39 lines
926 B
Ruby
39 lines
926 B
Ruby
|
# frozen_string_literal: true
|
||
|
|
||
|
module Projects
|
||
|
module Releases
|
||
|
class EvidencesController < Projects::ApplicationController
|
||
|
before_action :require_non_empty_project
|
||
|
before_action :release
|
||
|
before_action :authorize_read_release_evidence!
|
||
|
|
||
|
def show
|
||
|
respond_to do |format|
|
||
|
format.json do
|
||
|
render json: evidence.summary
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def authorize_read_release_evidence!
|
||
|
access_denied! unless Feature.enabled?(:release_evidence, project, default_enabled: true)
|
||
|
access_denied! unless can?(current_user, :read_release_evidence, evidence)
|
||
|
end
|
||
|
|
||
|
def release
|
||
|
@release ||= project.releases.find_by_tag!(sanitized_tag_name)
|
||
|
end
|
||
|
|
||
|
def evidence
|
||
|
release.evidences.find(params[:id])
|
||
|
end
|
||
|
|
||
|
def sanitized_tag_name
|
||
|
CGI.unescape(params[:tag])
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|