2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2016-06-02 11:05:42 +05:30
module IssuableActions
extend ActiveSupport :: Concern
2018-12-13 13:39:08 +05:30
include Gitlab :: Utils :: StrongMemoize
2016-06-02 11:05:42 +05:30
included do
before_action :authorize_destroy_issuable! , only : :destroy
2016-09-29 09:46:39 +05:30
before_action :authorize_admin_issuable! , only : :bulk_update
2016-06-02 11:05:42 +05:30
end
2018-11-08 19:23:39 +05:30
def permitted_keys
[
:issuable_ids ,
:assignee_id ,
:milestone_id ,
:state_event ,
:subscription_event ,
label_ids : [ ] ,
add_label_ids : [ ] ,
remove_label_ids : [ ]
]
end
2018-03-17 18:26:18 +05:30
def show
respond_to do | format |
2019-02-13 22:33:31 +05:30
format . html do
@issuable_sidebar = serializer . represent ( issuable , serializer : 'sidebar' ) # rubocop:disable Gitlab/ModuleWithInstanceVariables
end
2018-03-17 18:26:18 +05:30
format . json do
render json : serializer . represent ( issuable , serializer : params [ :serializer ] )
end
end
end
def update
@issuable = update_service . execute ( issuable ) # rubocop:disable Gitlab/ModuleWithInstanceVariables
respond_to do | format |
format . html do
recaptcha_check_if_spammable { render :edit }
end
format . json do
recaptcha_check_if_spammable ( false ) { render_entity_json }
end
end
rescue ActiveRecord :: StaleObjectError
render_conflict_response
end
def realtime_changes
Gitlab :: PollingInterval . set_header ( response , interval : 3_000 )
response = {
title : view_context . markdown_field ( issuable , :title ) ,
title_text : issuable . title ,
description : view_context . markdown_field ( issuable , :description ) ,
description_text : issuable . description ,
task_status : issuable . task_status
}
if issuable . edited?
response [ :updated_at ] = issuable . last_edited_at . to_time . iso8601
response [ :updated_by_name ] = issuable . last_edited_by . name
response [ :updated_by_path ] = user_path ( issuable . last_edited_by )
end
render json : response
end
2016-06-02 11:05:42 +05:30
def destroy
2018-03-17 18:26:18 +05:30
Issuable :: DestroyService . new ( issuable . project , current_user ) . execute ( issuable )
2016-06-02 11:05:42 +05:30
2017-08-17 22:00:37 +05:30
name = issuable . human_class_name
2016-06-02 11:05:42 +05:30
flash [ :notice ] = " The #{ name } was successfully deleted. "
2018-03-17 18:26:18 +05:30
index_path = polymorphic_path ( [ parent , issuable . class ] )
2017-09-10 17:25:29 +05:30
respond_to do | format |
format . html { redirect_to index_path }
format . json do
render json : {
web_url : index_path
}
end
end
2016-06-02 11:05:42 +05:30
end
2016-09-29 09:46:39 +05:30
def bulk_update
result = Issuable :: BulkUpdateService . new ( project , current_user , bulk_update_params ) . execute ( resource_name )
quantity = result [ :count ]
render json : { notice : " #{ quantity } #{ resource_name . pluralize ( quantity ) } updated " }
end
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2018-03-27 19:54:05 +05:30
def discussions
2018-11-08 19:23:39 +05:30
notes = issuable . discussion_notes
2018-03-27 19:54:05 +05:30
. inc_relations_for_view
2018-12-13 13:39:08 +05:30
. with_notes_filter ( notes_filter )
2018-03-27 19:54:05 +05:30
. includes ( :noteable )
. fresh
2018-12-13 13:39:08 +05:30
if notes_filter != UserPreference :: NOTES_FILTERS [ :only_comments ]
notes = ResourceEvents :: MergeIntoNotesService . new ( issuable , current_user ) . execute ( notes )
end
2018-03-27 19:54:05 +05:30
notes = prepare_notes_for_rendering ( notes )
notes = notes . reject { | n | n . cross_reference_not_visible_for? ( current_user ) }
discussions = Discussion . build_collection ( notes , issuable )
2018-05-09 12:01:36 +05:30
render json : discussion_serializer . represent ( discussions , context : self )
2018-03-27 19:54:05 +05:30
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2018-03-27 19:54:05 +05:30
2016-06-02 11:05:42 +05:30
private
2018-12-13 13:39:08 +05:30
def notes_filter
strong_memoize ( :notes_filter ) do
notes_filter_param = params [ :notes_filter ] & . to_i
# GitLab Geo does not expect database UPDATE or INSERT statements to happen
# on GET requests.
# This is just a fail-safe in case notes_filter is sent via GET request in GitLab Geo.
if Gitlab :: Database . read_only?
notes_filter_param || current_user & . notes_filter_for ( issuable )
else
notes_filter = current_user & . set_notes_filter ( notes_filter_param , issuable ) || notes_filter_param
# We need to invalidate the cache for polling notes otherwise it will
# ignore the filter.
# The ideal would be to invalidate the cache for each user.
issuable . expire_note_etag_cache if notes_filter_updated?
notes_filter
end
end
end
def notes_filter_updated?
current_user & . user_preference & . previous_changes & . any?
end
2018-05-09 12:01:36 +05:30
def discussion_serializer
DiscussionSerializer . new ( project : project , noteable : issuable , current_user : current_user , note_entity : ProjectNoteEntity )
end
2018-03-17 18:26:18 +05:30
def recaptcha_check_if_spammable ( should_redirect = true , & block )
return yield unless issuable . is_a? Spammable
recaptcha_check_with_fallback ( should_redirect , & block )
end
2017-08-17 22:00:37 +05:30
def render_conflict_response
respond_to do | format |
format . html do
2018-03-17 18:26:18 +05:30
@conflict = true # rubocop:disable Gitlab/ModuleWithInstanceVariables
2017-08-17 22:00:37 +05:30
render :edit
end
format . json do
render json : {
errors : [
" Someone edited this #{ issuable . human_class_name } at the same time you did. Please refresh your browser and make sure your changes will not unintentionally remove theirs. "
]
2018-11-18 11:00:15 +05:30
} , status : :conflict
2017-08-17 22:00:37 +05:30
end
end
end
2016-06-02 11:05:42 +05:30
def authorize_destroy_issuable!
2016-09-29 09:46:39 +05:30
unless can? ( current_user , :" destroy_ #{ issuable . to_ability_name } " , issuable )
2016-06-02 11:05:42 +05:30
return access_denied!
end
end
2016-09-29 09:46:39 +05:30
def authorize_admin_issuable!
2018-03-17 18:26:18 +05:30
unless can? ( current_user , :" admin_ #{ resource_name } " , @project ) # rubocop:disable Gitlab/ModuleWithInstanceVariables
2016-09-29 09:46:39 +05:30
return access_denied!
end
end
2018-03-17 18:26:18 +05:30
def authorize_update_issuable!
render_404 unless can? ( current_user , :" update_ #{ resource_name } " , issuable )
end
2016-09-29 09:46:39 +05:30
def bulk_update_params
2018-11-08 19:23:39 +05:30
permitted_keys_array = permitted_keys . dup
2017-08-17 22:00:37 +05:30
if resource_name == 'issue'
2018-11-08 19:23:39 +05:30
permitted_keys_array << { assignee_ids : [ ] }
2017-08-17 22:00:37 +05:30
else
2018-11-08 19:23:39 +05:30
permitted_keys_array . unshift ( :assignee_id )
2017-08-17 22:00:37 +05:30
end
2018-11-08 19:23:39 +05:30
params . require ( :update ) . permit ( permitted_keys_array )
2016-09-29 09:46:39 +05:30
end
def resource_name
@resource_name || = controller_name . singularize
end
2018-03-17 18:26:18 +05:30
# rubocop:disable Gitlab/ModuleWithInstanceVariables
def render_entity_json
if @issuable . valid?
render json : serializer . represent ( @issuable )
else
render json : { errors : @issuable . errors . full_messages } , status : :unprocessable_entity
end
end
# rubocop:enable Gitlab/ModuleWithInstanceVariables
def serializer
raise NotImplementedError
end
def update_service
raise NotImplementedError
end
def parent
@project || @group # rubocop:disable Gitlab/ModuleWithInstanceVariables
end
2016-06-02 11:05:42 +05:30
end