debian-mirror-gitlab/app/controllers/projects/issues_controller.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

466 lines
14 KiB
Ruby
Raw Permalink Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
class Projects::IssuesController < Projects::ApplicationController
2016-06-02 11:05:42 +05:30
include ToggleSubscriptionAction
include IssuableActions
include ToggleAwardEmoji
2016-09-13 17:45:13 +05:30
include IssuableCollections
2018-11-08 19:23:39 +05:30
include IssuesCalendar
2019-03-02 22:35:43 +05:30
include RecordUserLastActivity
2023-03-04 22:38:38 +05:30
include ::Observability::ContentSecurityPolicy
2016-06-02 11:05:42 +05:30
2020-11-24 15:15:51 +05:30
ISSUES_EXCEPT_ACTIONS = %i[index calendar new create bulk_update import_csv export_csv service_desk].freeze
2022-06-21 17:19:12 +05:30
SET_ISSUABLES_INDEX_ONLY_ACTIONS = %i[index calendar service_desk].freeze
2018-12-13 13:39:08 +05:30
2018-11-29 20:51:05 +05:30
prepend_before_action(only: [:index]) { authenticate_sessionless_user!(:rss) }
prepend_before_action(only: [:calendar]) { authenticate_sessionless_user!(:ics) }
2020-04-22 19:07:51 +05:30
prepend_before_action :authenticate_user!, only: [:new, :export_csv]
2019-12-04 20:38:33 +05:30
prepend_before_action :store_uri, only: [:new, :show, :designs]
2017-08-17 22:00:37 +05:30
2021-04-29 21:17:54 +05:30
before_action :disable_query_limiting, only: [:create_merge_request, :move, :bulk_update]
2017-09-10 17:25:29 +05:30
before_action :check_issues_available!
2020-11-24 15:15:51 +05:30
before_action :issue, unless: ->(c) { ISSUES_EXCEPT_ACTIONS.include?(c.action_name.to_sym) }
2023-07-09 08:55:56 +05:30
before_action :redirect_if_work_item, unless: ->(c) { work_item_redirect_except_actions.include?(c.action_name.to_sym) }
2023-05-27 22:25:52 +05:30
before_action :require_incident_for_incident_routes, only: :show
2022-07-23 23:45:48 +05:30
2022-08-13 15:12:31 +05:30
after_action :log_issue_show, only: :show
2018-12-13 13:39:08 +05:30
2022-06-21 17:19:12 +05:30
before_action :set_issuables_index, if: ->(c) {
2022-07-23 23:45:48 +05:30
SET_ISSUABLES_INDEX_ONLY_ACTIONS.include?(c.action_name.to_sym) && !index_html_request?
2022-06-21 17:19:12 +05:30
}
2023-03-17 16:20:25 +05:30
before_action :check_search_rate_limit!, if: ->(c) {
2023-04-23 21:23:45 +05:30
SET_ISSUABLES_INDEX_ONLY_ACTIONS.include?(c.action_name.to_sym) && !index_html_request? && params[:search].present?
2023-03-17 16:20:25 +05:30
}
2014-09-02 18:07:02 +05:30
# Allow write(create) issue
2015-09-11 14:41:01 +05:30
before_action :authorize_create_issue!, only: [:new, :create]
2014-09-02 18:07:02 +05:30
# Allow modify issue
2019-09-30 21:07:59 +05:30
before_action :authorize_update_issuable!, only: [:edit, :update, :move, :reorder]
2014-09-02 18:07:02 +05:30
2017-08-17 22:00:37 +05:30
# Allow create a new branch and empty WIP merge request from current issue
2018-05-09 12:01:36 +05:30
before_action :authorize_create_merge_request_from!, only: [:create_merge_request]
2017-08-17 22:00:37 +05:30
2019-02-15 15:39:39 +05:30
before_action :authorize_import_issues!, only: [:import_csv]
2023-03-04 22:38:38 +05:30
before_action :authorize_read_code!, only: [:related_branches]
2019-02-15 15:39:39 +05:30
2019-12-21 20:55:43 +05:30
before_action do
2022-11-25 23:54:43 +05:30
push_frontend_feature_flag(:preserve_unchanged_markdown, project)
2023-06-20 00:43:36 +05:30
push_frontend_feature_flag(:content_editor_on_issues, project&.group)
push_force_frontend_feature_flag(:content_editor_on_issues, project&.content_editor_on_issues_feature_flag_enabled?)
2023-04-23 21:23:45 +05:30
push_frontend_feature_flag(:service_desk_new_note_email_native_attachments, project)
2023-05-27 22:25:52 +05:30
push_frontend_feature_flag(:saved_replies, current_user)
2019-12-21 20:55:43 +05:30
end
2022-08-27 11:52:29 +05:30
before_action only: [:index, :show] do
push_force_frontend_feature_flag(:work_items, project&.work_items_feature_flag_enabled?)
end
2023-01-13 00:05:48 +05:30
before_action only: :index do
push_frontend_feature_flag(:or_issuable_queries, project)
2023-04-23 21:23:45 +05:30
push_frontend_feature_flag(:frontend_caching, project&.group)
2023-01-13 00:05:48 +05:30
end
2020-05-24 23:13:21 +05:30
before_action only: :show do
2022-07-16 23:28:13 +05:30
push_frontend_feature_flag(:issue_assignees_widget, project)
2023-01-13 00:05:48 +05:30
push_frontend_feature_flag(:work_items_mvc, project&.group)
2023-03-04 22:38:38 +05:30
push_force_frontend_feature_flag(:work_items_mvc, project&.work_items_mvc_feature_flag_enabled?)
2022-08-27 11:52:29 +05:30
push_force_frontend_feature_flag(:work_items_mvc_2, project&.work_items_mvc_2_feature_flag_enabled?)
2022-10-11 01:57:18 +05:30
push_frontend_feature_flag(:epic_widget_edit_confirmation, project)
2023-07-09 08:55:56 +05:30
push_frontend_feature_flag(:moved_mr_sidebar, project)
2020-07-28 23:09:34 +05:30
end
2020-03-13 15:44:24 +05:30
around_action :allow_gitaly_ref_name_caching, only: [:discussions]
2014-09-02 18:07:02 +05:30
respond_to :html
2019-12-04 20:38:33 +05:30
alias_method :designs, :show
2021-12-11 22:18:48 +05:30
feature_category :team_planning, [
2022-10-11 01:57:18 +05:30
:index, :calendar, :show, :new, :create, :edit, :update,
:destroy, :move, :reorder, :designs, :toggle_subscription,
:discussions, :bulk_update, :realtime_changes,
:toggle_award_emoji, :mark_as_spam, :related_branches,
:can_create_branch, :create_merge_request
]
2022-07-16 23:28:13 +05:30
urgency :low, [
2022-10-11 01:57:18 +05:30
:index, :calendar, :show, :new, :create, :edit, :update,
:destroy, :move, :reorder, :designs, :toggle_subscription,
:discussions, :bulk_update, :realtime_changes,
:toggle_award_emoji, :mark_as_spam, :related_branches,
:can_create_branch, :create_merge_request
]
2021-01-03 14:25:43 +05:30
feature_category :service_desk, [:service_desk]
2022-04-04 11:22:00 +05:30
urgency :low, [:service_desk]
2021-01-03 14:25:43 +05:30
feature_category :importers, [:import_csv, :export_csv]
2022-07-16 23:28:13 +05:30
urgency :low, [:import_csv, :export_csv]
2021-01-03 14:25:43 +05:30
2021-02-22 17:27:13 +05:30
attr_accessor :vulnerability_id
2014-09-02 18:07:02 +05:30
def index
2022-07-23 23:45:48 +05:30
if index_html_request?
2022-05-07 20:08:51 +05:30
set_sort_order
else
@issues = @issuables
end
2017-08-17 22:00:37 +05:30
2014-09-02 18:07:02 +05:30
respond_to do |format|
format.html
2022-05-07 20:08:51 +05:30
format.atom { render layout: 'xml' }
2014-09-02 18:07:02 +05:30
format.json do
render json: {
2016-06-02 11:05:42 +05:30
html: view_to_html_string("projects/issues/_issues"),
labels: @labels.as_json(methods: :text_color)
2014-09-02 18:07:02 +05:30
}
end
end
end
2018-11-08 19:23:39 +05:30
def calendar
render_issues_calendar(@issuables)
end
2014-09-02 18:07:02 +05:30
def new
params[:issue] ||= ActionController::Parameters.new(
2017-08-17 22:00:37 +05:30
assignee_ids: ""
2014-09-02 18:07:02 +05:30
)
2021-06-08 01:23:25 +05:30
build_params = issue_params.merge(
2017-08-17 22:00:37 +05:30
merge_request_to_resolve_discussions_of: params[:merge_request_to_resolve_discussions_of],
2020-05-24 23:13:21 +05:30
discussion_to_resolve: params[:discussion_to_resolve],
2021-06-08 01:23:25 +05:30
confidential: !!Gitlab::Utils.to_boolean(issue_params[:confidential])
2017-08-17 22:00:37 +05:30
)
2023-04-23 21:23:45 +05:30
service = ::Issues::BuildService.new(container: project, current_user: current_user, params: build_params)
2017-08-17 22:00:37 +05:30
@issue = @noteable = service.execute
2020-05-24 23:13:21 +05:30
2022-05-07 20:08:51 +05:30
@add_related_issue = add_related_issue
2017-08-17 22:00:37 +05:30
@merge_request_to_resolve_discussions_of = service.merge_request_to_resolve_discussions_of
2021-11-11 11:23:49 +05:30
if params[:discussion_to_resolve]
Gitlab::UsageDataCounters::MergeRequestActivityUniqueCounter.track_resolve_thread_in_issue_action(user: current_user)
@discussion_to_resolve = service.discussions_to_resolve.first
end
2014-09-02 18:07:02 +05:30
respond_with(@issue)
end
def edit
respond_with(@issue)
end
def create
2021-09-30 23:02:18 +05:30
create_params = issue_params.merge(
2022-05-07 20:08:51 +05:30
add_related_issue: add_related_issue,
2017-08-17 22:00:37 +05:30
merge_request_to_resolve_discussions_of: params[:merge_request_to_resolve_discussions_of],
discussion_to_resolve: params[:discussion_to_resolve]
)
2021-09-30 23:02:18 +05:30
spam_params = ::Spam::SpamParams.new_from_request(request: request)
2023-04-23 21:23:45 +05:30
service = ::Issues::CreateService.new(container: project, current_user: current_user, params: create_params, spam_params: spam_params)
2022-11-25 23:54:43 +05:30
result = service.execute
2017-08-17 22:00:37 +05:30
2022-11-25 23:54:43 +05:30
# Only irrecoverable errors such as unauthorized user won't contain an issue in the response
if result.error? && result[:issue].blank?
render_by_create_result_error(result) && return
2017-08-17 22:00:37 +05:30
end
2014-09-02 18:07:02 +05:30
2022-11-25 23:54:43 +05:30
@issue = result[:issue]
if result.success?
create_vulnerability_issue_feedback(@issue)
if service.discussions_to_resolve.count(&:resolved?) > 0
flash[:notice] = if service.discussion_to_resolve_id
_("Resolved 1 discussion.")
else
_("Resolved all discussions.")
end
end
2021-10-27 15:23:28 +05:30
redirect_to project_issue_path(@project, @issue)
else
# NOTE: this CAPTCHA support method is indirectly included via IssuableActions
2022-05-07 20:08:51 +05:30
with_captcha_check_html_format(spammable: spammable) { render :new }
2014-09-02 18:07:02 +05:30
end
end
2018-03-17 18:26:18 +05:30
def move
params.require(:move_to_project_id)
2014-09-02 18:07:02 +05:30
2016-06-02 11:05:42 +05:30
if params[:move_to_project_id].to_i > 0
new_project = Project.find(params[:move_to_project_id])
return render_404 unless issue.can_move?(current_user, new_project)
2023-04-23 21:23:45 +05:30
@issue = ::Issues::MoveService.new(container: project, current_user: current_user).execute(issue, new_project)
2016-06-02 11:05:42 +05:30
end
2014-09-02 18:07:02 +05:30
respond_to do |format|
2016-06-02 11:05:42 +05:30
format.json do
2018-03-17 18:26:18 +05:30
render_issue_json
2016-06-02 11:05:42 +05:30
end
end
2016-09-29 09:46:39 +05:30
rescue ActiveRecord::StaleObjectError
2017-08-17 22:00:37 +05:30
render_conflict_response
2016-06-02 11:05:42 +05:30
end
2019-09-30 21:07:59 +05:30
def reorder
2023-04-23 21:23:45 +05:30
service = ::Issues::ReorderService.new(container: project, current_user: current_user, params: reorder_params)
2019-09-30 21:07:59 +05:30
if service.execute(issue)
head :ok
else
head :unprocessable_entity
end
end
2016-06-02 11:05:42 +05:30
def related_branches
2020-11-24 15:15:51 +05:30
@related_branches = ::Issues::RelatedBranchesService
2023-04-23 21:23:45 +05:30
.new(container: project, current_user: current_user)
2020-05-24 23:13:21 +05:30
.execute(issue)
.map { |branch| branch.merge(link: branch_link(branch)) }
2016-06-02 11:05:42 +05:30
respond_to do |format|
format.json do
render json: {
html: view_to_html_string('projects/issues/_related_branches')
}
end
end
2014-09-02 18:07:02 +05:30
end
2016-06-02 11:05:42 +05:30
def can_create_branch
can_create = current_user &&
can?(current_user, :push_code, @project) &&
2018-10-15 14:42:47 +05:30
@issue.can_be_worked_on?
2015-09-11 14:41:01 +05:30
2016-06-02 11:05:42 +05:30
respond_to do |format|
format.json do
2018-10-15 14:42:47 +05:30
render json: { can_create_branch: can_create, suggested_branch_name: @issue.suggested_branch_name }
2016-06-02 11:05:42 +05:30
end
end
2015-04-26 12:48:37 +05:30
end
2017-08-17 22:00:37 +05:30
def create_merge_request
2018-03-17 18:26:18 +05:30
create_params = params.slice(:branch_name, :ref).merge(issue_iid: issue.iid)
2020-05-24 23:13:21 +05:30
create_params[:target_project_id] = params[:target_project_id]
2021-06-08 01:23:25 +05:30
result = ::MergeRequests::CreateFromIssueService.new(project: project, current_user: current_user, mr_params: create_params).execute
2017-08-17 22:00:37 +05:30
if result[:status] == :success
render json: MergeRequestCreateSerializer.new.represent(result[:merge_request])
else
2020-04-22 19:07:51 +05:30
render json: result[:message], status: :unprocessable_entity
2017-08-17 22:00:37 +05:30
end
end
2020-04-22 19:07:51 +05:30
def export_csv
2021-01-03 14:25:43 +05:30
IssuableExportCsvWorker.perform_async(:issue, current_user.id, project.id, finder_options.to_h) # rubocop:disable CodeReuse/Worker
2020-04-22 19:07:51 +05:30
index_path = project_issues_path(project)
2021-11-11 11:23:49 +05:30
message = _('Your CSV export has started. It will be emailed to %{email} when complete.') % { email: current_user.notification_email_or_default }
2020-05-24 23:13:21 +05:30
redirect_to(index_path, notice: message)
2020-04-22 19:07:51 +05:30
end
2019-02-15 15:39:39 +05:30
def import_csv
2022-08-27 11:52:29 +05:30
result = Issues::PrepareImportCsvService.new(project, current_user, file: params[:file]).execute
2019-02-15 15:39:39 +05:30
2022-08-27 11:52:29 +05:30
if result.success?
flash[:notice] = result.message
2019-02-15 15:39:39 +05:30
else
2022-08-27 11:52:29 +05:30
flash[:alert] = result.message
2019-02-15 15:39:39 +05:30
end
redirect_to project_issues_path(project)
end
2020-07-28 23:09:34 +05:30
def service_desk
2022-07-23 23:45:48 +05:30
@issues = @issuables
@users.push(User.support_bot)
2020-07-28 23:09:34 +05:30
end
2014-09-02 18:07:02 +05:30
protected
2022-07-23 23:45:48 +05:30
def index_html_request?
action_name.to_sym == :index && html_request?
2022-06-21 17:19:12 +05:30
end
2019-12-04 20:38:33 +05:30
def sorting_field
2019-03-02 22:35:43 +05:30
Issue::SORTING_PREFERENCE_FIELD
end
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2014-09-02 18:07:02 +05:30
def issue
2017-09-10 17:25:29 +05:30
return @issue if defined?(@issue)
2018-03-17 18:26:18 +05:30
2016-11-03 12:29:30 +05:30
# The Sortable default scope causes performance issues when used with find_by
2021-01-03 14:25:43 +05:30
@issuable = @noteable = @issue ||= @project.issues.inc_relations_for_view.iid_in(params[:id]).without_order.take!
2018-03-17 18:26:18 +05:30
@note = @project.notes.new(noteable: @issuable)
2017-09-10 17:25:29 +05:30
return render_404 unless can?(current_user, :read_issue, @issue)
@issue
2014-09-02 18:07:02 +05:30
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2020-11-24 15:15:51 +05:30
def log_issue_show
return unless current_user && @issue
::Gitlab::Search::RecentIssues.new(user: current_user).log_view(@issue)
end
2016-06-02 11:05:42 +05:30
alias_method :subscribable_resource, :issue
alias_method :issuable, :issue
alias_method :awardable, :issue
2016-09-13 17:45:13 +05:30
alias_method :spammable, :issue
2016-06-02 11:05:42 +05:30
2017-09-10 17:25:29 +05:30
def spammable_path
project_issue_path(@project, @issue)
2016-06-02 11:05:42 +05:30
end
2014-09-02 18:07:02 +05:30
2017-08-17 22:00:37 +05:30
def authorize_create_merge_request!
2018-10-15 14:42:47 +05:30
render_404 unless can?(current_user, :push_code, @project) && @issue.can_be_worked_on?
2017-08-17 22:00:37 +05:30
end
2018-03-17 18:26:18 +05:30
def render_issue_json
if @issue.valid?
render json: serializer.represent(@issue)
2016-09-13 17:45:13 +05:30
else
2018-03-17 18:26:18 +05:30
render json: { errors: @issue.errors.full_messages }, status: :unprocessable_entity
2016-09-13 17:45:13 +05:30
end
end
2017-09-10 17:25:29 +05:30
def issue_params
2022-03-02 08:16:31 +05:30
all_params = params.require(:issue).permit(
2020-01-01 13:55:28 +05:30
*issue_params_attributes,
sentry_issue_attributes: [:sentry_issue_identifier]
)
2022-03-02 08:16:31 +05:30
clean_params(all_params)
2014-09-02 18:07:02 +05:30
end
2017-09-10 17:25:29 +05:30
def issue_params_attributes
%i[
title
assignee_id
position
description
confidential
milestone_id
due_date
state_event
task_num
lock_version
2018-03-17 18:26:18 +05:30
discussion_locked
2020-10-24 23:57:45 +05:30
issue_type
2021-06-08 01:23:25 +05:30
] + [{ label_ids: [], assignee_ids: [], update_task: [:index, :checked, :line_number, :line_source] }]
2020-10-24 23:57:45 +05:30
end
2019-09-30 21:07:59 +05:30
def reorder_params
2022-04-04 11:22:00 +05:30
params.permit(:move_before_id, :move_after_id)
2019-09-30 21:07:59 +05:30
end
2018-11-29 20:51:05 +05:30
def store_uri
2021-01-03 14:25:43 +05:30
if request.get? && request.format.html?
2017-09-10 17:25:29 +05:30
store_location_for :user, request.fullpath
end
2017-08-17 22:00:37 +05:30
end
2018-03-17 18:26:18 +05:30
def serializer
IssueSerializer.new(current_user: current_user, project: issue.project)
end
def update_service
2021-09-30 23:02:18 +05:30
spam_params = ::Spam::SpamParams.new_from_request(request: request)
2023-04-23 21:23:45 +05:30
::Issues::UpdateService.new(container: project, current_user: current_user, params: issue_params, spam_params: spam_params)
2018-03-17 18:26:18 +05:30
end
2018-03-27 19:54:05 +05:30
def finder_type
IssuesFinder
2018-03-17 18:26:18 +05:30
end
2021-04-29 21:17:54 +05:30
def disable_query_limiting
2018-03-17 18:26:18 +05:30
# Also see the following issues:
#
2021-04-29 21:17:54 +05:30
# 1. https://gitlab.com/gitlab-org/gitlab/-/issues/20815
# 2. https://gitlab.com/gitlab-org/gitlab/-/issues/20816
# 3. https://gitlab.com/gitlab-org/gitlab/-/issues/21068
Gitlab::QueryLimiting.disable!('https://gitlab.com/gitlab-org/gitlab/-/issues/20814')
2018-03-17 18:26:18 +05:30
end
2020-04-22 19:07:51 +05:30
private
2023-07-09 08:55:56 +05:30
def work_item_redirect_except_actions
ISSUES_EXCEPT_ACTIONS
end
2022-11-25 23:54:43 +05:30
def render_by_create_result_error(result)
Gitlab::AppLogger.warn(
message: 'Cannot create issue',
errors: result.errors,
http_status: result.http_status
)
error_method_name = "render_#{result.http_status}".to_sym
if respond_to?(error_method_name, true)
send(error_method_name) # rubocop:disable GitlabSecurity/PublicSend
else
render_404
end
end
2022-03-02 08:16:31 +05:30
def clean_params(all_params)
issue_type = all_params[:issue_type].to_s
all_params.delete(:issue_type) unless WorkItems::Type.allowed_types_for_issues.include?(issue_type)
all_params
end
2020-07-28 23:09:34 +05:30
def finder_options
options = super
2020-11-24 15:15:51 +05:30
options[:issue_types] = Issue::TYPES_FOR_LIST
2020-07-28 23:09:34 +05:30
2020-11-24 15:15:51 +05:30
if service_desk?
options.reject! { |key| key == 'author_username' || key == 'author_id' }
options[:author_id] = User.support_bot
end
2020-07-28 23:09:34 +05:30
options
end
2020-05-24 23:13:21 +05:30
def branch_link(branch)
project_compare_path(project, from: project.default_branch, to: branch[:name])
end
2020-07-28 23:09:34 +05:30
def service_desk?
action_name == 'service_desk'
end
2021-02-22 17:27:13 +05:30
2022-05-07 20:08:51 +05:30
def add_related_issue
add_related_issue = project.issues.find_by_iid(params[:add_related_issue])
add_related_issue if Ability.allowed?(current_user, :read_issue, add_related_issue)
end
2021-02-22 17:27:13 +05:30
# Overridden in EE
2021-03-11 19:13:27 +05:30
def create_vulnerability_issue_feedback(issue); end
2022-07-23 23:45:48 +05:30
2023-03-04 22:38:38 +05:30
def redirect_if_work_item
2023-03-17 16:20:25 +05:30
return unless use_work_items_path?(issue)
2022-07-23 23:45:48 +05:30
2023-07-09 08:55:56 +05:30
redirect_to project_work_items_path(project, issue.iid, params: request.query_parameters)
2023-05-27 22:25:52 +05:30
end
def require_incident_for_incident_routes
return unless params[:incident_tab].present?
2023-07-09 08:55:56 +05:30
return if issue.work_item_type&.incident?
2023-05-27 22:25:52 +05:30
# Redirect instead of 404 to gracefully handle
# issue type changes
redirect_to project_issue_path(project, issue)
2022-07-23 23:45:48 +05:30
end
2014-09-02 18:07:02 +05:30
end
2019-12-04 20:38:33 +05:30
2021-06-08 01:23:25 +05:30
Projects::IssuesController.prepend_mod_with('Projects::IssuesController')