Software
/
rosa-build
mirror of https://github.com/OpenMandrivaSoftware/rosa-build.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

#472: Updated the Projects::IssuesController and Api::V1::IssuesController

This commit is contained in:
Vokhmin Alexey V 2015-04-29 02:26:03 +03:00
parent b6bf8450f0
commit 0a6c487995
7 changed files with 29 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/api/v1/base_controller.rb
View File

@ -85,7 +85,7 @@ class Api::V1::BaseController < ApplicationController
def update_subject(subject) def update_subject(subject)
authorize subject, :update? authorize subject, :update?
class_name = subject.class.name class_name = subject.class.name
if subject.update_attributes(subject_params(subject.class)) if subject.update_attributes(subject_params(subject.class, subject))
render_json_response subject, "#{class_name} has been updated successfully" render_json_response subject, "#{class_name} has been updated successfully"
else else
render_validation_error subject, "#{class_name} has not been updated" render_validation_error subject, "#{class_name} has not been updated"

12
app/controllers/api/v1/issues_controller.rb
View File

@ -44,20 +44,14 @@ class Api::V1::IssuesController < Api::V1::BaseController
end end
def create def create
@issue = @project.issues.new(params[:issue]) @issue = @project.issues.new
@issue.assign_attributes subject_params(Issue, @issue)
@issue.user = current_user @issue.user = current_user
@issue.assignee = nil unless policy(@project).write?
create_subject @issue create_subject @issue
end end
def update def update
unless policy(@project).write? @issue.labelings.destroy_all if params[:update_labels] && policy(@project).write?
params.delete :update_labels
[:assignee_id, :labelings, :labelings_attributes].each do |k|
params[:issue].delete k
end if params[:issue]
end
@issue.labelings.destroy_all if params[:update_labels]
if params[:issue] && status = params[:issue].delete(:status) if params[:issue] && status = params[:issue].delete(:status)
@issue.set_close(current_user) if status == 'closed' @issue.set_close(current_user) if status == 'closed'
@issue.set_open if status == 'open' @issue.set_open if status == 'open'

4
app/controllers/concerns/strong_params.rb
View File

@ -10,7 +10,7 @@ module StrongParams
end end
def subject_params(subject_class) def subject_params(subject_class, subject = nil)
permit_params(subject_class.name.underscore.to_sym, *policy(subject_class).permitted_attributes) permit_params(subject_class.name.underscore.to_sym, *policy(subject || subject_class).permitted_attributes)
end end
end end

22
app/controllers/projects/issues_controller.rb
View File

@ -79,13 +79,10 @@ class Projects::IssuesController < Projects::BaseController
end end
def create def create
@issue = @project.issues.build(params[:issue]) @issue = @project.issues.new
@issue.user_id = current_user.id @issue.assign_attributes(issue_params)
@issue.user = current_user
unless policy(@project).write?
@issue.assignee_id = nil
@issue.labelings = []
end
authorize @issue authorize @issue
if @issue.save if @issue.save
@issue.subscribe_creator(current_user.id) @issue.subscribe_creator(current_user.id)
@ -108,19 +105,12 @@ class Projects::IssuesController < Projects::BaseController
format.json { format.json {
status = 200 status = 200
unless policy(@project).write?
params.delete :update_labels
[:assignee_id, :labelings, :labelings_attributes].each do |k|
params[:issue].delete k
end if params[:issue]
end
if params[:issue] && status = params[:issue][:status] if params[:issue] && status = params[:issue][:status]
@issue.set_close(current_user) if status == 'closed' @issue.set_close(current_user) if status == 'closed'
@issue.set_open if status == 'open' @issue.set_open if status == 'open'
status = @issue.save ? 200 : 500 status = @issue.save ? 200 : 500
else else
status = 422 unless @issue.update_attributes(params[:issue]) status = 422 unless @issue.update_attributes(issue_params)
end end
render status: status render status: status
} }
@ -169,6 +159,10 @@ class Projects::IssuesController < Projects::BaseController
private private
def issue_params
subject_params(Issue, @issue)
end
# Private: before_action hook which loads Issue. # Private: before_action hook which loads Issue.
def load_issue def load_issue
authorize @issue = @project.issues.find_by!(serial_id: params[:id]) authorize @issue = @project.issues.find_by!(serial_id: params[:id])

2
app/models/issue.rb
View File

@ -49,7 +49,7 @@ class Issue < ActiveRecord::Base
# attr_accessible :labelings_attributes, :title, :body, :assignee_id # attr_accessible :labelings_attributes, :title, :body, :assignee_id
accepts_nested_attributes_for :labelings, accepts_nested_attributes_for :labelings,
reject_if: lambda {|attributes| attributes['label_id'].blank?}, reject_if: -> (attributes) { attributes['label_id'].blank? },
allow_destroy: true allow_destroy: true
scope :opened, -> { where(status: [STATUS_OPEN, STATUS_REOPEN]) } scope :opened, -> { where(status: [STATUS_OPEN, STATUS_REOPEN]) }

13
app/policies/issue_policy.rb
View File

@ -18,4 +18,17 @@ class IssuePolicy < ApplicationPolicy
is_admin? || record.user_id == user.id || local_admin?(record.project) is_admin? || record.user_id == user.id || local_admin?(record.project)
end end
# Public: Get list of parameters that the user is allowed to alter.
#
# Returns Array
def permitted_attributes
pa = %i(title body)
if ProjectPolicy.new(user, record.project).write?
pa << :assignee_id
pa << { labelings_attributes: %i(name color label_id) }
pa << { labelings: [] }
end
pa
end
end end

2
spec/controllers/projects/issues_controller_spec.rb
View File

@ -21,7 +21,7 @@ shared_context "issues controller" do
issue: { issue: {
title: "issue1", title: "issue1",
body: "issue body", body: "issue body",
labelings_attributes: { @label.id => { label_id: @label.id }}, labelings_attributes: { @label.id.to_s => { label_id: @label.id }},
assignee_id: @issue_user.id assignee_id: @issue_user.id
} }
} }