Merge branch 'master' into feed_improvements

This commit is contained in:
Alexander Machehin 2015-04-30 14:46:20 +05:00
commit 86b929328b
340 changed files with 6543 additions and 3566 deletions

View File

@ -1,6 +1,6 @@
language: ruby language: ruby
rvm: rvm:
- 2.2.0 - 2.2.2
bundler_args: --without development bundler_args: --without development
env: env:
- SPEC_GROUP=controllers - SPEC_GROUP=controllers

90
Gemfile
View File

@ -1,43 +1,42 @@
source 'https://rubygems.org' source 'https://rubygems.org'
gem 'rails', '4.0.13' gem 'rails', '4.1.10'
gem 'activeadmin', github: 'activeadmin' gem 'activeadmin', github: 'activeadmin'
gem 'pg', '~> 0.17.1' gem 'pg'
gem 'schema_plus', '~> 1.5' gem 'schema_plus', '~> 1.5'
######## ########
gem 'protected_attributes' gem 'protected_attributes'
######## ########
gem 'devise', '~> 3.3' gem 'devise'
gem 'omniauth' gem 'omniauth'
gem 'omniauth-facebook' gem 'omniauth-facebook'
gem 'omniauth-google-oauth2' gem 'omniauth-google-oauth2'
gem 'omniauth-github' gem 'omniauth-github'
# gem 'omniauth-openid', '~> 1.0.1' # gem 'omniauth-openid', '~> 1.0.1'
# gem 'cancan', '1.6.10' gem 'pundit'
gem 'cancan', git: 'git://github.com/rosa-abf/cancan.git', tag: '1.6.10-abf'
gem 'ancestry', '~> 2.1' gem 'ancestry'
gem 'paperclip', '~> 4.2' gem 'paperclip'
gem 'resque', '~> 1.25' gem 'resque'
gem 'resque-status', '~> 0.4' gem 'resque-status'
gem 'resque_mailer', '~> 2.2' gem 'resque_mailer'
gem 'resque-scheduler', '~> 2.5.4' gem 'resque-scheduler', '~> 2.5.4'
gem 'perform_later', git: 'git://github.com/KensoDev/perform_later.git' # should be after resque_mailer gem 'perform_later', git: 'git://github.com/KensoDev/perform_later.git' # should be after resque_mailer
gem 'russian', '~> 0.6.0' gem 'russian'
gem 'highline', '~> 1.6.20' gem 'highline', '~> 1.6.20'
gem 'state_machine', '~> 1.2' gem 'state_machines-activerecord'
gem 'redis-rails', '~> 4.0' gem 'redis-rails'
gem 'grack', git: 'git://github.com/rosa-abf/grack.git', require: 'git_http' gem 'grack', git: 'git://github.com/rosa-abf/grack.git', require: 'git_http'
gem 'grit', git: 'git://github.com/rosa-abf/grit.git', tag: '2.6.16' gem 'grit', git: 'git://github.com/rosa-abf/grit.git', tag: '2.6.17'
gem 'charlock_holmes', '~> 0.7' gem 'charlock_holmes'
gem 'github-linguist', '3.1.5', require: 'linguist' gem 'github-linguist', '3.1.5', require: 'linguist'
gem 'diff-display', '~> 0.0.1' gem 'diff-display'
# Wiki # Wiki
gem "gollum-lib", '~> 3.0' gem 'gollum-lib', '~> 3.0'
gem "redcarpet", '~> 3.1' gem 'redcarpet', '~> 3.2'
gem 'creole' gem 'creole'
gem 'rdiscount' gem 'rdiscount'
# gem 'org-ruby' # gem 'org-ruby'
@ -45,37 +44,37 @@ gem 'RedCloth'
gem 'wikicloth' gem 'wikicloth'
gem 'newrelic_rpm' gem 'newrelic_rpm'
gem 'whenever', '~> 0.9.0', require: false gem 'whenever', require: false
gem 'jbuilder', '~> 2.2' gem 'jbuilder'
gem 'rails3-jquery-autocomplete' gem 'rails3-jquery-autocomplete'
gem 'sprockets', '2.11.0' gem 'sprockets'
gem 'will_paginate', '~> 3.0' gem 'will_paginate'
gem 'meta-tags', '~> 2.0', require: 'meta_tags' gem 'meta-tags', require: 'meta_tags'
gem "haml-rails", '~> 0.5' gem 'haml-rails'
gem 'jquery-rails', '~> 2.3' gem 'jquery-rails'
gem 'jquery-migrate-rails' gem 'jquery-migrate-rails'
gem 'ruby-haml-js', '~> 0.0.5' gem 'ruby-haml-js'
gem 'slim' gem 'slim'
gem 'simple_form', '3.1.0.rc2' gem 'simple_form', '3.1.0.rc2'
gem 'friendly_id', '~> 5.0' gem 'friendly_id'
gem 'rack-throttle', '~> 0.3.0' gem 'rack-throttle', '~> 0.3.0'
gem 'rest-client', '~> 1.7' gem 'rest-client'
gem 'ohm', '~> 1.3.2' # Ohm 2 breaks the compatibility with previous versions. gem 'ohm', '~> 1.3.2' # Ohm 2 breaks the compatibility with previous versions.
gem 'ohm-expire', '~> 0.1.3' gem 'ohm-expire', '~> 0.1.3'
gem 'ffi', '~> 1.9.3' gem 'ffi'
gem 'attr_encrypted', '~> 1.3' gem 'attr_encrypted'
gem "gemoji", "~> 2.1" gem 'gemoji'
# AngularJS related stuff # AngularJS related stuff
gem 'underscore-rails' gem 'underscore-rails'
gem 'angularjs-rails', '~> 1.2.15' gem 'angularjs-rails'
gem 'ng-rails-csrf' gem 'ng-rails-csrf'
gem 'momentjs-rails' gem 'momentjs-rails'
gem 'angular-i18n', '0.1.2' gem 'angular-i18n'
gem 'js-routes' gem 'js-routes'
gem 'soundmanager-rails' gem 'soundmanager-rails'
gem 'angular-ui-bootstrap-rails' gem 'angular-ui-bootstrap-rails'
@ -84,23 +83,28 @@ gem 'ngmin-rails'
gem 'time_diff' gem 'time_diff'
gem 'sass-rails', '~> 4.0' gem 'sass-rails'
gem 'coffee-rails', '~> 4.1' gem 'coffee-rails'
gem 'bootstrap-sass', '~> 3.3' gem 'bootstrap-sass'
gem 'font-awesome-rails', '~> 4.2' gem 'font-awesome-rails'
gem 'zeroclipboard-rails', '~> 0.1.0' gem 'zeroclipboard-rails'
gem 'compass-rails', '~> 2.0' gem 'compass-rails'
gem 'uglifier', '~> 2.5' gem 'uglifier'
gem 'therubyracer', '~> 0.12.1', platforms: [:mri, :rbx] gem 'therubyracer', platforms: [:mri, :rbx]
gem 'therubyrhino', '~> 2.0', platforms: :jruby gem 'therubyrhino', platforms: :jruby
gem 'sitemap_generator' gem 'sitemap_generator'
gem 'codemirror-rails', '~> 4.5' gem 'codemirror-rails', '~> 4.5'
source 'https://rails-assets.org' do
gem 'rails-assets-notifyjs'
end
gem 'rack-utf8_sanitizer'
group :production do group :production do
gem "airbrake", '~> 3.1' gem 'airbrake'
#gem 'bluepill', '~> 0.0.60', require: false #gem 'bluepill', '~> 0.0.60', require: false
gem 'puma' gem 'puma'
end end

View File

@ -10,7 +10,7 @@ GIT
GIT GIT
remote: git://github.com/activeadmin/activeadmin.git remote: git://github.com/activeadmin/activeadmin.git
revision: ed1fbca8c64af827616c58f274d7be256ca513b6 revision: e27ccba8a7ea1f7f3085748decec1f6911f6d5d2
specs: specs:
activeadmin (1.0.0.pre) activeadmin (1.0.0.pre)
arbre (~> 1.0, >= 1.0.2) arbre (~> 1.0, >= 1.0.2)
@ -26,13 +26,6 @@ GIT
ransack (~> 1.3) ransack (~> 1.3)
sass-rails sass-rails
GIT
remote: git://github.com/rosa-abf/cancan.git
revision: fe1089b70c08d3ed11bac4f8e69ecb3d1d9adc29
tag: 1.6.10-abf
specs:
cancan (1.6.10)
GIT GIT
remote: git://github.com/rosa-abf/grack.git remote: git://github.com/rosa-abf/grack.git
revision: 020be3fef3fb308b9d214252522aa5945bf6584a revision: 020be3fef3fb308b9d214252522aa5945bf6584a
@ -41,8 +34,8 @@ GIT
GIT GIT
remote: git://github.com/rosa-abf/grit.git remote: git://github.com/rosa-abf/grit.git
revision: a9548c92188cc307e7af1dd41a733e7000a783a9 revision: b733f0ceefb44b18a9dec8f509ba5493dab59e4e
tag: 2.6.16 tag: 2.6.17
specs: specs:
grit (2.5.0) grit (2.5.0)
diff-lcs (~> 1.1) diff-lcs (~> 1.1)
@ -51,34 +44,37 @@ GIT
GEM GEM
remote: https://rubygems.org/ remote: https://rubygems.org/
remote: https://rails-assets.org/
specs: specs:
RedCloth (4.2.9) RedCloth (4.2.9)
actionmailer (4.0.13) actionmailer (4.1.10)
actionpack (= 4.0.13) actionpack (= 4.1.10)
actionview (= 4.1.10)
mail (~> 2.5, >= 2.5.4) mail (~> 2.5, >= 2.5.4)
actionpack (4.0.13) actionpack (4.1.10)
activesupport (= 4.0.13) actionview (= 4.1.10)
builder (~> 3.1.0) activesupport (= 4.1.10)
erubis (~> 2.7.0)
rack (~> 1.5.2) rack (~> 1.5.2)
rack-test (~> 0.6.2) rack-test (~> 0.6.2)
activemodel (4.0.13) actionview (4.1.10)
activesupport (= 4.0.13) activesupport (= 4.1.10)
builder (~> 3.1.0) builder (~> 3.1)
activerecord (4.0.13) erubis (~> 2.7.0)
activemodel (= 4.0.13) activemodel (4.1.10)
activerecord-deprecated_finders (~> 1.0.2) activesupport (= 4.1.10)
activesupport (= 4.0.13) builder (~> 3.1)
arel (~> 4.0.0) activerecord (4.1.10)
activerecord-deprecated_finders (1.0.3) activemodel (= 4.1.10)
activesupport (4.0.13) activesupport (= 4.1.10)
arel (~> 5.0.0)
activesupport (4.1.10)
i18n (~> 0.6, >= 0.6.9) i18n (~> 0.6, >= 0.6.9)
minitest (~> 4.2) json (~> 1.7, >= 1.7.7)
multi_json (~> 1.3) minitest (~> 5.1)
thread_safe (~> 0.1) thread_safe (~> 0.1)
tzinfo (~> 0.3.37) tzinfo (~> 1.1)
addressable (2.3.7) addressable (2.3.7)
airbrake (3.2.1) airbrake (4.1.0)
builder builder
multi_json multi_json
ancestry (2.1.0) ancestry (2.1.0)
@ -89,13 +85,13 @@ GEM
sprockets sprockets
tilt tilt
angular-ui-bootstrap-rails (0.12.0) angular-ui-bootstrap-rails (0.12.0)
angularjs-rails (1.2.26) angularjs-rails (1.3.14)
arbre (1.0.3) arbre (1.0.3)
activesupport (>= 3.0.0) activesupport (>= 3.0.0)
arel (4.0.2) arel (5.0.1.20140414130214)
attr_encrypted (1.3.3) attr_encrypted (1.3.3)
encryptor (>= 1.3.0) encryptor (>= 1.3.0)
autoprefixer-rails (5.1.5) autoprefixer-rails (5.1.7)
execjs execjs
json json
bcrypt (3.1.10) bcrypt (3.1.10)
@ -108,10 +104,10 @@ GEM
bootstrap-sass (3.3.3) bootstrap-sass (3.3.3)
autoprefixer-rails (>= 5.0.0.1) autoprefixer-rails (>= 5.0.0.1)
sass (>= 3.2.19) sass (>= 3.2.19)
bourbon (4.2.0) bourbon (4.2.1)
sass (~> 3.4) sass (~> 3.4)
thor thor
builder (3.1.4) builder (3.2.2)
callsite (0.0.11) callsite (0.0.11)
cape (1.8.0) cape (1.8.0)
capistrano (2.15.5) capistrano (2.15.5)
@ -126,9 +122,9 @@ GEM
chunky_png (1.3.4) chunky_png (1.3.4)
climate_control (0.0.3) climate_control (0.0.3)
activesupport (>= 3.0) activesupport (>= 3.0)
cocaine (0.5.5) cocaine (0.5.7)
climate_control (>= 0.0.3, < 1.0) climate_control (>= 0.0.3, < 1.0)
codemirror-rails (4.8) codemirror-rails (4.13)
railties (>= 3.0, < 5) railties (>= 3.0, < 5)
coderay (1.1.0) coderay (1.1.0)
coffee-rails (4.1.0) coffee-rails (4.1.0)
@ -168,6 +164,8 @@ GEM
warden (~> 1.2.3) warden (~> 1.2.3)
diff-display (0.0.1) diff-display (0.0.1)
diff-lcs (1.2.5) diff-lcs (1.2.5)
domain_name (0.5.24)
unf (>= 0.0.5, < 1.0.0)
encryptor (1.3.0) encryptor (1.3.0)
erubis (2.7.0) erubis (2.7.0)
escape_utils (1.0.1) escape_utils (1.0.1)
@ -203,7 +201,7 @@ GEM
diff-lcs (~> 1.1) diff-lcs (~> 1.1)
mime-types (~> 1.15) mime-types (~> 1.15)
posix-spawn (~> 0.3) posix-spawn (~> 0.3)
gli (2.12.2) gli (2.13.0)
gollum-lib (3.0.0) gollum-lib (3.0.0)
github-markup (~> 1.1.0) github-markup (~> 1.1.0)
gitlab-grit (~> 2.6.5) gitlab-grit (~> 2.6.5)
@ -231,17 +229,19 @@ GEM
haml (~> 4.0.0) haml (~> 4.0.0)
nokogiri (~> 1.6.0) nokogiri (~> 1.6.0)
ruby_parser (~> 3.5) ruby_parser (~> 3.5)
http-cookie (1.0.2)
domain_name (~> 0.5)
i18n (0.7.0) i18n (0.7.0)
inherited_resources (1.6.0) inherited_resources (1.6.0)
actionpack (>= 3.2, < 5) actionpack (>= 3.2, < 5)
has_scope (~> 0.6.0.rc) has_scope (~> 0.6.0.rc)
railties (>= 3.2, < 5) railties (>= 3.2, < 5)
responders responders
jbuilder (2.2.7) jbuilder (2.2.9)
activesupport (>= 3.0.0, < 5) activesupport (>= 3.0.0, < 5)
multi_json (~> 1.2) multi_json (~> 1.2)
jquery-migrate-rails (1.2.1) jquery-migrate-rails (1.2.1)
jquery-rails (2.3.0) jquery-rails (3.1.2)
railties (>= 3.0, < 5.0) railties (>= 3.0, < 5.0)
thor (>= 0.14, < 2.0) thor (>= 0.14, < 2.0)
jquery-ui-rails (5.0.3) jquery-ui-rails (5.0.3)
@ -250,7 +250,7 @@ GEM
railties (>= 3.2) railties (>= 3.2)
sprockets-rails sprockets-rails
json (1.8.2) json (1.8.2)
jwt (1.2.1) jwt (1.3.0)
kaminari (0.16.3) kaminari (0.16.3)
actionpack (>= 3.0.0) actionpack (>= 3.0.0)
activesupport (>= 3.0.0) activesupport (>= 3.0.0)
@ -280,12 +280,12 @@ GEM
railties (>= 3.0.0, < 5.0.0) railties (>= 3.0.0, < 5.0.0)
mime-types (1.25.1) mime-types (1.25.1)
mini_portile (0.6.2) mini_portile (0.6.2)
minitest (4.7.5) minitest (5.6.0)
mock_redis (0.14.0) mock_redis (0.14.0)
momentjs-rails (2.9.0) momentjs-rails (2.9.0)
railties (>= 3.1) railties (>= 3.1)
mono_logger (1.1.0) mono_logger (1.1.0)
multi_json (1.10.1) multi_json (1.11.0)
multi_xml (0.5.5) multi_xml (0.5.5)
multipart-post (2.0.0) multipart-post (2.0.0)
nest (1.1.2) nest (1.1.2)
@ -297,7 +297,7 @@ GEM
net-ssh (2.9.2) net-ssh (2.9.2)
net-ssh-gateway (1.2.0) net-ssh-gateway (1.2.0)
net-ssh (>= 2.6.5) net-ssh (>= 2.6.5)
netrc (0.10.2) netrc (0.10.3)
newrelic_rpm (3.10.0.279) newrelic_rpm (3.10.0.279)
ng-rails-csrf (0.1.0) ng-rails-csrf (0.1.0)
ngmin-rails (0.4.0) ngmin-rails (0.4.0)
@ -319,7 +319,7 @@ GEM
omniauth (1.2.2) omniauth (1.2.2)
hashie (>= 1.2, < 4) hashie (>= 1.2, < 4)
rack (~> 1.0) rack (~> 1.0)
omniauth-facebook (2.0.0) omniauth-facebook (2.0.1)
omniauth-oauth2 (~> 1.2) omniauth-oauth2 (~> 1.2)
omniauth-github (1.1.2) omniauth-github (1.1.2)
omniauth (~> 1.0) omniauth (~> 1.0)
@ -338,14 +338,16 @@ GEM
activesupport (>= 3.0.0) activesupport (>= 3.0.0)
cocaine (~> 0.5.3) cocaine (~> 0.5.3)
mime-types mime-types
pg (0.17.1) pg (0.18.1)
polyamorous (1.1.0) polyamorous (1.1.0)
activerecord (>= 3.0) activerecord (>= 3.0)
posix-spawn (0.3.10) posix-spawn (0.3.10)
protected_attributes (1.0.8) protected_attributes (1.0.9)
activemodel (>= 4.0.1, < 5.0) activemodel (>= 4.0.1, < 5.0)
puma (2.11.1) puma (2.11.1)
rack (>= 1.1, < 2.0) rack (>= 1.1, < 2.0)
pundit (0.3.0)
activesupport (>= 3.0.0)
pygments.rb (0.6.2) pygments.rb (0.6.2)
posix-spawn (~> 0.3.6) posix-spawn (~> 0.3.6)
yajl-ruby (~> 1.2.0) yajl-ruby (~> 1.2.0)
@ -358,21 +360,26 @@ GEM
rack (>= 1.0) rack (>= 1.0)
rack-throttle (0.3.0) rack-throttle (0.3.0)
rack (>= 1.0.0) rack (>= 1.0.0)
rails (4.0.13) rack-utf8_sanitizer (1.3.0)
actionmailer (= 4.0.13) rack (~> 1.0)
actionpack (= 4.0.13) rails (4.1.10)
activerecord (= 4.0.13) actionmailer (= 4.1.10)
activesupport (= 4.0.13) actionpack (= 4.1.10)
actionview (= 4.1.10)
activemodel (= 4.1.10)
activerecord (= 4.1.10)
activesupport (= 4.1.10)
bundler (>= 1.3.0, < 2.0) bundler (>= 1.3.0, < 2.0)
railties (= 4.0.13) railties (= 4.1.10)
sprockets-rails (~> 2.0) sprockets-rails (~> 2.0)
rails-assets-notifyjs (0.3.2)
rails3-generators (1.0.0) rails3-generators (1.0.0)
railties (>= 3.0.0) railties (>= 3.0.0)
rails3-jquery-autocomplete (1.0.15) rails3-jquery-autocomplete (1.0.15)
rails (>= 3.2) rails (>= 3.2)
railties (4.0.13) railties (4.1.10)
actionpack (= 4.0.13) actionpack (= 4.1.10)
activesupport (= 4.0.13) activesupport (= 4.1.10)
rake (>= 0.8.7) rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0) thor (>= 0.18.1, < 2.0)
rake (10.4.2) rake (10.4.2)
@ -386,7 +393,7 @@ GEM
rb-inotify (0.9.5) rb-inotify (0.9.5)
ffi (>= 0.5.0) ffi (>= 0.5.0)
rdiscount (2.1.8) rdiscount (2.1.8)
redcarpet (3.2.2) redcarpet (3.2.3)
redis (3.0.7) redis (3.0.7)
redis-actionpack (4.0.0) redis-actionpack (4.0.0)
actionpack (~> 4) actionpack (~> 4)
@ -424,28 +431,29 @@ GEM
resque (~> 1.19) resque (~> 1.19)
resque_mailer (2.2.7) resque_mailer (2.2.7)
actionmailer (>= 3.0) actionmailer (>= 3.0)
rest-client (1.7.2) rest-client (1.8.0)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 3.0) mime-types (>= 1.16, < 3.0)
netrc (~> 0.7) netrc (~> 0.7)
rouge (1.3.4) rouge (1.3.4)
rr (1.1.2) rr (1.1.2)
rspec-core (3.2.0) rspec-core (3.2.1)
rspec-support (~> 3.2.0) rspec-support (~> 3.2.0)
rspec-expectations (3.2.0) rspec-expectations (3.2.0)
diff-lcs (>= 1.2.0, < 2.0) diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.2.0) rspec-support (~> 3.2.0)
rspec-mocks (3.2.0) rspec-mocks (3.2.1)
diff-lcs (>= 1.2.0, < 2.0) diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.2.0) rspec-support (~> 3.2.0)
rspec-rails (3.2.0) rspec-rails (3.2.1)
actionpack (>= 3.0, <= 4.2) actionpack (>= 3.0, < 4.3)
activesupport (>= 3.0, <= 4.2) activesupport (>= 3.0, < 4.3)
railties (>= 3.0, <= 4.2) railties (>= 3.0, < 4.3)
rspec-core (~> 3.2.0) rspec-core (~> 3.2.0)
rspec-expectations (~> 3.2.0) rspec-expectations (~> 3.2.0)
rspec-mocks (~> 3.2.0) rspec-mocks (~> 3.2.0)
rspec-support (~> 3.2.0) rspec-support (~> 3.2.0)
rspec-support (3.2.1) rspec-support (3.2.2)
ruby-haml-js (0.0.5) ruby-haml-js (0.0.5)
execjs execjs
sprockets (>= 2.0.0) sprockets (>= 2.0.0)
@ -461,17 +469,19 @@ GEM
safe_yaml (1.0.4) safe_yaml (1.0.4)
sanitize (2.1.0) sanitize (2.1.0)
nokogiri (>= 1.4.4) nokogiri (>= 1.4.4)
sass (3.4.12) sass (3.4.13)
sass-rails (4.0.1) sass-rails (5.0.1)
railties (>= 4.0.0, < 5.0) railties (>= 4.0.0, < 5.0)
sass (>= 3.1.10) sass (~> 3.1)
sprockets-rails (~> 2.0.0) sprockets (>= 2.8, < 4.0)
sprockets-rails (>= 2.0, < 4.0)
tilt (~> 1.1)
schema_plus (1.8.7) schema_plus (1.8.7)
activerecord (>= 3.2, < 4.3) activerecord (>= 3.2, < 4.3)
valuable valuable
scrivener (0.0.3) scrivener (0.0.3)
sexp_processor (4.4.5) sexp_processor (4.4.5)
shotgun (0.9) shotgun (0.9.1)
rack (>= 1.0) rack (>= 1.0)
shoulda (3.5.0) shoulda (3.5.0)
shoulda-context (~> 1.0, >= 1.0.1) shoulda-context (~> 1.0, >= 1.0.1)
@ -497,20 +507,26 @@ GEM
temple (~> 0.7.3) temple (~> 0.7.3)
tilt (>= 1.3.3, < 2.1) tilt (>= 1.3.3, < 2.1)
soundmanager-rails (1.0.1) soundmanager-rails (1.0.1)
sprockets (2.11.0) sprockets (2.12.3)
hike (~> 1.2) hike (~> 1.2)
multi_json (~> 1.0) multi_json (~> 1.0)
rack (~> 1.0) rack (~> 1.0)
tilt (~> 1.1, != 1.3.0) tilt (~> 1.1, != 1.3.0)
sprockets-rails (2.0.1) sprockets-rails (2.2.4)
actionpack (>= 3.0) actionpack (>= 3.0)
activesupport (>= 3.0) activesupport (>= 3.0)
sprockets (~> 2.8) sprockets (>= 2.8, < 4.0)
sqlite3 (1.3.10) sqlite3 (1.3.10)
state_machine (1.2.0) state_machines (0.2.2)
state_machines-activemodel (0.1.2)
activemodel (~> 4.1)
state_machines (~> 0.2.0)
state_machines-activerecord (0.2.0)
activerecord (~> 4.1)
state_machines-activemodel (~> 0.1.0)
stringex (2.5.2) stringex (2.5.2)
temple (0.7.5) temple (0.7.5)
test_after_commit (0.4.0) test_after_commit (0.4.1)
activerecord (>= 3.2) activerecord (>= 3.2)
therubyracer (0.12.1) therubyracer (0.12.1)
libv8 (~> 3.16.14.0) libv8 (~> 3.16.14.0)
@ -520,20 +536,21 @@ GEM
eventmachine (>= 0.12.6) eventmachine (>= 0.12.6)
rack (>= 1.0.0) rack (>= 1.0.0)
thor (0.19.1) thor (0.19.1)
thread_safe (0.3.4) thread_safe (0.3.5)
tilt (1.4.1) tilt (1.4.1)
time_diff (0.3.0) time_diff (0.3.0)
activesupport activesupport
i18n i18n
timecop (0.7.1) timecop (0.7.3)
tmp_cache (0.1.1) tmp_cache (0.1.1)
twitter-text (1.11.0) twitter-text (1.11.0)
unf (~> 0.1.0) unf (~> 0.1.0)
tzinfo (0.3.43) tzinfo (1.2.2)
uglifier (2.7.0) thread_safe (~> 0.1)
uglifier (2.7.1)
execjs (>= 0.3.0) execjs (>= 0.3.0)
json (>= 1.8.0) json (>= 1.8.0)
underscore-rails (1.7.0) underscore-rails (1.8.2)
unf (0.1.4) unf (0.1.4)
unf_ext unf_ext
unf_ext (0.0.6) unf_ext (0.0.6)
@ -563,46 +580,45 @@ PLATFORMS
DEPENDENCIES DEPENDENCIES
RedCloth RedCloth
activeadmin! activeadmin!
airbrake (~> 3.1) airbrake
ancestry (~> 2.1) ancestry
angular-i18n (= 0.1.2) angular-i18n
angular-rails-templates angular-rails-templates
angular-ui-bootstrap-rails angular-ui-bootstrap-rails
angularjs-rails (~> 1.2.15) angularjs-rails
attr_encrypted (~> 1.3) attr_encrypted
better_errors better_errors
binding_of_caller binding_of_caller
bootstrap-sass (~> 3.3) bootstrap-sass
cancan!
cape cape
capistrano capistrano
capistrano_colors capistrano_colors
charlock_holmes (~> 0.7) charlock_holmes
codemirror-rails (~> 4.5) codemirror-rails (~> 4.5)
coffee-rails (~> 4.1) coffee-rails
compass-rails (~> 2.0) compass-rails
creole creole
devise (~> 3.3) devise
diff-display (~> 0.0.1) diff-display
factory_girl_rails factory_girl_rails
ffi (~> 1.9.3) ffi
font-awesome-rails (~> 4.2) font-awesome-rails
friendly_id (~> 5.0) friendly_id
gemoji (~> 2.1) gemoji
github-linguist (= 3.1.5) github-linguist (= 3.1.5)
gollum-lib (~> 3.0) gollum-lib (~> 3.0)
grack! grack!
grit! grit!
haml-rails (~> 0.5) haml-rails
highline (~> 1.6.20) highline (~> 1.6.20)
hirb hirb
jbuilder (~> 2.2) jbuilder
jquery-migrate-rails jquery-migrate-rails
jquery-rails (~> 2.3) jquery-rails
js-routes js-routes
localeapp localeapp
mailcatcher mailcatcher
meta-tags (~> 2.0) meta-tags
meta_request meta_request
mock_redis mock_redis
momentjs-rails momentjs-rails
@ -615,30 +631,33 @@ DEPENDENCIES
omniauth-facebook omniauth-facebook
omniauth-github omniauth-github
omniauth-google-oauth2 omniauth-google-oauth2
paperclip (~> 4.2) paperclip
perform_later! perform_later!
pg (~> 0.17.1) pg
protected_attributes protected_attributes
puma puma
pundit
rack-throttle (~> 0.3.0) rack-throttle (~> 0.3.0)
rails (= 4.0.13) rack-utf8_sanitizer
rails (= 4.1.10)
rails-assets-notifyjs!
rails3-generators rails3-generators
rails3-jquery-autocomplete rails3-jquery-autocomplete
rake rake
rdiscount rdiscount
redcarpet (~> 3.1) redcarpet (~> 3.2)
redis-rails (~> 4.0) redis-rails
resque (~> 1.25) resque
resque-scheduler (~> 2.5.4) resque-scheduler (~> 2.5.4)
resque-status (~> 0.4) resque-status
resque_mailer (~> 2.2) resque_mailer
rest-client (~> 1.7) rest-client
rr rr
rspec-rails rspec-rails
ruby-haml-js (~> 0.0.5) ruby-haml-js
russian (~> 0.6.0) russian
rvm-capistrano rvm-capistrano
sass-rails (~> 4.0) sass-rails
schema_plus (~> 1.5) schema_plus (~> 1.5)
shotgun shotgun
shoulda shoulda
@ -648,17 +667,17 @@ DEPENDENCIES
skype skype
slim slim
soundmanager-rails soundmanager-rails
sprockets (= 2.11.0) sprockets
state_machine (~> 1.2) state_machines-activerecord
test_after_commit test_after_commit
therubyracer (~> 0.12.1) therubyracer
therubyrhino (~> 2.0) therubyrhino
time_diff time_diff
timecop timecop
uglifier (~> 2.5) uglifier
underscore-rails underscore-rails
webmock webmock
whenever (~> 0.9.0) whenever
wikicloth wikicloth
will_paginate (~> 3.0) will_paginate
zeroclipboard-rails (~> 0.1.0) zeroclipboard-rails

View File

@ -23,3 +23,4 @@ A ruby translation project managed on [Locale](http://www.localeapp.com/) that's
- The maintainer will then pull translations from the Locale project and push to Github. - The maintainer will then pull translations from the Locale project and push to Github.
Happy translating! Happy translating!
test 1

View File

@ -1,6 +1,6 @@
RosaABF.controller('BuildListsController', RosaABF.controller('BuildListsController',
['$scope', '$http', '$location', '$timeout', 'datepickerPopupConfig', '$cookies', ['$scope', '$http', '$location', '$timeout', '$cookies',
function($scope, $http, $location, $timeout, datepickerPopupConfig, $cookies) { function($scope, $http, $location, $timeout, $cookies) {
$scope.params = null; $scope.params = null;
$scope.first_run = true; $scope.first_run = true;
@ -8,8 +8,8 @@ RosaABF.controller('BuildListsController',
$scope.build_lists = []; $scope.build_lists = [];
$scope.isRequest = false; // Disable 'Search' button $scope.isRequest = false; // Disable 'Search' button
$scope.pages = []; $scope.pages = [];
$scope.opened = {}; $scope.opened = {};
$scope.map_priorities = { $scope.map_priorities = {
<%=BuildList::WAITING_FOR_RESPONSE%>: 13, <%=BuildList::WAITING_FOR_RESPONSE%>: 13,
<%=BuildList::BUILD_PENDING%>: 12, <%=BuildList::BUILD_PENDING%>: 12,
@ -26,13 +26,6 @@ RosaABF.controller('BuildListsController',
<%=BuildList::FAILED_PUBLISH%>: 1, <%=BuildList::FAILED_PUBLISH%>: 1,
<%=BuildList::REJECTED_PUBLISH%>: 0 <%=BuildList::REJECTED_PUBLISH%>: 0
}; };
$scope.minDate = new Date(2010, 1, 1);
$scope.maxDate = moment().add(1, 'months').calendar();
$scope.today = function() {
$scope.dt = new Date();
};
$scope.today();
$scope.clear = function () { $scope.clear = function () {
//$scope.dt = null; //$scope.dt = null;
@ -42,42 +35,22 @@ RosaABF.controller('BuildListsController',
}; };
}; };
// Disable weekend selection
$scope.disabled = function(date, mode) {
return ( mode === 'day' && ( date.getDay() === 0 || date.getDay() === 6 ) );
};
$scope.toggleMin = function() {
$scope.minDate = $scope.minDate ? null : new Date();
};
$scope.toggleMin();
$scope.dateOptions = {
formatYear: 'yy',
startingDay: <%= I18n.locale == :ru ? 1 : 0 %>,
'show-weeks': false
};
$scope.initDate = $scope.today();
$scope.format = 'mediumDate';
<% if I18n.locale == :ru %>
// TRANSLATION
datepickerPopupConfig.currentText = 'Сегодня';
datepickerPopupConfig.clearText = 'Очистить';
datepickerPopupConfig.weeksText = 'Недели';
datepickerPopupConfig.closeText = 'Закрыть';
<% end %>
datepickerPopupConfig.appendToBody = 'true';
$scope.init = function init() { $scope.init = function init() {
$scope.isOpenServerStatus = $cookies.isOpenServerStatus === 'true' ? true : false; $scope.name_with_owner = $('#name_with_owner').val();
if ($scope.name_with_owner) {
$scope.build_lists_path = Routes.project_build_lists_path($scope.name_with_owner, {format: 'json'});
}
else {
$scope.build_lists_path = Routes.build_lists_path({format: 'json'});
}
//$scope.isOpenServerStatus = $cookies.isOpenServerStatus === 'true' ? true : false;
$scope.isOpenFilters = $cookies.isOpenFilters === 'true' ? true : false; $scope.isOpenFilters = $cookies.isOpenFilters === 'true' ? true : false;
}; };
$scope.$watch('isOpenServerStatus', function(){ // $scope.$watch('isOpenServerStatus', function(){
$cookies.isOpenServerStatus = $scope.isOpenServerStatus.toString(); // $cookies.isOpenServerStatus = $scope.isOpenServerStatus.toString();
}, true); // }, true);
$scope.$watch('isOpenFilters', function(){ $scope.$watch('isOpenFilters', function(){
$cookies.isOpenFilters = $scope.isOpenFilters.toString(); $cookies.isOpenFilters = $scope.isOpenFilters.toString();
@ -88,9 +61,9 @@ RosaABF.controller('BuildListsController',
$scope.isRequest = true; $scope.isRequest = true;
$http.get(Routes.build_lists_path({format: 'json'}), {params: $location.search()}).success(function(results) { $http.get($scope.build_lists_path, {params: $location.search()}).success(function(results) {
// Render Server status // Render Server status
$scope.server_status = results.server_status; $scope.$parent.server_status = results.server_status;
// TMP fields // TMP fields
var dictionary = results.dictionary; var dictionary = results.dictionary;

View File

@ -1,10 +1,17 @@
commentService = ($http) -> commentService = ($http) ->
getPath = (kind, project, commentable, id) -> getPath = (kind, project, commentable, id) ->
if commentable.kind is 'issue' or commentable.kind is 'pull'
if kind is 'remove' or kind is 'update' if kind is 'remove' or kind is 'update'
return Routes.project_issue_comment_path(project, commentable.id, id) return Routes.project_issue_comment_path(project, commentable.id, id)
else if kind is 'add' else if kind is 'add'
return Routes.project_issue_comments_path(project, commentable.id) return Routes.project_issue_comments_path(project, commentable.id)
else if commentable.kind is 'commit'
if kind is 'remove' or kind is 'update'
return Routes.project_commit_comment_path(project, commentable.id, id)
else if kind is 'add'
return Routes.project_commit_comments_path(project, commentable.id)
{ {
add: (project, commentable, body) -> add: (project, commentable, body) ->
path = getPath('add', project, commentable) path = getPath('add', project, commentable)
@ -24,7 +31,7 @@ commentService = ($http) ->
update: (project, commentable, id) -> update: (project, commentable, id) ->
path = getPath('update', project, commentable, id) path = getPath('update', project, commentable, id)
params = { comment: { body: $('#comment-'+id+'-body').val() }} params = { comment: { body: $('#comment-'+id+'-body').val() }}
$http.put(path, params) $http.patch(path, params)
remove: (project, commentable, id) -> remove: (project, commentable, id) ->
path = getPath('remove', project, commentable, id) path = getPath('remove', project, commentable, id)

View File

@ -57,7 +57,7 @@ CommentsController = (Comment, Preview, confirmMessage, $scope, compileHTML, $ro
promise = Preview.get_preview(vm.project, body) promise = Preview.get_preview(vm.project, body)
promise.success( (response) -> promise.success( (response) ->
vm.preview_body = response vm.preview_body = response.html
Preview.old_text = body Preview.old_text = body
).error( (response) -> ).error( (response) ->
vm.preview_body = 'Error :(' vm.preview_body = 'Error :('
@ -75,15 +75,22 @@ CommentsController = (Comment, Preview, confirmMessage, $scope, compileHTML, $ro
else else
false false
vm.add = -> vm.add = ($event)->
$event.preventDefault()
$event.stopPropagation()
vm.processing = true vm.processing = true
promise = Comment.add(vm.project, vm.commentable, vm.new_body) Comment.add(vm.project, vm.commentable, vm.new_body)
promise.then (response) -> .success (data) ->
element = compileHTML.run($scope, response.data.html) element = compileHTML.run($scope, data.html)
list.append(element) list.append(element)
vm.new_body = '' vm.new_body = ''
location.hash = "#comment" + response.data.id; location.hash = "#comment" + data.id;
vm.processing = false
$.notify(data.message, 'success')
.error (data) ->
$.notify(data.message, 'error')
vm.processing = false vm.processing = false
false false
@ -91,8 +98,8 @@ CommentsController = (Comment, Preview, confirmMessage, $scope, compileHTML, $ro
vm.remove = (id) -> vm.remove = (id) ->
return false unless confirmMessage.show() return false unless confirmMessage.show()
vm.processing = true vm.processing = true
promise = Comment.remove(vm.project, vm.commentable, id) Comment.remove(vm.project, vm.commentable, id)
promise.then () -> .success (data)->
parent = $('#comment'+id+',#diff-comment'+id).parents('tr.line-comments') parent = $('#comment'+id+',#diff-comment'+id).parents('tr.line-comments')
if parent.find('.line-comment').length is 1 if parent.find('.line-comment').length is 1
# there is only one line comment, remove all line # there is only one line comment, remove all line
@ -100,16 +107,21 @@ CommentsController = (Comment, Preview, confirmMessage, $scope, compileHTML, $ro
else else
$('#comment'+id+',#diff-comment'+id+',#update-comment'+id).remove() $('#comment'+id+',#diff-comment'+id+',#update-comment'+id).remove()
$.notify(data.message, 'success')
vm.processing = false
.error (data)->
$.notify(data.message, 'error')
vm.processing = false vm.processing = false
false false
vm.update = (id) -> vm.update = (id) ->
vm.processing = true vm.processing = true
promise = Comment.update(vm.project, vm.commentable, id) Comment.update(vm.project, vm.commentable, id)
promise.then (response) -> .success (data) ->
form = $('#comment'+id+ ' .md_and_cm.cm-s-default').html(response.data.body) form = $('#comment'+id+ ' .md_and_cm.cm-s-default').html(data.body)
$.notify(data.message, 'success')
vm.processing = false vm.processing = false
form = $('.open-comment.comment-'+id) form = $('.open-comment.comment-'+id)
if form.length is 1 if form.length is 1
@ -117,6 +129,9 @@ CommentsController = (Comment, Preview, confirmMessage, $scope, compileHTML, $ro
return true return true
else else
return false return false
.error (data) ->
$.notify(data.message, 'error')
vm.processing = false
vm.showInlineForm = ($event, params = {}) -> vm.showInlineForm = ($event, params = {}) ->
line_comments = findInlineComments($event, params) line_comments = findInlineComments($event, params)
@ -170,7 +185,7 @@ CommentsController = (Comment, Preview, confirmMessage, $scope, compileHTML, $ro
vm.commentable = commentable vm.commentable = commentable
vm.processing = false vm.processing = false
vm.k = 10 vm.k = 10
if commentable.kind is 'issue' if commentable.kind is 'issue' or commentable.kind is 'commit'
list = $('#comments_list') list = $('#comments_list')
else if commentable.kind is 'pull' else if commentable.kind is 'pull'
list = $('#pull-activity') list = $('#pull-activity')

View File

@ -0,0 +1,61 @@
DatePickerController = ($scope, datepickerPopupConfig) ->
vm = this
vm.minDate = new Date(2010, 1, 1)
vm.maxDate = moment().add(1, 'months').calendar()
vm.today = ->
vm.dt = new Date()
vm.today()
vm.clear = ->
dt = null
# Disable weekend selection
vm.disabled = (date, mode)->
mode is 'day' and ( date.getDay() is 0 or date.getDay() is 6 )
vm.toggleMin = ->
vm.minDate = vm.minDate ? null : new Date()
vm.toggleMin()
vm.open_updated_at_start = ($event)->
$event.preventDefault()
$event.stopPropagation()
vm.updated_at_start_opened = true
vm.open_updated_at_end = ($event)->
$event.preventDefault()
$event.stopPropagation()
vm.updated_at_end_opened = true
vm.dateOptions =
formatYear: 'yy'
startingDay: <%= I18n.locale == :ru ? 1 : 0 %>
'show-weeks': false
vm.initDate = vm.today()
vm.format = 'dd/MM/yyyy'
<% if I18n.locale == :ru %>
# TRANSLATION
datepickerPopupConfig.currentText = 'Сегодня'
datepickerPopupConfig.clearText = 'Очистить'
datepickerPopupConfig.weeksText = 'Недели'
datepickerPopupConfig.closeText = 'Закрыть'
<% end %>
#datepickerPopupConfig.appendToBody = 'true'
angular
.module("RosaABF")
.controller "DatePickerController", DatePickerController
DatePickerController.$inject = [
'$scope'
'datepickerPopupConfig'
]

View File

@ -46,7 +46,7 @@ IssueController = (dataservice, $http, Issue, $rootScope, Preview, Label, confir
promise = Preview.get_preview(vm.project, body) promise = Preview.get_preview(vm.project, body)
promise.success( (response) -> promise.success( (response) ->
vm.preview_body = response vm.preview_body = response.html
Preview.old_text = body Preview.old_text = body
).error( (response) -> ).error( (response) ->
vm.preview_body = 'Error :(' vm.preview_body = 'Error :('

View File

@ -1,4 +1,4 @@
RosaABF.controller 'RepositoryProjectsController', ['$scope', '$http', '$location', ($scope, $http, $location) -> RosaABF.controller 'RepositoryProjectsController', ['$scope', '$http', '$location', 'confirmMessage', ($scope, $http, $location, confirmMessage) ->
$scope.added = $('#added').val() $scope.added = $('#added').val()
$scope.platform_id = $('#platform_id').val() $scope.platform_id = $('#platform_id').val()
@ -51,4 +51,13 @@ RosaABF.controller 'RepositoryProjectsController', ['$scope', '$http', '$locatio
$scope.goToPage = (number) -> $scope.goToPage = (number) ->
$location.search('page', number) $location.search('page', number)
$scope.removeProject = (project) ->
return false unless confirmMessage.show()
$http.delete(project.remove_path).success (data) ->
$.notify(data.message, 'success')
$scope.projects = _.reject($scope.projects, (pr) ->
return pr.id is project.id
)
false
] ]

View File

@ -18,36 +18,51 @@ CollaboratorsController = (dataservice, Collaborator, $http, confirmMessage) ->
vm.selected_new_collaborator = item vm.selected_new_collaborator = item
false false
vm.addCollaborator = -> vm.addCollaborator = ($event) ->
promise = Collaborator.add(vm.name_with_owner, $event.preventDefault()
$event.stopPropagation()
Collaborator.add(vm.name_with_owner,
vm.selected_new_collaborator, vm.selected_new_collaborator,
vm.new_role, vm.new_role,
vm.project_id) vm.project_id)
promise.success (data) -> .success (data) ->
vm.collaborators.push data vm.collaborators.push data
$.notify(data.message, 'success')
.error (data) ->
$.notify(data.message, 'error')
vm.new_collaborator_uname = null
vm.selected_new_collaborator = null vm.selected_new_collaborator = null
false false
vm.removeCollaborator = (member) -> vm.removeCollaborator = (member, need_confirm = true) ->
return false unless confirmMessage.show() return false if need_confirm and !confirmMessage.show()
promise = Collaborator.remove(vm.name_with_owner, member.id) Collaborator.remove(vm.name_with_owner, member.id)
promise.success (data) -> .success (data) ->
vm.collaborators = _.reject(vm.collaborators, (c) -> vm.collaborators = _.reject(vm.collaborators, (c) ->
c.id is member.id c.id is member.id
) )
$.notify(data.message, 'success')
.error (data) ->
$.notify(data.message, 'error')
false false
vm.removeCollaborators = -> vm.removeCollaborators = ->
return false unless confirmMessage.show() return false unless confirmMessage.show()
_.each(vm.collaborators, (c) -> _.each(vm.collaborators, (c) ->
vm.removeCollaborator(c) if c.check_delete vm.removeCollaborator(c, false) if c.check_delete
) )
false false
vm.updateCollaborator = (member) -> vm.updateCollaborator = (member) ->
return false unless confirmMessage.show() return false unless confirmMessage.show()
Collaborator.update(vm.name_with_owner, member) Collaborator.update(vm.name_with_owner, member)
.success (data) ->
$.notify(data.message, 'success')
.error (data) ->
$.notify(data.message, 'error')
false false
init = (dataservice) -> init = (dataservice) ->

View File

@ -54,32 +54,49 @@ PullRequestController = (dataservice, $http, ApiPullRequest, ApiProject, DateTim
vm.branch = branch vm.branch = branch
vm.reopen = -> vm.reopen = ->
return false if vm.processing
vm.processing = true
vm.pull_resource.$update vm.pull_resource.$update
pull_request_action: "reopen" pull_request_action: "reopen"
, -> , ->
vm.getPullRequest() vm.getPullRequest()
vm.processing = false
vm.close = -> vm.close = ->
return false if vm.processing
vm.processing = true
vm.pull_resource.$update vm.pull_resource.$update
pull_request_action: "close" pull_request_action: "close"
, -> , ->
vm.getPullRequest() vm.getPullRequest()
vm.processing = false
vm.merge = -> vm.merge = ->
return false if vm.processing
vm.processing = true
vm.pull_resource.$merge -> vm.pull_resource.$merge ->
vm.getPullRequest() vm.getPullRequest()
vm.processing = false
vm.deleteBranch = -> vm.deleteBranch = ->
return false if vm.processing
vm.processing = true
vm.project_resource.$delete_branch vm.branch_params(), (-> # success vm.project_resource.$delete_branch vm.branch_params(), (-> # success
vm.branch = null vm.branch = null
vm.processing = false
), -> # error ), -> # error
vm.getBranch() vm.getBranch()
vm.processing = false
vm.restoreBranch = -> vm.restoreBranch = ->
return false if vm.processing
vm.processing = true
vm.project_resource.$restore_branch vm.branch_params(), (-> # success vm.project_resource.$restore_branch vm.branch_params(), (-> # success
vm.getBranch() vm.getBranch()
vm.processing = false
), -> # error ), -> # error
vm.getBranch() vm.getBranch()
vm.processing = false
vm.branch_params = -> vm.branch_params = ->
owner: vm.pull_params.owner owner: vm.pull_params.owner
@ -108,9 +125,8 @@ PullRequestController = (dataservice, $http, ApiPullRequest, ApiProject, DateTim
promise = ApiPullRequest.get_diff(vm.pull_params) promise = ApiPullRequest.get_diff(vm.pull_params)
promise.then (response) -> promise.then (response) ->
diff.html(null) diff.html(null)
#html = compileHTML.run($scope, response.data)
#diff.html(html)
$rootScope.$broadcast('compile_html', { element: diff, html: response.data }) $rootScope.$broadcast('compile_html', { element: diff, html: response.data })
$('[data-toggle="tooltip"]').tooltip()
vm.processing = false vm.processing = false
vm.is_diff_updated = true vm.is_diff_updated = true
false false

View File

@ -4,14 +4,8 @@ previewService = ($http) ->
old_text: old_text old_text: old_text
get_preview: (name_with_owner, text, old_text) -> get_preview: (name_with_owner, text, old_text) ->
return null if text is old_text return null if text is old_text
path = Routes.project_md_preview_path( path = Routes.project_md_preview_path(name_with_owner)
{ $http.post(path, {text: text})
name_with_owner: name_with_owner,
text: text
}
)
$http.post(path)
} }
angular angular

View File

@ -0,0 +1,6 @@
$(document).ready ->
$(document).on 'click', '#diff_header .panel-body li.list-group-item a', ->
href = $(this).attr('href')
$(".diff_data.collapse#"+href.slice(1)+"_content").collapse('show')
return

View File

@ -0,0 +1,14 @@
$(document).ready ->
$(document).on 'hide.bs.collapse', '.file .diff_data.collapse', ->
$(this).parent().find('.top button span.fa').removeClass('fa-chevron-down').addClass('fa-chevron-up')
$(document).on 'show.bs.collapse', '.file .diff_data.collapse', ->
$(this).parent().find('.top button span.fa').removeClass('fa-chevron-up').addClass('fa-chevron-down')
$(document).on 'hide.bs.collapse', '#diff_header #collapseList', ->
$(this).parent().find('.panel-title a span.fa').removeClass('fa-chevron-down').addClass('fa-chevron-up')
$(document).on 'show.bs.collapse', '#diff_header #collapseList', ->
$(this).parent().find('.panel-title a span.fa').removeClass('fa-chevron-up').addClass('fa-chevron-down')
return

View File

@ -27,14 +27,19 @@
//= require zeroclipboard //= require zeroclipboard
//= require notifyjs
//= require notifyjs/styles/bootstrap/notify-bootstrap
//= require lib/Chart //= require lib/Chart
//= require lib/bootstrap-typeahead //= require lib/bootstrap-typeahead
//= require lib/custom-bootstrap-typeahead //= require lib/custom-bootstrap-typeahead
//= require extra/highlight
//= require extra/highlight
//= require extra/pull //= require extra/pull
//= require extra/scroller //= require extra/scroller
//= require extra/fork //= require extra/fork
//= require extra/diff_chevrons
//= require extra/diff
//= require_self //= require_self

View File

@ -225,6 +225,9 @@ textarea.resize-vertical
.update-label, .update-status, .pointer .update-label, .update-status, .pointer
cursor: pointer cursor: pointer
.no-pointer
cursor: default !important
#scroller #scroller
position: fixed position: fixed
bottom: 20px bottom: 20px

View File

@ -3,7 +3,7 @@
overflow-x: auto overflow-x: auto
table.table.diff.inline table.table.diff.inline
//border: 1px solid #DDD margin-bottom: 0
tr.changes tr.changes
pre pre
@ -66,17 +66,6 @@ table.table.diff.inline
.line-comment, #new_inline_comment .line-comment, #new_inline_comment
max-width: 700px max-width: 700px
td.diff-image
text-align: center
span.diff-image
text-align: center
margin: 0
padding: 0
img
margin-top: 5px
div.file div.top div.file div.top
min-height: 28px min-height: 28px
background: #ededed background: #ededed

View File

@ -1,3 +0,0 @@
accordion .build-log
height: 300px
overflow-y: auto

View File

@ -0,0 +1,3 @@
.build-log
pre
font-size: 11px

View File

@ -1,11 +1,10 @@
class AdvisoriesController < ApplicationController class AdvisoriesController < ApplicationController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user! if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user! if APP_CONFIG['anonymous_access']
load_resource find_by: :advisory_id
authorize_resource
def index def index
@advisories = @advisories.includes(:platforms).search(params[:q]).uniq authorize :advisories
@advisories = Advisory.includes(:platforms).search(params[:q]).uniq
@advisories_count = @advisories.count @advisories_count = @advisories.count
@advisories = @advisories.paginate(page: current_page, per_page: Advisory.per_page) @advisories = @advisories.paginate(page: current_page, per_page: Advisory.per_page)
respond_to do |format| respond_to do |format|
@ -16,10 +15,12 @@ class AdvisoriesController < ApplicationController
end end
def show def show
authorize @advisory = Advisory.find_by(advisory_id: params[:id])
@packages_info = @advisory.fetch_packages_info @packages_info = @advisory.fetch_packages_info
end end
def search def search
authorize :advisories
@advisory = Advisory.by_update_type(params[:bl_type]).search_by_id(params[:query]).first @advisory = Advisory.by_update_type(params[:bl_type]).search_by_id(params[:query]).first
if @advisory.nil? if @advisory.nil?
render nothing: true, status: 404 render nothing: true, status: 404

View File

@ -1,27 +1,26 @@
class Api::V1::AdvisoriesController < Api::V1::BaseController class Api::V1::AdvisoriesController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: %i(index show) if APP_CONFIG['anonymous_access']
load_resource :advisory, find_by: :advisory_id before_action :load_advisory, only: %i(show update)
before_filter :find_and_authorize_build_list, only: [:create, :update] before_action :load_build_list, only: %i(create update)
authorize_resource :build_list, only: [:create, :update]
def index def index
@advisories = @advisories.includes(:platforms, :projects).paginate(paginate_params) authorize :advisory
respond_to :json @advisories = Advisory.includes(:platforms, :projects).paginate(paginate_params)
end end
def show def show
@packages_info = @advisory.fetch_packages_info @packages_info = @advisory.fetch_packages_info
respond_to :json
end end
def create def create
authorize :advisory
if @build_list.can_attach_to_advisory? && if @build_list.can_attach_to_advisory? &&
@build_list.associate_and_create_advisory(params[:advisory]) && @build_list.associate_and_create_advisory(params[:advisory]) &&
@build_list.save @build_list.save
render_json_response @advisory, 'Advisory has been created successfully' render_json_response @build_list.advisory, 'Advisory has been created successfully'
else else
render_validation_error @advisory, error_message(@build_list, 'Advisory has not been created') render_validation_error @build_list.advisory, error_message(@build_list, 'Advisory has not been created')
end end
end end
@ -36,9 +35,14 @@ class Api::V1::AdvisoriesController < Api::V1::BaseController
protected protected
def find_and_authorize_build_list def load_build_list
@build_list = BuildList.find params[:build_list_id] @build_list = BuildList.find params[:build_list_id]
authorize! :local_admin_manage, @build_list.save_to_platform authorize @build_list.save_to_platform, :local_admin_manage?
end
def load_advisory
@advisory = Advisory.find_by(advisory_id: params[:id]) if params[:id]
authorize @advisory if @advisory
end end
end end

View File

@ -1,9 +1,9 @@
class Api::V1::ArchesController < Api::V1::BaseController class Api::V1::ArchesController < Api::V1::BaseController
before_filter :authenticate_user! unless APP_CONFIG['anonymous_access'] before_action :authenticate_user! unless APP_CONFIG['anonymous_access']
def index def index
authorize :arch
@arches = Arch.order(:id).paginate(paginate_params) @arches = Arch.order(:id).paginate(paginate_params)
respond_to :json
end end
end end

View File

@ -4,7 +4,7 @@ class Api::V1::BaseController < ApplicationController
helper_method :member_path helper_method :member_path
rescue_from CanCan::AccessDenied do |exception| rescue_from Pundit::NotAuthorizedError do |exception|
respond_to do |format| respond_to do |format|
format.json { render json: {message: t('flash.exception_message')}.to_json, status: 403 } format.json { render json: {message: t('flash.exception_message')}.to_json, status: 403 }
format.csv { render text: t('flash.exception_message'), status: 403 } format.csv { render text: t('flash.exception_message'), status: 403 }
@ -35,6 +35,7 @@ class Api::V1::BaseController < ApplicationController
end end
def create_subject(subject) def create_subject(subject)
authorize subject, :create?
class_name = subject.class.name class_name = subject.class.name
if subject.save if subject.save
render_json_response subject, "#{class_name} has been created successfully" render_json_response subject, "#{class_name} has been created successfully"
@ -44,6 +45,7 @@ class Api::V1::BaseController < ApplicationController
end end
def update_member_in_subject(subject, relation = :relations) def update_member_in_subject(subject, relation = :relations)
authorize subject, :update_member?
role = params[:role] role = params[:role]
class_name = subject.class.name.downcase class_name = subject.class.name.downcase
if member.present? && role.present? && subject.respond_to?(:owner) && subject.owner != member && if member.present? && role.present? && subject.respond_to?(:owner) && subject.owner != member &&
@ -55,6 +57,7 @@ class Api::V1::BaseController < ApplicationController
end end
def add_member_to_subject(subject, role = 'admin') def add_member_to_subject(subject, role = 'admin')
authorize subject, :add_member?
class_name = subject.class.name.downcase class_name = subject.class.name.downcase
if member.present? && subject.add_member(member, role) if member.present? && subject.add_member(member, role)
render_json_response subject, "#{member.class.to_s} '#{member.id}' has been added to #{class_name} successfully" render_json_response subject, "#{member.class.to_s} '#{member.id}' has been added to #{class_name} successfully"
@ -64,6 +67,7 @@ class Api::V1::BaseController < ApplicationController
end end
def remove_member_from_subject(subject) def remove_member_from_subject(subject)
authorize subject, :remove_member?
class_name = subject.class.name.downcase class_name = subject.class.name.downcase
if member.present? && subject.remove_member(member) if member.present? && subject.remove_member(member)
render_json_response subject, "#{member.class.to_s} '#{member.id}' has been removed from #{class_name} successfully" render_json_response subject, "#{member.class.to_s} '#{member.id}' has been removed from #{class_name} successfully"
@ -73,11 +77,13 @@ class Api::V1::BaseController < ApplicationController
end end
def destroy_subject(subject) def destroy_subject(subject)
authorize subject, :destroy?
subject.destroy # later with resque subject.destroy # later with resque
render_json_response subject, "#{subject.class.name} has been destroyed successfully" render_json_response subject, "#{subject.class.name} has been destroyed successfully"
end end
def update_subject(subject) def update_subject(subject)
authorize subject, :update?
class_name = subject.class.name class_name = subject.class.name
if subject.update_attributes(params[class_name.underscore.to_sym] || {}) if subject.update_attributes(params[class_name.underscore.to_sym] || {})
render_json_response subject, "#{class_name} has been updated successfully" render_json_response subject, "#{class_name} has been updated successfully"
@ -94,7 +100,7 @@ class Api::V1::BaseController < ApplicationController
id: id, id: id,
message: message message: message
} }
}.to_json, status: status }, status: status
end end
def render_validation_error(subject, message) def render_validation_error(subject, message)

View File

@ -1,17 +1,26 @@
class Api::V1::BuildListsController < Api::V1::BaseController class Api::V1::BuildListsController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:show, :index] if APP_CONFIG['anonymous_access'] before_action :load_build_list, only: %i(
cancel
load_and_authorize_resource :build_list, only: [:show, :create, :cancel, :publish, :reject_publish, :create_container, :publish_into_testing, :rerun_tests] create_container
publish
publish_into_testing
reject_publish
rerun_tests
show
)
skip_before_action :authenticate_user!, only: %i(show index) if APP_CONFIG['anonymous_access']
def show def show
authorize @build_list
respond_to :json respond_to :json
end end
def index def index
authorize :build_list
@project = Project.find(params[:project_id]) if params[:project_id].present? @project = Project.find(params[:project_id]) if params[:project_id].present?
authorize!(:show, @project) if @project authorize @project, :show? if @project
filter = BuildList::Filter.new(@project, current_user, current_ability, params[:filter] || {}) filter = BuildList::Filter.new(@project, current_user, params[:filter] || {})
@build_lists = filter.find.includes(:build_for_platform, @build_lists = filter.find.includes(:build_for_platform,
:save_to_repository, :save_to_repository,
:save_to_platform, :save_to_platform,
@ -36,34 +45,45 @@ class Api::V1::BuildListsController < Api::V1::BaseController
end end
def cancel def cancel
authorize @build_list
render_json :cancel render_json :cancel
end end
def publish def publish
authorize @build_list
@build_list.publisher = current_user @build_list.publisher = current_user
render_json :publish render_json :publish
end end
def reject_publish def reject_publish
authorize @build_list
@build_list.publisher = current_user @build_list.publisher = current_user
render_json :reject_publish render_json :reject_publish
end end
def create_container def create_container
authorize @build_list
render_json :create_container, :publish_container render_json :create_container, :publish_container
end end
def rerun_tests def rerun_tests
authorize @build_list
render_json :rerun_tests render_json :rerun_tests
end end
def publish_into_testing def publish_into_testing
authorize @build_list
@build_list.publisher = current_user @build_list.publisher = current_user
render_json :publish_into_testing render_json :publish_into_testing
end end
private private
# Private: before_action hook which loads BuidList.
def load_build_list
@build_list = BuildList.find params[:id]
end
def render_json(action_name, action_method = nil) def render_json(action_name, action_method = nil)
if @build_list.try("can_#{action_name}?") && @build_list.send(action_method || action_name) if @build_list.try("can_#{action_name}?") && @build_list.send(action_method || action_name)
render_json_response @build_list, t("layout.build_lists.#{action_name}_success") render_json_response @build_list, t("layout.build_lists.#{action_name}_success")

View File

@ -1,23 +1,22 @@
class Api::V1::GroupsController < Api::V1::BaseController class Api::V1::GroupsController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource before_action :load_group, except: %i(index create)
def index def index
# accessible_by(current_ability) authorize :group
@groups = current_user.groups.paginate(paginate_params) @groups = current_user.groups.paginate(paginate_params)
respond_to :json
end end
def show def show
respond_to :json authorize @group
end end
def members def members
authorize @group
@members = @group.members.where('actor_id != ?', @group.owner_id) @members = @group.members.where('actor_id != ?', @group.owner_id)
.order('name').paginate(paginate_params) .order('name').paginate(paginate_params)
respond_to :json
end end
def update def update
@ -48,4 +47,11 @@ class Api::V1::GroupsController < Api::V1::BaseController
update_member_in_subject @group, :actors update_member_in_subject @group, :actors
end end
private
# Private: before_action hook which loads Group.
def load_group
@group = Group.find params[:id]
end
end end

View File

@ -1,11 +1,13 @@
class Api::V1::IssuesController < Api::V1::BaseController class Api::V1::IssuesController < Api::V1::BaseController
before_filter :authenticate_user! include Api::V1::Issueable
skip_before_filter :authenticate_user!, only: [:index, :group_index, :show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :group, only: :group_index, find_by: :id, parent: false before_action :authenticate_user!
load_and_authorize_resource :project skip_before_action :authenticate_user!, only: %i(index group_index show) if APP_CONFIG['anonymous_access']
skip_load_and_authorize_resource :project, only: [:all_index, :user_index, :group_index]
load_and_authorize_resource :issue, through: :project, find_by: :serial_id, only: [:show, :update, :create, :index] before_action :load_group, only: :group_index
before_action :load_project
skip_before_action :load_project, only: %i(all_index user_index group_index)
before_action :load_issue, only: %i(show update index)
def index def index
@issues = @project.issues @issues = @project.issues
@ -13,12 +15,14 @@ class Api::V1::IssuesController < Api::V1::BaseController
end end
def all_index def all_index
project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered).pluck(:id) authorize :issue, :index?
project_ids = get_all_project_ids membered_projects.pluck(:id)
@issues = Issue.where(project_id: project_ids) @issues = Issue.where(project_id: project_ids)
render_issues_list render_issues_list
end end
def user_index def user_index
authorize :issue, :index?
project_ids = get_all_project_ids current_user.projects.pluck(:id) project_ids = get_all_project_ids current_user.projects.pluck(:id)
@issues = Issue.where(project_id: project_ids) @issues = Issue.where(project_id: project_ids)
render_issues_list render_issues_list
@ -26,7 +30,7 @@ class Api::V1::IssuesController < Api::V1::BaseController
def group_index def group_index
project_ids = @group.projects.pluck(:id) project_ids = @group.projects.pluck(:id)
project_ids = Project.accessible_by(current_ability, :membered).where(id: project_ids).pluck(:id) project_ids = membered_projects.where(id: project_ids).pluck(:id)
@issues = Issue.where(project_id: project_ids) @issues = Issue.where(project_id: project_ids)
render_issues_list render_issues_list
end end
@ -40,13 +44,14 @@ class Api::V1::IssuesController < Api::V1::BaseController
end end
def create def create
@issue = @project.issues.new(params[:issue])
@issue.user = current_user @issue.user = current_user
@issue.assignee = nil if cannot?(:write, @project) @issue.assignee = nil unless policy(@project).write?
create_subject @issue create_subject @issue
end end
def update def update
unless can?(:write, @project) unless policy(@project).write?
params.delete :update_labels params.delete :update_labels
[:assignee_id, :labelings, :labelings_attributes].each do |k| [:assignee_id, :labelings, :labelings_attributes].each do |k|
params[:issue].delete k params[:issue].delete k
@ -94,7 +99,7 @@ class Api::V1::IssuesController < Api::V1::BaseController
end end
if params[:labels].present? if params[:labels].present?
labels = params[:labels].split(',').map {|e| e.strip}.select {|e| e.present?} labels = params[:labels].split(',').map(&:strip).select(&:present?)
@issues = @issues.where('labels.name IN (?)', labels) @issues = @issues.where('labels.name IN (?)', labels)
end end
@ -110,13 +115,4 @@ class Api::V1::IssuesController < Api::V1::BaseController
end end
end end
def get_all_project_ids default_project_ids
project_ids = []
if ['created', 'all'].include? params[:filter]
# add own issues
project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
where(issues: {user_id: current_user.id}).pluck('projects.id')
end
project_ids |= default_project_ids
end
end end

View File

@ -4,7 +4,8 @@ class Api::V1::JobsController < Api::V1::BaseController
QUEUES = %w(rpm_worker_observer) QUEUES = %w(rpm_worker_observer)
QUEUE_CLASSES = %w(AbfWorker::RpmWorkerObserver) QUEUE_CLASSES = %w(AbfWorker::RpmWorkerObserver)
before_filter :authenticate_user! before_action :authenticate_user!
skip_after_action :verify_authorized
def shift def shift
@build_list = BuildList.next_build(arch_ids, platform_ids) if current_user.system? @build_list = BuildList.next_build(arch_ids, platform_ids) if current_user.system?
@ -21,8 +22,8 @@ class Api::V1::JobsController < Api::V1::BaseController
@build_list ||= build_lists.external_nodes(:everything).first @build_list ||= build_lists.external_nodes(:everything).first
else else
@build_list = build_lists.external_nodes(:owned).for_user(current_user).first @build_list = build_lists.external_nodes(:owned).for_user(current_user).first
@build_list ||= build_lists.external_nodes(:everything). @build_list ||= BuildListPolicy::Scope.new(current_user, build_lists).owned.
accessible_by(current_ability, :related).readonly(false).first external_nodes(:everything).readonly(false).first
end end
set_builder set_builder
end end

View File

@ -1,12 +1,11 @@
class Api::V1::MaintainersController < Api::V1::BaseController class Api::V1::MaintainersController < Api::V1::BaseController
before_filter :authenticate_user! unless APP_CONFIG['anonymous_access'] before_action :authenticate_user! unless APP_CONFIG['anonymous_access']
load_and_authorize_resource :platform
def index def index
authorize @platform = Platform.find(params[:platform_id]), :show?
@maintainers = BuildList::Package.includes(:project) @maintainers = BuildList::Package.includes(:project)
.actual.by_platform(@platform) .actual.by_platform(@platform)
.like_name(params[:package_name]) .like_name(params[:package_name])
.paginate(paginate_params) .paginate(paginate_params)
respond_to :json
end end
end end

View File

@ -1,10 +1,11 @@
class Api::V1::PlatformsController < Api::V1::BaseController class Api::V1::PlatformsController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: :allowed skip_before_action :authenticate_user!, only: :allowed
skip_before_filter :authenticate_user!, only: [:show, :platforms_for_build, :members] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:show, :platforms_for_build, :members] if APP_CONFIG['anonymous_access']
load_and_authorize_resource except: :allowed before_action :load_platform, except: [:index, :allowed, :platforms_for_build, :create]
def allowed def allowed
authorize :platform
if request.authorization.present? if request.authorization.present?
token, pass = *ActionController::HttpAuthentication::Basic::user_name_and_password(request) token, pass = *ActionController::HttpAuthentication::Basic::user_name_and_password(request)
end end
@ -16,25 +17,24 @@ class Api::V1::PlatformsController < Api::V1::BaseController
end end
def index def index
@platforms = @platforms.accessible_by(current_ability, :related) authorize :platform
.by_type(params[:type]).paginate(paginate_params) @platforms = PlatformPolicy::Scope.new(current_user, Platform).show.
respond_to :json by_type(params[:type]).paginate(paginate_params)
end end
def show def show
respond_to :json
end end
def platforms_for_build def platforms_for_build
@platforms = Platform.availables_main_platforms(current_user, current_ability).paginate(paginate_params) authorize :platform
respond_to do |format| @platforms = Platform.availables_main_platforms(current_user).paginate(paginate_params)
format.json { render :index } render :index
end
end end
def create def create
platform_params = params[:platform] || {} platform_params = params[:platform] || {}
owner = User.where(id: platform_params[:owner_id]).first owner = User.where(id: platform_params[:owner_id]).first
@platform = Platform.new platform_params
@platform.owner = owner || get_owner @platform.owner = owner || get_owner
create_subject @platform create_subject @platform
end end
@ -48,7 +48,6 @@ class Api::V1::PlatformsController < Api::V1::BaseController
def members def members
@members = @platform.members.order('name').paginate(paginate_params) @members = @platform.members.order('name').paginate(paginate_params)
respond_to :json
end end
def add_member def add_member
@ -79,4 +78,11 @@ class Api::V1::PlatformsController < Api::V1::BaseController
destroy_subject @platform destroy_subject @platform
end end
private
# Private: before_action hook which loads Platform.
def load_platform
authorize @platform = Platform.find(params[:id])
end
end end

View File

@ -1,22 +1,23 @@
class Api::V1::ProductBuildListsController < Api::V1::BaseController class Api::V1::ProductBuildListsController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :product, only: :index before_action :load_product, only: :index
load_and_authorize_resource before_action :load_product_build_list, except: [:index, :create]
def index def index
@product_build_lists = if @product @product_build_lists =
if @product
@product.product_build_lists @product.product_build_lists
else else
ProductBuildList.accessible_by current_ability, :read PlatformPolicy::Scope.new(current_user, ProductBuildList.joins(product: :platform)).show
end end
@product_build_lists = @product_build_lists.joins(:product, :project, :arch) @product_build_lists = @product_build_lists.joins(:product, :project, :arch)
@product_build_lists = @product_build_lists.recent.paginate(paginate_params) @product_build_lists = @product_build_lists.recent.paginate(paginate_params)
respond_to :json
end end
def create def create
@product_build_list = ProductBuildList.new(params[:product_build_list])
@product_build_list.project ||= @product_build_list.try(:product).try(:project) @product_build_list.project ||= @product_build_list.try(:product).try(:project)
@product_build_list.main_script ||= @product_build_list.try(:product).try(:main_script) @product_build_list.main_script ||= @product_build_list.try(:product).try(:main_script)
@product_build_list.params ||= @product_build_list.try(:product).try(:params) @product_build_list.params ||= @product_build_list.try(:product).try(:params)
@ -25,7 +26,6 @@ class Api::V1::ProductBuildListsController < Api::V1::BaseController
end end
def show def show
respond_to :json
end end
def update def update
@ -44,4 +44,16 @@ class Api::V1::ProductBuildListsController < Api::V1::BaseController
render_validation_error @product_build_list, t("layout.product_build_lists.cancel_fail") render_validation_error @product_build_list, t("layout.product_build_lists.cancel_fail")
end end
end end
private
# Private: before_action hook which loads ProductBuildList.
def load_product_build_list
authorize @product_build_list = ProductBuildList.find(params[:id])
end
# Private: before_action hook which loads Product.
def load_product
authorize @product = Product.find(params[:product_id]), :show? if params[:product_id]
end
end end

View File

@ -1,11 +1,11 @@
class Api::V1::ProductsController < Api::V1::BaseController class Api::V1::ProductsController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource before_action :load_product, except: :create
def create def create
create_subject @product create_subject @product = Product.new(params[:product])
end end
def update def update
@ -13,10 +13,17 @@ class Api::V1::ProductsController < Api::V1::BaseController
end end
def show def show
respond_to :json
end end
def destroy def destroy
destroy_subject @product destroy_subject @product
end end
private
# Private: before_action hook which loads Product.
def load_product
authorize @product = Product.find(params[:id])
end
end end

View File

@ -1,32 +1,25 @@
class Api::V1::ProjectsController < Api::V1::BaseController class Api::V1::ProjectsController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:get_id, :show, :refs_list] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:get_id, :show, :refs_list] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :project before_action :load_project, except: [:index, :create, :get_id]
def index def index
@projects = Project.accessible_by(current_ability, :membered) authorize :project
.paginate(paginate_params) @projects = ProjectPolicy::Scope.new(current_user, Project).
respond_to :json membered.paginate(paginate_params)
end end
def get_id def get_id
if @project = Project.find_by_owner_and_name(params[:owner], params[:name]) authorize @project = Project.find_by_owner_and_name!(params[:owner], params[:name])
authorize! :show, @project
else
raise ActiveRecord::RecordNotFound
end
respond_to :json
end end
def show def show
respond_to :json
end end
def refs_list def refs_list
@refs = @project.repo.branches + @project.repo.tags.select{ |t| t.commit } @refs = @project.repo.branches + @project.repo.tags.select{ |t| t.commit }
respond_to :json
end end
def update def update
@ -38,21 +31,20 @@ class Api::V1::ProjectsController < Api::V1::BaseController
end end
def create def create
@project = Project.new(params[:project])
p_params = params[:project] || {} p_params = params[:project] || {}
owner_type = p_params[:owner_type] owner_type = %w(User Group).find{ |t| t == p_params[:owner_type] }
if owner_type.present? && %w(User Group).include?(owner_type) if owner_type.present?
@project.owner = owner_type.constantize. @project.owner = owner_type.constantize.find_by(id: p_params[:owner_id])
where(id: p_params[:owner_id]).first
else else
@project.owner = nil @project.owner = nil
end end
authorize! :write, @project.owner if @project.owner != current_user authorize @project
create_subject @project create_subject @project
end end
def members def members
@members = @project.collaborators.order('uname').paginate(paginate_params) @members = @project.collaborators.order('uname').paginate(paginate_params)
respond_to :json
end end
def add_member def add_member
@ -69,7 +61,9 @@ class Api::V1::ProjectsController < Api::V1::BaseController
def fork(is_alias = false) def fork(is_alias = false)
owner = (Group.find params[:group_id] if params[:group_id].present?) || current_user owner = (Group.find params[:group_id] if params[:group_id].present?) || current_user
authorize! :write, owner if owner.class == Group authorize @project, :show?
authorize owner, :write? if owner.is_a?(Group)
if forked = @project.fork(owner, new_name: params[:fork_name], is_alias: is_alias) and forked.valid? if forked = @project.fork(owner, new_name: params[:fork_name], is_alias: is_alias) and forked.valid?
render_json_response forked, 'Project has been forked successfully' render_json_response forked, 'Project has been forked successfully'
else else
@ -78,6 +72,14 @@ class Api::V1::ProjectsController < Api::V1::BaseController
end end
def alias def alias
authorize @project
fork(true) fork(true)
end end
private
# Private: before_action hook which loads Project.
def load_project
authorize @project = Project.find(params[:id])
end
end end

View File

@ -1,13 +1,13 @@
class Api::V1::PullRequestsController < Api::V1::BaseController class Api::V1::PullRequestsController < Api::V1::BaseController
respond_to :json include Api::V1::Issueable
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:show, :index, :group_index, :commits, :files] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: %i(show index group_index commits files) if APP_CONFIG['anonymous_access']
load_resource :group, only: :group_index, find_by: :id, parent: false before_action :load_group, only: %i(group_index)
load_resource :project before_action :load_project, except: %i(all_index user_index)
load_resource :issue, through: :project, find_by: :serial_id, parent: false, only: [:show, :index, :commits, :files, :merge, :update] before_action :load_issue, only: %i(show index commits files merge update)
load_and_authorize_resource instance_name: :pull, through: :issue, singleton: true, only: [:show, :index, :commits, :files, :merge, :update] before_action :load_pull, only: %i(show index commits files merge update)
def index def index
@pulls = @project.pull_requests @pulls = @project.pull_requests
@ -16,13 +16,15 @@ class Api::V1::PullRequestsController < Api::V1::BaseController
end end
def all_index def all_index
project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered).pluck(:id) authorize :pull_request, :index?
project_ids = get_all_project_ids membered_projects.pluck(:id)
@pulls = PullRequest.where('pull_requests.to_project_id IN (?)', project_ids) @pulls = PullRequest.where('pull_requests.to_project_id IN (?)', project_ids)
@pulls_url = api_v1_pull_requests_path format: :json @pulls_url = api_v1_pull_requests_path format: :json
render_pulls_list render_pulls_list
end end
def user_index def user_index
authorize :pull_request, :index?
project_ids = get_all_project_ids current_user.projects.pluck(:id) project_ids = get_all_project_ids current_user.projects.pluck(:id)
@pulls = PullRequest.where('pull_requests.to_project_id IN (?)', project_ids) @pulls = PullRequest.where('pull_requests.to_project_id IN (?)', project_ids)
@pulls_url = pull_requests_api_v1_user_path format: :json @pulls_url = pull_requests_api_v1_user_path format: :json
@ -31,31 +33,31 @@ class Api::V1::PullRequestsController < Api::V1::BaseController
def group_index def group_index
project_ids = @group.projects.pluck(:id) project_ids = @group.projects.pluck(:id)
project_ids = Project.accessible_by(current_ability, :membered).where(id: project_ids).pluck(:id) project_ids = membered_projects.where(id: project_ids).pluck(:id)
@pulls = PullRequest.where(to_project_id: project_ids) @pulls = PullRequest.where(to_project_id: project_ids)
@pulls_url = pull_requests_api_v1_group_path @pulls_url = pull_requests_api_v1_group_path
render_pulls_list render_pulls_list
end end
def show def show
redirect_to api_v1_project_issue_path(@project.id, @issue.serial_id) if @pull.nil? redirect_to api_v1_project_issue_path(@project.id, @issue.serial_id) and return if @pull.nil?
respond_to :json
end end
def create def create
from_project = Project.find(pull_params[:from_project_id]) if pull_params[:from_project_id].present? from_project = Project.find_by(id: pull_params[:from_project_id])
from_project ||= @project from_project ||= @project
authorize! :read, from_project authorize from_project, :show?
@pull = @project.pull_requests.new @pull = @project.pull_requests.build
@pull.build_issue title: pull_params[:title], body: pull_params[:body] @pull.build_issue title: pull_params[:title], body: pull_params[:body]
@pull.from_project = from_project @pull.from_project = from_project
@pull.to_ref, @pull.from_ref = pull_params[:to_ref], pull_params[:from_ref] @pull.to_ref, @pull.from_ref = pull_params[:to_ref], pull_params[:from_ref]
@pull.issue.assignee_id = pull_params[:assignee_id] if can?(:write, @project) @pull.issue.assignee_id = pull_params[:assignee_id] if policy(@project).write?
@pull.issue.user, @pull.issue.project = current_user, @project @pull.issue.user, @pull.issue.project = current_user, @project
@pull.issue.new_pull_request = true @pull.issue.new_pull_request = true
render_validation_error(@pull, "#{@pull.class.name} has not been created") && return unless @pull.valid? render_validation_error(@pull, "#{@pull.class.name} has not been created") && return unless @pull.valid?
authorize @pull
@pull.save # set pull id @pull.save # set pull id
@pull.reload @pull.reload
@pull.check(false) # don't make event transaction @pull.check(false) # don't make event transaction
@ -71,13 +73,13 @@ class Api::V1::PullRequestsController < Api::V1::BaseController
def update def update
@pull = @project.pull_requests.includes(:issue).where(issues: {serial_id: params[:id]}).first @pull = @project.pull_requests.includes(:issue).where(issues: {serial_id: params[:id]}).first
authorize! :update, @pull authorize @pull
if pull_params.present? if pull_params.present?
attrs = pull_params.slice(:title, :body) attrs = pull_params.slice(:title, :body)
attrs.merge!(assignee_id: pull_params[:assignee_id]) if can?(:write, @project) attrs.merge!(assignee_id: pull_params[:assignee_id]) if policy(@project).write?
if (action = pull_params[:status]) && %w(close reopen).include?(pull_params[:status]) if action = %w(close reopen).find{ |s| s == pull_params[:status] }
if @pull.send("can_#{action}?") if @pull.send("can_#{action}?")
@pull.set_user_and_time current_user @pull.set_user_and_time current_user
need_check = true if action == 'reopen' && @pull.valid? need_check = true if action == 'reopen' && @pull.valid?
@ -96,16 +98,17 @@ class Api::V1::PullRequestsController < Api::V1::BaseController
end end
def commits def commits
authorize @pull
@commits = @pull.repo.commits_between(@pull.to_commit, @pull.from_commit).paginate(paginate_params) @commits = @pull.repo.commits_between(@pull.to_commit, @pull.from_commit).paginate(paginate_params)
respond_to :json
end end
def files def files
authorize @pull
@stats = @pull.diff_stats.zip(@pull.diff).paginate(paginate_params) @stats = @pull.diff_stats.zip(@pull.diff).paginate(paginate_params)
respond_to :json
end end
def merge def merge
authorize @pull
class_name = @pull.class.name class_name = @pull.class.name
if @pull.merge!(current_user) if @pull.merge!(current_user)
render_json_response @pull, "#{class_name} has been merged successfully" render_json_response @pull, "#{class_name} has been merged successfully"
@ -116,6 +119,12 @@ class Api::V1::PullRequestsController < Api::V1::BaseController
private private
# Private: before_action hook which loads PullRequest.
def load_pull
@pull = @issue.pull_request
authorize @pull, :show? if @pull
end
def render_pulls_list def render_pulls_list
@pulls = @pulls.includes(issue: [:user, :assignee]) @pulls = @pulls.includes(issue: [:user, :assignee])
if params[:status] == 'closed' if params[:status] == 'closed'
@ -154,21 +163,8 @@ class Api::V1::PullRequestsController < Api::V1::BaseController
@pulls = @pulls.where('issues.created_at >= to_timestamp(?)', params[:since]) if params[:since] =~ /\A\d+\z/ @pulls = @pulls.where('issues.created_at >= to_timestamp(?)', params[:since]) if params[:since] =~ /\A\d+\z/
@pulls = @pulls.paginate(paginate_params) @pulls = @pulls.paginate(paginate_params)
respond_to do |format| render :index
format.json { render :index }
end end
end
def get_all_project_ids default_project_ids
project_ids = []
if ['created', 'all'].include? params[:filter]
# add own pulls
project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
where(issues: {user_id: current_user.id}).pluck('projects.id')
end
project_ids |= default_project_ids
end
def pull_params def pull_params
@pull_params ||= params[:pull_request] || {} @pull_params ||= params[:pull_request] || {}

View File

@ -1,18 +1,15 @@
class Api::V1::RepositoriesController < Api::V1::BaseController class Api::V1::RepositoriesController < Api::V1::BaseController
respond_to :csv, only: :packages respond_to :csv, only: :packages
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:show, :projects] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:show, :projects] if APP_CONFIG['anonymous_access']
before_action :load_repository
load_and_authorize_resource :repository, through: :platform, shallow: true
def show def show
respond_to :json
end end
def projects def projects
@projects = @repository.projects.recent.paginate(paginate_params) @projects = @repository.projects.recent.paginate(paginate_params)
respond_to :json
end end
def update def update
@ -32,7 +29,6 @@ class Api::V1::RepositoriesController < Api::V1::BaseController
end end
def key_pair def key_pair
respond_to :json
end end
# Only one request per 15 minutes for each platform # Only one request per 15 minutes for each platform
@ -40,7 +36,7 @@ class Api::V1::RepositoriesController < Api::V1::BaseController
key, now = [@repository.platform.id, :repository_packages], Time.zone.now key, now = [@repository.platform.id, :repository_packages], Time.zone.now
last_request = Rails.cache.read(key) last_request = Rails.cache.read(key)
if last_request.present? && last_request + 15.minutes > now if last_request.present? && last_request + 15.minutes > now
raise CanCan::AccessDenied raise Pundit::NotAuthorizedError
else else
Rails.cache.write(key, now, expires_at: 15.minutes) Rails.cache.write(key, now, expires_at: 15.minutes)
@ -77,7 +73,7 @@ class Api::V1::RepositoriesController < Api::V1::BaseController
def add_project def add_project
if project = Project.where(id: params[:project_id]).first if project = Project.where(id: params[:project_id]).first
if can?(:read, project) if policy(project).read?
begin begin
@repository.projects << project @repository.projects << project
render_json_response @repository, "Project '#{project.id}' has been added to repository successfully" render_json_response @repository, "Project '#{project.id}' has been added to repository successfully"
@ -110,4 +106,11 @@ class Api::V1::RepositoriesController < Api::V1::BaseController
end end
end end
private
# Private: before_action hook which loads Repository.
def load_repository
authorize @repository = Repository.find(params[:id])
end
end end

View File

@ -1,14 +1,12 @@
class Api::V1::SearchController < Api::V1::BaseController class Api::V1::SearchController < Api::V1::BaseController
before_filter :authenticate_user! unless APP_CONFIG['anonymous_access']
def index def index
search = Search.new(params[:query], current_ability, paginate_params) authorize :search
search = Search.new(params[:query], current_user, paginate_params)
types = Search::TYPES.find{ |t| t == params[:type] } || Search::TYPES types = Search::TYPES.find{ |t| t == params[:type] } || Search::TYPES
@results = {} @results = {}
[types].flatten.each do |type| [types].flatten.each do |type|
@results[type] = search.send(type) @results[type] = search.send(type)
end end
respond_to :json
end end
end end

View File

@ -1,19 +1,16 @@
class Api::V1::UsersController < Api::V1::BaseController class Api::V1::UsersController < Api::V1::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :user, only: :show before_action :load_user, only: %i(show)
before_filter :set_current_user, except: :show before_action :set_current_user, except: :show
def show def show
@user = User.opened.find params[:id] # dont show system users @user = User.opened.find params[:id] # dont show system users
respond_to :json
end end
def show_current_user def show_current_user
respond_to do |format| render :show
format.json { render :show }
end
end end
def update def update
@ -37,15 +34,18 @@ class Api::V1::UsersController < Api::V1::BaseController
else else
render_json_response @user, error_message(@user.notifier, 'User notification settings have not been updated'), 422 render_json_response @user, error_message(@user.notifier, 'User notification settings have not been updated'), 422
end end
else
respond_to :json
end end
end end
protected protected
def set_current_user def set_current_user
@user = current_user authorize @user = current_user
end
# Private: before_action hook which loads User.
def load_user
authorize @user = User.find(params[:id])
end end
end end

View File

@ -1,4 +1,7 @@
class ApplicationController < ActionController::Base class ApplicationController < ActionController::Base
include StrongParams
include Pundit
AIRBRAKE_IGNORE = [ AIRBRAKE_IGNORE = [
ActionController::InvalidAuthenticityToken, ActionController::InvalidAuthenticityToken,
AbstractController::ActionNotFound AbstractController::ActionNotFound
@ -9,12 +12,15 @@ class ApplicationController < ActionController::Base
layout :layout_by_resource layout :layout_by_resource
# Hack to prevent token auth on all pages except atom feed: # Hack to prevent token auth on all pages except atom feed:
prepend_before_filter -> { redirect_to(new_user_session_path) if params[:token] && params[:token].is_a?(String) && params[:format] != 'atom'} prepend_before_action -> { redirect_to(new_user_session_path) if params[:token] && params[:token].is_a?(String) && params[:format] != 'atom'}
before_filter :set_locale before_action :set_locale
before_filter -> { EventLog.current_controller = self }, before_action -> { EventLog.current_controller = self },
only: [:create, :destroy, :open_id, :cancel, :publish, :change_visibility] # :update only: [:create, :destroy, :open_id, :cancel, :publish, :change_visibility] # :update
after_filter -> { EventLog.current_controller = nil } before_action :banned?
after_action -> { EventLog.current_controller = nil }
after_action :verify_authorized, unless: :devise_controller?
skip_after_action :verify_authorized, only: %i(render_500 render_404)
helper_method :get_owner helper_method :get_owner
@ -27,7 +33,7 @@ class ApplicationController < ActionController::Base
AbstractController::ActionNotFound, with: :render_404 AbstractController::ActionNotFound, with: :render_404
end end
rescue_from CanCan::AccessDenied do |exception| rescue_from Pundit::NotAuthorizedError do |exception|
redirect_to forbidden_url, alert: t("flash.exception_message") redirect_to forbidden_url, alert: t("flash.exception_message")
end end
@ -40,6 +46,15 @@ class ApplicationController < ActionController::Base
protected protected
# Disables access to site for banned users
def banned?
if user_signed_in? && current_user.access_locked?
sign_out current_user
flash[:error] = I18n.t('devise.failure.locked')
redirect_to root_path
end
end
# For this example, we are simply using token authentication # For this example, we are simply using token authentication
# via parameters. However, anyone could use Rails's token # via parameters. However, anyone could use Rails's token
# authentication features to get the token from a header. # authentication features to get the token from a header.
@ -75,6 +90,8 @@ class ApplicationController < ActionController::Base
if Rails.env.production? && !AIRBRAKE_IGNORE.include?(e.class) if Rails.env.production? && !AIRBRAKE_IGNORE.include?(e.class)
notify_airbrake(e) notify_airbrake(e)
end end
Rails.logger.error e.message
Rails.logger.error e.backtrace.inspect
render_error 500 render_error 500
end end

View File

@ -1,5 +1,6 @@
class AutocompletesController < ApplicationController class AutocompletesController < ApplicationController
before_filter :authenticate_user! before_action :authenticate_user!
skip_after_action :verify_authorized
def autocomplete_user_uname def autocomplete_user_uname
results = User.opened.search(params[:query]).search_order.limit(5) results = User.opened.search(params[:query]).search_order.limit(5)
@ -13,7 +14,8 @@ class AutocompletesController < ApplicationController
end end
def autocomplete_extra_build_list def autocomplete_extra_build_list
bl = BuildList.for_extra_build_lists(params[:term], current_ability, save_to_platform).first bl = BuildListPolicy::Scope.new(current_user, BuildList).read.
for_extra_build_lists(params[:term], save_to_platform).first
results << { :id => bl.id, results << { :id => bl.id,
:value => bl.id, :value => bl.id,
:label => "#{bl.id} (#{bl.project.name} - #{bl.arch.name})", :label => "#{bl.id} (#{bl.project.name} - #{bl.arch.name})",
@ -29,16 +31,16 @@ class AutocompletesController < ApplicationController
value: mb.id, value: mb.id,
label: "#{mb.id} - #{mb.name}", label: "#{mb.id} - #{mb.name}",
path: platform_mass_build_path(mb.save_to_platform, mb) path: platform_mass_build_path(mb.save_to_platform, mb)
} if mb && can?(:show, mb) } if mb && policy(mb).show?
render json: results.to_json render json: results.to_json
end end
def autocomplete_extra_repositories def autocomplete_extra_repositories
# Only personal and build for platform repositories can be attached to the build # Only personal and build for platform repositories can be attached to the build
Platform.includes(:repositories).search(params[:term]).search_order platforms = PlatformPolicy::Scope.new(current_user, Platform).show.
.accessible_by(current_ability, :read).limit(5) includes(:repositories).search(params[:term]).search_order.limit(5).
.where("platforms.platform_type = 'personal' OR platforms.id = ?", where("platforms.platform_type = 'personal' OR platforms.id = ?", params[:build_for_platform_id])
params[:build_for_platform_id].to_i).each do |platform| platforms.each do |platform|
platform.repositories.each do |repository| platform.repositories.each do |repository|
results << results <<
{ {
@ -56,7 +58,7 @@ class AutocompletesController < ApplicationController
protected protected
def save_to_platform def save_to_platform
@save_to_platform ||= Platform.find(params[:platform_id]) @save_to_platform ||= Platform.find_cached(params[:platform_id])
end end
def results def results

View File

@ -0,0 +1,45 @@
module Api
module V1
module Issueable
extend ActiveSupport::Concern
protected
# Private: before_action hook which loads Group.
def load_group
authorize @group = Group.find(params[:id]), :show?
end
# Private: before_action hook which loads Project.
def load_project
authorize @project = Project.find(params[:project_id]), :show?
end
# Private: before_action hook which loads Issue.
def load_issue
authorize @issue = @project.issues.find_by!(serial_id: params[:id]), :show?
end
# Private: Get membered projects.
#
# Returns the ActiveRecord::Relation instance.
def membered_projects
@membered_projects ||= ProjectPolicy::Scope.new(current_user, Project).membered
end
# Private: Get project ids which available for current user.
#
# Returns the Array of project ids.
def get_all_project_ids(default_project_ids)
project_ids = []
if %w(created all).include? params[:filter]
# add own issues
project_ids = Project.opened.joins(:issues).
where(issues: {user_id: current_user.id}).
pluck('projects.id')
end
project_ids | default_project_ids
end
end
end
end

View File

@ -0,0 +1,9 @@
module StrongParams
extend ActiveSupport::Concern
protected
def permit_params(param_name, *accessible)
(params[param_name] || ActionController::Parameters.new).permit(*accessible.flatten)
end
end

View File

@ -1,4 +1,5 @@
class ContactsController < ApplicationController class ContactsController < ApplicationController
skip_after_action :verify_authorized
def new def new
@form = Feedback.new(current_user) @form = Feedback.new(current_user)

View File

@ -1,9 +1,10 @@
class Groups::BaseController < ApplicationController class Groups::BaseController < ApplicationController
before_filter :authenticate_user! before_action :authenticate_user!
before_filter :find_group before_action :find_group
protected protected
# Private: before_action hook which loads Group.
def find_group def find_group
if group_id = params[:uname] || params[:group_id] || params[:id] if group_id = params[:uname] || params[:group_id] || params[:id]
@group = Group.find_by_insensitive_uname! group_id @group = Group.find_by_insensitive_uname! group_id

View File

@ -1,12 +1,12 @@
class Groups::MembersController < Groups::BaseController class Groups::MembersController < Groups::BaseController
before_filter -> { authorize! :manage_members, @group } before_action -> { authorize @group, :manage_members? }
def index def index
@members = @group.members.order(:uname) - [@group.owner] @members = @group.members.order(:uname) - [@group.owner]
end end
def update def update
raise CanCan::AccessDenied if @group.owner_id.to_s == params[:member_id] raise Pundit::NotAuthorizedError if @group.owner_id.to_s == params[:member_id]
relation = @group.actors.where(actor_id: params[:member_id], actor_type: 'User').first relation = @group.actors.where(actor_id: params[:member_id], actor_type: 'User').first
relation ||= @group.actors.build(actor_id: params[:member_id], actor_type: 'User') relation ||= @group.actors.build(actor_id: params[:member_id], actor_type: 'User')
@ -25,7 +25,7 @@ class Groups::MembersController < Groups::BaseController
end end
def add def add
@user = User.where(id: params[:member_id]).first @user = User.find_by(id: params[:member_id])
if !@user if !@user
flash[:error] = t("flash.collaborators.wrong_user", uname: params[:user_uname]) flash[:error] = t("flash.collaborators.wrong_user", uname: params[:user_uname])
elsif @group.add_member(@user, params[:role]) elsif @group.add_member(@user, params[:role])

View File

@ -2,15 +2,16 @@ class Groups::ProfileController < Groups::BaseController
include AvatarHelper include AvatarHelper
include PaginateHelper include PaginateHelper
load_and_authorize_resource class: Group, instance_name: 'group' skip_before_action :authenticate_user!, only: :show if APP_CONFIG['anonymous_access']
skip_before_filter :authenticate_user!, only: :show if APP_CONFIG['anonymous_access']
def index def index
authorize :group
@groups = current_user.groups.paginate(page: params[:group_page]) # accessible_by(current_ability) @groups = current_user.groups.paginate(page: params[:group_page]) # accessible_by(current_ability)
@groups = @groups.search(params[:query]) if params[:query].present? @groups = @groups.search(params[:query]) if params[:query].present?
end end
def show def show
authorize @group
respond_to do |format| respond_to do |format|
format.html do format.html do
@members = @group.members.order(:uname) @members = @group.members.order(:uname)
@ -21,9 +22,10 @@ class Groups::ProfileController < Groups::BaseController
when 'open' when 'open'
@projects = @projects.opened @projects = @projects.opened
when 'hidden' when 'hidden'
@projects = @projects.by_visibilities('hidden').accessible_by(current_ability, :read) @projects = @projects.by_visibilities('hidden')
@projects = @projects.none unless policy(@group).reader?
else else
@projects = @projects.accessible_by(current_ability, :read) @projects = @projects.opened unless policy(@group).reader?
end end
@total_items = @projects.count @total_items = @projects.count
@projects = @projects.paginate(paginate_params) @projects = @projects.paginate(paginate_params)
@ -33,13 +35,15 @@ class Groups::ProfileController < Groups::BaseController
end end
def new def new
authorize @group = current_user.own_groups.build
end end
def edit def edit
authorize @group
end end
def create def create
@group = current_user.own_groups.new params[:group] authorize @group = current_user.own_groups.build(params[:group])
if @group.save if @group.save
flash[:notice] = t('flash.group.saved') flash[:notice] = t('flash.group.saved')
redirect_to group_path(@group) redirect_to group_path(@group)
@ -51,6 +55,7 @@ class Groups::ProfileController < Groups::BaseController
end end
def update def update
authorize @group
if @group.update_attributes(params[:group]) if @group.update_attributes(params[:group])
update_avatar(@group, params) update_avatar(@group, params)
flash[:notice] = t('flash.group.saved') flash[:notice] = t('flash.group.saved')
@ -62,12 +67,14 @@ class Groups::ProfileController < Groups::BaseController
end end
def destroy def destroy
authorize @group
@group.destroy @group.destroy
flash[:notice] = t("flash.group.destroyed") flash[:notice] = t("flash.group.destroyed")
redirect_to groups_path redirect_to groups_path
end end
def remove_user def remove_user
authorize @group
Relation.by_actor(current_user).by_target(@group).destroy_all Relation.by_actor(current_user).by_target(@group).destroy_all
redirect_to groups_path redirect_to groups_path
end end

View File

@ -1,8 +1,11 @@
class HomeController < ApplicationController class HomeController < ApplicationController
before_filter :authenticate_user!, only: [:activity, :issues, :pull_requests] before_action :authenticate_user!, only: [:activity, :issues, :pull_requests]
skip_after_action :verify_authorized
def root def root
render 'pages/tour/abf-tour-project-description-1' respond_to do |format|
format.html { render 'pages/tour/abf-tour-project-description-1' }
end
end end
def activity def activity
@ -23,7 +26,7 @@ class HomeController < ApplicationController
def issues def issues
@created_issues = current_user.issues @created_issues = current_user.issues
@assigned_issues = Issue.where(assignee_id: current_user.id) @assigned_issues = Issue.where(assignee_id: current_user.id)
pr_ids = Project.accessible_by(current_ability, :membered).uniq.pluck(:id) pr_ids = ProjectPolicy::Scope.new(current_user, Project).membered.uniq.pluck(:id)
@all_issues = Issue.where(project_id: pr_ids) @all_issues = Issue.where(project_id: pr_ids)
@created_issues, @assigned_issues, @all_issues = @created_issues, @assigned_issues, @all_issues =
if action_name == 'issues' if action_name == 'issues'

View File

@ -1,4 +1,5 @@
class PagesController < ApplicationController class PagesController < ApplicationController
skip_after_action :verify_authorized
def tour_inside def tour_inside
@entries = case params[:id] @entries = case params[:id]

View File

@ -1,2 +1,11 @@
class Platforms::BaseController < ApplicationController class Platforms::BaseController < ApplicationController
before_action :load_platform
protected
def load_platform
return unless params[:platform_id]
authorize @platform = Platform.find_cached(params[:platform_id]), :show?
end
end end

View File

@ -1,10 +1,8 @@
class Platforms::ContentsController < Platforms::BaseController class Platforms::ContentsController < Platforms::BaseController
include PaginateHelper include PaginateHelper
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: :index if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: :index if APP_CONFIG['anonymous_access']
load_and_authorize_resource :platform
def index def index
respond_to do |format| respond_to do |format|
@ -22,7 +20,7 @@ class Platforms::ContentsController < Platforms::BaseController
end end
def remove_file def remove_file
authorize!(:remove_file, @platform) authorize @platform
PlatformContent.remove_file(@platform, params[:path]) PlatformContent.remove_file(@platform, params[:path])
render nothing: true render nothing: true
end end

View File

@ -1,16 +1,14 @@
class Platforms::KeyPairsController < Platforms::BaseController class Platforms::KeyPairsController < Platforms::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
load_and_authorize_resource :platform
load_and_authorize_resource only: [:create, :destroy]
def index def index
@key_pair = KeyPair.new @key_pair = KeyPair.new
end end
def create def create
@key_pair = KeyPair.new params[:key_pair]
@key_pair.user_id = current_user.id @key_pair.user_id = current_user.id
authorize @key_pair
if @key_pair.save if @key_pair.save
flash[:notice] = t('flash.key_pairs.saved') flash[:notice] = t('flash.key_pairs.saved')
redirect_to platform_key_pairs_path(@key_pair.repository.platform) and return redirect_to platform_key_pairs_path(@key_pair.repository.platform) and return
@ -21,6 +19,7 @@ class Platforms::KeyPairsController < Platforms::BaseController
end end
def destroy def destroy
authorize @key_pair = @platform.key_pairs.find(params[:id])
if @key_pair.destroy if @key_pair.destroy
flash[:notice] = t('flash.key_pairs.destroyed') flash[:notice] = t('flash.key_pairs.destroyed')
else else

View File

@ -1,7 +1,6 @@
class Platforms::MaintainersController < ApplicationController class Platforms::MaintainersController < Platforms::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :platform
def index def index
@maintainer = BuildList::Package.new(params[:build_list_package]) @maintainer = BuildList::Package.new(params[:build_list_package])

View File

@ -1,31 +1,33 @@
class Platforms::MassBuildsController < Platforms::BaseController class Platforms::MassBuildsController < Platforms::BaseController
include DatatableHelper include DatatableHelper
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :get_list] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index, :get_list] if APP_CONFIG['anonymous_access']
load_resource :platform
load_and_authorize_resource :through => :platform, :shallow => true
before_action :find_mass_build, only: %i(show publish cancel get_list)
def new def new
if params[:mass_build_id].present? if params[:mass_build_id].present?
@mass_build = @platform.mass_builds.find(params[:mass_build_id]).dup @mass_build = @platform.mass_builds.find(params[:mass_build_id]).dup
@mass_build.arches = Arch.where(name: @mass_build.arch_names.split(', ')).pluck(:id) @mass_build.arches = Arch.where(name: @mass_build.arch_names.split(', ')).pluck(:id)
end end
authorize @mass_build ||= @platform.mass_builds.build
@mass_build.arches ||= @platform.platform_arch_settings.by_default.pluck(:arch_id) @mass_build.arches ||= @platform.platform_arch_settings.by_default.pluck(:arch_id)
@mass_build.repositories ||= [] @mass_build.repositories ||= []
@mass_build.arches.map!(&:to_s) @mass_build.arches.map!(&:to_s)
end end
def show def show
authorize @platform.mass_builds.find(params[:id])
end end
def create def create
@mass_build = @platform.mass_builds.build(params[:mass_build])
@mass_build.user = current_user @mass_build.user = current_user
@mass_build.arches = params[:arches] || [] @mass_build.arches = params[:arches] || []
@mass_build.repositories ||= params[:repositories] || [] @mass_build.repositories ||= params[:repositories] || []
authorize @mass_build
if @mass_build.save if @mass_build.save
redirect_to(platform_mass_builds_path(@platform), notice: t("flash.platform.build_all_success")) redirect_to(platform_mass_builds_path(@platform), notice: t("flash.platform.build_all_success"))
else else
@ -57,7 +59,6 @@ class Platforms::MassBuildsController < Platforms::BaseController
end end
def get_list def get_list
text = text =
case params[:kind] case params[:kind]
when 'failed_builds_list', 'tests_failed_builds_list', 'success_builds_list' when 'failed_builds_list', 'tests_failed_builds_list', 'success_builds_list'
@ -67,4 +68,11 @@ class Platforms::MassBuildsController < Platforms::BaseController
end end
render text: text render text: text
end end
private
# Private: before_action hook which loads MassBuild.
def find_mass_build
authorize @mass_build = @platform.mass_builds.find(params[:id])
end
end end

View File

@ -1,16 +1,16 @@
class Platforms::PlatformsController < Platforms::BaseController class Platforms::PlatformsController < Platforms::BaseController
include FileStoreHelper include FileStoreHelper
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:advisories, :members, :show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:advisories, :members, :show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource
def index def index
authorize :platform
respond_to do |format| respond_to do |format|
format.html {} format.html {}
format.json { format.json {
@platforms = @platforms.accessible_by(current_ability, :related) @platforms = PlatformPolicy::Scope.new(current_user, Platform).related
@platforms_count = @platforms.count @platforms_count = @platforms.count
@platforms = @platforms.paginate(page: current_page, per_page: Platform.per_page) @platforms = @platforms.paginate(page: current_page, per_page: Platform.per_page)
} }
@ -21,17 +21,19 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def new def new
authorize @platform = Platform.new
@admin_uname = current_user.uname @admin_uname = current_user.uname
@admin_id = current_user.id @admin_id = current_user.id
@platform = Platform.new
end end
def edit def edit
authorize @platform
@admin_id = @platform.owner.id @admin_id = @platform.owner.id
@admin_uname = @platform.owner.uname @admin_uname = @platform.owner.uname
end end
def create def create
authorize @platform = Platform.new(params[:platform])
@admin_id = params[:admin_id] @admin_id = params[:admin_id]
@admin_uname = params[:admin_uname] @admin_uname = params[:admin_uname]
# FIXME: do not allow manipulate owner model, only platforms onwer_id and onwer_type # FIXME: do not allow manipulate owner model, only platforms onwer_id and onwer_type
@ -47,6 +49,7 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def update def update
authorize @platform
@admin_id = params[:admin_id] @admin_id = params[:admin_id]
@admin_uname = params[:admin_uname] @admin_uname = params[:admin_uname]
@ -54,7 +57,6 @@ class Platforms::PlatformsController < Platforms::BaseController
platform_params = platform_params.slice(:description, :platform_arch_settings_attributes, :released, :automatic_metadata_regeneration, :default_branch) platform_params = platform_params.slice(:description, :platform_arch_settings_attributes, :released, :automatic_metadata_regeneration, :default_branch)
platform_params[:owner] = User.find(@admin_id) if @admin_id.present? platform_params[:owner] = User.find(@admin_id) if @admin_id.present?
respond_to do |format| respond_to do |format|
format.html do format.html do
if @platform.update_attributes(platform_params) if @platform.update_attributes(platform_params)
@ -76,6 +78,7 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def regenerate_metadata def regenerate_metadata
authorize @platform
if @platform.regenerate if @platform.regenerate
flash[:notice] = I18n.t('flash.platform.saved') flash[:notice] = I18n.t('flash.platform.saved')
else else
@ -85,6 +88,7 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def change_visibility def change_visibility
authorize @platform
if @platform.change_visibility if @platform.change_visibility
flash[:notice] = I18n.t("flash.platform.saved") flash[:notice] = I18n.t("flash.platform.saved")
redirect_to @platform redirect_to @platform
@ -96,12 +100,14 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def clone def clone
authorize @platform
@cloned = Platform.new @cloned = Platform.new
@cloned.name = @platform.name + "_clone" @cloned.name = @platform.name + "_clone"
@cloned.description = @platform.description + "_clone" @cloned.description = @platform.description + "_clone"
end end
def make_clone def make_clone
authorize @platform
@cloned = @platform.full_clone params[:platform].merge(owner: current_user) @cloned = @platform.full_clone params[:platform].merge(owner: current_user)
if @cloned.persisted? if @cloned.persisted?
flash[:notice] = I18n.t("flash.platform.clone_success") flash[:notice] = I18n.t("flash.platform.clone_success")
@ -113,16 +119,19 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def destroy def destroy
authorize @platform
@platform.destroy # later with resque @platform.destroy # later with resque
flash[:notice] = t("flash.platform.destroyed") flash[:notice] = t("flash.platform.destroyed")
redirect_to platforms_path redirect_to platforms_path
end end
def members def members
authorize @platform
@members = @platform.members.order(:uname) @members = @platform.members.order(:uname)
end end
def remove_members def remove_members
authorize @platform
User.where(id: params[:members]).each do |user| User.where(id: params[:members]).each do |user|
@platform.remove_member(user) @platform.remove_member(user)
end end
@ -130,7 +139,8 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def add_member def add_member
member = User.where(id: params[:member_id]).first authorize @platform
member = User.find_by(id: params[:member_id])
if !member if !member
flash[:error] = t("flash.collaborators.wrong_user", uname: params[:member_id]) flash[:error] = t("flash.collaborators.wrong_user", uname: params[:member_id])
elsif @platform.add_member(member) elsif @platform.add_member(member)
@ -142,13 +152,22 @@ class Platforms::PlatformsController < Platforms::BaseController
end end
def advisories def advisories
authorize @platform
@advisories = @platform.advisories.paginate(page: params[:page]) @advisories = @platform.advisories.paginate(page: params[:page])
end end
def clear def clear
authorize @platform
@platform.clear @platform.clear
flash[:notice] = t('flash.repository.clear') flash[:notice] = t('flash.repository.clear')
redirect_to edit_platform_path(@platform) redirect_to edit_platform_path(@platform)
end end
private
# Private: before_action hook which loads Platform.
def load_platform
authorize @platform = Platform.find_cached(params[:id]), :show? if params[:id]
end
end end

View File

@ -1,21 +1,20 @@
class Platforms::ProductBuildListsController < Platforms::BaseController class Platforms::ProductBuildListsController < Platforms::BaseController
include FileStoreHelper include FileStoreHelper
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :show, :log] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index, :show, :log] if APP_CONFIG['anonymous_access']
before_filter :redirect_to_full_path_if_short_url, only: [:show, :update] before_action :redirect_to_full_path_if_short_url, only: [:show, :update]
load_and_authorize_resource :platform, except: :index
load_and_authorize_resource :product, through: :platform, except: :index before_action :load_product, except: :index
load_and_authorize_resource :product_build_list, through: :product, except: :index before_action :load_product_build_list, except: [:index, :new, :create]
load_and_authorize_resource only: [:index, :show, :log, :cancel, :update]
def new def new
product = @product_build_list.product @product_build_list = @product.product_build_lists.new
@product_build_list.params = product.params @product_build_list.params = @product.params
@product_build_list.main_script = product.main_script @product_build_list.main_script = @product.main_script
@product_build_list.time_living = product.time_living @product_build_list.time_living = @product.time_living
@product_build_list.project_version = product.project_version @product_build_list.project_version = @product.project_version
@product_build_list.project = product.project @product_build_list.project = @product.project
unless @product_build_list.project unless @product_build_list.project
flash[:error] = t('flash.product_build_list.no_project') flash[:error] = t('flash.product_build_list.no_project')
redirect_to edit_platform_product_path(@platform, @product) redirect_to edit_platform_product_path(@platform, @product)
@ -53,6 +52,7 @@ class Platforms::ProductBuildListsController < Platforms::BaseController
pbl.user = current_user pbl.user = current_user
pbl.base_url = "http://#{request.host_with_port}" pbl.base_url = "http://#{request.host_with_port}"
authorize pbl
if pbl.save if pbl.save
flash[:notice] = t('flash.product.build_started') flash[:notice] = t('flash.product.build_started')
redirect_to [@platform, @product] redirect_to [@platform, @product]
@ -73,8 +73,11 @@ class Platforms::ProductBuildListsController < Platforms::BaseController
end end
def index def index
authorize :product_build_list
@product_build_list = ProductBuildList.new(params[:product_build_list]) @product_build_list = ProductBuildList.new(params[:product_build_list])
@product_build_list.status = nil if params[:product_build_list].blank? @product_build_list.status = nil if params[:product_build_list].try(:[], :status).blank?
@product_build_lists = @platform.product_build_lists if @platform
@product_build_lists ||= PlatformPolicy::Scope.new(current_user, ProductBuildList.joins(product: :platform)).show
if @product_build_list.product_id.present? if @product_build_list.product_id.present?
@product_build_lists = @product_build_lists.where(id: @product_build_list.product_id) @product_build_lists = @product_build_lists.where(id: @product_build_list.product_id)
else else
@ -84,7 +87,7 @@ class Platforms::ProductBuildListsController < Platforms::BaseController
end end
@product_build_lists = @product_build_lists. @product_build_lists = @product_build_lists.
includes(:project, product: :platform). includes(:project, product: :platform).
recent.paginate(page: params[:page]) recent.paginate(page: current_page)
@build_server_status = AbfWorkerStatusPresenter.new.products_status @build_server_status = AbfWorkerStatusPresenter.new.products_status
end end
@ -98,4 +101,14 @@ class Platforms::ProductBuildListsController < Platforms::BaseController
end end
end end
# Private: before_action hook which loads ProductBuildList.
def load_product_build_list
authorize @product_build_list = ProductBuildList.find(params[:id])
end
# Private: before_action hook which loads Product.
def load_product
authorize @product = Product.find(params[:product_id]), :show? if params[:product_id]
end
end end

View File

@ -1,25 +1,25 @@
class Platforms::ProductsController < Platforms::BaseController class Platforms::ProductsController < Platforms::BaseController
include GitHelper include GitHelper
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :platform before_action :load_product, except: %i(index new create autocomplete_project)
load_and_authorize_resource :product, through: :platform, except: :autocomplete_project
def index def index
@products = @products.paginate(page: params[:page]) authorize @platform.products.new
@products = @platform.products.paginate(page: params[:page])
end end
def new def new
@product = @platform.products.new authorize @product = @platform.products.new
end end
def edit def edit
end end
def create def create
authorize @product = @platform.products.build(params[:product])
if @product.save if @product.save
flash[:notice] = t('flash.product.saved') flash[:notice] = t('flash.product.saved')
redirect_to platform_product_path(@platform, @product) redirect_to platform_product_path(@platform, @product)
@ -53,9 +53,17 @@ class Platforms::ProductsController < Platforms::BaseController
end end
def autocomplete_project def autocomplete_project
@items = Project.accessible_by(current_ability, :membered) authorize :project
.by_owner_and_name(params[:query]).limit(20) @items = ProjectPolicy::Scope.new(current_user, Project).membered.
by_owner_and_name(params[:query]).limit(20)
#items.select! {|e| e.repo.branches.count > 0} #items.select! {|e| e.repo.branches.count > 0}
end end
private
# Private: before_action hook which loads Product.
def load_product
authorize @product = Product.find(params[:id])
end
end end

View File

@ -4,14 +4,15 @@ class Platforms::RepositoriesController < Platforms::BaseController
include RepositoriesHelper include RepositoriesHelper
include PaginateHelper include PaginateHelper
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :show, :projects_list] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index, :show, :projects_list] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :platform before_action :load_repository, except: [:index, :create, :new]
load_and_authorize_resource :repository, through: :platform, shallow: true before_action :set_members, only: [:edit, :update]
before_filter :set_members, only: [:edit, :update] before_action -> { @repository = @platform.repositories.find(params[:id]) if params[:id] }
def index def index
@repositories = @platform.repositories
@repositories = Repository.custom_sort(@repositories).paginate(page: current_page) @repositories = Repository.custom_sort(@repositories).paginate(page: current_page)
end end
@ -23,6 +24,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
end end
def update def update
authorize @repository = @platform.repositories.build(params[:repository])
if @repository.update_attributes params[:repository].slice(:description, :synchronizing_publications, :publish_builds_only_from_branch).merge(publish_without_qa: (params[:repository][:publish_without_qa] || @repository.publish_without_qa)) if @repository.update_attributes params[:repository].slice(:description, :synchronizing_publications, :publish_builds_only_from_branch).merge(publish_without_qa: (params[:repository][:publish_without_qa] || @repository.publish_without_qa))
flash[:notice] = I18n.t("flash.repository.updated") flash[:notice] = I18n.t("flash.repository.updated")
redirect_to platform_repository_path(@platform, @repository) redirect_to platform_repository_path(@platform, @repository)
@ -34,14 +36,14 @@ class Platforms::RepositoriesController < Platforms::BaseController
end end
def remove_members def remove_members
User.where(id: params[:members]).each do |user| User.where(id: params[:members]).find_each do |user|
@repository.remove_member(user) @repository.remove_member(user)
end end
redirect_to edit_platform_repository_path(@platform, @repository) redirect_to edit_platform_repository_path(@platform, @repository)
end end
def add_member def add_member
if member = User.where(id: params[:member_id]).first if member = User.find_by(id: params[:member_id])
if @repository.add_member(member) if @repository.add_member(member)
flash[:notice] = t('flash.repository.members.successfully_added', name: member.uname) flash[:notice] = t('flash.repository.members.successfully_added', name: member.uname)
else else
@ -52,11 +54,12 @@ class Platforms::RepositoriesController < Platforms::BaseController
end end
def new def new
@repository = Repository.new authorize @repository = @platform.repositories.new
@platform_id = params[:platform_id] @platform_id = params[:platform_id]
end end
def destroy def destroy
authorize @repository
@repository.destroy @repository.destroy
flash[:notice] = t("flash.repository.destroyed") flash[:notice] = t("flash.repository.destroyed")
@ -64,7 +67,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
end end
def create def create
@repository = @platform.repositories.build(params[:repository]) authorize @repository = @platform.repositories.build(params[:repository])
if @repository.save if @repository.save
flash[:notice] = t('flash.repository.saved') flash[:notice] = t('flash.repository.saved')
redirect_to platform_repository_path(@platform, @repository) redirect_to platform_repository_path(@platform, @repository)
@ -75,6 +78,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
end end
def add_project def add_project
authorize @repository
if projects_list = params.try(:[], :repository).try(:[], :projects_list) if projects_list = params.try(:[], :repository).try(:[], :projects_list)
@repository.add_projects projects_list, current_user @repository.add_projects projects_list, current_user
redirect_to platform_repository_path(@platform, @repository), notice: t('flash.repository.projects_will_be_added') redirect_to platform_repository_path(@platform, @repository), notice: t('flash.repository.projects_will_be_added')
@ -82,7 +86,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
end end
if params[:project_id].present? if params[:project_id].present?
@project = Project.find(params[:project_id]) @project = Project.find(params[:project_id])
if can?(:read, @project) if policy(@project).read?
begin begin
@repository.projects << @project @repository.projects << @project
flash[:notice] = t('flash.repository.project_added') flash[:notice] = t('flash.repository.project_added')
@ -140,12 +144,17 @@ class Platforms::RepositoriesController < Platforms::BaseController
end end
if params[:project_id].present? if params[:project_id].present?
ProjectToRepository.where(project_id: params[:project_id], repository_id: @repository.id).destroy_all ProjectToRepository.where(project_id: params[:project_id], repository_id: @repository.id).destroy_all
redirect_to platform_repository_path(@platform, @repository), notice: t('flash.repository.project_removed') message = t('flash.repository.project_removed')
respond_to do |format|
format.html {redirect_to platform_repository_path(@platform, @repository), notice: message}
format.json {render json: { message: message }}
end
end end
end end
def regenerate_metadata def regenerate_metadata
if @repository.regenerate(params[:build_for_platform_id]) authorize @repository
if @repository.regenerate(params[:repository].try :[], :build_for_platform_id)
flash[:notice] = t('flash.repository.regenerate_in_queue') flash[:notice] = t('flash.repository.regenerate_in_queue')
else else
flash[:error] = t('flash.repository.regenerate_already_in_queue') flash[:error] = t('flash.repository.regenerate_already_in_queue')
@ -166,6 +175,11 @@ class Platforms::RepositoriesController < Platforms::BaseController
protected protected
# Private: before_action hook which loads Repository.
def load_repository
authorize @repository = @platform.repositories.find(params[:id])
end
def set_members def set_members
@members = @repository.members.order('name') @members = @repository.members.order('name')
end end

View File

@ -1,11 +1,10 @@
class Platforms::TokensController < Platforms::BaseController class Platforms::TokensController < Platforms::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
load_resource :platform before_action :load_token, except: [:index, :create, :new]
load_and_authorize_resource :through => :platform, :shallow => true
def index def index
authorize! :local_admin_manage, @platform authorize @platform, :local_admin_manage?
@tokens = @platform.tokens.includes(:creator, :updater) @tokens = @platform.tokens.includes(:creator, :updater)
.paginate(per_page: 20, page: params[:page]) .paginate(per_page: 20, page: params[:page])
end end
@ -24,11 +23,13 @@ class Platforms::TokensController < Platforms::BaseController
end end
def new def new
authorize @token = @platform.tokens.new
end end
def create def create
@token = @platform.tokens.build params[:token] @token = @platform.tokens.build params[:token]
@token.creator = current_user @token.creator = current_user
authorize @token
if @token.save if @token.save
flash[:notice] = t('flash.tokens.saved') flash[:notice] = t('flash.tokens.saved')
redirect_to platform_tokens_path(@platform) redirect_to platform_tokens_path(@platform)
@ -39,4 +40,11 @@ class Platforms::TokensController < Platforms::BaseController
end end
end end
protected
# Private: before_action hook which loads Repository.
def load_token
authorize @token = @platform.tokens.find(params[:id])
end
end end

View File

@ -1,6 +1,6 @@
class Projects::BaseController < ApplicationController class Projects::BaseController < ApplicationController
prepend_before_filter :find_project prepend_before_action :authenticate_user_and_find_project
before_filter :init_statistics before_action :init_statistics
protected protected
@ -11,8 +11,10 @@ class Projects::BaseController < ApplicationController
@users = @users.sort_by(&:uname).first(10) @users = @users.sort_by(&:uname).first(10)
end end
def find_project def authenticate_user_and_find_project
@project = Project.find_by_owner_and_name! params[:name_with_owner] if params[:name_with_owner].present? authenticate_user
return if params[:name_with_owner].blank?
authorize @project = Project.find_by_owner_and_name!(params[:name_with_owner]), :show?
end end
def init_statistics def init_statistics

View File

@ -2,28 +2,23 @@ class Projects::BuildListsController < Projects::BaseController
include FileStoreHelper include FileStoreHelper
include BuildListsHelper include BuildListsHelper
NESTED_ACTIONS = [:index, :new, :create] NESTED_ACTIONS = [:index, :new, :create, :list]
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:show, :index, :log] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:show, :index, :log] if APP_CONFIG['anonymous_access']
before_filter :find_build_list, only: [:show, :publish, :cancel, :update, :log, :create_container, :dependent_projects] before_action :load_build_list, except: NESTED_ACTIONS
load_and_authorize_resource :project, only: [:new, :create] before_action :create_from_build_list, only: :new
load_resource :project, only: :index, parent: false
load_and_authorize_resource :build_list, through: :project, only: NESTED_ACTIONS, shallow: true
load_and_authorize_resource except: NESTED_ACTIONS
before_filter :create_from_build_list, only: :new
def index def index
authorize!(:show, @project) if @project authorize :build_list
params[:filter].each{|k,v| params[:filter].delete(k) if v.blank? } if params[:filter] params[:filter].each{|k,v| params[:filter].delete(k) if v.blank? } if params[:filter]
respond_to do |format| respond_to do |format|
format.html format.html
format.json do format.json do
@filter = BuildList::Filter.new(@project, current_user, current_ability, params[:filter] || {}) @filter = BuildList::Filter.new(@project, current_user, params[:filter] || {})
params[:page] = params[:page].to_i == 0 ? nil : params[:page] params[:page] = params[:page].to_i == 0 ? nil : params[:page]
params[:per_page] = if BuildList::Filter::PER_PAGE.include? params[:per_page].to_i params[:per_page] = if BuildList::Filter::PER_PAGE.include? params[:per_page].to_i
params[:per_page].to_i params[:per_page].to_i
@ -46,6 +41,7 @@ class Projects::BuildListsController < Projects::BaseController
end end
def new def new
authorize @build_list = @project.build_lists.build
if params[:show] == 'inline' && params[:build_list_id].present? if params[:show] == 'inline' && params[:build_list_id].present?
render json: new_build_list_data(@build_list, @project, params), layout: false render json: new_build_list_data(@build_list, @project, params), layout: false
else else
@ -73,7 +69,8 @@ class Projects::BuildListsController < Projects::BaseController
@build_list.priority = current_user.build_priority # User builds more priority than mass rebuild with zero priority @build_list.priority = current_user.build_priority # User builds more priority than mass rebuild with zero priority
flash_options = { project_version: @build_list.project_version, arch: arch.name, build_for_platform: build_for_platform.name } flash_options = { project_version: @build_list.project_version, arch: arch.name, build_for_platform: build_for_platform.name }
if authorize!(:create, @build_list) && @build_list.save authorize @build_list
if @build_list.save
build_lists << @build_list build_lists << @build_list
notices << t('flash.build_list.saved', flash_options) notices << t('flash.build_list.saved', flash_options)
else else
@ -125,8 +122,6 @@ class Projects::BuildListsController < Projects::BaseController
end end
def dependent_projects def dependent_projects
raise CanCan::AccessDenied if @build_list.save_to_platform.personal?
if request.post? if request.post?
prs = params[:build_list] prs = params[:build_list]
if prs.present? && prs[:projects].present? && prs[:arches].present? if prs.present? && prs[:projects].present? && prs[:arches].present?
@ -211,6 +206,16 @@ class Projects::BuildListsController < Projects::BaseController
protected protected
# Private: before_action hook which loads BuidList.
def load_build_list
authorize @build_list =
if @project
@project.build_lists
else
BuildList
end.find(params[:id])
end
def do_and_back(action, prefix, success = 'success', fail = 'fail') def do_and_back(action, prefix, success = 'success', fail = 'fail')
result = @build_list.send("can_#{action}?") && @build_list.send(action) result = @build_list.send("can_#{action}?") && @build_list.send(action)
message = result ? success : fail message = result ? success : fail
@ -218,10 +223,6 @@ class Projects::BuildListsController < Projects::BaseController
redirect_to :back redirect_to :back
end end
def find_build_list
@build_list = BuildList.find(params[:id])
end
def create_from_build_list def create_from_build_list
return if params[:build_list_id].blank? return if params[:build_list_id].blank?
build_list = @project.build_lists.find(params[:build_list_id]) build_list = @project.build_lists.find(params[:build_list_id])

View File

@ -1,12 +1,11 @@
class Projects::CollaboratorsController < Projects::BaseController class Projects::CollaboratorsController < Projects::BaseController
respond_to :html, :json respond_to :html, :json
before_filter :authenticate_user! before_action :authenticate_user!
load_resource :project before_action :authorize_collaborators
before_filter :authorize_collaborators
before_filter :find_users before_action :find_users
before_filter :find_groups before_action :find_groups
def index def index
@collaborators = Collaborator.find_by_project(@project) @collaborators = Collaborator.find_by_project(@project)
@ -29,26 +28,36 @@ class Projects::CollaboratorsController < Projects::BaseController
@collaborator.project = @project @collaborator.project = @project
respond_to do |format| respond_to do |format|
if @collaborator.save if @collaborator.save
format.json { render partial: 'collaborator', locals: {collaborator: @collaborator} } format.json { render partial: 'collaborator', locals: {collaborator: @collaborator, success: true} }
else else
format.json { render text: 'error', status: 422 } format.json { render json: {message:t('flash.collaborators.error_in_adding')}, status: 422 }
end end
end end
end end
def update def update
@c = Collaborator.find(params[:id]) cb = Collaborator.find(params[:id])
if @c.update_attributes(params[:collaborator]) respond_to do |format|
respond_with @c if cb.update_attributes(params[:collaborator])
format.json { render json: {message:t('flash.collaborators.successfully_updated', uname: cb.actor.uname)} }
else else
raise format.json { render json: {message:t('flash.collaborators.error_in_updating')}, status: 422 }
end
end end
end end
def destroy def destroy
@cb = Collaborator.find(params[:id]) cb = Collaborator.find(params[:id])
@cb.destroy if @cb respond_to do |format|
respond_with @cb if cb.present? && cb.destroy
format.json { render json: {message:t('flash.collaborators.successfully_removed', uname: cb.actor.uname)} }
else
format.json {
render json: {message:t('flash.collaborators.error_in_removing', uname: cb.try(:actor).try(:uname))},
status: 422
}
end
end
end end
protected protected
@ -64,6 +73,6 @@ class Projects::CollaboratorsController < Projects::BaseController
end end
def authorize_collaborators def authorize_collaborators
authorize! :update, @project authorize @project, :update?
end end
end end

View File

@ -1,9 +1,7 @@
class Projects::CommentsController < Projects::BaseController class Projects::CommentsController < Projects::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
load_and_authorize_resource :project before_action :find_commentable
before_filter :find_commentable before_action :find_or_build_comment
before_filter :find_or_build_comment
load_and_authorize_resource new: :new_line
include CommentsHelper include CommentsHelper
@ -12,14 +10,14 @@ class Projects::CommentsController < Projects::BaseController
if !@comment.set_additional_data params if !@comment.set_additional_data params
format.json { format.json {
render json: { render json: {
error: I18n.t("flash.comment.save_error"), message: I18n.t("flash.comment.save_error"),
message: @comment.errors.full_messages error: @comment.errors.full_messages
} }
} }
elsif @comment.save elsif @comment.save
format.json {} format.json {}
else else
format.json { render json: { error: I18n.t("flash.comment.save_error") }, status: 422 } format.json { render json: { message: I18n.t("flash.comment.save_error") }, status: 422 }
end end
end end
end end
@ -28,17 +26,24 @@ class Projects::CommentsController < Projects::BaseController
end end
def update def update
status, message = if @comment.update_attributes(params[:comment]) respond_to do |format|
[200, view_context.markdown(@comment.body)] if @comment.update_attributes(params[:comment])
format.json { render json: {message:t('flash.comment.updated'), body: view_context.markdown(@comment.body)} }
else else
[422, 'error'] format.json { render json: {message:t('flash.comment.error_in_updating')}, status: 422 }
end
end end
render json: {body: message}, status: status
end end
def destroy def destroy
@comment.destroy respond_to do |format|
render json: nil if @comment.present? && @comment.destroy
format.json { render json: {message: I18n.t('flash.comment.destroyed')} }
else
format.json {
render json: {message: t('flash.comment.error_in_deleting')}, status: 422 }
end
end
end end
protected protected
@ -51,5 +56,6 @@ class Projects::CommentsController < Projects::BaseController
def find_or_build_comment def find_or_build_comment
@comment = params[:id].present? && Comment.where(automatic: false).find(params[:id]) || @comment = params[:id].present? && Comment.where(automatic: false).find(params[:id]) ||
current_user.comments.build(params[:comment]) {|c| c.commentable = @commentable; c.project = @project} current_user.comments.build(params[:comment]) {|c| c.commentable = @commentable; c.project = @project}
authorize @comment
end end
end end

View File

@ -1,8 +1,6 @@
class Projects::CommitSubscribesController < Projects::BaseController class Projects::CommitSubscribesController < Projects::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
load_and_authorize_resource :project before_action :find_commit
before_filter :find_commit
def create def create
if Subscribe.subscribe_to_commit(@options) if Subscribe.subscribe_to_commit(@options)

View File

@ -1,13 +1,12 @@
class Projects::Git::BaseController < Projects::BaseController class Projects::Git::BaseController < Projects::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
if APP_CONFIG['anonymous_access'] if APP_CONFIG['anonymous_access']
skip_before_filter :authenticate_user!, only: %i(show index blame raw archive diff tags branches) skip_before_action :authenticate_user!, only: %i(show index blame raw archive diff tags branches)
before_filter :authenticate_user, only: %i(show index blame raw archive diff tags branches) before_action :authenticate_user, only: %i(show index blame raw archive diff tags branches)
end end
load_and_authorize_resource :project before_action :set_treeish_and_path
before_filter :set_treeish_and_path before_action :set_branch_and_tree
before_filter :set_branch_and_tree
protected protected

View File

@ -1,6 +1,6 @@
class Projects::Git::BlobsController < Projects::Git::BaseController class Projects::Git::BlobsController < Projects::Git::BaseController
before_filter :set_blob before_action :set_blob
before_filter -> {authorize! :write, @project}, only: [:edit, :update] before_action -> {authorize @project, :write? }, only: [:edit, :update]
def show def show
end end

View File

@ -14,7 +14,7 @@ class Projects::Git::CommitsController < Projects::Git::BaseController
respond_to do |format| respond_to do |format|
format.html format.html
format.diff { render text: (@commit.diffs.map(&:diff).join("\n") rescue ''), content_type: "text/plain" } format.diff { render text: (@commit.show.map(&:diff).join("\n") rescue ''), content_type: "text/plain" }
format.patch { render text: (@commit.to_patch rescue ''), content_type: "text/plain" } format.patch { render text: (@commit.to_patch rescue ''), content_type: "text/plain" }
end end
end end

View File

@ -1,11 +1,12 @@
class Projects::Git::TreesController < Projects::Git::BaseController class Projects::Git::TreesController < Projects::Git::BaseController
before_filter -> { redirect_to_project }, only: :show skip_before_action :set_branch_and_tree, only: :archive
skip_before_filter :set_branch_and_tree, :set_treeish_and_path, only: :archive skip_before_action :set_treeish_and_path, only: :archive
before_filter -> { raise Grit::NoSuchPathError if params[:treeish] != @branch.try(:name) }, only: [:branch, :destroy] before_action :redirect_to_project, only: :show
before_action :resolve_treeish, only: [:branch, :destroy]
skip_authorize_resource :project, only: [:destroy, :restore_branch, :create] # skip_authorize_resource :project, only: [:destroy, :restore_branch, :create]
before_filter -> { authorize!(:write, @project) }, only: [:destroy, :restore_branch, :create] before_action -> { authorize(@project, :show?) }, only: [:show, :archive, :tags, :branches]
def show def show
unless request.xhr? unless request.xhr?
@ -53,16 +54,19 @@ class Projects::Git::TreesController < Projects::Git::BaseController
end end
def restore_branch def restore_branch
authorize @project, :write?
status = @project.create_branch(@treeish, params[:sha], current_user) ? 200 : 422 status = @project.create_branch(@treeish, params[:sha], current_user) ? 200 : 422
render nothing: true, status: status render nothing: true, status: status
end end
def create def create
authorize @project, :write?
status = @project.create_branch(params[:new_ref], params[:from_ref], current_user) ? 200 : 422 status = @project.create_branch(params[:new_ref], params[:from_ref], current_user) ? 200 : 422
render nothing: true, status: status render nothing: true, status: status
end end
def destroy def destroy
authorize @project, :write?
status = @branch && @project.delete_branch(@branch, current_user) ? 200 : 422 status = @branch && @project.delete_branch(@branch, current_user) ? 200 : 422
render nothing: true, status: status render nothing: true, status: status
end end
@ -81,6 +85,10 @@ class Projects::Git::TreesController < Projects::Git::BaseController
protected protected
def resolve_treeish
raise Grit::NoSuchPathError if params[:treeish] != @branch.try(:name)
end
def redirect_to_project def redirect_to_project
if params[:treeish] == @project.resolve_default_branch && params[:path].blank? && !request.xhr? if params[:treeish] == @project.resolve_default_branch && params[:path].blank? && !request.xhr?
redirect_to @project redirect_to @project

View File

@ -1,22 +1,23 @@
class Projects::HooksController < Projects::BaseController class Projects::HooksController < Projects::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
load_and_authorize_resource :project before_action -> { authorize @project, :update? }
load_and_authorize_resource :hook, through: :project before_action :load_hook, except: %i(index new create)
def index def index
authorize! :edit, @project
@name = params[:name] @name = params[:name]
@hooks = @project.hooks.for_name(@name).order('name asc, created_at desc') @hooks = @project.hooks.for_name(@name).order('name asc, created_at desc')
render(:show) if @name.present? render(:show) if @name.present?
end end
def new def new
@hook = @project.hooks.build
end end
def edit def edit
end end
def create def create
authorize @hook = @project.hooks.build(params[:hook])
if @hook.save if @hook.save
redirect_to project_hooks_path(@project, name: @hook.name), notice: t('flash.hook.created') redirect_to project_hooks_path(@project, name: @hook.name), notice: t('flash.hook.created')
else else
@ -41,4 +42,11 @@ class Projects::HooksController < Projects::BaseController
redirect_to project_hooks_path(@project, name: @hook.name) redirect_to project_hooks_path(@project, name: @hook.name)
end end
private
# Private: before_action hook which loads Hook.
def load_hook
authorize @hook = @project.hooks.find(params[:id])
end
end end

View File

@ -1,15 +1,15 @@
class Projects::IssuesController < Projects::BaseController class Projects::IssuesController < Projects::BaseController
NON_RESTFUL_ACTION = [:create_label, :update_label, :destroy_label] before_action :authenticate_user!
before_filter :authenticate_user! skip_before_action :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access']
skip_before_filter :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access'] before_action :load_issue, only: %i(show edit update destroy)
load_resource :project before_action :load_and_authorize_label, only: %i(create_label update_label destroy_label)
load_and_authorize_resource :issue, through: :project, find_by: :serial_id, only: [:show, :edit, :update, :destroy, :new, :create, :index] before_action :find_collaborators, only: :search_collaborators
before_filter :load_and_authorize_label, only: NON_RESTFUL_ACTION
before_filter :find_collaborators, only: [:new, :create, :show, :search_collaborators]
layout false, only: [:update, :search_collaborators] layout false, only: [:update, :search_collaborators]
def index def index
raise Pundit::NotAuthorizedError unless @project.has_issues?
params[:kind] = params[:kind] == 'pull_requests' ? 'pull_requests' : 'issues' params[:kind] = params[:kind] == 'pull_requests' ? 'pull_requests' : 'issues'
params[:filter] = params[:filter].in?(['created', 'assigned']) ? params[:filter] : 'all' params[:filter] = params[:filter].in?(['created', 'assigned']) ? params[:filter] : 'all'
params[:sort] = params[:sort] == 'submitted' ? 'submitted' : 'updated' params[:sort] = params[:sort] == 'submitted' ? 'submitted' : 'updated'
@ -22,10 +22,11 @@ class Projects::IssuesController < Projects::BaseController
respond_to do |format| respond_to do |format|
format.html { render 'index' } format.html { render 'index' }
format.json do format.json do
all_issues =
if params[:kind] == 'pull_requests' if params[:kind] == 'pull_requests'
all_issues = @project.issues.joins(:pull_request) @project.issues.joins(:pull_request)
else else
all_issues = @project.issues.without_pull_requests @project.issues.without_pull_requests
end end
@all_issues = all_issues @all_issues = all_issues
@ -74,15 +75,18 @@ class Projects::IssuesController < Projects::BaseController
end end
def new def new
authorize @issue = @project.issues.build
end end
def create def create
@issue = @project.issues.build(params[:issue])
@issue.user_id = current_user.id @issue.user_id = current_user.id
unless can?(:write, @project) unless policy(@project).write?
@issue.assignee_id = nil @issue.assignee_id = nil
@issue.labelings = [] @issue.labelings = []
end end
authorize @issue
if @issue.save if @issue.save
@issue.subscribe_creator(current_user.id) @issue.subscribe_creator(current_user.id)
flash[:notice] = I18n.t("flash.issue.saved") flash[:notice] = I18n.t("flash.issue.saved")
@ -104,7 +108,7 @@ class Projects::IssuesController < Projects::BaseController
format.json { format.json {
status = 200 status = 200
unless can?(:write, @project) unless policy(@project).write?
params.delete :update_labels params.delete :update_labels
[:assignee_id, :labelings, :labelings_attributes].each do |k| [:assignee_id, :labelings, :labelings_attributes].each do |k|
params[:issue].delete k params[:issue].delete k
@ -165,8 +169,14 @@ class Projects::IssuesController < Projects::BaseController
private private
# Private: before_action hook which loads Issue.
def load_issue
authorize @issue = @project.issues.find_by!(serial_id: params[:id])
end
# Private: before_action hook which loads Label.
def load_and_authorize_label def load_and_authorize_label
authorize! :write, @project authorize @project, :write?
@label = Label.find(params[:label_id]) if params[:label_id] @label = @project.labels.find(params[:label_id]) if params[:label_id]
end end
end end

View File

@ -2,12 +2,12 @@ class Projects::ProjectsController < Projects::BaseController
include DatatableHelper include DatatableHelper
include ProjectsHelper include ProjectsHelper
before_filter :authenticate_user! before_action :authenticate_user!
load_and_authorize_resource id_param: :name_with_owner # to force member actions load before_action :who_owns, only: [:new, :create, :mass_import, :run_mass_import]
before_filter :who_owns, only: [:new, :create, :mass_import, :run_mass_import]
def index def index
@projects = Project.accessible_by(current_ability, :membered).search(params[:search]) authorize :project
@projects = ProjectPolicy::Scope.new(current_user, Project).membered.search(params[:search])
respond_to do |format| respond_to do |format|
format.html { format.html {
@groups = current_user.groups @groups = current_user.groups
@ -24,18 +24,19 @@ class Projects::ProjectsController < Projects::BaseController
end end
def new def new
authorize :project
@project = Project.new @project = Project.new
end end
def mass_import def mass_import
authorize :project
@project = Project.new(mass_import: true) @project = Project.new(mass_import: true)
end end
def run_mass_import def run_mass_import
@project = Project.new params[:project] @project = Project.new params[:project]
@project.owner = choose_owner @project.owner = choose_owner
authorize! :write, @project.owner if @project.owner.class == Group authorize @project
authorize! :add_project, Repository.find(params[:project][:add_to_repository_id])
@project.valid? @project.valid?
@project.errors.messages.slice! :url @project.errors.messages.slice! :url
if @project.errors.messages.blank? # We need only url validation if @project.errors.messages.blank? # We need only url validation
@ -48,15 +49,14 @@ class Projects::ProjectsController < Projects::BaseController
end end
def edit def edit
@project_aliases = Project.where.not(id: @project.id). authorize @project
where('alias_from_id IN (:ids) OR id IN (:ids)', { ids: [@project.alias_from_id, @project.id] }). @project_aliases = Project.project_aliases(@project).paginate(page: current_page)
paginate(page: current_page)
end end
def create def create
@project = Project.new params[:project] @project = Project.new params[:project]
@project.owner = choose_owner @project.owner = choose_owner
authorize! :write, @project.owner if @project.owner.class == Group authorize @project
if @project.save if @project.save
flash[:notice] = t('flash.project.saved') flash[:notice] = t('flash.project.saved')
@ -69,6 +69,7 @@ class Projects::ProjectsController < Projects::BaseController
end end
def update def update
authorize @project
params[:project].delete(:maintainer_id) if params[:project][:maintainer_id].blank? params[:project].delete(:maintainer_id) if params[:project][:maintainer_id].blank?
respond_to do |format| respond_to do |format|
format.html do format.html do
@ -84,18 +85,19 @@ class Projects::ProjectsController < Projects::BaseController
end end
format.json do format.json do
if @project.update_attributes(params[:project]) if @project.update_attributes(params[:project])
render json: { notice: I18n.t('flash.project.saved') }.to_json render json: { notice: I18n.t('flash.project.saved') }
else else
render json: { error: I18n.t('flash.project.save_error') }.to_json, status: 422 render json: { error: I18n.t('flash.project.save_error') }, status: 422
end end
end end
end end
end end
def schedule def schedule
authorize @project
p_to_r = @project.project_to_repositories.where(repository_id: params[:repository_id]).first p_to_r = @project.project_to_repositories.where(repository_id: params[:repository_id]).first
unless p_to_r.repository.publish_without_qa unless p_to_r.repository.publish_without_qa
authorize! :local_admin_manage, p_to_r.repository.platform authorize p_to_r.repository.platform, :local_admin_manage?
end end
p_to_r.user_id = current_user.id p_to_r.user_id = current_user.id
p_to_r.enabled = params[:enabled].present? p_to_r.enabled = params[:enabled].present?
@ -109,6 +111,7 @@ class Projects::ProjectsController < Projects::BaseController
end end
def destroy def destroy
authorize @project
@project.destroy @project.destroy
flash[:notice] = t("flash.project.destroyed") flash[:notice] = t("flash.project.destroyed")
redirect_to @project.owner redirect_to @project.owner
@ -116,8 +119,7 @@ class Projects::ProjectsController < Projects::BaseController
def fork(is_alias = false) def fork(is_alias = false)
owner = (Group.find params[:group] if params[:group].present?) || current_user owner = (Group.find params[:group] if params[:group].present?) || current_user
authorize! :write, owner if owner.class == Group authorize owner, :write?
if forked = @project.fork(owner, new_name: params[:fork_name], is_alias: is_alias) and forked.valid? if forked = @project.fork(owner, new_name: params[:fork_name], is_alias: is_alias) and forked.valid?
redirect_to forked, notice: t("flash.project.forked") redirect_to forked, notice: t("flash.project.forked")
else else
@ -128,15 +130,18 @@ class Projects::ProjectsController < Projects::BaseController
end end
def alias def alias
authorize @project
fork(true) fork(true)
end end
def possible_forks def possible_forks
authorize @project
render partial: 'projects/git/base/forks', layout: false, render partial: 'projects/git/base/forks', layout: false,
locals: { owner: current_user, name: (params[:name].presence || @project.name) } locals: { owner: current_user, name: (params[:name].presence || @project.name) }
end end
def sections def sections
authorize @project, :update?
if request.patch? if request.patch?
if @project.update_attributes(params[:project]) if @project.update_attributes(params[:project])
flash[:notice] = t('flash.project.saved') flash[:notice] = t('flash.project.saved')
@ -149,6 +154,7 @@ class Projects::ProjectsController < Projects::BaseController
end end
def remove_user def remove_user
authorize @project
@project.relations.by_actor(current_user).destroy_all @project.relations.by_actor(current_user).destroy_all
respond_to do |format| respond_to do |format|
format.html do format.html do
@ -160,6 +166,7 @@ class Projects::ProjectsController < Projects::BaseController
end end
def autocomplete_maintainers def autocomplete_maintainers
authorize @project
term, limit = params[:query], params[:limit] || 10 term, limit = params[:query], params[:limit] || 10
items = User.member_of_project(@project) items = User.member_of_project(@project)
.where("users.name ILIKE ? OR users.uname ILIKE ?", "%#{term}%", "%#{term}%") .where("users.name ILIKE ? OR users.uname ILIKE ?", "%#{term}%", "%#{term}%")
@ -168,10 +175,15 @@ class Projects::ProjectsController < Projects::BaseController
end end
def preview def preview
render inline: view_context.markdown(params[:text]), layout: false authorize @project
respond_to do |format|
format.json {}
format.html {render inline: view_context.markdown(params[:text]), layout: false}
end
end end
def refs_list def refs_list
authorize @project
refs = @project.repo.branches_and_tags.map(&:name) refs = @project.repo.branches_and_tags.map(&:name)
@selected = params[:selected] if refs.include?(params[:selected]) @selected = params[:selected] if refs.include?(params[:selected])
@selected ||= @project.resolve_default_branch @selected ||= @project.resolve_default_branch

View File

@ -1,20 +1,19 @@
class Projects::PullRequestsController < Projects::BaseController class Projects::PullRequestsController < Projects::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :project
load_resource :issue, through: :project, find_by: :serial_id, parent: false, except: [:index, :autocomplete_to_project] before_action :load_issue, except: %i(index autocomplete_to_project new create)
load_and_authorize_resource instance_name: :pull, through: :issue, singleton: true, except: [:index, :autocomplete_to_project] before_action :load_pull, except: %i(index autocomplete_to_project new create)
before_filter :find_collaborators, only: [:new, :create, :show]
def new def new
to_project = find_destination_project(false) to_project = find_destination_project(false)
authorize! :read, to_project authorize to_project, :show?
@pull = to_project.pull_requests.new @pull = to_project.pull_requests.new
@pull.issue = to_project.issues.new @issue = @pull.issue = to_project.issues.new
set_attrs set_attrs
authorize @pull
if PullRequest.check_ref(@pull, 'to', @pull.to_ref) && PullRequest.check_ref(@pull, 'from', @pull.from_ref) || @pull.uniq_merge if PullRequest.check_ref(@pull, 'to', @pull.to_ref) && PullRequest.check_ref(@pull, 'from', @pull.from_ref) || @pull.uniq_merge
flash.now[:warning] = @pull.errors.full_messages.join('. ') flash.now[:warning] = @pull.errors.full_messages.join('. ')
else else
@ -33,15 +32,17 @@ class Projects::PullRequestsController < Projects::BaseController
redirect :back redirect :back
end end
to_project = find_destination_project to_project = find_destination_project
authorize! :read, to_project authorize to_project, :show?
@pull = to_project.pull_requests.new pull_params @pull = to_project.pull_requests.new pull_params
@pull.issue.assignee_id = (params[:issue] || {})[:assignee_id] if can?(:write, to_project) @issue = @pull.issue
@pull.issue.assignee_id = (params[:issue] || {})[:assignee_id] if policy(to_project).write?
@pull.issue.user, @pull.issue.project, @pull.from_project = current_user, to_project, @project @pull.issue.user, @pull.issue.project, @pull.from_project = current_user, to_project, @project
@pull.from_project_owner_uname = @pull.from_project.owner.uname @pull.from_project_owner_uname = @pull.from_project.owner.uname
@pull.from_project_name = @pull.from_project.name @pull.from_project_name = @pull.from_project.name
@pull.issue.new_pull_request = true @pull.issue.new_pull_request = true
authorize @pull
if @pull.valid? # FIXME more clean/clever logics if @pull.valid? # FIXME more clean/clever logics
@pull.save # set pull id @pull.save # set pull id
@pull.reload @pull.reload
@ -67,11 +68,13 @@ class Projects::PullRequestsController < Projects::BaseController
end end
def merge def merge
authorize @pull
status = @pull.merge!(current_user) ? 200 : 422 status = @pull.merge!(current_user) ? 200 : 422
render nothing: true, status: status render nothing: true, status: status
end end
def update def update
authorize @pull
status = 422 status = 422
if (action = params[:pull_request_action]) && %w(close reopen).include?(params[:pull_request_action]) if (action = params[:pull_request_action]) && %w(close reopen).include?(params[:pull_request_action])
if @pull.send("can_#{action}?") if @pull.send("can_#{action}?")
@ -106,7 +109,7 @@ class Projects::PullRequestsController < Projects::BaseController
term = params[:query].to_s.strip.downcase term = params[:query].to_s.strip.downcase
[ Project.where(id: @project.pull_requests.last.try(:to_project_id)), [ Project.where(id: @project.pull_requests.last.try(:to_project_id)),
@project.ancestors, @project.ancestors,
Project.accessible_by(current_ability, :membered) ProjectPolicy::Scope.new(current_user, Project).membered
].each do |p| ].each do |p|
items.concat p.by_owner_and_name(term) items.concat p.by_owner_and_name(term)
end end
@ -116,6 +119,17 @@ class Projects::PullRequestsController < Projects::BaseController
protected protected
# Private: before_action hook which loads Issue.
def load_issue
@issue = @project.issues.find_by!(serial_id: params[:id])
end
# Private: before_action hook which loads PullRequest.
def load_pull
@pull = @issue.pull_request
authorize @pull, :show? if @pull
end
def pull_params def pull_params
@pull_params ||= params[:pull_request].presence @pull_params ||= params[:pull_request].presence
end end

View File

@ -1,12 +1,10 @@
class Projects::SubscribesController < Projects::BaseController class Projects::SubscribesController < Projects::BaseController
before_filter :authenticate_user! before_action :authenticate_user!
load_and_authorize_resource :project before_action :load_issue
load_and_authorize_resource :issue, through: :project, find_by: :serial_id
load_and_authorize_resource :subscribe, through: :issue, find_by: :user_id
def create def create
@subscribe = @issue.subscribes.build(user_id: current_user.id) authorize @subscribe = @issue.subscribes.build(user_id: current_user.id)
if @subscribe.save if @subscribe.save
flash[:notice] = I18n.t("flash.subscribe.saved") flash[:notice] = I18n.t("flash.subscribe.saved")
redirect_to :back redirect_to :back
@ -17,9 +15,17 @@ class Projects::SubscribesController < Projects::BaseController
end end
def destroy def destroy
authorize @subscribe = @issue.subscribes.find_by(user_id: current_user.id)
@subscribe.destroy @subscribe.destroy
flash[:notice] = t("flash.subscribe.destroyed") flash[:notice] = t("flash.subscribe.destroyed")
redirect_to :back redirect_to :back
end end
private
# Private: before_action hook which loads Issue.
def load_issue
authorize @issue = @project.issues.find_by!(serial_id: params[:issue_id]), :show?
end
end end

View File

@ -4,13 +4,12 @@ require 'cgi'
class Projects::WikiController < Projects::BaseController class Projects::WikiController < Projects::BaseController
WIKI_OPTIONS = {} WIKI_OPTIONS = {}
before_filter :authenticate_user! before_action :authenticate_user!
skip_before_filter :authenticate_user!, only: [:show, :index, :git, :compare, :compare_wiki, :history, :wiki_history, :search, :pages] if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: [:show, :index, :git, :compare, :compare_wiki, :history, :wiki_history, :search, :pages] if APP_CONFIG['anonymous_access']
load_resource :project
before_filter :authorize_read_actions, only: [:index, :show, :git, :compare, :compare_wiki, :history, :wiki_history, :search, :pages] before_action :authorize_read_actions, only: [:index, :show, :git, :compare, :compare_wiki, :history, :wiki_history, :search, :pages]
before_filter :authorize_write_actions, only: [:edit, :update, :new, :create, :destroy, :revert, :revert_wiki, :preview] before_action :authorize_write_actions, only: [:edit, :update, :new, :create, :destroy, :revert, :revert_wiki, :preview]
before_filter :get_wiki before_action :get_wiki
def index def index
@name = 'Home' @name = 'Home'
@ -262,11 +261,11 @@ class Projects::WikiController < Projects::BaseController
def show_or_create_page def show_or_create_page
if @page if @page
@content = @page.formatted_data @content = @page.formatted_data
@editable = can?(:write, @project) @editable = policy(@project).write?
render :show render :show
elsif file = @wiki.file(@name) elsif file = @wiki.file(@name)
render text: file.raw_data, content_type: file.mime_type render text: file.raw_data, content_type: file.mime_type
elsif can? :write, @project elsif policy(@project).write?
@new = true @new = true
render :new render :new
else else
@ -279,11 +278,10 @@ class Projects::WikiController < Projects::BaseController
end end
def authorize_read_actions def authorize_read_actions
authorize! :show, @project authorize @project, :show?
end end
def authorize_write_actions def authorize_write_actions
authorize! :write, @project authorize @project, :write?
end end
end end

View File

@ -1,13 +1,13 @@
class SearchController < ApplicationController class SearchController < ApplicationController
include PaginateHelper include PaginateHelper
before_filter :authenticate_user! unless APP_CONFIG['anonymous_access'] before_action :authenticate_user! unless APP_CONFIG['anonymous_access']
# load_and_authorize_resource skip_after_action :verify_authorized
def index def index
@type = Search::TYPES.find{ |t| t == params[:type] } || Search::TYPES.first @type = Search::TYPES.find{ |t| t == params[:type] } || Search::TYPES.first
@query = params[:query] @query = params[:query]
@search = Search.new(@query, current_ability, paginate_params) @search = Search.new(@query, current_user, paginate_params)
@collection = @search.send(@type) @collection = @search.send(@type)
end end
end end

View File

@ -1,4 +1,5 @@
class SitemapController < ApplicationController class SitemapController < ApplicationController
skip_after_action :verify_authorized
def show def show
redirect_to "/sitemaps/#{request.host_with_port.gsub(/www./, '')}/sitemap.xml.gz" redirect_to "/sitemaps/#{request.host_with_port.gsub(/www./, '')}/sitemap.xml.gz"

View File

@ -11,6 +11,7 @@ class StatisticsController < ApplicationController
] ]
def index def index
authorize :statistic
respond_to do |format| respond_to do |format|
format.html format.html
format.json do format.json do

View File

@ -1,6 +1,6 @@
class Users::BaseController < ApplicationController class Users::BaseController < ApplicationController
before_filter :authenticate_user! before_action :authenticate_user!
before_filter :find_user before_action :find_user
protected protected

View File

@ -32,7 +32,7 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def find_for_ouath(auth, resource=nil) def find_for_ouath(auth, resource=nil)
provider, uid = auth['provider'], auth['uid'] provider, uid = auth['provider'], auth['uid']
authentication = Authentication.find_or_initialize_by_provider_and_uid(provider, uid) authentication = Authentication.find_or_initialize_by(provider: provider, uid: uid)
if authentication.new_record? if authentication.new_record?
if user_signed_in? # New authentication method for current_user if user_signed_in? # New authentication method for current_user
authentication.user = current_user authentication.user = current_user

View File

@ -1,9 +1,10 @@
class Users::ProfileController < Users::BaseController class Users::ProfileController < Users::BaseController
include PaginateHelper include PaginateHelper
skip_before_filter :authenticate_user!, only: :show if APP_CONFIG['anonymous_access'] skip_before_action :authenticate_user!, only: :show if APP_CONFIG['anonymous_access']
def show def show
authorize @user
respond_to do |format| respond_to do |format|
format.html do format.html do
@groups = @user.groups.order(:uname) @groups = @user.groups.order(:uname)
@ -14,9 +15,9 @@ class Users::ProfileController < Users::BaseController
when 'open' when 'open'
@projects = @projects.opened @projects = @projects.opened
when 'hidden' when 'hidden'
@projects = @projects.by_visibilities('hidden').accessible_by(current_ability, :read) @projects = ProjectPolicy::Scope.new(current_user, @projects.by_visibilities('hidden')).read
else else
@projects = @projects.accessible_by(current_ability, :read) @projects = ProjectPolicy::Scope.new(current_user, @projects).read
end end
@total_items = @projects.count @total_items = @projects.count
@projects = @projects.paginate(paginate_params) @projects = @projects.paginate(paginate_params)

View File

@ -1,5 +1,5 @@
class Users::RegisterRequestsController < ApplicationController class Users::RegisterRequestsController < ApplicationController
before_filter :user_choose_locale before_action :user_choose_locale
layout 'invite' layout 'invite'
def new def new

View File

@ -1,5 +1,5 @@
class Users::RegistrationsController < Devise::RegistrationsController class Users::RegistrationsController < Devise::RegistrationsController
before_filter :update_sanitized_params, if: :devise_controller? before_action :update_sanitized_params, if: :devise_controller?
# POST /resource # POST /resource
def create def create

View File

@ -1,7 +1,8 @@
class Users::SettingsController < Users::BaseController class Users::SettingsController < Users::BaseController
include AvatarHelper include AvatarHelper
before_filter :set_current_user before_action :set_current_user
before_action -> { authorize @user, :update? }
def profile def profile
if request.patch? if request.patch?

View File

@ -1,5 +1,7 @@
class Users::SshKeysController < Users::BaseController class Users::SshKeysController < Users::BaseController
before_filter :set_current_user before_action :set_current_user
before_action -> { authorize current_user, :update? }
skip_before_action :find_user
def index def index
@ssh_key = SshKey.new @ssh_key = SshKey.new
@ -10,12 +12,11 @@ class Users::SshKeysController < Users::BaseController
if @ssh_key.save if @ssh_key.save
flash[:notice] = t 'flash.ssh_keys.saved' flash[:notice] = t 'flash.ssh_keys.saved'
redirect_to ssh_keys_path
else else
flash[:error] = t 'flash.ssh_keys.save_error' flash[:error] = t 'flash.ssh_keys.save_error'
# flash[:warning] = @ssh_key.errors.full_messages.join('. ') unless @ssh_key.errors.blank? flash[:warning] = @ssh_key.errors.full_messages.join('. ') unless @ssh_key.errors.blank?
render :index
end end
redirect_to ssh_keys_path
end end
def destroy def destroy

View File

@ -1,16 +1,18 @@
class Users::UsersController < Users::BaseController class Users::UsersController < Users::BaseController
skip_before_filter :authenticate_user!, only: [:allowed, :check, :discover] skip_before_action :authenticate_user!, only: [:allowed, :check, :discover]
before_filter :find_user_by_key, only: [:allowed, :discover] skip_after_action :verify_authorized
before_action :find_user_by_key, only: [:allowed, :discover]
def allowed def allowed
project = Project.find_by_owner_and_name! params[:project] project = Project.find_by_owner_and_name! params[:project]
action = case params[:action_type] pp = ProjectPolicy.new(@user, project)
can = case params[:action_type]
when 'git-upload-pack' when 'git-upload-pack'
then :read pp.read?
when 'git-receive-pack' when 'git-receive-pack'
then :write pp.write?
end end
render inline: (!@user.access_locked? && Ability.new(@user).can?(action, project)).to_s render inline: (!@user.access_locked? && can).to_s
end end
def check def check

View File

@ -93,7 +93,7 @@ module ApplicationHelper
end end
def alert_class(type) def alert_class(type)
case type.to_s case type
when 'error', 'alert' when 'error', 'alert'
'alert-danger' 'alert-danger'
when 'notice' when 'notice'

View File

@ -20,7 +20,7 @@ module BuildListsHelper
end end
def availables_main_platforms def availables_main_platforms
Platform.availables_main_platforms current_user, current_ability Platform.availables_main_platforms current_user
end end
def dependent_projects(package) def dependent_projects(package)
@ -294,8 +294,9 @@ module BuildListsHelper
end end
def default_extra_repos(project) def default_extra_repos(project)
project.repositories.joins(:platform).accessible_by(current_ability, :read) scope = project.repositories.joins(:platform).where(platforms: { platform_type: 'personal' })
.where(platforms: { platform_type: 'personal' }).map do |extra| scope = PlatformPolicy::Scope.new(current_user, scope).show
scope.map do |extra|
{ {
id: extra.id, id: extra.id,
platform_id: extra.platform.id, platform_id: extra.platform.id,

View File

@ -1,23 +1,31 @@
module CommitHelper module CommitHelper
MAX_FILES_WITHOUT_COLLAPSE = 25 MAX_FILES_WITHOUT_COLLAPSE = 25
def render_commit_stats(stats) def render_commit_stats(options = {})
res = ["<table class='table table-responsive boffset0'>"] stats = options[:stats]
diff = options[:diff]
repo = options[:repo]
commit = options[:commit]
parent_commit = commit.parents.try(:first)
res = ["<ul class='list-group boffset0'>"]
ind=0 ind=0
stats.files.each do |filename, adds, deletes, total| stats.files.each do |filename, adds, deletes, total|
res << "<tr>" file_name = get_filename_in_diff(diff[ind], filename)
res << "<td><a href='#diff-#{ind}'>#{h(filename.rtruncate 120)}</a></td>" file_status = t "layout.projects.diff.#{get_file_status_in_diff(diff[ind])}"
res << "<td class='diffstat'>" res << "<li class='list-group-item'>"
res << I18n.t("layout.projects.inline_changes_count", count: total).strip + res << "<div class='row'>"
" (" + res << "<div class='col-sm-8'>"
I18n.t("layout.projects.inline_additions_count", count: adds).strip + res << "<a href='#diff-#{ind}' data-toggle='tooltip' data-placement='top' title='#{file_status}'>"
", " + res << "#{diff_file_icon(diff[ind])} #{h(file_name)}"
I18n.t("layout.projects.inline_deletions_count", count: deletes).strip + res << "</a></div>"
")" res << render_file_changes(diff: diff[ind], adds: adds, deletes: deletes, total: total,
res << "</td>" repo: repo, commit: commit, parent_commit: parent_commit, file_status: file_status)
res << "</div"
res << "</li>"
ind +=1 ind +=1
end end
res << "</table>" res << "</ul>"
wrap_commit_header_list(stats, res) wrap_commit_header_list(stats, res)
end end
@ -29,6 +37,7 @@ module CommitHelper
res << "<div class='panel-heading' role='tab' id='heading'>" res << "<div class='panel-heading' role='tab' id='heading'>"
res << "<h4 class='panel-title'>" res << "<h4 class='panel-title'>"
res << "<a data-toggle='collapse' data-parent='#diff_header' href='#collapseList' aria-expanded='true' aria-controls='collapseList'>" res << "<a data-toggle='collapse' data-parent='#diff_header' href='#collapseList' aria-expanded='true' aria-controls='collapseList'>"
res << "<span class='fa fa-chevron-#{is_stats_open ? 'down' : 'up'}'></span>"
res << " #{diff_commit_header_message(stats)}</a>" res << " #{diff_commit_header_message(stats)}</a>"
res << "</h4>" res << "</h4>"
res << "</div>" res << "</div>"
@ -72,9 +81,116 @@ module CommitHelper
Russian.p(commits_count, *commits_pluralization_arr) Russian.p(commits_count, *commits_pluralization_arr)
end end
def is_file_open_in_diff(blob, diff)
return true if blob.binary? && blob.render_as == :image
return true if diff.diff.blank? && diff.a_mode != diff.b_mode
diff.diff.present? && diff.diff.split("\n").count <= DiffHelper::MAX_LINES_WITHOUT_COLLAPSE
end
def file_blob_in_diff(repo, commit_id, diff)
return if repo.nil? || commit_id.nil? || diff.nil?
tree = repo.tree(commit_id)
blob = diff.renamed_file ? (tree / diff.b_path) : (tree / (diff.a_path || diff.b_path))
blob || diff.a_blob || diff.b_blob
end
def get_commit_id_for_file(diff, commit, parent_commit)
diff.deleted_file ? parent_commit.id : commit.id
end
def get_file_status_in_diff(diff)
if diff.renamed_file
:renamed_file
elsif diff.new_file
:new_file
elsif diff.deleted_file
:deleted_file
else
:changed_file
end
end
def get_filename_in_diff(diff, filename)
if diff.renamed_file
"#{diff.a_path.rtruncate 50} => #{diff.b_path.rtruncate 50}"
else
filename.rtruncate(100)
end
end
protected protected
def commits_pluralization_arr def commits_pluralization_arr
pluralize ||= t('layout.commits.pluralize').map {|base, title| title.to_s} pluralize ||= t('layout.commits.pluralize').map {|base, title| title.to_s}
end end
def render_file_changes(options = {})
diff = options[:diff]
adds = options[:adds]
deletes = options[:deletes]
total = options[:total]
repo = options[:repo]
file_status = options[:file_status]
commit_id = get_commit_id_for_file(diff, options[:commit], options[:parent_commit])
blob = file_blob_in_diff(repo, commit_id, diff)
res = ''
res << "<div class='col-sm-3'>"
res << "<div class='pull-right'>"
if blob.binary?
res << "<strong class='text-primary'>#{t 'layout.projects.diff.binary'} #{file_status}</strong>"
elsif total > 0
res << "<strong class='text-success'>+#{adds}</strong> <strong class='text-danger'>-#{deletes}</strong>"
else # total == 0
res << "<strong class='text-primary'>#{t 'layout.projects.diff.without_changes'}</strong>"
end
res << "</div>"
res << "</div>"
res << "<div class='col-sm-1'>"
res << render_progress_bar(adds, deletes, total, blob)
res << "</div>"
end
def render_progress_bar(adds, deletes, total, blob)
res = ''
pluses = 0
minuses = 0
if total > 0
pluses = ((adds/(adds+deletes).to_f)*100).round
minuses = 100 - pluses
end
title = if total >0
t 'layout.projects.inline_changes_count', count: total
elsif !blob.binary?
t 'layout.projects.diff.without_changes'
else
'BIN'
end
res << "<div class='progress' style='margin-bottom: 0' data-toggle='tooltip' data-placement='top' title='#{title}'>"
res << "<div class='progress-bar progress-bar-success' style='width: #{pluses}%'></div>"
res << "<div class='progress-bar progress-bar-danger' style='width: #{minuses}%'></div>"
res << "</div>"
res
end
def diff_file_icon(diff)
icon = case get_file_status_in_diff(diff)
when :renamed_file
'fa-caret-square-o-right text-info'
when :new_file
'fa-plus-square text-success'
when :deleted_file
'fa-minus-square text-danger'
when :changed_file
'fa-pencil-square text-primary'
else
'fa-exclamation-circle text-danger'
end
"<i class='fa #{icon}'></i>"
end
end end

View File

@ -1,34 +1,48 @@
module DiffHelper module DiffHelper
MAX_FILES_WITHOUT_COLLAPSE = 25 include CommitHelper
MAX_LINES_WITHOUT_COLLAPSE = 50 MAX_LINES_WITHOUT_COLLAPSE = 50
def render_diff_stats(stats) def render_diff_stats(options = {})
path = @pull.try(:id) ? polymorphic_path([@project, @pull]) : '' stats = options[:stats]
diff = options[:diff]
repo = options[:repo]
commit = options[:commit]
parent_commit = options[:common_ancestor]
res = ["<table class='table table-responsive boffset0'>"] res = ["<ul class='list-group boffset0'>"]
stats.each_with_index do |stat, ind| stats.each_with_index do |stat, ind|
res << "<tr>" adds = stat.additions
res << "<td>#{link_to stat.filename.rtruncate(120), "#{path}#diff-#{ind}"}</td>" deletes = stat.deletions
res << "<td class='diffstat'>" total = adds + deletes
res << I18n.t("layout.projects.inline_changes_count", count: stat.additions + stat.deletions).strip + file_name = get_filename_in_diff(diff[ind], stat.filename)
" (" + file_status = t "layout.projects.diff.#{get_file_status_in_diff(diff[ind])}"
I18n.t("layout.projects.inline_additions_count", count: stat.additions).strip +
", " + res << "<li class='list-group-item'>"
I18n.t("layout.projects.inline_deletions_count", count: stat.deletions).strip + res << "<div class='row'>"
")" res << "<div class='col-sm-8'>"
res << "</td>" res << "<a href='#diff-#{ind}' data-toggle='tooltip' data-placement='top' title='#{file_status}'>"
res << "#{diff_file_icon(diff[ind])} #{h(file_name)}"
res << "</a></div>"
res << render_file_changes(diff: diff[ind], adds: adds, deletes: deletes, total: total,
repo: repo, commit: commit, parent_commit: parent_commit, file_status: file_status)
res << "</div"
res << "</li>"
ind +=1
end end
res << '</table>' res << "</ul>"
wrap_header_list(stats, res)
wrap_diff_header_list(stats, res)
end end
def wrap_header_list(stats, list) def wrap_diff_header_list(stats, list)
is_stats_open = stats.count <= MAX_FILES_WITHOUT_COLLAPSE ? 'in' : '' is_stats_open = stats.count <= MAX_FILES_WITHOUT_COLLAPSE ? 'in' : ''
res = ["<div class='panel-group' id='diff_header' role='tablist' aria-multiselectable='false'>"] res = ["<div class='panel-group' id='diff_header' role='tablist' aria-multiselectable='false'>"]
res << "<div class='panel panel-default'>" res << "<div class='panel panel-default'>"
res << "<div class='panel-heading' role='tab' id='heading'>" res << "<div class='panel-heading' role='tab' id='heading'>"
res << "<h4 class='panel-title'>" res << "<h4 class='panel-title'>"
res << "<a data-toggle='collapse' data-parent='#diff_header' href='#collapseList' aria-expanded='true' aria-controls='collapseList'>" res << "<a data-toggle='collapse' data-parent='#diff_header' href='#collapseList' aria-expanded='true' aria-controls='collapseList'>"
res << "<span class='fa fa-chevron-#{is_stats_open ? 'down' : 'up'}'></span>"
res << " #{diff_header_message(stats)}</a>" res << " #{diff_header_message(stats)}</a>"
res << "</h4>" res << "</h4>"
res << "</div>" res << "</div>"

View File

@ -153,7 +153,7 @@ module MarkdownHelper
end end
def reference_issue(identifier) def reference_issue(identifier)
if issue = Issue.find_by_hash_tag(identifier, current_ability, @project) if issue = Issue.find_by_hash_tag(identifier, current_user, @project)
if issue.pull_request if issue.pull_request
title = "#{PullRequest.model_name.human}: #{issue.title}" title = "#{PullRequest.model_name.human}: #{issue.title}"
url = project_pull_request_path(issue.project, issue.pull_request) url = project_pull_request_path(issue.project, issue.pull_request)

View File

@ -3,7 +3,7 @@ module MassBuildHelper
def link_to_list platform, mass_build, which def link_to_list platform, mass_build, which
link_to t("layout.mass_builds.#{which}"), link_to t("layout.mass_builds.#{which}"),
get_list_platform_mass_build_path(platform, mass_build, kind: which, format: :txt), get_list_platform_mass_build_path(platform, mass_build, kind: which, format: :txt),
target: "_blank" if can?(:get_list, mass_build) target: "_blank" if policy(mass_build).get_list?
end end
def link_to_mass_build(mass_build) def link_to_mass_build(mass_build)

View File

@ -17,7 +17,7 @@ module ProjectsHelper
def available_project_to_repositories(project) def available_project_to_repositories(project)
project.project_to_repositories.includes(repository: :platform).select do |p_to_r| project.project_to_repositories.includes(repository: :platform).select do |p_to_r|
p_to_r.repository.publish_without_qa ? true : can?(:local_admin_manage, p_to_r.repository.platform) p_to_r.repository.publish_without_qa ? true : policy(p_to_r.repository.platform).local_admin_manage?
end.sort_by do |p_to_r| end.sort_by do |p_to_r|
"#{p_to_r.repository.platform.name}/#{p_to_r.repository.name}" "#{p_to_r.repository.platform.name}/#{p_to_r.repository.name}"
end.map do |p_to_r| end.map do |p_to_r|
@ -33,8 +33,8 @@ module ProjectsHelper
def mass_import_repositories_for_group_select def mass_import_repositories_for_group_select
groups = {} groups = {}
Platform.accessible_by(current_ability, :related).order(:name).each do |platform| PlatformPolicy::Scope.new(current_user, Platform).related.order(:name).each do |platform|
next unless can?(:local_admin_manage, platform) next unless policy(platform).local_admin_manage?
groups[platform.name] = Repository.custom_sort(platform.repositories).map{ |r| [r.name, r.id] } groups[platform.name] = Repository.custom_sort(platform.repositories).map{ |r| [r.name, r.id] }
end end
groups.to_a groups.to_a
@ -70,7 +70,9 @@ module ProjectsHelper
end end
def alone_member?(project) def alone_member?(project)
Relation.by_target(project).by_actor(current_user).size > 0 Rails.cache.fetch(['ProjectsHelper#alone_member?', project, current_user]) do
Relation.by_target(project).by_actor(current_user).exists?
end
end end
def participant_path(participant) def participant_path(participant)

View File

@ -8,7 +8,7 @@ module PullRequestHelper
end end
def pull_status_label pull_status, options = {} def pull_status_label pull_status, options = {}
statuses = {'ready' => 'success', 'closed' => 'important', 'merged' => 'important', 'blocked' => 'warning'} statuses = {'ready' => 'success', 'closed' => 'default', 'merged' => 'info', 'blocked' => 'warning'}
options[:class] = "#{options[:class]} label label-#{statuses[pull_status]}" options[:class] = "#{options[:class]} label label-#{statuses[pull_status]}"
content_tag :span, t("projects.pull_requests.statuses.#{pull_status}"), options content_tag :span, t("projects.pull_requests.statuses.#{pull_status}"), options
end end

View File

@ -15,6 +15,7 @@ module UsersHelper
end end
def gravatar_url(email, size = 30) def gravatar_url(email, size = 30)
"https://secure.gravatar.com/avatar/#{Digest::MD5.hexdigest(email.downcase)}?s=#{size}&r=pg" hex = email.present? ? Digest::MD5.hexdigest(email.try :downcase) : ''
"https://secure.gravatar.com/avatar/#{}?s=#{size}&r=pg"
end end
end end

View File

@ -14,7 +14,7 @@ module AbfWorker
end end
def perform def perform
return if restart_task return if subject.valid? && restart_task
if options['feedback_from_user'] if options['feedback_from_user']
user = User.find options['feedback_from_user'] user = User.find options['feedback_from_user']
return if !user.system? && subject.builder != user return if !user.system? && subject.builder != user

View File

@ -6,13 +6,12 @@ module BuildLists
build_list = BuildList.find(build_list_id) build_list = BuildList.find(build_list_id)
return if build_list.save_to_platform.personal? return if build_list.save_to_platform.personal?
user = User.find(user_id) user = User.find(user_id)
ability = Ability.new(user)
return unless ability.can?(:show, build_list) return unless BuildListPolicy.new(user, build_list).show?
arches = Arch.where(id: arch_ids).to_a arches = Arch.where(id: arch_ids).to_a
Project.where(id: project_ids).to_a.each do |project| Project.where(id: project_ids).to_a.each do |project|
next unless ability.can?(:write, project) next unless ProjectPolicy.new(user, project).write?
build_for_platform = save_to_platform = build_list.build_for_platform build_for_platform = save_to_platform = build_list.build_for_platform
save_to_repository = save_to_platform.repositories.find{ |r| r.projects.exists?(project.id) } save_to_repository = save_to_platform.repositories.find{ |r| r.projects.exists?(project.id) }
@ -48,7 +47,7 @@ module BuildLists
use_extra_tests use_extra_tests
).each { |field| bl.send("#{field}=", options[field]) } ).each { |field| bl.send("#{field}=", options[field]) }
ability.can?(:create, bl) && bl.save BuildListPolicy.new(user, bl).create? && bl.save
end end
end end
end end

Some files were not shown because too many files have changed in this diff Show More