#465: wip
This commit is contained in:
parent
d4d8f75f12
commit
a69b03b88c
|
@ -5,6 +5,7 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
skip_before_action :authenticate_user!, only: [:advisories, :members, :show] if APP_CONFIG['anonymous_access']
|
||||
|
||||
def index
|
||||
authorize :platform
|
||||
respond_to do |format|
|
||||
format.html {}
|
||||
|
||||
|
@ -17,21 +18,22 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def show
|
||||
authorize @platform = Platform.find_cached(params[:id])
|
||||
end
|
||||
|
||||
def new
|
||||
authorize @platform = Platform.new
|
||||
@admin_uname = current_user.uname
|
||||
@admin_id = current_user.id
|
||||
@platform = Platform.new
|
||||
end
|
||||
|
||||
def edit
|
||||
authorize @platform
|
||||
@admin_id = @platform.owner.id
|
||||
@admin_uname = @platform.owner.uname
|
||||
end
|
||||
|
||||
def create
|
||||
authorize @platform = Platform.new(params[:platform])
|
||||
@admin_id = params[:admin_id]
|
||||
@admin_uname = params[:admin_uname]
|
||||
# FIXME: do not allow manipulate owner model, only platforms onwer_id and onwer_type
|
||||
|
@ -47,6 +49,7 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def update
|
||||
authorize @platform
|
||||
@admin_id = params[:admin_id]
|
||||
@admin_uname = params[:admin_uname]
|
||||
|
||||
|
@ -54,7 +57,6 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
platform_params = platform_params.slice(:description, :platform_arch_settings_attributes, :released, :automatic_metadata_regeneration, :default_branch)
|
||||
platform_params[:owner] = User.find(@admin_id) if @admin_id.present?
|
||||
|
||||
|
||||
respond_to do |format|
|
||||
format.html do
|
||||
if @platform.update_attributes(platform_params)
|
||||
|
@ -76,6 +78,7 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def regenerate_metadata
|
||||
authorize @platform
|
||||
if @platform.regenerate
|
||||
flash[:notice] = I18n.t('flash.platform.saved')
|
||||
else
|
||||
|
@ -85,6 +88,7 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def change_visibility
|
||||
authorize @platform
|
||||
if @platform.change_visibility
|
||||
flash[:notice] = I18n.t("flash.platform.saved")
|
||||
redirect_to @platform
|
||||
|
@ -96,12 +100,14 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def clone
|
||||
authorize @platform
|
||||
@cloned = Platform.new
|
||||
@cloned.name = @platform.name + "_clone"
|
||||
@cloned.description = @platform.description + "_clone"
|
||||
end
|
||||
|
||||
def make_clone
|
||||
authorize @platform
|
||||
@cloned = @platform.full_clone params[:platform].merge(owner: current_user)
|
||||
if @cloned.persisted?
|
||||
flash[:notice] = I18n.t("flash.platform.clone_success")
|
||||
|
@ -113,16 +119,19 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def destroy
|
||||
authorize @platform
|
||||
@platform.destroy # later with resque
|
||||
flash[:notice] = t("flash.platform.destroyed")
|
||||
redirect_to platforms_path
|
||||
end
|
||||
|
||||
def members
|
||||
authorize @platform
|
||||
@members = @platform.members.order(:uname)
|
||||
end
|
||||
|
||||
def remove_members
|
||||
authorize @platform
|
||||
User.where(id: params[:members]).each do |user|
|
||||
@platform.remove_member(user)
|
||||
end
|
||||
|
@ -130,7 +139,8 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def add_member
|
||||
member = User.where(id: params[:member_id]).first
|
||||
authorize @platform
|
||||
member = User.find_by(id: params[:member_id])
|
||||
if !member
|
||||
flash[:error] = t("flash.collaborators.wrong_user", uname: params[:member_id])
|
||||
elsif @platform.add_member(member)
|
||||
|
@ -142,13 +152,22 @@ class Platforms::PlatformsController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def advisories
|
||||
authorize @platform
|
||||
@advisories = @platform.advisories.paginate(page: params[:page])
|
||||
end
|
||||
|
||||
def clear
|
||||
authorize @platform
|
||||
@platform.clear
|
||||
flash[:notice] = t('flash.repository.clear')
|
||||
redirect_to edit_platform_path(@platform)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
# Private: before_action hook which loads Platform.
|
||||
def load_platform
|
||||
authorize @platform = Platform.find_cached(params[:id]), :show? if params[:id]
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -7,8 +7,6 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
before_action :authenticate_user!
|
||||
skip_before_action :authenticate_user!, only: [:index, :show, :projects_list] if APP_CONFIG['anonymous_access']
|
||||
|
||||
# load_and_authorize_resource :platform
|
||||
# load_and_authorize_resource :repository, through: :platform, shallow: true
|
||||
before_action :set_members, only: [:edit, :update]
|
||||
before_action :load_repository
|
||||
before_action -> { @repository = @platform.repositories.find(params[:id]) if params[:id] }
|
||||
|
@ -23,9 +21,11 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def edit
|
||||
authorize @repository
|
||||
end
|
||||
|
||||
def update
|
||||
authorize @repository
|
||||
if @repository.update_attributes params[:repository].slice(:description, :synchronizing_publications, :publish_builds_only_from_branch).merge(publish_without_qa: (params[:repository][:publish_without_qa] || @repository.publish_without_qa))
|
||||
flash[:notice] = I18n.t("flash.repository.updated")
|
||||
redirect_to platform_repository_path(@platform, @repository)
|
||||
|
@ -37,14 +37,16 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def remove_members
|
||||
User.where(id: params[:members]).each do |user|
|
||||
authorize @repository
|
||||
User.where(id: params[:members]).find_each do |user|
|
||||
@repository.remove_member(user)
|
||||
end
|
||||
redirect_to edit_platform_repository_path(@platform, @repository)
|
||||
end
|
||||
|
||||
def add_member
|
||||
if member = User.where(id: params[:member_id]).first
|
||||
authorize @repository
|
||||
if member = User.find_by(id: params[:member_id])
|
||||
if @repository.add_member(member)
|
||||
flash[:notice] = t('flash.repository.members.successfully_added', name: member.uname)
|
||||
else
|
||||
|
@ -55,11 +57,12 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def new
|
||||
@repository = Repository.new
|
||||
authorize @repository = @platform.repositories.new
|
||||
@platform_id = params[:platform_id]
|
||||
end
|
||||
|
||||
def destroy
|
||||
authorize @repository
|
||||
@repository.destroy
|
||||
|
||||
flash[:notice] = t("flash.repository.destroyed")
|
||||
|
@ -67,7 +70,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def create
|
||||
@repository = @platform.repositories.build(params[:repository])
|
||||
authorize @repository = @platform.repositories.build(params[:repository])
|
||||
if @repository.save
|
||||
flash[:notice] = t('flash.repository.saved')
|
||||
redirect_to platform_repository_path(@platform, @repository)
|
||||
|
@ -78,6 +81,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def add_project
|
||||
authorize @repository
|
||||
if projects_list = params.try(:[], :repository).try(:[], :projects_list)
|
||||
@repository.add_projects projects_list, current_user
|
||||
redirect_to platform_repository_path(@platform, @repository), notice: t('flash.repository.projects_will_be_added')
|
||||
|
@ -102,6 +106,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def projects_list
|
||||
authorize @repository
|
||||
render(text: @repository.projects.map(&:name).join("\n")) && return if params[:text] == 'true'
|
||||
|
||||
owner_subquery = "
|
||||
|
@ -137,6 +142,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def remove_project
|
||||
authorize @repository
|
||||
if projects_list = params.try(:[], :repository).try(:[], :projects_list)
|
||||
@repository.remove_projects projects_list
|
||||
redirect_to platform_repository_path(@platform, @repository), notice: t('flash.repository.projects_will_be_removed')
|
||||
|
@ -152,6 +158,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def regenerate_metadata
|
||||
authorize @repository
|
||||
if @repository.regenerate(params[:repository].try :[], :build_for_platform_id)
|
||||
flash[:notice] = t('flash.repository.regenerate_in_queue')
|
||||
else
|
||||
|
@ -161,6 +168,7 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
end
|
||||
|
||||
def sync_lock_file
|
||||
authorize @repository
|
||||
if params[:remove]
|
||||
@repository.remove_sync_lock_file
|
||||
flash[:notice] = t('flash.repository.sync_lock_file_removed')
|
||||
|
@ -173,8 +181,9 @@ class Platforms::RepositoriesController < Platforms::BaseController
|
|||
|
||||
protected
|
||||
|
||||
# Private: before_action hook which loads Repository.
|
||||
def load_repository
|
||||
@repository = @platform.repositories.find(params[:id]) if params[:id]
|
||||
authorize @repository = @platform.repositories.find(params[:id]), :show? if params[:id]
|
||||
end
|
||||
|
||||
def set_members
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
class PlatformPolicy < ApplicationPolicy
|
||||
|
||||
def index?
|
||||
true
|
||||
!user.guest?
|
||||
end
|
||||
|
||||
def show?
|
||||
|
|
Loading…
Reference in New Issue