlab-foss/app/controllers/admin/groups_controller.rb
Rémy Coutable 83c1395af2 Refactor authorized params in Admin::GroupsController
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-01-11 16:52:30 -05:00

78 lines
1.9 KiB
Ruby

class Admin::GroupsController < Admin::ApplicationController
before_action :group, only: [:edit, :update, :destroy, :project_update, :members_update]
def index
@groups = Group.with_statistics
@groups = @groups.sort(@sort = params[:sort])
@groups = @groups.search(params[:name]) if params[:name].present?
@groups = @groups.page(params[:page])
end
def show
@group = Group.with_statistics.joins(:route).group('routes.path').find_by_full_path(params[:id])
@members = @group.members.order("access_level DESC").page(params[:members_page])
@requesters = AccessRequestsFinder.new(@group).execute(current_user)
@projects = @group.projects.with_statistics.page(params[:projects_page])
end
def new
@group = Group.new
end
def edit
end
def create
@group = Group.new(group_params)
@group.name = @group.path.dup unless @group.name
if @group.save
@group.add_owner(current_user)
redirect_to [:admin, @group], notice: 'Group was successfully created.'
else
render "new"
end
end
def update
if @group.update_attributes(group_params)
redirect_to [:admin, @group], notice: 'Group was successfully updated.'
else
render "edit"
end
end
def members_update
@group.add_users(params[:user_ids].split(','), params[:access_level], current_user: current_user)
redirect_to [:admin, @group], notice: 'Users were successfully added.'
end
def destroy
DestroyGroupService.new(@group, current_user).async_execute
redirect_to admin_groups_path, alert: "Group '#{@group.name}' was scheduled for deletion."
end
private
def group
@group ||= Group.find_by_full_path(params[:id])
end
def group_params
params.require(:group).permit(group_params_ce)
end
def group_params_ce
[
:avatar,
:description,
:lfs_enabled,
:name,
:path,
:request_access_enabled,
:visibility_level
]
end
end