38 lines
926 B
Ruby
38 lines
926 B
Ruby
# frozen_string_literal: true
|
|
|
|
module Projects
|
|
module Releases
|
|
class EvidencesController < Projects::ApplicationController
|
|
before_action :require_non_empty_project
|
|
before_action :release
|
|
before_action :authorize_read_release_evidence!
|
|
|
|
def show
|
|
respond_to do |format|
|
|
format.json do
|
|
render json: evidence.summary
|
|
end
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def authorize_read_release_evidence!
|
|
access_denied! unless Feature.enabled?(:release_evidence, project, default_enabled: true)
|
|
access_denied! unless can?(current_user, :read_release_evidence, evidence)
|
|
end
|
|
|
|
def release
|
|
@release ||= project.releases.find_by_tag!(sanitized_tag_name)
|
|
end
|
|
|
|
def evidence
|
|
release.evidences.find(params[:id])
|
|
end
|
|
|
|
def sanitized_tag_name
|
|
CGI.unescape(params[:tag])
|
|
end
|
|
end
|
|
end
|
|
end
|