#472: refactoring, updated the Api::V1::GroupsController and Groups::ProfileController
This commit is contained in:
parent
0b05e688c8
commit
b6bf8450f0
|
@ -36,7 +36,7 @@ class Api::V1::AdvisoriesController < Api::V1::BaseController
|
||||||
protected
|
protected
|
||||||
|
|
||||||
def advisory_params
|
def advisory_params
|
||||||
permit_params(:advisory, *policy(Advisory).permitted_attributes)
|
subject_params(Advisory)
|
||||||
end
|
end
|
||||||
|
|
||||||
def load_build_list
|
def load_build_list
|
||||||
|
|
|
@ -85,7 +85,7 @@ class Api::V1::BaseController < ApplicationController
|
||||||
def update_subject(subject)
|
def update_subject(subject)
|
||||||
authorize subject, :update?
|
authorize subject, :update?
|
||||||
class_name = subject.class.name
|
class_name = subject.class.name
|
||||||
if subject.update_attributes(params[class_name.underscore.to_sym] || {})
|
if subject.update_attributes(subject_params(subject.class))
|
||||||
render_json_response subject, "#{class_name} has been updated successfully"
|
render_json_response subject, "#{class_name} has been updated successfully"
|
||||||
else
|
else
|
||||||
render_validation_error subject, "#{class_name} has not been updated"
|
render_validation_error subject, "#{class_name} has not been updated"
|
||||||
|
|
|
@ -78,7 +78,7 @@ class Api::V1::BuildListsController < Api::V1::BaseController
|
||||||
private
|
private
|
||||||
|
|
||||||
def build_list_params
|
def build_list_params
|
||||||
permit_params(:build_list, *policy(BuildList).permitted_attributes)
|
subject_params(BuildList)
|
||||||
end
|
end
|
||||||
|
|
||||||
# Private: before_action hook which loads BuidList.
|
# Private: before_action hook which loads BuidList.
|
||||||
|
|
|
@ -28,7 +28,7 @@ class Api::V1::GroupsController < Api::V1::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
@group = current_user.own_groups.new params[:group]
|
@group = current_user.own_groups.new(group_params)
|
||||||
create_subject @group
|
create_subject @group
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -49,6 +49,10 @@ class Api::V1::GroupsController < Api::V1::BaseController
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
def group_params
|
||||||
|
subject_params(Group)
|
||||||
|
end
|
||||||
|
|
||||||
# Private: before_action hook which loads Group.
|
# Private: before_action hook which loads Group.
|
||||||
def load_group
|
def load_group
|
||||||
@group = Group.find params[:id]
|
@group = Group.find params[:id]
|
||||||
|
|
|
@ -8,4 +8,9 @@ module StrongParams
|
||||||
pp = pp[name] || ActionController::Parameters.new
|
pp = pp[name] || ActionController::Parameters.new
|
||||||
end.permit(*accessible.flatten)
|
end.permit(*accessible.flatten)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
|
def subject_params(subject_class)
|
||||||
|
permit_params(subject_class.name.underscore.to_sym, *policy(subject_class).permitted_attributes)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -43,7 +43,7 @@ class Groups::ProfileController < Groups::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
authorize @group = current_user.own_groups.build(params[:group])
|
authorize @group = current_user.own_groups.build(group_params)
|
||||||
if @group.save
|
if @group.save
|
||||||
flash[:notice] = t('flash.group.saved')
|
flash[:notice] = t('flash.group.saved')
|
||||||
redirect_to group_path(@group)
|
redirect_to group_path(@group)
|
||||||
|
@ -56,7 +56,7 @@ class Groups::ProfileController < Groups::BaseController
|
||||||
|
|
||||||
def update
|
def update
|
||||||
authorize @group
|
authorize @group
|
||||||
if @group.update_attributes(params[:group])
|
if @group.update_attributes(group_params)
|
||||||
update_avatar(@group, params)
|
update_avatar(@group, params)
|
||||||
flash[:notice] = t('flash.group.saved')
|
flash[:notice] = t('flash.group.saved')
|
||||||
redirect_to group_path(@group)
|
redirect_to group_path(@group)
|
||||||
|
@ -81,6 +81,10 @@ class Groups::ProfileController < Groups::BaseController
|
||||||
|
|
||||||
protected
|
protected
|
||||||
|
|
||||||
|
def group_params
|
||||||
|
subject_params(Group)
|
||||||
|
end
|
||||||
|
|
||||||
def paginate_projects(page)
|
def paginate_projects(page)
|
||||||
@projects.paginate(page: (page>0 ? page : nil), per_page: 24)
|
@projects.paginate(page: (page>0 ? page : nil), per_page: 24)
|
||||||
end
|
end
|
||||||
|
|
|
@ -206,7 +206,7 @@ class Projects::BuildListsController < Projects::BaseController
|
||||||
protected
|
protected
|
||||||
|
|
||||||
def build_list_params
|
def build_list_params
|
||||||
permit_params(:build_list, *policy(BuildList).permitted_attributes)
|
subject_params(BuildList)
|
||||||
end
|
end
|
||||||
|
|
||||||
def advisory_params
|
def advisory_params
|
||||||
|
|
|
@ -32,6 +32,13 @@ class GroupPolicy < ApplicationPolicy
|
||||||
!user.guest? && ( is_admin? || owner? )
|
!user.guest? && ( is_admin? || owner? )
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Public: Get list of parameters that the user is allowed to alter.
|
||||||
|
#
|
||||||
|
# Returns Array
|
||||||
|
def permitted_attributes
|
||||||
|
%i(uname description delete_avatar default_branch)
|
||||||
|
end
|
||||||
|
|
||||||
class Scope < Scope
|
class Scope < Scope
|
||||||
def show
|
def show
|
||||||
scope
|
scope
|
||||||
|
|
Loading…
Reference in New Issue